last executing test programs:

27.95101346s ago: executing program 3 (id=2043):
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x3, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="d8c09ed901000000000000000008000085000000002020207b1af8ff0000b4b60000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000009b0000009500"/96], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x25}, 0x94)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89fb, &(0x7f0000000040)={'bond0\x00', 0x0})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000340)=0xf)
r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000080), 0x101403, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001240)=ANY=[@ANYBLOB="120000000b0000000800000002", @ANYRES32, @ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000001000"/28], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000180), &(0x7f0000000280)=r2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000180)={r4, 0x0, &(0x7f0000000080)=""/34}, 0x20)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000002000)=""/102400, 0x19000)
mprotect(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x3000002)
getcwd(0x0, 0xfffffffffffffe7d)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$SOUND_MIXER_READ_VOLUME(r1, 0x81044d03, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

26.963237245s ago: executing program 3 (id=2046):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x3, 0x8)
r3 = fsopen(0x0, 0x1)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, 0x0, 0x0, 0x0)
connect$inet6(r2, 0x0, 0x0)
socket(0x1e, 0x4, 0x0)
prctl$PR_SET_TIMERSLACK(0x1d, 0xffffffffffffffe1)
nanosleep(&(0x7f0000000000)={0x0, 0x3938700}, 0x0)

26.721064379s ago: executing program 3 (id=2048):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f00000020c0)={0x2020}, 0x2020)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r4, &(0x7f0000001fc0)=""/184, 0x20002078)

25.983662825s ago: executing program 0 (id=2052):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-generic\x00'}, 0x58)
r1 = socket(0x1, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f670600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b52710aeee835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5bc6d3fd0500000022eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe326c2ed0a432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1b172191d359645fae2d074ea5724ab77ea04fe507938b1213cdd4a92860e59808689382734d24b3123dd40c6d612c8a19948cd257748b1e7324adddbe61d51013f7d6b313c6df7b7b29678d70fc94dcc3e99e2472e78968ed94e7a54988656e8fff6b1d9b9993c71edd5cc10a2bea8d94d751b77fa7c48c712af35a9ffe670e8fa451942f48741119496bc30137e1202aed6bb5cd5c2d0256d049e4a335e2ea5545e5624be2391c37c0a2ae3bbb5b58778b85424bcdb84358359b2cb2782fc0e82f17b12d641ce6a72ab0ac794f878140897703bebe4420115d26675f27598841965fa91088252"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
r5 = syz_io_uring_setup(0x238, &(0x7f0000000740)={0x0, 0x21c2a, 0x10100, 0x0, 0x1fc, 0x0, r4}, &(0x7f0000000180)=<r6=>0x0, &(0x7f00000001c0)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r3})
io_uring_enter(r5, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
pause()
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)=ANY=[@ANYRES32=r8, @ANYRES32=r2, @ANYBLOB='&'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r8, &(0x7f0000000180), &(0x7f00000000c0)=@tcp6=r1}, 0x20)
bind$unix(r1, &(0x7f00000001c0)=@file={0x1, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000001680)=[{{&(0x7f0000000380)=@file={0x1, './file0\x00'}, 0x6e, 0x0}}], 0x1, 0x0)
recvmmsg(r1, &(0x7f0000000d40)=[{{0x0, 0x0, &(0x7f0000000780)}}], 0x1, 0x0, 0x0)
r9 = accept$unix(r1, &(0x7f0000000240)=@abs, &(0x7f0000000100)=0x6e)
sendto$unix(r9, &(0x7f0000000140), 0x0, 0xc0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000200)="ad56b6cc0400aeb995298992ea54", 0xe)
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000000480)=[{{0x0, 0x0, &(0x7f0000000340)}}], 0x1, 0x0, 0x0)

25.753852194s ago: executing program 3 (id=2053):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001f80)=ANY=[@ANYBLOB="b702000026000000bfa300000000000007030000007effff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000050404000001007d60b7030000000000006a0a00fe00000000850000002b000000b7000000000000009500000000000000496cf27fb6d2c643db7e2d5fb4b0936cdf827fb43a431ca711fcd0cdfa146ed3d09a6175037958e27106e225b7937f02008b5e5a076d83923dd29c034055b67dafe6c8dc525d78c07f17e4d5b3185b310efcfa89147a09000000f110026e6d2ef831ab7ea0c34f17e3ad6eecbb622003b534dfd8e012e79578e51bc53099e90f4580d660551b5b0a341a2d7cbdb9cd38bdb2ca8e050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c214733a18c8b6619f28d9961b6fbce3f897226c57c2691208173656d60a17e3c184b751c51160fbcbbdb5b1e7be6148ba532e60a0ac346dfebd31a0806000000020000000000230048f941b13d924bcf334d83239dd27080e71113610e10d858e8327ef01fb6c86acac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e957bc73ddc4eabba08ab1e1ad828267d4eadd3964663e88535c063f7130856f756436303767d2e24f29e5dad9796edb697a6ea1182babc190ae2ebf8aad34732181feb215139f15ea7e8cb0bae7c34d5ac5e7c805210600000000000000c3dec04b25dfc17975238345d4f71ab158c36657b7218baa0700f781c0a99bd50499ccc421ace5e845885efb5b9964e4beba3da8223fe5308e4e65ee93e107000000f8ddebf70132a4d0175b989b8eccf707882042e716df9b57b290c661d4e85031086197bcc5cb0e221a0c34323c129102b6ff0100002e88a1940b3c02ed9c92d6f64b1282dc51bb0015982730711c599e1c72ffa11ed8be1a6830d7507005154c46bd3ca96318c50500721fc7aa2a583726c64c0fb6ca996d278fb00bba99fe1f86468694f22cdf550ef091a78098534f0d973059594119d06d5ea9a8d0857382ec6e2a071474cfc12346e47ad97f4ead7cf70a9d1cdac944779dc08a705414888700a30e2366c6a06b3367a389ca39059787790017b0689a411f450f173db9c24db65c1e00015c1d093dab18fd0699fe3304000000323e9c7080397bc49d70c060d57bc88fbe3bbaa058b040362ab926150363fb099408885afc2bf9a46a076b7babfcddeff8c35030669ea69f5e4be1b8e0d6697e97186f9ae97d5670dba6623279f73db9dec75070cd9ab0fda6b069ef6d2857ca3e4effcf7462710d133d541da86e0477e4a6cc999dc21c3ef408e6b178e7c9f274d7fafc8d757d33dfa35aa2000034837d365e63845f3c1092f8dde8af3904ea0f4b82649b83ed4fa0f873339c4cadecc13219ba7518aa4f7db34ead13484742067ab743c1d82a5687f2ed690000000000000000000000000000000000000000000099d4fa0000000000003f0ecdc7c82e72919c91d2039afe17e95edeeeba72205beff7771bcb293747b88486cacee403000000a2919a4bff2ed893f2c814679fa69fc7e0cf761f918725704a01c56009a9f748e5aaf30a10bd8c409b1870c1f75ee93f9959e3d3f8e0048e55ae289ce2ad779ce71d4dc30cbb2cc4289d2f884d66cddc76eb7f601110ff39053c262279f4ef00fbdb8c328615a9ec84f27a9f3938ae736138b8c1ec220c1540bf3d162dc1c27fa30f0dc60b9f257db5d1c7ed2e152cb2cf06f8edb30177fead735a952ffce676a93110904d5ee2abdab2ef3ff84c4d61443f73552195c7ccfbf9f03c44432eaa3b7501d4239354da8de21eada75d3a3afb2c76ff0700007981699b6c0f0e946766f57544ff52cef0dd811bec4e3c0a30f2d7d19d26d2503a3ea376721b8eded3bc475958dd498ee2b2d6146e33fc0de1dc2e0516ac565ddb1d4ae89e6712824a85eb9ee0a3b68c9e209756623adf685dd715d68ed11e4b4d5502f5124948f8f98c615cac3666c58f785c3f758be352a71871d5c081197d37980e4f4e26b5476fb20407ff7098b7174bef660200a99b5c0c20b378065fac4ef9ac2d0d804b9400000060e5d3f1749feaecf69ba83a71caa9bdddc679f1b826f54b6563a4be1fd82b73c8c2bc65f63982b951fb058fd3c7b6341c4580376b6c16bd94d2da66059de81abfa15eeeb88b6ae5882ad341032c73f1285e21fff5a1d138e061b1dc7bbda199b5fab8e0719e9cd69b47dcb52b0be6a3a73afdf328132e1d4f21065716be0c53a23940d07188b015fa341dbc92231c8b5e5717eac184f46c9f61b69f55cd2231bcf821052429a1f250e8b734be0605a15f25923d599544b319319ff0a32621019347df460a098119a6f47eb1bac47946d7a009cbc6ec74c19a93cc7c7138b28c95270116181fd5f54d2ad0e10d3663488e664401453f22f0d76d2162635365258af61ae1f46f4a7862f302d91e3f7c2781f602220522e84602a939a8d5e4137ae31ccd397404dc72e06715a6503d4d865182803ee6725da7293b23daeebefd6fce7411c9624a7e8d5ba5a13e1c32adc4f3274497c6882a72475e4280a4d9a47c003c6ed3071330c58145be498ca2b42496c479a0a71e2f6f9bad8c84bc6be20281bde0b348cd2c60538a505ad4a0510eebb023e4954c9eb6cd70627f5c03d867dbf3ad5d1f1dc852064dd0efafc3df20ed65af3d194db76127f88f284fa1b71ab964fdd2474471da76373e65e9a8bf844bdfdd348bc7d00c4c7e7afe8a1f8cde79b7a6c5aafe954b8ba37818e40c14b37c23f9f614576b689436fef2f27f8b1e756e00262e22bca49c43fd73e7e99b2fa44a8c1db99c2cf2735ad6c5fabf082e0df0f8ba7e24272165f2f5b28230c02b53d44bd84bf6770157e96bbb96b5e1f165c87e7ad68a3600b3d357fa9a7d53c281d88ebb175a4dbb82130e6870982947913110f091d21760d985afd3163f2e6880682432f9b3b97d57a9f980edfa1116a3d04d58872a07d6a7e12db673acd2f7b8989d833e71943fe2c1c65a3cf36b955c56b55bfd3ecf0af694c71a03f2996c15b1ba971de1cb9c7e6a0000000000000014783ef54c51199317413f98dca8ff3d0bda50f6c0af58dbd6c031b1a5a7512c5896514adfa17d31429c68db50a93d88199defd3b4625fea426ff9293a28a544a6a9e2a79b55daa1b3c6b14c4ec6d164e902ce4913843d65d841973468729ea12bf6d3499036dbb66718f3497855c3baa6cc07c0fa388ec9df0617c1a28ef5a595ee267a76175b8a057e6efaf4fefe46def451f2858fe71a53e77b1a44e98843bb3a40102da3703dfb9f61bdcea2fb810b32d52e2157a150a63ea6135d1cf6f864c2e68884d7245bc5d61dc5a114d10ffb22e76678bbfc1e3865d17d128306d1b81884a934cb00000000000000000098a4526e6468987dbc63bff7590eb388afaba43d811996333eef7e9f472bee293f0c40d434b8be07cbd52325296e22802493edb5c590ad208bac683a8b2d4c9d2d57ff846ae8c422e0b28546671f11d8157bb762c91f3fbcca8e21589c92446ae65d408c0637ffcc2d44d715ce003dd1e12b085e186d069a55c2e96efbe5024d61a56a36d988c0f51a973a6c238e545b28211a92000000001501ae03002af0fcd540a9d4e293690c5e697b3a1480e46df5371bca1cfb28a57c1b3c956ec81397e81fbf870a67385fea042204"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r0, 0x18000000000002a0, 0x41, 0x0, &(0x7f00000006c0)="76389e147583ddd0579ba56a5cfd6518a85ed1e6df64eadbc4e7d43a919bbe43ba8ebda9d847422ee7e13f283197c92732477898b52d36a47158b490aa693805f6", 0x0, 0x3400, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

25.643348391s ago: executing program 3 (id=2054):
r0 = syz_io_uring_setup(0x18d7, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0x25b}, &(0x7f0000ffe000), &(0x7f0000ffe000))
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000200)={0x6, 0x2, 0x4})
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r0, 0x2, &(0x7f0000000180), 0xfe) (fail_nth: 5)

25.285218778s ago: executing program 3 (id=2057):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
r2 = accept4$nfc_llcp(0xffffffffffffffff, &(0x7f00000022c0), &(0x7f0000002340)=0x60, 0x80000)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f0000002380)=<r3=>0x0)
bind$nfc_llcp(r2, &(0x7f00000023c0)={0x27, r3, 0x0, 0x5, 0x6, 0x4, "94a2fd765cb1d68fa56f2c85a65e9c463f62563bfcbb6f647a104ee40645f479fce18108055460d86a7fe96be47f97dc4a7bd04aad885f0e6b3f5c208f86e6", 0x19}, 0x60)
ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, &(0x7f0000000880)=ANY=[@ANYBLOB="000000000000000000000000000000000000000000000000010000000000000001"])
syz_usb_connect(0x3, 0x3f, &(0x7f0000000400)=ANY=[@ANYBLOB="12010002466c3940841706002fbb0102030109022d00013003b0080904"], 0x0)
pipe2$watch_queue(&(0x7f0000000540), 0x80)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0)
read$FUSE(r4, &(0x7f0000000200)={0x2020, 0x0, 0x0, <r5=>0x0, <r6=>0x0}, 0x2020)
pipe2$watch_queue(&(0x7f0000002240), 0x80)
add_key$keyring(&(0x7f0000000300), &(0x7f00000002c0)={'syz', 0x2}, 0x0, 0x0, r1)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket$can_bcm(0x1d, 0x2, 0x2)
io_setup(0x9, &(0x7f0000000240)=<r9=>0x0)
connect$can_bcm(r8, &(0x7f0000000040), 0x10)
io_submit(r9, 0x1, &(0x7f0000000700)=[&(0x7f00000000c0)={0x400000, 0x0, 0x0, 0x1, 0x0, r8, &(0x7f0000000200)="0500000093cb1faf16da39de706f646800580f02000000003f420f0000000000ff030f02000000003f420f00000000003bf81b05ff000000", 0x38}])
r10 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)=ANY=[@ANYBLOB="140100001f0001000000000000000000010100800c0001"], 0x114}], 0x1}, 0x0)
r11 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r7)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r12=>0x0)
lchown(&(0x7f0000002280)='./file0\x00', r5, r6)
r13 = add_key(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
pipe2$watch_queue(&(0x7f0000000380)={0xffffffffffffffff, <r14=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r13, r14, 0x49)
keyctl$KEYCTL_WATCH_KEY(0x20, r13, r14, 0xffffffffffffffff)
request_key(&(0x7f0000000000)='asymmetric\x00', &(0x7f0000000080)={'syz', 0x1}, &(0x7f00000000c0)='veth0_to_bond\x00', r13)
sendmsg$NFC_CMD_DEV_UP(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r11, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r12], 0x1c}}, 0x0)
write$nci(r0, &(0x7f0000000380)=ANY=[@ANYBLOB="61030602061bf3a2ff0ca57b2b117ac5fe"], 0x12)

25.084054078s ago: executing program 0 (id=2059):
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000200), 0x0)
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x9, 0x40}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb7c0a000)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r1, &(0x7f00000001c0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1c9ae7fffe9a6f34}}, 0x1c)
setsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f00000000c0)={0x0, 0x4, 0xfe, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x5}, 0xe)
shutdown(r1, 0x1)
ioctl$SIOCGSTAMPNS(r1, 0x8907, 0x0)
recvmmsg(r1, &(0x7f0000000840)=[{{0x0, 0x0, 0x0}}], 0x414, 0x0, 0x0)

24.839182505s ago: executing program 0 (id=2061):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f00000020c0)={0x2020}, 0x2020)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount(0x0, 0x0, &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b000000"], 0x0, 0x4, 0x93, &(0x7f00000003c0)=""/147}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
chdir(&(0x7f00000003c0)='./bus\x00')
r5 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r5, &(0x7f0000001fc0)=""/184, 0x20002078)
r6 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r6, 0x8108551b, &(0x7f0000000000)={0x0, 0x0, "ec9fe44d4dbe56a60274fcffffffffffffff14e315eeb406bfdd73835e57efa94b1a0275781c647aa7e3470c6028643b17832b10b386a6f73791011c26a9aa141f406e312295ee620a9a46577b9249b738fe7750bec83bf6ed5b67213fa7d6c0823fd154ed29ede1ff379742c3f0b46caa357d70ee438f901d7645c3f87e4b21482b76f2ad8eaac090272081f98fd2e3e5a63e008104df635e731a5bfcd942f4529517454618de595cd179445b4bdbf698b9986356f0ebf7d25a57774ef474f86a3ad24ae9f0bf94b99e6b87de5f79d383d05bb32701daed400785a49788f08caecc9e0c48a3740bbe6e1c1fd4f6cfdfe756bc00d08e36655c00"})
ioctl$USBDEVFS_CONTROL(r6, 0xc0185500, &(0x7f00000006c0)={0x2, 0xf, 0x4, 0x1, 0x0, 0x5, 0x0})

22.976163385s ago: executing program 0 (id=2064):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001f80)=ANY=[@ANYBLOB="b702000026000000bfa300000000000007030000007effff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000050404000001007d60b7030000000000006a0a00fe00000000850000002b000000b7000000000000009500000000000000496cf27fb6d2c643db7e2d5fb4b0936cdf827fb43a431ca711fcd0cdfa146ed3d09a6175037958e27106e225b7937f02008b5e5a076d83923dd29c034055b67dafe6c8dc525d78c07f17e4d5b3185b310efcfa89147a09000000f110026e6d2ef831ab7ea0c34f17e3ad6eecbb622003b534dfd8e012e79578e51bc53099e90f4580d660551b5b0a341a2d7cbdb9cd38bdb2ca8e050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c214733a18c8b6619f28d9961b6fbce3f897226c57c2691208173656d60a17e3c184b751c51160fbcbbdb5b1e7be6148ba532e60a0ac346dfebd31a0806000000020000000000230048f941b13d924bcf334d83239dd27080e71113610e10d858e8327ef01fb6c86acac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e957bc73ddc4eabba08ab1e1ad828267d4eadd3964663e88535c063f7130856f756436303767d2e24f29e5dad9796edb697a6ea1182babc190ae2ebf8aad34732181feb215139f15ea7e8cb0bae7c34d5ac5e7c805210600000000000000c3dec04b25dfc17975238345d4f71ab158c36657b7218baa0700f781c0a99bd50499ccc421ace5e845885efb5b9964e4beba3da8223fe5308e4e65ee93e107000000f8ddebf70132a4d0175b989b8eccf707882042e716df9b57b290c661d4e85031086197bcc5cb0e221a0c34323c129102b6ff0100002e88a1940b3c02ed9c92d6f64b1282dc51bb0015982730711c599e1c72ffa11ed8be1a6830d7507005154c46bd3ca96318c50500721fc7aa2a583726c64c0fb6ca996d278fb00bba99fe1f86468694f22cdf550ef091a78098534f0d973059594119d06d5ea9a8d0857382ec6e2a071474cfc12346e47ad97f4ead7cf70a9d1cdac944779dc08a705414888700a30e2366c6a06b3367a389ca39059787790017b0689a411f450f173db9c24db65c1e00015c1d093dab18fd0699fe3304000000323e9c7080397bc49d70c060d57bc88fbe3bbaa058b040362ab926150363fb099408885afc2bf9a46a076b7babfcddeff8c35030669ea69f5e4be1b8e0d6697e97186f9ae97d5670dba6623279f73db9dec75070cd9ab0fda6b069ef6d2857ca3e4effcf7462710d133d541da86e0477e4a6cc999dc21c3ef408e6b178e7c9f274d7fafc8d757d33dfa35aa2000034837d365e63845f3c1092f8dde8af3904ea0f4b82649b83ed4fa0f873339c4cadecc13219ba7518aa4f7db34ead13484742067ab743c1d82a5687f2ed690000000000000000000000000000000000000000000099d4fa0000000000003f0ecdc7c82e72919c91d2039afe17e95edeeeba72205beff7771bcb293747b88486cacee403000000a2919a4bff2ed893f2c814679fa69fc7e0cf761f918725704a01c56009a9f748e5aaf30a10bd8c409b1870c1f75ee93f9959e3d3f8e0048e55ae289ce2ad779ce71d4dc30cbb2cc4289d2f884d66cddc76eb7f601110ff39053c262279f4ef00fbdb8c328615a9ec84f27a9f3938ae736138b8c1ec220c1540bf3d162dc1c27fa30f0dc60b9f257db5d1c7ed2e152cb2cf06f8edb30177fead735a952ffce676a93110904d5ee2abdab2ef3ff84c4d61443f73552195c7ccfbf9f03c44432eaa3b7501d4239354da8de21eada75d3a3afb2c76ff0700007981699b6c0f0e946766f57544ff52cef0dd811bec4e3c0a30f2d7d19d26d2503a3ea376721b8eded3bc475958dd498ee2b2d6146e33fc0de1dc2e0516ac565ddb1d4ae89e6712824a85eb9ee0a3b68c9e209756623adf685dd715d68ed11e4b4d5502f5124948f8f98c615cac3666c58f785c3f758be352a71871d5c081197d37980e4f4e26b5476fb20407ff7098b7174bef660200a99b5c0c20b378065fac4ef9ac2d0d804b9400000060e5d3f1749feaecf69ba83a71caa9bdddc679f1b826f54b6563a4be1fd82b73c8c2bc65f63982b951fb058fd3c7b6341c4580376b6c16bd94d2da66059de81abfa15eeeb88b6ae5882ad341032c73f1285e21fff5a1d138e061b1dc7bbda199b5fab8e0719e9cd69b47dcb52b0be6a3a73afdf328132e1d4f21065716be0c53a23940d07188b015fa341dbc92231c8b5e5717eac184f46c9f61b69f55cd2231bcf821052429a1f250e8b734be0605a15f25923d599544b319319ff0a32621019347df460a098119a6f47eb1bac47946d7a009cbc6ec74c19a93cc7c7138b28c95270116181fd5f54d2ad0e10d3663488e664401453f22f0d76d2162635365258af61ae1f46f4a7862f302d91e3f7c2781f602220522e84602a939a8d5e4137ae31ccd397404dc72e06715a6503d4d865182803ee6725da7293b23daeebefd6fce7411c9624a7e8d5ba5a13e1c32adc4f3274497c6882a72475e4280a4d9a47c003c6ed3071330c58145be498ca2b42496c479a0a71e2f6f9bad8c84bc6be20281bde0b348cd2c60538a505ad4a0510eebb023e4954c9eb6cd70627f5c03d867dbf3ad5d1f1dc852064dd0efafc3df20ed65af3d194db76127f88f284fa1b71ab964fdd2474471da76373e65e9a8bf844bdfdd348bc7d00c4c7e7afe8a1f8cde79b7a6c5aafe954b8ba37818e40c14b37c23f9f614576b689436fef2f27f8b1e756e00262e22bca49c43fd73e7e99b2fa44a8c1db99c2cf2735ad6c5fabf082e0df0f8ba7e24272165f2f5b28230c02b53d44bd84bf6770157e96bbb96b5e1f165c87e7ad68a3600b3d357fa9a7d53c281d88ebb175a4dbb82130e6870982947913110f091d21760d985afd3163f2e6880682432f9b3b97d57a9f980edfa1116a3d04d58872a07d6a7e12db673acd2f7b8989d833e71943fe2c1c65a3cf36b955c56b55bfd3ecf0af694c71a03f2996c15b1ba971de1cb9c7e6a0000000000000014783ef54c51199317413f98dca8ff3d0bda50f6c0af58dbd6c031b1a5a7512c5896514adfa17d31429c68db50a93d88199defd3b4625fea426ff9293a28a544a6a9e2a79b55daa1b3c6b14c4ec6d164e902ce4913843d65d841973468729ea12bf6d3499036dbb66718f3497855c3baa6cc07c0fa388ec9df0617c1a28ef5a595ee267a76175b8a057e6efaf4fefe46def451f2858fe71a53e77b1a44e98843bb3a40102da3703dfb9f61bdcea2fb810b32d52e2157a150a63ea6135d1cf6f864c2e68884d7245bc5d61dc5a114d10ffb22e76678bbfc1e3865d17d128306d1b81884a934cb00000000000000000098a4526e6468987dbc63bff7590eb388afaba43d811996333eef7e9f472bee293f0c40d434b8be07cbd52325296e22802493edb5c590ad208bac683a8b2d4c9d2d57ff846ae8c422e0b28546671f11d8157bb762c91f3fbcca8e21589c92446ae65d408c0637ffcc2d44d715ce003dd1e12b085e186d069a55c2e96efbe5024d61a56a36d988c0f51a973a6c238e545b28211a92000000001501ae03002af0fcd540a9d4e293690c5e697b3a1480e46df5371bca1cfb28a57c1b3c956ec81397e81fbf870a67385fea042204"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r0, 0x18000000000002a0, 0x41, 0x0, &(0x7f00000006c0)="76389e147583ddd0579ba56a5cfd6518a85ed1e6df64eadbc4e7d43a919bbe43ba8ebda9d847422ee7e13f283197c92732477898b52d36a47158b490aa693805f6", 0x0, 0x3400, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

22.975334393s ago: executing program 2 (id=2065):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
futex(&(0x7f0000000240), 0x9, 0x2, &(0x7f0000000280)={0x0, 0x989680}, &(0x7f0000000380), 0x1)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r4)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x24002deb)
sendmsg$nl_route_sched(r2, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0xfffffffd, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}}}]}, 0x78}}, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='consume_skb\x00', r6}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r2, 0x89f8, &(0x7f0000000340)={'syztnl2\x00', &(0x7f0000000300)={'sit0\x00', <r7=>r5, 0x8000, 0x20, 0xd74, 0x9, {{0x8, 0x4, 0x2, 0x9, 0x20, 0x66, 0x0, 0x5, 0x4, 0x0, @dev={0xac, 0x14, 0x14, 0x19}, @multicast1, {[@ssrr={0x89, 0xb, 0x9f, [@empty, @remote]}]}}}}})
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000012c0)=@newchain={0xed4, 0x64, 0x4, 0x70bd26, 0x25dfdbff, {0x0, 0x0, 0x0, r5, {0xe, 0x3}, {0xf, 0x8}, {0x0, 0x6}}, [@TCA_CHAIN={0x8, 0xb, 0xffffff81}, @TCA_RATE={0x6, 0x5, {0x2, 0x7f}}, @TCA_RATE={0x6, 0x5, {0x7, 0xff}}, @filter_kind_options=@f_bpf={{0x8}, {0xcd4, 0x2, [@TCA_BPF_FD={0x8, 0x6, r6}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}, @TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x7}, @TCA_BPF_POLICE={0xc70, 0x2, [@TCA_POLICE_RESULT={0x8, 0x5, 0xac}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x9, 0xb, 0xe, 0x8, 0xa, 0x8, 0xb, 0x4, 0x1ff, 0x9a, 0x5, 0x5, 0x7fffffff, 0x2, 0x1000, 0x8, 0x0, 0x2, 0xf, 0x3, 0x800, 0x2, 0x4, 0x3, 0x0, 0xc, 0x401, 0x1000, 0x9b5e, 0x6, 0x1, 0x6, 0xc, 0x9, 0x9, 0x8, 0x7, 0x80000001, 0x898, 0x0, 0x0, 0x1, 0x0, 0x6, 0xb189, 0x101, 0x5, 0x92, 0xffff3a24, 0x101, 0x9, 0x1, 0x2, 0x3, 0x573b, 0x976, 0x2, 0x5, 0x4, 0x72304c3a, 0x401, 0x80000000, 0x8000000, 0xd6, 0x6, 0x7, 0x1, 0x10001, 0x8, 0x80000001, 0x9, 0x4, 0x8, 0xfffffffa, 0x1, 0x0, 0x3e42, 0x30, 0x20, 0x9, 0x8, 0x6, 0x4, 0x0, 0xec, 0xffffffed, 0x25c202bf, 0xffff, 0xa3, 0x2, 0x478b253a, 0x80000001, 0x80000000, 0x1, 0x101, 0x134, 0x70a, 0xfffffeff, 0x65e, 0xf, 0x6db1, 0x6, 0x8, 0x80, 0x5, 0xffff8001, 0x4, 0x7, 0x2, 0x4, 0x7, 0x0, 0xffffffff, 0xfff, 0x19a4, 0x3, 0x5, 0x18f8, 0x2d, 0x7fff, 0x8, 0x21f3, 0x10, 0x490, 0x4, 0x1ff, 0xc, 0xf4c2, 0x7, 0x5, 0x7f, 0x661, 0x1, 0x7fffffff, 0x101, 0x84, 0x601, 0x0, 0x1, 0x6, 0x6, 0x0, 0x81, 0x1, 0x100, 0xfffffff7, 0xef, 0x97c, 0x4, 0x8, 0xfffffff7, 0x8, 0x800, 0xfff, 0xd7c, 0x1, 0x80000001, 0xdd2107d, 0x0, 0x2, 0x4, 0x3, 0xfffffff7, 0x10001, 0x10, 0x17800000, 0x1, 0x9, 0x101, 0xfb9, 0x9, 0x50, 0x4, 0x9, 0x6, 0xf, 0x400, 0x0, 0x1, 0x5, 0x9, 0x6, 0x200, 0x7fffffff, 0xf76, 0x0, 0x6, 0x0, 0x9eb, 0x4, 0xdd, 0x8, 0x4, 0x400, 0x2, 0x63, 0x3, 0x10000, 0x6, 0x2, 0x9, 0x2, 0x2, 0x4, 0x4, 0x200, 0xb, 0x7, 0x1, 0x3, 0x0, 0x8, 0xffffffff, 0x4, 0x6, 0x0, 0xf, 0x1, 0x0, 0x2, 0x9, 0x9, 0xd302, 0xdb47, 0x2, 0x2, 0x5, 0x5, 0x8, 0x76b, 0xfb, 0xfffffcfd, 0x2c2, 0x498, 0x5d8, 0x80000001, 0x6, 0x80000001, 0x1, 0x9, 0x9b, 0x98, 0x3, 0x80000000, 0x5fee, 0x4, 0x8, 0x7, 0x4, 0x1, 0x4b, 0x3, 0x400, 0x8, 0x2, 0x8ce]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x8, 0x200, 0xfffff8e8, 0x2, 0x3, 0x568d, 0x4, 0x5, 0x8001, 0x2, 0x3, 0xffffffff, 0x9, 0x1, 0x0, 0xaf, 0x2, 0x3c417d68, 0x6, 0x7, 0x22, 0x6, 0x4, 0x79df, 0x4, 0x3, 0x9, 0x0, 0xff, 0xcc8, 0x0, 0x9, 0xffffffff, 0x0, 0x9, 0xfbf, 0x9, 0x3, 0x81, 0x6852, 0xffffffff, 0x2, 0x7fffffff, 0x200, 0x4, 0x2, 0x40, 0x40, 0xffff, 0x0, 0x6, 0x5, 0x4, 0x7ff, 0x2, 0x2, 0x7, 0x1, 0x5, 0xffff, 0x3, 0x457, 0x1ff, 0x9, 0x8, 0x7, 0x8, 0xc1, 0x706, 0x80000000, 0x5, 0x101, 0x6, 0x2, 0x3, 0xfffffffc, 0x5a, 0x1, 0x3ff, 0x8, 0x20c, 0x0, 0x8, 0x9, 0xd6, 0x6, 0x6, 0x4, 0x0, 0x7, 0x5, 0xdbd4, 0x9, 0x7, 0x5, 0x4800000, 0x0, 0x5, 0x7f, 0x0, 0x4, 0x1, 0x0, 0x5, 0x2, 0x3, 0x5f7f, 0x8, 0x2, 0x4, 0x0, 0x10000, 0x0, 0x7, 0x6, 0x3, 0x7, 0x5, 0x5, 0xc, 0x3, 0x6, 0x100, 0x4, 0x35, 0x1, 0x4, 0x7, 0x3, 0xfffffff8, 0x2, 0x5, 0xff, 0xcb, 0xffffff00, 0xffff0001, 0x6, 0x6, 0x3, 0x4, 0x1, 0x1000, 0x80000000, 0x8, 0x1, 0x8, 0x1, 0x1000, 0x6, 0x4, 0x7, 0xd, 0x2, 0x24, 0x10001, 0x9, 0x55c, 0x8, 0x3, 0x6c0e, 0x1a, 0xc, 0x9, 0x4, 0x8, 0x2, 0x6, 0x7, 0x6, 0xb, 0x7, 0x6, 0x7fffffff, 0x3a79, 0x8, 0x2, 0x8, 0x47d, 0x6, 0xe15e, 0x2a8a, 0x100, 0x3, 0x3, 0x9, 0x1, 0xff, 0x3, 0xffff311c, 0x101, 0x7, 0x6, 0x4, 0x8, 0x9, 0xfffffffb, 0xb, 0xd3, 0xffffff21, 0x3d1c0, 0x6, 0x2, 0x5, 0x9, 0x534b, 0x6, 0x2, 0x9, 0x3, 0x2, 0x5, 0x9, 0x1, 0xb34, 0x4, 0x7fffffff, 0xffffffff, 0xdcc6, 0x10000, 0x4, 0x4, 0x2, 0x40, 0x7af, 0x7, 0x0, 0x2, 0x400, 0x3, 0x6, 0x7, 0x6509, 0x0, 0x7599fa77, 0x2, 0x4, 0x8, 0xe000000, 0x4, 0x6, 0x9, 0x6, 0x400, 0x6, 0x695, 0x80000001, 0xfffeffff, 0x8, 0xcc, 0x7ff, 0x8, 0x101, 0x8, 0x80000001, 0x1, 0xf46]}, @TCA_POLICE_RATE={0x404, 0x2, [0x9, 0x1ff, 0xff, 0x8, 0x100, 0x3, 0x10001, 0x3, 0x7, 0x1, 0x9, 0x100, 0x1, 0xbe65, 0x4d87, 0x24c, 0x98e9, 0x5, 0x1, 0x0, 0xe704, 0x1, 0x3, 0x10, 0x2, 0x3, 0x0, 0x50dcaf06, 0x5, 0x77559087, 0x8, 0x2, 0x10000, 0xff000000, 0x446, 0xa, 0x2, 0x81, 0x6, 0x8001, 0x0, 0xfffffffb, 0x1, 0x7c, 0x8, 0xe0e, 0x8, 0x1, 0x45, 0x9, 0xa00000, 0xfff, 0xb, 0x8, 0x1, 0xffffffff, 0x0, 0x0, 0x84f, 0x9, 0x8001, 0x9, 0x0, 0xf4, 0x0, 0x5, 0x9878, 0x1, 0x4, 0x9, 0x7, 0x2fc5, 0x3, 0x5, 0x6, 0x4, 0x41cc, 0xf7b, 0x4, 0x9, 0xb, 0xfffffffa, 0x9e, 0x401, 0x8, 0x9, 0x9, 0x101, 0xfffffffe, 0x7, 0x401, 0x5ed2147f, 0x3, 0x10000, 0x2, 0x1, 0x1, 0x8000, 0x9, 0x11, 0xfffffffa, 0x7, 0x3, 0x0, 0x2, 0xff, 0x0, 0x66, 0x4, 0x2, 0x3, 0x5, 0x100, 0x2, 0x4, 0x1, 0x10001, 0x3ff, 0xba, 0xf4, 0x39, 0x9, 0x3, 0x7, 0x5, 0x1, 0x7, 0x4, 0xc, 0x2, 0x2, 0x39, 0xfffffffc, 0x8, 0x4e0c, 0x0, 0xef2, 0x12, 0x9, 0x3fe, 0x2, 0x7f, 0x2, 0xf8da, 0x8, 0xc05, 0x9, 0x2, 0x5, 0x81, 0x800, 0xffff8001, 0x0, 0x3, 0x5, 0x9, 0x5, 0xffffffff, 0xffff, 0x2, 0x3, 0x2, 0xffffffff, 0x5, 0x10000, 0x3, 0x80000001, 0x5, 0x1, 0x7, 0xfffffff2, 0x5, 0x4, 0x81, 0x80000001, 0x10, 0x400, 0x6, 0x28f7, 0x7, 0x3, 0x6, 0x3, 0xb4b0e28, 0x80, 0xa0000000, 0x80000000, 0x4800, 0x6, 0x4, 0x1000, 0x4, 0x1, 0x1, 0x0, 0x26d92439, 0x1, 0x3ff, 0x1, 0x7, 0x5, 0x9, 0x1, 0x91, 0xb, 0x6, 0x6, 0x5, 0x8, 0x4, 0x9, 0xfa52, 0x8, 0x10, 0x8, 0x6, 0x3, 0x8, 0x40, 0xff, 0xd, 0x7fff, 0x9, 0x7f, 0x2, 0xef, 0x0, 0x5, 0xffff8c2a, 0x0, 0x8001, 0x7ff, 0x6, 0x88, 0x9, 0x7fff, 0xffffffff, 0x4, 0x7, 0x2, 0xfffffffb, 0x9, 0x9e, 0xffffffff, 0x5, 0x100000, 0x800, 0x8, 0x2, 0x80, 0x5, 0x6, 0xfffffffc, 0xff, 0x37a, 0x4]}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x4}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x40}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x1}, @TCA_POLICE_TBF={0x3c, 0x1, {0x1, 0x8, 0x1bf8, 0xf, 0x16, {0x9, 0x0, 0x3, 0xc, 0xfe01, 0x9}, {0x1, 0x2, 0xb, 0x6, 0x3a, 0x401}, 0x3, 0x5, 0x7f}}]}, @TCA_BPF_OPS={{0x6, 0x4, 0x5}, {0x2c, 0x5, [{0x541, 0x5, 0xd, 0x215}, {0x46, 0x1, 0x49, 0x10001}, {0x5, 0xfd, 0x4, 0xfffffffa}, {0x6, 0x7, 0x81}, {0x5, 0x6, 0x2, 0x8}]}}, @TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x1}, @TCA_BPF_FLAGS={0x8, 0x8, 0x1}]}}, @filter_kind_options=@f_route={{0xa}, {0x2c, 0x2, [@TCA_ROUTE4_TO={0x8, 0x2, 0x6c}, @TCA_ROUTE4_FROM={0x8, 0x3, 0xbb}, @TCA_ROUTE4_IIF={0x8, 0x4, r5}, @TCA_ROUTE4_IIF={0x8, 0x4, r7}, @TCA_ROUTE4_FROM={0x8, 0x3, 0x73}]}}, @TCA_CHAIN={0x8, 0xb, 0x7fffffff}, @TCA_RATE={0x6, 0x5, {0x6, 0x1}}, @filter_kind_options=@f_bpf={{0x8}, {0x18, 0x2, [@TCA_BPF_NAME={0xc, 0x7, './file0\x00'}, @TCA_BPF_FLAGS_GEN={0x8, 0x9, 0x3}]}}, @filter_kind_options=@f_fw={{0x7}, {0x14c, 0x2, [@TCA_FW_MASK={0x8, 0x5, 0x3}, @TCA_FW_ACT={0x140, 0x4, [@m_skbedit={0x13c, 0x14, 0x0, 0x0, {{0xc}, {0x1c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0x6, 0x6}}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0x9}, @TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0x2, 0xc}}]}, {0xf6, 0x6, "a3d70c733ecf2f4b2554d174c8914919e083b053cdcc905bebdb9950b3aed57aaac980b474f13470458152020f14407f7f3988aa1ed362348cf31a56cba32c8ee22f8dfd55693015b6757a5bfa1d81786a9ee3dea9641fbf734c3d2ac48211cac584e35e92a59afbbbe1d683080584835610877eee6d061207c3344e3c89f872c5e1dd095a7728082eedb842f66492b093a751667d50b696c23aaecdf6cac906f07d01e886a55c59a9bf869817177a7f17b64c196f25556a94396aca3cc8fbc433482746a43ac812f4021ad0dce1e2a4343f7250993ef1ed65479ac97af1f246700f11c79970c184f29aa1db3dd0e238bbbb"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x2}}}}]}]}}]}, 0xed4}, 0x1, 0x0, 0x0, 0x400c040}, 0x0)

22.76611345s ago: executing program 0 (id=2066):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000006c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-blowfish-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5", 0x4)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3", 0x8}], 0x1, &(0x7f0000000380)}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{0x0}, {&(0x7f0000000200)=""/83, 0x53}], 0x2}, 0x0)

22.667825414s ago: executing program 0 (id=2068):
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
r1 = syz_open_dev$vim2m(&(0x7f0000000140), 0x200000001003, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_STREAMON(r1, 0x40045612, &(0x7f0000000080)=0x2)
ioctl$vim2m_VIDIOC_QBUF(r1, 0xc058560f, &(0x7f00000002c0)=@multiplanar_mmap={0x0, 0x2, 0x0, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "fafc00"}, 0x0, 0x1, {0x0}})
write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8)

22.344626304s ago: executing program 2 (id=2070):
r0 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x8, &(0x7f00000001c0)=ANY=[@ANYRESDEC=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, r0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000780)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x4f0c3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
socket$key(0xf, 0x3, 0x2)
connect$unix(r2, &(0x7f0000000240)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x4000000000000c5, 0x400)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0x0, 0x0, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x1, 0x803, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="44000000100009040000000000000064fa807800", @ANYRES32=0x0, @ANYBLOB="adffa88800000000140012800b0001006d616373656300000400028008000500", @ANYRES32=r6, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r6, @ANYBLOB], 0x44}}, 0x8000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
sync()

20.625211479s ago: executing program 2 (id=2073):
r0 = socket$inet(0x10, 0x2000000002, 0x0)
sendmsg(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000300)="240000002e00074c8bfffd946fa2830022200afffffffffffff000e50c1be3a20400007e", 0x24}], 0x1}, 0x0)
r1 = syz_usb_connect(0x3, 0x1b, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000c22dd740cf1002070000000203010902090000000440fd"], 0x0)
syz_usb_control_io$cdc_ecm(r1, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r1, 0x0, 0x0)
socket$igmp6(0xa, 0x3, 0x2)
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0)
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x6, 0x87}, 0x0)
setsockopt$RDS_CONG_MONITOR(0xffffffffffffffff, 0x114, 0x6, &(0x7f00000001c0), 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000000c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$VIDIOC_SUBSCRIBE_EVENT(0xffffffffffffffff, 0x4020565a, &(0x7f0000000140)={0x3, 0x2})
r3 = add_key(&(0x7f00000002c0)='keyring\x00', &(0x7f0000000300)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r3, &(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000480)=@keyring)
prlimit64(0x0, 0x3, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x8000000000002)
sched_setscheduler(r4, 0x2, &(0x7f0000000240)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={0x0, 0x0, 0x58, 0x0, 0x0, 0xfffffffc}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000002c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

19.422003719s ago: executing program 4 (id=2074):
sendmsg(0xffffffffffffffff, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x0, 0x0, 0x0, 0x0, 0xbf, 0x9, 0x8, 0x0, 0x3}, 0x0)
r0 = syz_open_dev$vbi(0x0, 0x0, 0x2)
dup2(0xffffffffffffffff, r0)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x1a1081, 0x18)
r1 = socket(0x11, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000000)={'team0\x00', <r3=>0x0})
syz_io_uring_submit(0x0, 0x0, 0x0)
bind$packet(r1, &(0x7f0000000080)={0x11, 0xf7, r3, 0x1, 0x1, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xf}}, 0x14)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000002c0)="2e00000010008188040f80ec59acbc0413010048100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x80)
open$dir(&(0x7f0000000040)='./file0\x00', 0x20000, 0x2a)

19.359379913s ago: executing program 1 (id=2075):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f00000020c0)={0x2020}, 0x2020)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x93, &(0x7f00000003c0)=""/147}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
chdir(&(0x7f00000003c0)='./bus\x00')
r5 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r5, &(0x7f0000001fc0)=""/184, 0x20002078)
r6 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r6, 0x8108551b, &(0x7f0000000000)={0x0, 0x0, "ec9fe44d4dbe56a60274fcffffffffffffff14e315eeb406bfdd73835e57efa94b1a0275781c647aa7e3470c6028643b17832b10b386a6f73791011c26a9aa141f406e312295ee620a9a46577b9249b738fe7750bec83bf6ed5b67213fa7d6c0823fd154ed29ede1ff379742c3f0b46caa357d70ee438f901d7645c3f87e4b21482b76f2ad8eaac090272081f98fd2e3e5a63e008104df635e731a5bfcd942f4529517454618de595cd179445b4bdbf698b9986356f0ebf7d25a57774ef474f86a3ad24ae9f0bf94b99e6b87de5f79d383d05bb32701daed400785a49788f08caecc9e0c48a3740bbe6e1c1fd4f6cfdfe756bc00d08e36655c00"})
ioctl$USBDEVFS_CONTROL(r6, 0xc0185500, &(0x7f00000006c0)={0x2, 0xf, 0x4, 0x1, 0x0, 0x5, 0x0})

19.254225829s ago: executing program 4 (id=2076):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001f80)=ANY=[@ANYBLOB="b702000026000000bfa300000000000007030000007effff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000050404000001007d60b7030000000000006a0a00fe00000000850000002b000000b7000000000000009500000000000000496cf27fb6d2c643db7e2d5fb4b0936cdf827fb43a431ca711fcd0cdfa146ed3d09a6175037958e27106e225b7937f02008b5e5a076d83923dd29c034055b67dafe6c8dc525d78c07f17e4d5b3185b310efcfa89147a09000000f110026e6d2ef831ab7ea0c34f17e3ad6eecbb622003b534dfd8e012e79578e51bc53099e90f4580d660551b5b0a341a2d7cbdb9cd38bdb2ca8e050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c214733a18c8b6619f28d9961b6fbce3f897226c57c2691208173656d60a17e3c184b751c51160fbcbbdb5b1e7be6148ba532e60a0ac346dfebd31a0806000000020000000000230048f941b13d924bcf334d83239dd27080e71113610e10d858e8327ef01fb6c86acac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e957bc73ddc4eabba08ab1e1ad828267d4eadd3964663e88535c063f7130856f756436303767d2e24f29e5dad9796edb697a6ea1182babc190ae2ebf8aad34732181feb215139f15ea7e8cb0bae7c34d5ac5e7c805210600000000000000c3dec04b25dfc17975238345d4f71ab158c36657b7218baa0700f781c0a99bd50499ccc421ace5e845885efb5b9964e4beba3da8223fe5308e4e65ee93e107000000f8ddebf70132a4d0175b989b8eccf707882042e716df9b57b290c661d4e85031086197bcc5cb0e221a0c34323c129102b6ff0100002e88a1940b3c02ed9c92d6f64b1282dc51bb0015982730711c599e1c72ffa11ed8be1a6830d7507005154c46bd3ca96318c50500721fc7aa2a583726c64c0fb6ca996d278fb00bba99fe1f86468694f22cdf550ef091a78098534f0d973059594119d06d5ea9a8d0857382ec6e2a071474cfc12346e47ad97f4ead7cf70a9d1cdac944779dc08a705414888700a30e2366c6a06b3367a389ca39059787790017b0689a411f450f173db9c24db65c1e00015c1d093dab18fd0699fe3304000000323e9c7080397bc49d70c060d57bc88fbe3bbaa058b040362ab926150363fb099408885afc2bf9a46a076b7babfcddeff8c35030669ea69f5e4be1b8e0d6697e97186f9ae97d5670dba6623279f73db9dec75070cd9ab0fda6b069ef6d2857ca3e4effcf7462710d133d541da86e0477e4a6cc999dc21c3ef408e6b178e7c9f274d7fafc8d757d33dfa35aa2000034837d365e63845f3c1092f8dde8af3904ea0f4b82649b83ed4fa0f873339c4cadecc13219ba7518aa4f7db34ead13484742067ab743c1d82a5687f2ed690000000000000000000000000000000000000000000099d4fa0000000000003f0ecdc7c82e72919c91d2039afe17e95edeeeba72205beff7771bcb293747b88486cacee403000000a2919a4bff2ed893f2c814679fa69fc7e0cf761f918725704a01c56009a9f748e5aaf30a10bd8c409b1870c1f75ee93f9959e3d3f8e0048e55ae289ce2ad779ce71d4dc30cbb2cc4289d2f884d66cddc76eb7f601110ff39053c262279f4ef00fbdb8c328615a9ec84f27a9f3938ae736138b8c1ec220c1540bf3d162dc1c27fa30f0dc60b9f257db5d1c7ed2e152cb2cf06f8edb30177fead735a952ffce676a93110904d5ee2abdab2ef3ff84c4d61443f73552195c7ccfbf9f03c44432eaa3b7501d4239354da8de21eada75d3a3afb2c76ff0700007981699b6c0f0e946766f57544ff52cef0dd811bec4e3c0a30f2d7d19d26d2503a3ea376721b8eded3bc475958dd498ee2b2d6146e33fc0de1dc2e0516ac565ddb1d4ae89e6712824a85eb9ee0a3b68c9e209756623adf685dd715d68ed11e4b4d5502f5124948f8f98c615cac3666c58f785c3f758be352a71871d5c081197d37980e4f4e26b5476fb20407ff7098b7174bef660200a99b5c0c20b378065fac4ef9ac2d0d804b9400000060e5d3f1749feaecf69ba83a71caa9bdddc679f1b826f54b6563a4be1fd82b73c8c2bc65f63982b951fb058fd3c7b6341c4580376b6c16bd94d2da66059de81abfa15eeeb88b6ae5882ad341032c73f1285e21fff5a1d138e061b1dc7bbda199b5fab8e0719e9cd69b47dcb52b0be6a3a73afdf328132e1d4f21065716be0c53a23940d07188b015fa341dbc92231c8b5e5717eac184f46c9f61b69f55cd2231bcf821052429a1f250e8b734be0605a15f25923d599544b319319ff0a32621019347df460a098119a6f47eb1bac47946d7a009cbc6ec74c19a93cc7c7138b28c95270116181fd5f54d2ad0e10d3663488e664401453f22f0d76d2162635365258af61ae1f46f4a7862f302d91e3f7c2781f602220522e84602a939a8d5e4137ae31ccd397404dc72e06715a6503d4d865182803ee6725da7293b23daeebefd6fce7411c9624a7e8d5ba5a13e1c32adc4f3274497c6882a72475e4280a4d9a47c003c6ed3071330c58145be498ca2b42496c479a0a71e2f6f9bad8c84bc6be20281bde0b348cd2c60538a505ad4a0510eebb023e4954c9eb6cd70627f5c03d867dbf3ad5d1f1dc852064dd0efafc3df20ed65af3d194db76127f88f284fa1b71ab964fdd2474471da76373e65e9a8bf844bdfdd348bc7d00c4c7e7afe8a1f8cde79b7a6c5aafe954b8ba37818e40c14b37c23f9f614576b689436fef2f27f8b1e756e00262e22bca49c43fd73e7e99b2fa44a8c1db99c2cf2735ad6c5fabf082e0df0f8ba7e24272165f2f5b28230c02b53d44bd84bf6770157e96bbb96b5e1f165c87e7ad68a3600b3d357fa9a7d53c281d88ebb175a4dbb82130e6870982947913110f091d21760d985afd3163f2e6880682432f9b3b97d57a9f980edfa1116a3d04d58872a07d6a7e12db673acd2f7b8989d833e71943fe2c1c65a3cf36b955c56b55bfd3ecf0af694c71a03f2996c15b1ba971de1cb9c7e6a0000000000000014783ef54c51199317413f98dca8ff3d0bda50f6c0af58dbd6c031b1a5a7512c5896514adfa17d31429c68db50a93d88199defd3b4625fea426ff9293a28a544a6a9e2a79b55daa1b3c6b14c4ec6d164e902ce4913843d65d841973468729ea12bf6d3499036dbb66718f3497855c3baa6cc07c0fa388ec9df0617c1a28ef5a595ee267a76175b8a057e6efaf4fefe46def451f2858fe71a53e77b1a44e98843bb3a40102da3703dfb9f61bdcea2fb810b32d52e2157a150a63ea6135d1cf6f864c2e68884d7245bc5d61dc5a114d10ffb22e76678bbfc1e3865d17d128306d1b81884a934cb00000000000000000098a4526e6468987dbc63bff7590eb388afaba43d811996333eef7e9f472bee293f0c40d434b8be07cbd52325296e22802493edb5c590ad208bac683a8b2d4c9d2d57ff846ae8c422e0b28546671f11d8157bb762c91f3fbcca8e21589c92446ae65d408c0637ffcc2d44d715ce003dd1e12b085e186d069a55c2e96efbe5024d61a56a36d988c0f51a973a6c238e545b28211a92000000001501ae03002af0fcd540a9d4e293690c5e697b3a1480e46df5371bca1cfb28a57c1b3c956ec81397e81fbf870a67385fea042204"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r0, 0x18000000000002a0, 0x41, 0x0, &(0x7f00000006c0)="76389e147583ddd0579ba56a5cfd6518a85ed1e6df64eadbc4e7d43a919bbe43ba8ebda9d847422ee7e13f283197c92732477898b52d36a47158b490aa693805f6", 0x0, 0x3400, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

19.156903535s ago: executing program 4 (id=2077):
syz_genetlink_get_family_id$nfc(&(0x7f0000000340), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1000)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000180), 0x0, 0x4010, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000001a300)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='quota'])
r3 = openat(0xffffffffffffff9c, &(0x7f0000004d00)='./file1\x00', 0x351142, 0x1cd)
quotactl_fd$Q_GETQUOTA(r3, 0xffffffff80000701, 0x0, 0x0)

17.802665427s ago: executing program 4 (id=2078):
io_uring_setup(0x7888, 0x0)
r0 = timerfd_create(0x7, 0x800)
timerfd_settime(r0, 0x3, &(0x7f00000003c0)={{}, {0x77359400}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000100)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffc}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508011132153c528f7bca92980a3223c5b9cdddedb0a14adddf9a6e70a26b5c0ee0879c349814bee9d96d8bd23db4e801d49201ae84090455682794098afa42b34196b1d849020eeeb1ef48d003d71524683d7cdfa841bca708414fb8ff49742420d1ab7fa678aa4806d5247616e8bc0b02887f8efe9310ccf9bec1c9b7f6671c9d59ac6b09b4436cafdd1887c8e884c930d21ace088ccc99a94d4b33da2fc1b1310bb607a9ad65844655de1ac9fd36d12e07a821fb950368a970c58fb4f3f403fdaf68902874"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0xe8}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r6 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r6, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x3, 0x2, 0x1c, {0x2, 0x4e22, @empty}}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000ac0)="ee", 0xfffffe5e}], 0x1, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000000040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b57000000860f5878c37ffe36e1165814d435be5b317c6c8189587d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988ab013f40afe403041323110f62055394412158e7a3adb148d641aa40d4ab077fe34232aa8b31851466d0998a61d7da0c86d70000001010"], 0x10b8}, 0x8000)
recvmmsg(0xffffffffffffffff, &(0x7f0000001ac0), 0x0, 0x1, &(0x7f0000001c40))

17.541688331s ago: executing program 1 (id=2079):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000006c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-blowfish-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5", 0x4)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3", 0x8}], 0x1, &(0x7f0000000380)}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{0x0}, {&(0x7f0000000200)=""/83, 0x53}], 0x2}, 0x0)

17.389667647s ago: executing program 2 (id=2080):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x7000000}, 0x0)

17.330669111s ago: executing program 1 (id=2081):
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r0 = fsmount(0xffffffffffffffff, 0x0, 0x0)
openat$cgroup_pressure(r0, 0x0, 0x2, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$x86(r2, &(0x7f0000acd000/0x400000)=nil)
syz_kvm_add_vcpu$x86(r3, &(0x7f0000000080)={0x0, &(0x7f0000000280)=ANY=[], 0x73})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r4 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r4, &(0x7f0000002700)=""/102392, 0x18ff8)
getsockopt$ARPT_SO_GET_ENTRIES(r0, 0x0, 0x61, &(0x7f00000000c0)={'filter\x00', 0x2, "0206"}, &(0x7f0000000100)=0x26)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r5 = gettid()
process_vm_writev(r5, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{0x0}], 0x1, 0x0)

17.308776606s ago: executing program 2 (id=2082):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

16.456735818s ago: executing program 4 (id=2083):
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r0 = fsmount(0xffffffffffffffff, 0x0, 0x0)
openat$cgroup_pressure(r0, 0x0, 0x2, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = syz_kvm_setup_syzos_vm$x86(r2, &(0x7f0000acd000/0x400000)=nil)
syz_kvm_add_vcpu$x86(r3, &(0x7f0000000080)={0x0, &(0x7f0000000280)=ANY=[], 0x73})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
read$msr(0xffffffffffffffff, &(0x7f0000002700)=""/102392, 0x18ff8)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r4 = gettid()
process_vm_writev(r4, &(0x7f0000000000), 0x0, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xe7}], 0x1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x15)

16.359298702s ago: executing program 2 (id=2084):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x14, 0x2d, 0x101, 0x0, 0x0, "", [@nested={0x4}]}, 0x14}], 0x1}, 0x0)

16.24428774s ago: executing program 1 (id=2085):
socket$inet6(0xa, 0x3, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB], 0x48)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=ANY=[@ANYBLOB="50000000100003040000000000000000f2000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002800128009000100766c616e000000001800028006000100010000000c000200540a00001800000008000500", @ANYRES32=r1], 0x50}, 0x1, 0xba01}, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$kcm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480d0000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x404c080)
write(r2, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000000d0000000000000008000f0001000000", 0x1f)

16.181806742s ago: executing program 4 (id=2086):
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x3, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="d8c09ed901000000000000000008000085000000002020207b1af8ff0000b4b60000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000009b0000009500"/96], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x25}, 0x94)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89fb, &(0x7f0000000040)={'bond0\x00', 0x0})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000340)=0xf)
r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000080), 0x101403, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001240)=ANY=[@ANYBLOB="120000000b0000000800000002", @ANYRES32, @ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000001000"/28], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000180), &(0x7f0000000280)=r2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000180)={r4, 0x0, &(0x7f0000000080)=""/34}, 0x20)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000002000)=""/102400, 0x19000)
mprotect(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x3000002)
getcwd(0x0, 0xfffffffffffffe7d)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$SOUND_MIXER_READ_VOLUME(r1, 0x81044d03, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

16.037417042s ago: executing program 1 (id=2087):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001f80)=ANY=[@ANYBLOB="b702000026000000bfa300000000000007030000007effff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000050404000001007d60b7030000000000006a0a00fe00000000850000002b000000b7000000000000009500000000000000496cf27fb6d2c643db7e2d5fb4b0936cdf827fb43a431ca711fcd0cdfa146ed3d09a6175037958e27106e225b7937f02008b5e5a076d83923dd29c034055b67dafe6c8dc525d78c07f17e4d5b3185b310efcfa89147a09000000f110026e6d2ef831ab7ea0c34f17e3ad6eecbb622003b534dfd8e012e79578e51bc53099e90f4580d660551b5b0a341a2d7cbdb9cd38bdb2ca8e050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c214733a18c8b6619f28d9961b6fbce3f897226c57c2691208173656d60a17e3c184b751c51160fbcbbdb5b1e7be6148ba532e60a0ac346dfebd31a0806000000020000000000230048f941b13d924bcf334d83239dd27080e71113610e10d858e8327ef01fb6c86acac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e957bc73ddc4eabba08ab1e1ad828267d4eadd3964663e88535c063f7130856f756436303767d2e24f29e5dad9796edb697a6ea1182babc190ae2ebf8aad34732181feb215139f15ea7e8cb0bae7c34d5ac5e7c805210600000000000000c3dec04b25dfc17975238345d4f71ab158c36657b7218baa0700f781c0a99bd50499ccc421ace5e845885efb5b9964e4beba3da8223fe5308e4e65ee93e107000000f8ddebf70132a4d0175b989b8eccf707882042e716df9b57b290c661d4e85031086197bcc5cb0e221a0c34323c129102b6ff0100002e88a1940b3c02ed9c92d6f64b1282dc51bb0015982730711c599e1c72ffa11ed8be1a6830d7507005154c46bd3ca96318c50500721fc7aa2a583726c64c0fb6ca996d278fb00bba99fe1f86468694f22cdf550ef091a78098534f0d973059594119d06d5ea9a8d0857382ec6e2a071474cfc12346e47ad97f4ead7cf70a9d1cdac944779dc08a705414888700a30e2366c6a06b3367a389ca39059787790017b0689a411f450f173db9c24db65c1e00015c1d093dab18fd0699fe3304000000323e9c7080397bc49d70c060d57bc88fbe3bbaa058b040362ab926150363fb099408885afc2bf9a46a076b7babfcddeff8c35030669ea69f5e4be1b8e0d6697e97186f9ae97d5670dba6623279f73db9dec75070cd9ab0fda6b069ef6d2857ca3e4effcf7462710d133d541da86e0477e4a6cc999dc21c3ef408e6b178e7c9f274d7fafc8d757d33dfa35aa2000034837d365e63845f3c1092f8dde8af3904ea0f4b82649b83ed4fa0f873339c4cadecc13219ba7518aa4f7db34ead13484742067ab743c1d82a5687f2ed690000000000000000000000000000000000000000000099d4fa0000000000003f0ecdc7c82e72919c91d2039afe17e95edeeeba72205beff7771bcb293747b88486cacee403000000a2919a4bff2ed893f2c814679fa69fc7e0cf761f918725704a01c56009a9f748e5aaf30a10bd8c409b1870c1f75ee93f9959e3d3f8e0048e55ae289ce2ad779ce71d4dc30cbb2cc4289d2f884d66cddc76eb7f601110ff39053c262279f4ef00fbdb8c328615a9ec84f27a9f3938ae736138b8c1ec220c1540bf3d162dc1c27fa30f0dc60b9f257db5d1c7ed2e152cb2cf06f8edb30177fead735a952ffce676a93110904d5ee2abdab2ef3ff84c4d61443f73552195c7ccfbf9f03c44432eaa3b7501d4239354da8de21eada75d3a3afb2c76ff0700007981699b6c0f0e946766f57544ff52cef0dd811bec4e3c0a30f2d7d19d26d2503a3ea376721b8eded3bc475958dd498ee2b2d6146e33fc0de1dc2e0516ac565ddb1d4ae89e6712824a85eb9ee0a3b68c9e209756623adf685dd715d68ed11e4b4d5502f5124948f8f98c615cac3666c58f785c3f758be352a71871d5c081197d37980e4f4e26b5476fb20407ff7098b7174bef660200a99b5c0c20b378065fac4ef9ac2d0d804b9400000060e5d3f1749feaecf69ba83a71caa9bdddc679f1b826f54b6563a4be1fd82b73c8c2bc65f63982b951fb058fd3c7b6341c4580376b6c16bd94d2da66059de81abfa15eeeb88b6ae5882ad341032c73f1285e21fff5a1d138e061b1dc7bbda199b5fab8e0719e9cd69b47dcb52b0be6a3a73afdf328132e1d4f21065716be0c53a23940d07188b015fa341dbc92231c8b5e5717eac184f46c9f61b69f55cd2231bcf821052429a1f250e8b734be0605a15f25923d599544b319319ff0a32621019347df460a098119a6f47eb1bac47946d7a009cbc6ec74c19a93cc7c7138b28c95270116181fd5f54d2ad0e10d3663488e664401453f22f0d76d2162635365258af61ae1f46f4a7862f302d91e3f7c2781f602220522e84602a939a8d5e4137ae31ccd397404dc72e06715a6503d4d865182803ee6725da7293b23daeebefd6fce7411c9624a7e8d5ba5a13e1c32adc4f3274497c6882a72475e4280a4d9a47c003c6ed3071330c58145be498ca2b42496c479a0a71e2f6f9bad8c84bc6be20281bde0b348cd2c60538a505ad4a0510eebb023e4954c9eb6cd70627f5c03d867dbf3ad5d1f1dc852064dd0efafc3df20ed65af3d194db76127f88f284fa1b71ab964fdd2474471da76373e65e9a8bf844bdfdd348bc7d00c4c7e7afe8a1f8cde79b7a6c5aafe954b8ba37818e40c14b37c23f9f614576b689436fef2f27f8b1e756e00262e22bca49c43fd73e7e99b2fa44a8c1db99c2cf2735ad6c5fabf082e0df0f8ba7e24272165f2f5b28230c02b53d44bd84bf6770157e96bbb96b5e1f165c87e7ad68a3600b3d357fa9a7d53c281d88ebb175a4dbb82130e6870982947913110f091d21760d985afd3163f2e6880682432f9b3b97d57a9f980edfa1116a3d04d58872a07d6a7e12db673acd2f7b8989d833e71943fe2c1c65a3cf36b955c56b55bfd3ecf0af694c71a03f2996c15b1ba971de1cb9c7e6a0000000000000014783ef54c51199317413f98dca8ff3d0bda50f6c0af58dbd6c031b1a5a7512c5896514adfa17d31429c68db50a93d88199defd3b4625fea426ff9293a28a544a6a9e2a79b55daa1b3c6b14c4ec6d164e902ce4913843d65d841973468729ea12bf6d3499036dbb66718f3497855c3baa6cc07c0fa388ec9df0617c1a28ef5a595ee267a76175b8a057e6efaf4fefe46def451f2858fe71a53e77b1a44e98843bb3a40102da3703dfb9f61bdcea2fb810b32d52e2157a150a63ea6135d1cf6f864c2e68884d7245bc5d61dc5a114d10ffb22e76678bbfc1e3865d17d128306d1b81884a934cb00000000000000000098a4526e6468987dbc63bff7590eb388afaba43d811996333eef7e9f472bee293f0c40d434b8be07cbd52325296e22802493edb5c590ad208bac683a8b2d4c9d2d57ff846ae8c422e0b28546671f11d8157bb762c91f3fbcca8e21589c92446ae65d408c0637ffcc2d44d715ce003dd1e12b085e186d069a55c2e96efbe5024d61a56a36d988c0f51a973a6c238e545b28211a92000000001501ae03002af0fcd540a9d4e293690c5e697b3a1480e46df5371bca1cfb28a57c1b3c956ec81397e81fbf870a67385fea04220423f52ad8178b9fd04bdc7e5fee4bd52db996e633792118efdb6b88023e80da74fdf723c7f0b2e9f3bb90613508c00a292a0c5b87a4f8ff35eba73ce9ebf77d0c842063a7b42c757d828678d38e6a868eaead4f19cdeb7cfc10"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r0, 0x18000000000002a0, 0x41, 0x0, &(0x7f00000006c0)="76389e147583ddd0579ba56a5cfd6518a85ed1e6df64eadbc4e7d43a919bbe43ba8ebda9d847422ee7e13f283197c92732477898b52d36a47158b490aa693805f6", 0x0, 0x3400, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

15.707146613s ago: executing program 1 (id=2088):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000440), r1)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="07022cbd70000000000003000000040008802c00048005000300010000000500030000000000010003000100000005000300000000000500030002000000080001"], 0x54}}, 0x880)

10.013844841s ago: executing program 32 (id=2057):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
r2 = accept4$nfc_llcp(0xffffffffffffffff, &(0x7f00000022c0), &(0x7f0000002340)=0x60, 0x80000)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f0000002380)=<r3=>0x0)
bind$nfc_llcp(r2, &(0x7f00000023c0)={0x27, r3, 0x0, 0x5, 0x6, 0x4, "94a2fd765cb1d68fa56f2c85a65e9c463f62563bfcbb6f647a104ee40645f479fce18108055460d86a7fe96be47f97dc4a7bd04aad885f0e6b3f5c208f86e6", 0x19}, 0x60)
ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, &(0x7f0000000880)=ANY=[@ANYBLOB="000000000000000000000000000000000000000000000000010000000000000001"])
syz_usb_connect(0x3, 0x3f, &(0x7f0000000400)=ANY=[@ANYBLOB="12010002466c3940841706002fbb0102030109022d00013003b0080904"], 0x0)
pipe2$watch_queue(&(0x7f0000000540), 0x80)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0)
read$FUSE(r4, &(0x7f0000000200)={0x2020, 0x0, 0x0, <r5=>0x0, <r6=>0x0}, 0x2020)
pipe2$watch_queue(&(0x7f0000002240), 0x80)
add_key$keyring(&(0x7f0000000300), &(0x7f00000002c0)={'syz', 0x2}, 0x0, 0x0, r1)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket$can_bcm(0x1d, 0x2, 0x2)
io_setup(0x9, &(0x7f0000000240)=<r9=>0x0)
connect$can_bcm(r8, &(0x7f0000000040), 0x10)
io_submit(r9, 0x1, &(0x7f0000000700)=[&(0x7f00000000c0)={0x400000, 0x0, 0x0, 0x1, 0x0, r8, &(0x7f0000000200)="0500000093cb1faf16da39de706f646800580f02000000003f420f0000000000ff030f02000000003f420f00000000003bf81b05ff000000", 0x38}])
r10 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)=ANY=[@ANYBLOB="140100001f0001000000000000000000010100800c0001"], 0x114}], 0x1}, 0x0)
r11 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r7)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r12=>0x0)
lchown(&(0x7f0000002280)='./file0\x00', r5, r6)
r13 = add_key(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
pipe2$watch_queue(&(0x7f0000000380)={0xffffffffffffffff, <r14=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r13, r14, 0x49)
keyctl$KEYCTL_WATCH_KEY(0x20, r13, r14, 0xffffffffffffffff)
request_key(&(0x7f0000000000)='asymmetric\x00', &(0x7f0000000080)={'syz', 0x1}, &(0x7f00000000c0)='veth0_to_bond\x00', r13)
sendmsg$NFC_CMD_DEV_UP(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r11, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r12], 0x1c}}, 0x0)
write$nci(r0, &(0x7f0000000380)=ANY=[@ANYBLOB="61030602061bf3a2ff0ca57b2b117ac5fe"], 0x12)

7.509587701s ago: executing program 33 (id=2068):
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
r1 = syz_open_dev$vim2m(&(0x7f0000000140), 0x200000001003, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_STREAMON(r1, 0x40045612, &(0x7f0000000080)=0x2)
ioctl$vim2m_VIDIOC_QBUF(r1, 0xc058560f, &(0x7f00000002c0)=@multiplanar_mmap={0x0, 0x2, 0x0, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "fafc00"}, 0x0, 0x1, {0x0}})
write$rfkill(r0, &(0x7f0000000080)={0x0, 0x0, 0x3, 0x1}, 0x8)

1.004168202s ago: executing program 34 (id=2084):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x14, 0x2d, 0x101, 0x0, 0x0, "", [@nested={0x4}]}, 0x14}], 0x1}, 0x0)

972.261029ms ago: executing program 35 (id=2086):
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x3, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="d8c09ed901000000000000000008000085000000002020207b1af8ff0000b4b60000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000009b0000009500"/96], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x25}, 0x94)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89fb, &(0x7f0000000040)={'bond0\x00', 0x0})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000340)=0xf)
r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000080), 0x101403, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001240)=ANY=[@ANYBLOB="120000000b0000000800000002", @ANYRES32, @ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000001000"/28], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000180), &(0x7f0000000280)=r2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000180)={r4, 0x0, &(0x7f0000000080)=""/34}, 0x20)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000002000)=""/102400, 0x19000)
mprotect(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x3000002)
getcwd(0x0, 0xfffffffffffffe7d)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$SOUND_MIXER_READ_VOLUME(r1, 0x81044d03, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

0s ago: executing program 36 (id=2088):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000440), r1)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="07022cbd70000000000003000000040008802c00048005000300010000000500030000000000010003000100000005000300000000000500030002000000080001"], 0x54}}, 0x880)

kernel console output (not intermixed with test programs):

  T92] usb 5-1: config 0 has an invalid interface number: 35 but max is 0
[  471.173327][   T92] usb 5-1: config 0 has no interface number 0
[  471.244051][T10065] netlink: 888 bytes leftover after parsing attributes in process `syz.1.1091'.
[  471.253214][T10065] netlink: 137 bytes leftover after parsing attributes in process `syz.1.1091'.
[  471.262313][T10065] sch_tbf: burst 720 is lower than device lo mtu (65550) !
[  471.634336][   T92] usb 5-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f
[  471.643748][   T92] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  471.663681][   T92] usb 5-1: Product: syz
[  471.669189][   T92] usb 5-1: Manufacturer: syz
[  471.678092][   T92] usb 5-1: SerialNumber: syz
[  471.678942][  T880] usb 3-1: Using ep0 maxpacket: 16
[  471.691987][   T92] usb 5-1: config 0 descriptor??
[  471.702294][  T880] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  471.728923][  T880] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  471.738661][  T880] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  471.761310][  T880] usb 3-1: New USB device found, idVendor=045e, idProduct=9994, bcdDevice=fc.3c
[  471.781263][  T880] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  471.791847][  T880] usb 3-1: config 0 descriptor??
[  471.833215][T10062] kAFS: unable to lookup cell '.,'
[  471.963644][   T92] radio-si470x 5-1:0.35: this is not a si470x device.
[  472.213467][   T92] radio-raremono 5-1:0.35: Thanko's Raremono connected: (10C4:818A)
[  472.411296][   T92] radio-raremono 5-1:0.35: raremono_cmd_main failed (-71)
[  472.923139][  T880] hid-generic 0003:045E:9994.0001: unknown main item tag 0x2
[  472.930725][  T880] hid-generic 0003:045E:9994.0001: unknown main item tag 0x0
[  472.938210][  T880] hid-generic 0003:045E:9994.0001: unknown main item tag 0x0
[  472.945744][  T880] hid-generic 0003:045E:9994.0001: unknown main item tag 0x0
[  472.953531][  T880] hid-generic 0003:045E:9994.0001: unknown main item tag 0x0
[  472.961053][  T880] hid-generic 0003:045E:9994.0001: unknown main item tag 0x0
[  472.968543][  T880] hid-generic 0003:045E:9994.0001: unknown main item tag 0x0
[  472.976040][  T880] hid-generic 0003:045E:9994.0001: unknown main item tag 0x0
[  472.983536][  T880] hid-generic 0003:045E:9994.0001: unknown main item tag 0x0
[  472.991432][  T880] hid-generic 0003:045E:9994.0001: unknown main item tag 0x0
[  472.999613][  T880] hid-generic 0003:045E:9994.0001: unknown main item tag 0x0
[  473.047040][  T880] hid-generic 0003:045E:9994.0001: unknown main item tag 0x0
[  473.049700][   T92] radio-raremono 5-1:0.35: V4L2 device registered as radio48
[  473.054721][  T880] hid-generic 0003:045E:9994.0001: unknown main item tag 0x0
[  473.078802][   T92] usb 5-1: USB disconnect, device number 36
[  473.080432][  T880] hid-generic 0003:045E:9994.0001: unknown main item tag 0x0
[  473.097859][   T92] radio-raremono 5-1:0.35: Thanko's Raremono disconnected
[  473.186109][T10075] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  473.197476][T10075] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  473.274202][T10075] usb usb1: check_ctrlrecip: process 10075 (syz.0.1094) requesting ep 01 but needs 81
[  473.532222][  T880] hid-generic 0003:045E:9994.0001: unknown main item tag 0x0
[  473.539823][  T880] hid-generic 0003:045E:9994.0001: unknown main item tag 0x0
[  473.547264][  T880] hid-generic 0003:045E:9994.0001: unknown main item tag 0x0
[  473.620556][  T880] hid-generic 0003:045E:9994.0001: unknown main item tag 0x0
[  473.628032][  T880] hid-generic 0003:045E:9994.0001: unknown main item tag 0x0
[  473.636283][  T880] hid-generic 0003:045E:9994.0001: unknown main item tag 0x0
[  473.646210][  T880] hid-generic 0003:045E:9994.0001: unknown main item tag 0x0
[  473.658460][  T880] hid-generic 0003:045E:9994.0001: unknown main item tag 0x0
[  473.666365][  T880] hid-generic 0003:045E:9994.0001: unknown main item tag 0x0
[  473.689041][  T880] hid-generic 0003:045E:9994.0001: unknown main item tag 0x0
[  473.737561][  T880] hid-generic 0003:045E:9994.0001: hidraw0: USB HID v0.00 Device [HID 045e:9994] on usb-dummy_hcd.2-1/input0
[  473.815987][  T880] usb 3-1: USB disconnect, device number 28
[  475.131760][T10091] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  475.143312][T10091] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  475.193133][T10091] usb usb1: check_ctrlrecip: process 10091 (syz.2.1097) requesting ep 01 but needs 81
[  475.573824][T10079] fido_id[10079]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[  476.590319][T10103] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  476.601921][T10103] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  476.643278][ T2134] nci: nci_rf_intf_activated_ntf_packet: unsupported activation_rf_tech_and_mode 0xe
[  477.119662][T10101] usb usb1: check_ctrlrecip: process 10101 (syz.0.1100) requesting ep 01 but needs 81
[  478.932897][T10124] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1104'.
[  479.748984][   T48] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  480.577404][   T48] usb 3-1: Using ep0 maxpacket: 16
[  480.950939][   T48] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  481.155914][T10137] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  481.163261][   T48] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  481.214904][   T48] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  481.240153][   T48] usb 3-1: New USB device found, idVendor=045e, idProduct=9994, bcdDevice=fc.3c
[  481.258452][   T48] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  481.270211][   T48] usb 3-1: config 0 descriptor??
[  481.451221][  T880] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  481.498977][  T977] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  481.809223][  T977] usb 4-1: Using ep0 maxpacket: 16
[  481.818128][  T977] usb 4-1: config 8 has an invalid interface number: 206 but max is 0
[  481.830776][  T880] usb 5-1: config 36 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  482.005631][   T48] hid-generic 0003:045E:9994.0002: unknown main item tag 0x2
[  482.013150][   T48] hid-generic 0003:045E:9994.0002: unknown main item tag 0x0
[  482.020648][   T48] hid-generic 0003:045E:9994.0002: unknown main item tag 0x0
[  482.028508][   T48] hid-generic 0003:045E:9994.0002: unknown main item tag 0x0
[  482.035965][   T48] hid-generic 0003:045E:9994.0002: unknown main item tag 0x0
[  482.037881][  T977] usb 4-1: config 8 has no interface number 0
[  482.043438][   T48] hid-generic 0003:045E:9994.0002: unknown main item tag 0x0
[  482.043462][   T48] hid-generic 0003:045E:9994.0002: unknown main item tag 0x0
[  482.043483][   T48] hid-generic 0003:045E:9994.0002: unknown main item tag 0x0
[  482.043504][   T48] hid-generic 0003:045E:9994.0002: unknown main item tag 0x0
[  482.043525][   T48] hid-generic 0003:045E:9994.0002: unknown main item tag 0x0
[  482.043546][   T48] hid-generic 0003:045E:9994.0002: unknown main item tag 0x0
[  482.043567][   T48] hid-generic 0003:045E:9994.0002: unknown main item tag 0x0
[  482.043589][   T48] hid-generic 0003:045E:9994.0002: unknown main item tag 0x0
[  482.043609][   T48] hid-generic 0003:045E:9994.0002: unknown main item tag 0x0
[  482.043630][   T48] hid-generic 0003:045E:9994.0002: unknown main item tag 0x0
[  482.043650][   T48] hid-generic 0003:045E:9994.0002: unknown main item tag 0x0
[  482.043670][   T48] hid-generic 0003:045E:9994.0002: unknown main item tag 0x0
[  482.043689][   T48] hid-generic 0003:045E:9994.0002: unknown main item tag 0x0
[  482.043708][   T48] hid-generic 0003:045E:9994.0002: unknown main item tag 0x0
[  482.043728][   T48] hid-generic 0003:045E:9994.0002: unknown main item tag 0x0
[  482.043748][   T48] hid-generic 0003:045E:9994.0002: unknown main item tag 0x0
[  482.043769][   T48] hid-generic 0003:045E:9994.0002: unknown main item tag 0x0
[  482.043789][   T48] hid-generic 0003:045E:9994.0002: unknown main item tag 0x0
[  482.043809][   T48] hid-generic 0003:045E:9994.0002: unknown main item tag 0x0
[  482.047480][   T48] hid-generic 0003:045E:9994.0002: hidraw0: USB HID v0.00 Device [HID 045e:9994] on usb-dummy_hcd.2-1/input0
[  482.073094][  T880] usb 5-1: config 36 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  482.187762][   T48] usb 3-1: USB disconnect, device number 29
[  482.217331][  T977] usb 4-1: config 8 interface 206 altsetting 1 has an endpoint descriptor with address 0xF7, changing to 0x87
[  482.291657][  T977] usb 4-1: config 8 interface 206 altsetting 1 endpoint 0x87 has invalid maxpacket 33058, setting to 1024
[  482.307830][  T977] usb 4-1: config 8 interface 206 has no altsetting 0
[  482.350639][  T977] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=35.bb
[  482.359800][  T977] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  482.367957][  T977] usb 4-1: Product: syz
[  482.373161][  T977] usb 4-1: Manufacturer: syz
[  482.377805][  T977] usb 4-1: SerialNumber: syz
[  482.383781][  T880] usb 5-1: config 36 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  482.412797][  T880] usb 5-1: New USB device found, idVendor=6993, idProduct=b001, bcdDevice=26.29
[  482.427015][  T880] usb 5-1: New USB device strings: Mfr=244, Product=0, SerialNumber=16
[  482.435405][  T880] usb 5-1: Manufacturer: syz
[  482.440809][  T880] usb 5-1: SerialNumber: syz
[  482.678165][  T880] yealink 5-1:36.0: invalid payload size 0, expected 16
[  482.715404][  T880] input: Yealink usb-p1k as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:36.0/input/input25
[  482.865053][    C0] yealink 5-1:36.0: urb_ctl_callback - urb status -71
[  482.872055][    C0] yealink 5-1:36.0: urb_ctl_callback - urb status -71
[  482.879186][    C0] yealink 5-1:36.0: urb_ctl_callback - urb status -71
[  482.886160][    C0] yealink 5-1:36.0: urb_ctl_callback - urb status -71
[  482.893091][    C0] yealink 5-1:36.0: urb_ctl_callback - urb status -71
[  482.900047][    C0] yealink 5-1:36.0: urb_ctl_callback - urb status -71
[  482.906959][    C0] yealink 5-1:36.0: urb_ctl_callback - urb status -71
[  482.913861][    C0] yealink 5-1:36.0: urb_ctl_callback - urb status -71
[  482.920618][    C0] yealink 5-1:36.0: urb_ctl_callback - usb_submit_urb failed -90
[  482.958676][  T977] garmin_gps 4-1:8.206: Garmin GPS usb/tty converter detected
[  483.635805][  T977] usb 4-1: Garmin GPS usb/tty converter now attached to ttyUSB0
[  483.648341][  T880] usb 5-1: USB disconnect, device number 37
[  483.662819][  T977] usb 4-1: USB disconnect, device number 26
[  483.750793][  T977] garmin_gps ttyUSB0: Garmin GPS usb/tty converter now disconnected from ttyUSB0
[  483.765498][  T977] garmin_gps 4-1:8.206: device disconnected
[  484.164861][T10179] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  484.176394][T10179] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  484.600752][T10171] ceph: No mds server is up or the cluster is laggy
[  486.488742][T10200] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  486.500576][T10200] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  487.919875][T10216] 9pnet_fd: Insufficient options for proto=fd
[  487.934023][   T30] audit: type=1400 audit(1751821532.925:389): avc:  denied  { mounton } for  pid=10215 comm="syz.3.1128" path="/226/file0" dev="tmpfs" ino=1248 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  487.987135][  T977] libceph: connect (1)[c::]:6789 error -101
[  487.995813][  T977] libceph: mon0 (1)[c::]:6789 connect error
[  488.248037][T10218] ceph: No mds server is up or the cluster is laggy
[  488.259854][   T30] audit: type=1400 audit(1751821533.225:390): avc:  denied  { create } for  pid=10224 comm="syz.3.1131" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  488.291291][  T977] libceph: connect (1)[c::]:6789 error -101
[  488.336232][  T977] libceph: mon0 (1)[c::]:6789 connect error
[  488.458957][ T5944] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  489.473362][ T5944] usb 2-1: config 36 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  489.485298][ T5944] usb 2-1: config 36 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  489.516993][ T5944] usb 2-1: config 36 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  489.614589][T10232] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=10232 comm=syz.3.1132
[  490.018012][ T5944] usb 2-1: New USB device found, idVendor=6993, idProduct=b001, bcdDevice=26.29
[  490.027838][ T5944] usb 2-1: New USB device strings: Mfr=244, Product=0, SerialNumber=16
[  490.050179][ T5944] usb 2-1: Manufacturer: syz
[  490.054893][ T5944] usb 2-1: SerialNumber: syz
[  490.701661][ T5944] yealink 2-1:36.0: invalid payload size 0, expected 16
[  491.166614][ T5944] input: Yealink usb-p1k as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:36.0/input/input26
[  491.179474][    C1] yealink 2-1:36.0: urb_ctl_callback - urb status -71
[  491.186450][    C1] yealink 2-1:36.0: urb_ctl_callback - urb status -71
[  491.193402][    C1] yealink 2-1:36.0: urb_ctl_callback - urb status -71
[  491.200340][    C1] yealink 2-1:36.0: urb_ctl_callback - urb status -71
[  491.207274][    C1] yealink 2-1:36.0: urb_ctl_callback - urb status -71
[  491.214228][    C1] yealink 2-1:36.0: urb_ctl_callback - urb status -71
[  491.221176][    C1] yealink 2-1:36.0: urb_ctl_callback - urb status -71
[  491.228099][    C1] yealink 2-1:36.0: urb_ctl_callback - urb status -71
[  491.234843][    C1] yealink 2-1:36.0: urb_ctl_callback - usb_submit_urb failed -90
[  491.260258][T10246] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  491.261123][ T5944] usb 2-1: USB disconnect, device number 32
[  491.406735][T10247] usb usb1: check_ctrlrecip: process 10247 (syz.4.1133) requesting ep 01 but needs 81
[  491.632209][T10251] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=10251 comm=syz.3.1136
[  492.006999][T10246] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  493.481087][T10265] siw: device registration error -23
[  493.625141][T10263] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1139'.
[  495.868562][T10280] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=10280 comm=syz.3.1141
[  495.885674][T10274] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1140'.
[  496.404893][T10283] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1143'.
[  496.876348][T10286] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  496.887441][T10286] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  496.906190][T10286] usb usb1: check_ctrlrecip: process 10286 (syz.2.1142) requesting ep 01 but needs 81
[  497.961387][T10294] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=10294 comm=syz.1.1145
[  500.198967][ T5944] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  500.204667][T10317] kAFS: unable to lookup cell '.,'
[  500.659112][ T5944] usb 2-1: Using ep0 maxpacket: 16
[  500.668364][ T5944] usb 2-1: no configurations
[  501.005340][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  501.015595][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  501.098921][ T5944] usb 2-1: can't read configurations, error -22
[  501.460976][T10327] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=10327 comm=syz.2.1153
[  501.559240][T10329] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1154'.
[  501.568351][ T5944] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  501.960536][ T5944] usb 2-1: Using ep0 maxpacket: 16
[  502.780809][T10335] siw: device registration error -23
[  502.848520][ T5944] usb 2-1: no configurations
[  502.853202][ T5944] usb 2-1: can't read configurations, error -22
[  502.859947][ T5944] usb usb2-port1: attempt power cycle
[  503.499333][ T5899] libceph: connect (1)[c::]:6789 error -101
[  503.519583][ T5899] libceph: mon0 (1)[c::]:6789 connect error
[  503.723087][T10339] ceph: No mds server is up or the cluster is laggy
[  503.779225][ T5944] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  503.819406][ T5899] libceph: connect (1)[c::]:6789 error -101
[  503.869292][ T5899] libceph: mon0 (1)[c::]:6789 connect error
[  504.021355][ T5944] usb 2-1: device not accepting address 35, error -71
[  504.102441][T10353] siw: device registration error -23
[  504.750344][T10360] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  504.768690][T10360] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1162'.
[  505.007959][T10363] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  505.023079][T10363] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  505.103502][T10363] usb usb1: check_ctrlrecip: process 10363 (syz.0.1159) requesting ep 01 but needs 81
[  506.409510][T10374] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1166'.
[  507.061940][T10387] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1169'.
[  507.178585][ T5899] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[  508.102845][ T5899] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  508.161992][ T5899] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  508.199235][ T5899] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  508.229710][ T5899] usb 2-1: config 0 descriptor??
[  508.252107][ T5899] pwc: Askey VC010 type 2 USB webcam detected.
[  508.389023][  T977] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  508.512691][T10405] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1174'.
[  508.552384][  T977] usb 5-1: Using ep0 maxpacket: 16
[  508.568451][  T977] usb 5-1: no configurations
[  508.577920][  T977] usb 5-1: can't read configurations, error -22
[  508.648836][ T5899] pwc: recv_control_msg error -32 req 02 val 2b00
[  508.691942][ T5899] pwc: recv_control_msg error -32 req 02 val 2700
[  508.716458][ T5899] pwc: recv_control_msg error -32 req 02 val 2c00
[  508.728978][  T977] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  508.745519][ T5899] pwc: recv_control_msg error -32 req 04 val 1000
[  508.771714][ T5899] pwc: recv_control_msg error -32 req 04 val 1300
[  508.779954][T10414] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  508.839405][ T5899] pwc: recv_control_msg error -32 req 04 val 1400
[  508.909074][  T977] usb 5-1: Using ep0 maxpacket: 16
[  508.922841][  T977] usb 5-1: no configurations
[  508.928276][  T977] usb 5-1: can't read configurations, error -22
[  508.963241][  T977] usb usb5-port1: attempt power cycle
[  509.001353][T10414] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  509.053118][ T5899] pwc: recv_control_msg error -32 req 02 val 2100
[  509.128924][T10417] usb usb1: check_ctrlrecip: process 10417 (syz.2.1175) requesting ep 01 but needs 81
[  509.352979][ T5899] pwc: recv_control_msg error -71 req 02 val 2500
[  509.361472][ T5899] pwc: recv_control_msg error -71 req 02 val 2400
[  509.369028][  T977] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[  509.387461][ T5899] pwc: recv_control_msg error -71 req 02 val 2600
[  509.465272][ T5899] pwc: recv_control_msg error -71 req 02 val 2900
[  509.481158][  T977] usb 5-1: Using ep0 maxpacket: 16
[  509.511478][ T5899] pwc: recv_control_msg error -71 req 02 val 2800
[  509.577717][  T977] usb 5-1: no configurations
[  509.583545][  T977] usb 5-1: can't read configurations, error -22
[  509.590041][ T5899] pwc: recv_control_msg error -71 req 04 val 1100
[  510.200170][ T5899] pwc: recv_control_msg error -71 req 04 val 1200
[  510.240699][ T5899] pwc: Registered as video103.
[  510.246980][ T5899] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input27
[  510.326237][ T5899] usb 2-1: USB disconnect, device number 37
[  510.349297][  T977] usb 5-1: new high-speed USB device number 41 using dummy_hcd
[  510.380055][  T977] usb 5-1: Using ep0 maxpacket: 16
[  510.393579][  T977] usb 5-1: no configurations
[  510.416161][  T977] usb 5-1: can't read configurations, error -22
[  510.432044][  T977] usb usb5-port1: unable to enumerate USB device
[  510.827512][T10433] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1181'.
[  513.202352][T10443] workqueue: Failed to create a rescuer kthread for wq "xfs-blockgc/nullb0": -EINTR
[  514.219285][T10449] netlink: 888 bytes leftover after parsing attributes in process `syz.2.1185'.
[  514.411008][T10449] netlink: 137 bytes leftover after parsing attributes in process `syz.2.1185'.
[  514.425058][T10449] sch_tbf: burst 720 is lower than device lo mtu (65550) !
[  516.814118][T10502] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1195'.
[  517.360368][T10509] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  517.371433][T10509] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  517.402904][T10509] usb usb1: check_ctrlrecip: process 10509 (syz.3.1196) requesting ep 01 but needs 81
[  520.046174][T10521] vlan2: entered promiscuous mode
[  522.940446][T10547] [U] 
[  526.278199][T10592] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  526.289477][T10592] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  526.310177][T10592] usb usb1: check_ctrlrecip: process 10592 (syz.2.1209) requesting ep 01 but needs 81
[  529.837277][T10598] vlan2: entered promiscuous mode
[  530.354127][T10607] [U] 
[  531.847198][T10628] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1224'.
[  534.522928][   T30] audit: type=1400 audit(1751821579.125:391): avc:  denied  { create } for  pid=10652 comm="syz.4.1231" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  534.550707][   T30] audit: type=1400 audit(1751821579.135:392): avc:  denied  { write } for  pid=10652 comm="syz.4.1231" path="socket:[24786]" dev="sockfs" ino=24786 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  538.567904][T10701] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=10701 comm=syz.4.1241
[  539.819553][T10717] overlayfs: failed to resolve './file0': -2
[  540.471672][T10719] usb usb1: check_ctrlrecip: process 10719 (syz.2.1245) requesting ep 01 but needs 81
[  543.141669][T10741] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1250'.
[  548.375991][T10774] overlayfs: failed to resolve './file0': -2
[  548.453473][T10775] usb usb1: check_ctrlrecip: process 10775 (syz.3.1259) requesting ep 01 but needs 81
[  551.062723][T10804] overlayfs: failed to resolve './file0': -2
[  553.043025][T10830] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=10830 comm=syz.2.1270
[  553.409663][T10832] overlayfs: failed to resolve './file0': -2
[  553.488292][T10834] usb usb1: check_ctrlrecip: process 10834 (syz.4.1271) requesting ep 01 but needs 81
[  557.373478][T10865] vlan2: entered promiscuous mode
[  557.640786][T10879] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1281'.
[  562.439394][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  562.447510][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  564.554291][T10942] netlink: 'syz.1.1295': attribute type 11 has an invalid length.
[  564.569209][T10942] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1295'.
[  570.749793][T10997] 9pnet_fd: Insufficient options for proto=fd
[  572.581307][T11020] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  572.673246][T11022] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1315'.
[  576.506361][T11052] overlayfs: failed to resolve './file0': -2
[  576.583445][T11053] usb usb1: check_ctrlrecip: process 11053 (syz.0.1323) requesting ep 01 but needs 81
[  577.955926][T11068] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  578.006231][T11068] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1324'.
[  589.695484][T11156] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1353'.
[  589.749038][    T9] usb 5-1: new high-speed USB device number 42 using dummy_hcd
[  589.919038][    T9] usb 5-1: Using ep0 maxpacket: 8
[  589.935834][    T9] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  589.970401][    T9] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  589.989267][    T9] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  590.001859][    T9] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  590.028922][    T9] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  590.066956][    T9] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  590.094705][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  590.452398][    T9] usb 5-1: usb_control_msg returned -32
[  590.542124][    T9] usbtmc 5-1:16.0: can't read capabilities
[  590.676028][T11161] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1356'.
[  590.777972][T11159] usbtmc 5-1:16.0: INITIATE_CLEAR returned 0
[  591.010403][   T48] usb 5-1: USB disconnect, device number 42
[  591.161901][T11191] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  591.869477][    T9] usb 2-1: new full-speed USB device number 38 using dummy_hcd
[  592.226228][    T9] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  592.270600][    T9] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  592.306378][    T9] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  592.338757][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  592.833903][T11194] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1367'.
[  592.845463][    T9] usb 2-1: usb_control_msg returned -32
[  592.890877][    T9] usbtmc 2-1:16.0: can't read capabilities
[  593.174165][T11186] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1365'.
[  593.193357][    T9] usb 2-1: USB disconnect, device number 38
[  593.978924][    T9] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  594.150404][    T9] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  594.961085][    T9] usb 3-1: config 0 has no interface number 0
[  594.967287][    T9] usb 3-1: New USB device found, idVendor=5bd3, idProduct=317c, bcdDevice= 4.5e
[  594.977050][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  595.004056][    T9] usb 3-1: config 0 descriptor??
[  595.021066][    T9] usb 3-1: bad CDC descriptors
[  595.126021][T11217] vlan2: entered promiscuous mode
[  595.234506][ T5944] usb 3-1: USB disconnect, device number 30
[  610.638977][   T30] audit: type=1400 audit(1751821655.605:393): avc:  denied  { block_suspend } for  pid=11330 comm="syz.3.1406" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  610.826665][T11337] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  611.045937][T11334] vlan2: entered promiscuous mode
[  612.172773][T11348] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1410'.
[  613.756086][T11366] bridge1: entered promiscuous mode
[  614.564360][   T30] audit: type=1400 audit(1751821659.555:394): avc:  denied  { watch watch_reads } for  pid=11383 comm="syz.2.1421" path="pipe:[3886]" dev="pipefs" ino=3886 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  615.325685][T11388] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  615.451932][T11391] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1423'.
[  615.603539][   T30] audit: type=1400 audit(1751821660.605:395): avc:  denied  { read write } for  pid=11392 comm="syz.2.1424" name="uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  615.748890][   T30] audit: type=1400 audit(1751821660.605:396): avc:  denied  { open } for  pid=11392 comm="syz.2.1424" path="/dev/uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  616.543127][T11404] syz_tun: entered promiscuous mode
[  616.548411][T11404] macsec1: entered promiscuous mode
[  616.553780][T11404] macsec1: entered allmulticast mode
[  616.559091][T11404] syz_tun: entered allmulticast mode
[  617.430799][T11404] syz_tun: left allmulticast mode
[  617.436338][T11404] syz_tun: left promiscuous mode
[  622.363641][T11437] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1435'.
[  623.871558][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  623.877876][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  626.260372][T11470] syz_tun: entered promiscuous mode
[  626.265655][T11470] macsec1: entered promiscuous mode
[  626.271055][T11470] macsec1: entered allmulticast mode
[  626.276338][T11470] syz_tun: entered allmulticast mode
[  626.940144][T11470] syz_tun: left allmulticast mode
[  626.946211][T11470] syz_tun: left promiscuous mode
[  627.421394][T11479] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1444'.
[  630.884232][   T30] audit: type=1400 audit(1751821675.885:397): avc:  denied  { read } for  pid=11507 comm="syz.2.1452" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  632.693041][T11526] syz_tun: entered promiscuous mode
[  632.698328][T11526] macsec1: entered promiscuous mode
[  632.703698][T11526] macsec1: entered allmulticast mode
[  632.708993][T11526] syz_tun: entered allmulticast mode
[  632.861553][T11526] syz_tun: left allmulticast mode
[  632.867710][T11526] syz_tun: left promiscuous mode
[  633.636576][   T30] audit: type=1400 audit(1751821678.535:398): avc:  denied  { create } for  pid=11529 comm="syz.1.1459" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  634.065813][   T30] audit: type=1400 audit(1751821678.545:399): avc:  denied  { ioctl } for  pid=11529 comm="syz.1.1459" path="socket:[27739]" dev="sockfs" ino=27739 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  634.133652][T11536] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  635.089000][T11544] netlink: 888 bytes leftover after parsing attributes in process `syz.0.1464'.
[  635.098105][T11544] netlink: 137 bytes leftover after parsing attributes in process `syz.0.1464'.
[  635.107195][T11544] sch_tbf: burst 720 is lower than device lo mtu (65550) !
[  635.944342][T11533] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1461'.
[  637.616519][T11567] syz_tun: entered promiscuous mode
[  637.621854][T11567] macsec1: entered promiscuous mode
[  637.627177][T11567] macsec1: entered allmulticast mode
[  637.632503][T11567] syz_tun: entered allmulticast mode
[  637.648185][T11567] syz_tun: left allmulticast mode
[  637.649142][T11567] syz_tun: left promiscuous mode
[  640.403850][T11570] syz_tun: entered promiscuous mode
[  640.409196][T11570] macsec1: entered promiscuous mode
[  640.414528][T11570] macsec1: entered allmulticast mode
[  640.419888][T11570] syz_tun: entered allmulticast mode
[  640.579345][T11570] syz_tun: left allmulticast mode
[  640.584580][T11570] syz_tun: left promiscuous mode
[  642.845015][T11592] syz_tun: entered promiscuous mode
[  642.850447][T11592] macsec1: entered promiscuous mode
[  642.855779][T11592] macsec1: entered allmulticast mode
[  642.861102][T11592] syz_tun: entered allmulticast mode
[  643.732544][T11592] syz_tun: left allmulticast mode
[  643.739030][T11592] syz_tun: left promiscuous mode
[  645.219399][T11596] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1478'.
[  645.228774][T11596] tipc: Started in network mode
[  645.236546][T11596] tipc: Node identity ff010000000000000000000000000001, cluster identity 4711
[  645.246968][T11596] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  645.668925][T11600] netlink: 888 bytes leftover after parsing attributes in process `syz.2.1477'.
[  645.678041][T11600] netlink: 137 bytes leftover after parsing attributes in process `syz.2.1477'.
[  645.687108][T11600] sch_tbf: burst 720 is lower than device lo mtu (65550) !
[  645.783791][T11595] syz_tun: entered promiscuous mode
[  645.789123][T11595] macsec1: entered promiscuous mode
[  645.794451][T11595] macsec1: entered allmulticast mode
[  645.799756][T11595] syz_tun: entered allmulticast mode
[  646.299278][T11595] syz_tun: left allmulticast mode
[  646.304516][T11595] syz_tun: left promiscuous mode
[  648.941589][T11612] syz_tun: entered promiscuous mode
[  648.948924][T11612] macsec1: entered promiscuous mode
[  649.020709][T11612] macsec1: entered allmulticast mode
[  649.026072][T11612] syz_tun: entered allmulticast mode
[  649.069167][T11612] syz_tun: left allmulticast mode
[  649.074450][T11612] syz_tun: left promiscuous mode
[  650.914339][   T30] audit: type=1400 audit(1751821695.915:400): avc:  denied  { ioctl } for  pid=11621 comm="syz.1.1484" path="/dev/ppp" dev="devtmpfs" ino=709 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  651.380613][T11630] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  651.479483][T11630] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1485'.
[  651.489139][   T92] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  652.250360][   T92] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  652.265279][   T92] usb 4-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  652.277405][   T92] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  652.288590][   T92] usb 4-1: config 0 descriptor??
[  652.299350][   T92] pwc: Askey VC010 type 2 USB webcam detected.
[  652.541101][T11642] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1489'.
[  653.601333][   T30] audit: type=1400 audit(1751821698.275:401): avc:  denied  { getopt } for  pid=11643 comm="syz.2.1490" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  653.629760][   T92] pwc: recv_control_msg error -32 req 02 val 2b00
[  653.639981][   T92] pwc: recv_control_msg error -32 req 02 val 2700
[  653.657299][   T92] pwc: recv_control_msg error -32 req 02 val 2c00
[  653.665804][   T92] pwc: recv_control_msg error -32 req 04 val 1000
[  653.674913][   T30] audit: type=1400 audit(1751821698.685:402): avc:  denied  { sqpoll } for  pid=11649 comm="syz.1.1491" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  653.722803][   T92] pwc: recv_control_msg error -32 req 04 val 1300
[  653.732370][   T92] pwc: recv_control_msg error -32 req 04 val 1400
[  653.739980][   T92] pwc: recv_control_msg error -32 req 02 val 2000
[  653.747184][   T92] pwc: recv_control_msg error -32 req 02 val 2100
[  653.755840][   T92] pwc: recv_control_msg error -32 req 04 val 1500
[  653.964137][   T92] pwc: recv_control_msg error -71 req 02 val 2400
[  653.973250][   T92] pwc: recv_control_msg error -71 req 02 val 2600
[  653.980670][   T92] pwc: recv_control_msg error -71 req 02 val 2900
[  654.079242][   T92] pwc: recv_control_msg error -71 req 02 val 2800
[  654.109008][   T92] pwc: recv_control_msg error -71 req 04 val 1100
[  654.116034][   T92] pwc: recv_control_msg error -71 req 04 val 1200
[  654.136969][   T92] pwc: Registered as video103.
[  654.546145][   T92] input: PWC snapshot button as /devices/platform/dummy_hcd.3/usb4/4-1/input/input28
[  654.572593][   T92] usb 4-1: USB disconnect, device number 27
[  656.598761][T11680] binder: BINDER_SET_CONTEXT_MGR already set
[  656.642022][T11680] binder: 11677:11680 ioctl 4018620d 200000000040 returned -16
[  656.750011][T11682] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  656.879230][T11680] binder: 11677:11680 ioctl c0306201 200000000240 returned -11
[  656.945536][T11686] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1498'.
[  659.887148][T11720] vlan2: entered promiscuous mode
[  660.330357][T11726] vlan2: entered promiscuous mode
[  664.252834][T11768] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1523'.
[  668.657079][T11807] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  668.729536][T11807] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1535'.
[  671.848536][T11825] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  671.860413][T11825] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  671.988856][T11825] usb usb1: check_ctrlrecip: process 11825 (syz.3.1540) requesting ep 01 but needs 81
[  674.517497][T11833] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  674.916656][T11833] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1543'.
[  675.218462][T11857] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  675.246651][T11857] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  675.307734][T11857] usb usb1: check_ctrlrecip: process 11857 (syz.2.1545) requesting ep 01 but needs 81
[  675.378521][T11861] binder: 11859:11861 ioctl 4018620d 0 returned -22
[  678.403793][T11882] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1552'.
[  678.571306][   T48] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  679.245878][   T48] usb 2-1: Using ep0 maxpacket: 8
[  679.496889][   T48] usb 2-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  679.507612][   T48] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x94, changing to 0x84
[  679.519309][   T48] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  679.530322][   T48] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  679.545577][   T48] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  679.588890][   T48] usb 2-1: New USB device found, idVendor=04e8, idProduct=ff30, bcdDevice=a6.d1
[  679.598606][   T48] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  679.616942][   T48] usb 2-1: Product: syz
[  679.634029][   T48] usb 2-1: Manufacturer: syz
[  679.638670][   T48] usb 2-1: SerialNumber: syz
[  679.667089][   T48] usb 2-1: config 0 descriptor??
[  681.303597][   T48] rc_core: IR keymap rc-imon-rsc not found
[  681.337128][   T48] Registered IR keymap rc-empty
[  681.389381][   T48] rc rc0: iMON Station as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[  681.466649][   T48] input: iMON Station as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input29
[  681.512752][   T48] imon_raw 2-1:0.0: probe with driver imon_raw failed with error -90
[  681.652771][   T48] usb 2-1: USB disconnect, device number 39
[  682.804029][T11918] binder: 11917:11918 ioctl 4018620d 0 returned -22
[  683.939732][T11928] netlink: 888 bytes leftover after parsing attributes in process `syz.1.1564'.
[  683.948991][T11928] netlink: 137 bytes leftover after parsing attributes in process `syz.1.1564'.
[  683.958051][T11928] sch_tbf: burst 720 is lower than device lo mtu (65550) !
[  685.771426][T11945] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  685.782590][T11945] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  685.889688][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  685.895994][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  685.933134][T11948] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1567'.
[  687.049877][T11952] netlink: 888 bytes leftover after parsing attributes in process `syz.0.1571'.
[  687.058971][T11952] netlink: 137 bytes leftover after parsing attributes in process `syz.0.1571'.
[  687.067993][T11952] sch_tbf: burst 720 is lower than device lo mtu (65550) !
[  687.141053][T11950] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  691.001189][T11993] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  691.012244][T11993] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  691.585314][T11999] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  691.606989][T11999] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1587'.
[  692.425076][T12005] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  692.436163][T12005] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  694.444440][T12025] netlink: 888 bytes leftover after parsing attributes in process `syz.4.1593'.
[  694.453760][T12025] netlink: 137 bytes leftover after parsing attributes in process `syz.4.1593'.
[  698.881628][T12056] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  699.056131][T12061] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  699.131021][T12056] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1600'.
[  700.060880][T12070] vlan2: entered promiscuous mode
[  702.038001][T12098] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  702.049092][T12098] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  705.165827][T12119] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  705.176929][T12119] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  706.115475][T12124] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  706.126551][T12124] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  707.272527][T12132] netlink: 888 bytes leftover after parsing attributes in process `syz.2.1620'.
[  707.281642][T12132] netlink: 137 bytes leftover after parsing attributes in process `syz.2.1620'.
[  707.290692][T12132] sch_tbf: burst 720 is lower than device lo mtu (65550) !
[  712.074516][T12177] netlink: 888 bytes leftover after parsing attributes in process `syz.4.1632'.
[  712.083715][T12177] netlink: 137 bytes leftover after parsing attributes in process `syz.4.1632'.
[  713.419627][T12184] netlink: 888 bytes leftover after parsing attributes in process `syz.3.1634'.
[  713.429295][T12184] netlink: 137 bytes leftover after parsing attributes in process `syz.3.1634'.
[  713.438380][T12184] sch_tbf: burst 720 is lower than device lo mtu (65550) !
[  715.379448][ T5944] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  715.632503][ T5944] usb 4-1: Using ep0 maxpacket: 16
[  715.693208][ T5944] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  715.709138][ T5944] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  715.721079][ T5944] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  715.736628][ T5944] usb 4-1: New USB device found, idVendor=045e, idProduct=9994, bcdDevice=fc.3c
[  715.810763][ T5944] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  715.829870][ T5944] usb 4-1: config 0 descriptor??
[  717.303133][ T5944] hid-generic 0003:045E:9994.0003: unknown main item tag 0x2
[  717.322589][ T5944] hid-generic 0003:045E:9994.0003: unknown main item tag 0x0
[  717.330829][ T5944] hid-generic 0003:045E:9994.0003: unknown main item tag 0x0
[  717.338224][ T5944] hid-generic 0003:045E:9994.0003: unknown main item tag 0x0
[  717.346819][ T5944] hid-generic 0003:045E:9994.0003: unknown main item tag 0x0
[  717.354415][ T5944] hid-generic 0003:045E:9994.0003: unknown main item tag 0x0
[  717.362649][ T5944] hid-generic 0003:045E:9994.0003: unknown main item tag 0x0
[  717.370245][ T5944] hid-generic 0003:045E:9994.0003: unknown main item tag 0x0
[  717.377678][ T5944] hid-generic 0003:045E:9994.0003: unknown main item tag 0x0
[  717.472285][ T5944] hid-generic 0003:045E:9994.0003: unknown main item tag 0x0
[  717.488857][ T5944] hid-generic 0003:045E:9994.0003: unknown main item tag 0x0
[  717.493120][T12215] binder: 12214:12215 ioctl c0306201 200000000240 returned -11
[  717.498837][ T5944] hid-generic 0003:045E:9994.0003: unknown main item tag 0x0
[  717.537305][ T5944] hid-generic 0003:045E:9994.0003: unknown main item tag 0x0
[  717.574878][ T5944] hid-generic 0003:045E:9994.0003: unknown main item tag 0x0
[  717.699505][ T5944] hid-generic 0003:045E:9994.0003: unknown main item tag 0x0
[  717.707101][ T5944] hid-generic 0003:045E:9994.0003: unknown main item tag 0x0
[  717.715439][ T5944] hid-generic 0003:045E:9994.0003: unknown main item tag 0x0
[  717.724314][ T5944] hid-generic 0003:045E:9994.0003: unknown main item tag 0x0
[  717.732816][ T5944] hid-generic 0003:045E:9994.0003: unknown main item tag 0x0
[  717.742160][ T5944] hid-generic 0003:045E:9994.0003: unknown main item tag 0x0
[  717.804917][T12222] netlink: 888 bytes leftover after parsing attributes in process `syz.2.1646'.
[  717.814069][T12222] netlink: 137 bytes leftover after parsing attributes in process `syz.2.1646'.
[  717.823143][T12222] sch_tbf: burst 720 is lower than device lo mtu (65550) !
[  718.219320][ T5944] hid-generic 0003:045E:9994.0003: unknown main item tag 0x0
[  718.285571][ T5944] hid-generic 0003:045E:9994.0003: unknown main item tag 0x0
[  718.337925][ T5944] hid-generic 0003:045E:9994.0003: unbalanced collection at end of report description
[  718.398098][ T5944] hid-generic 0003:045E:9994.0003: probe with driver hid-generic failed with error -22
[  718.527064][ T5944] usb 4-1: USB disconnect, device number 28
[  718.669460][T12226] binder: 12225:12226 ioctl c0306201 200000000240 returned -11
[  719.872651][T12248] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1653'.
[  720.775959][T12251] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1656'.
[  721.286714][T12262] netlink: 888 bytes leftover after parsing attributes in process `syz.1.1659'.
[  721.295879][T12262] netlink: 137 bytes leftover after parsing attributes in process `syz.1.1659'.
[  721.305138][T12262] sch_tbf: burst 720 is lower than device lo mtu (65550) !
[  721.429531][T12253] netlink: 888 bytes leftover after parsing attributes in process `syz.2.1658'.
[  721.438684][T12253] netlink: 137 bytes leftover after parsing attributes in process `syz.2.1658'.
[  721.447725][T12253] sch_tbf: burst 720 is lower than device lo mtu (65550) !
[  722.689346][ T5899] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  722.858859][ T5899] usb 4-1: Using ep0 maxpacket: 32
[  722.865691][ T5899] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  722.878447][ T5899] usb 4-1: config 0 interface 0 has no altsetting 0
[  723.705309][T12290] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  723.716409][T12290] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  723.731150][T12290] usb usb1: check_ctrlrecip: process 12290 (syz.2.1667) requesting ep 01 but needs 81
[  724.752216][ T5899] usb 4-1: New USB device found, idVendor=046d, idProduct=c50c, bcdDevice= 0.00
[  724.778943][ T5899] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  724.823279][ T5899] usb 4-1: config 0 descriptor??
[  725.298348][ T5899] usbhid 4-1:0.0: can't add hid device: -71
[  725.304541][ T5899] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  725.320761][ T5899] usb 4-1: USB disconnect, device number 29
[  726.857479][T12314] netlink: 888 bytes leftover after parsing attributes in process `syz.3.1672'.
[  726.866738][T12314] netlink: 137 bytes leftover after parsing attributes in process `syz.3.1672'.
[  726.875831][T12314] sch_tbf: burst 720 is lower than device lo mtu (65550) !
[  729.480075][T12321] netlink: 888 bytes leftover after parsing attributes in process `syz.3.1675'.
[  729.489138][T12321] netlink: 137 bytes leftover after parsing attributes in process `syz.3.1675'.
[  729.498132][T12321] sch_tbf: burst 720 is lower than device lo mtu (65550) !
[  730.816914][T12336] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1678'.
[  731.226642][T12328] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  731.495267][T12348] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  731.506654][T12348] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  731.761679][T12348] usb usb1: check_ctrlrecip: process 12348 (syz.1.1680) requesting ep 01 but needs 81
[  731.984653][T12351] binder: 12349:12351 ioctl c0306201 0 returned -14
[  732.412025][T12354] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  732.686291][T12354] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  732.738401][T12361] usb usb1: check_ctrlrecip: process 12361 (syz.0.1676) requesting ep 01 but needs 81
[  733.930147][T12370] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1687'.
[  734.318605][   T92] usb 2-1: new full-speed USB device number 40 using dummy_hcd
[  734.866235][T12367] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  735.109128][   T92] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  735.120211][   T92] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  735.134372][   T92] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  735.146380][   T92] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  735.676172][T12380] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  735.876496][   T92] usb 2-1: usb_control_msg returned -32
[  735.885400][   T92] usbtmc 2-1:16.0: can't read capabilities
[  736.290255][T12391] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1686'.
[  736.391656][T12391] usbtmc 2-1:16.0: usbtmc_ioctl_request failed -32
[  736.400191][   T92] usb 2-1: USB disconnect, device number 40
[  736.988778][T12400] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  737.026196][T12402] usb usb1: check_ctrlrecip: process 12402 (syz.2.1693) requesting ep 01 but needs 81
[  737.222910][T12400] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  737.530695][T12409] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  740.441595][T12414] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  740.777743][T12422] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1699'.
[  743.274874][T12444] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  743.846103][T12448] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  743.857172][T12448] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  743.900693][T12448] usb usb1: check_ctrlrecip: process 12448 (syz.1.1703) requesting ep 01 but needs 81
[  743.916028][ T5944] usb 4-1: new full-speed USB device number 30 using dummy_hcd
[  744.387934][ T5944] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  744.461523][ T5944] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  744.571294][ T5944] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  744.659590][ T5944] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  745.057079][T12454] overlayfs: failed to resolve './file1': -2
[  745.437905][ T5944] usb 4-1: usb_control_msg returned -71
[  745.446173][ T5944] usbtmc 4-1:16.0: can't read capabilities
[  745.535510][ T5944] usb 4-1: USB disconnect, device number 30
[  746.759645][T12474] syz_tun: entered promiscuous mode
[  746.765128][T12474] macsec1: entered promiscuous mode
[  746.770974][T12474] macsec1: entered allmulticast mode
[  746.776282][T12474] syz_tun: entered allmulticast mode
[  746.810010][T12474] syz_tun: left allmulticast mode
[  746.815728][T12474] syz_tun: left promiscuous mode
[  746.846796][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  746.853288][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  750.181099][T12493] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  750.192211][T12493] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  750.222363][T12493] usb usb1: check_ctrlrecip: process 12493 (syz.2.1713) requesting ep 01 but needs 81
[  750.529003][   T92] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  750.884085][   T92] usb 4-1: Using ep0 maxpacket: 16
[  751.643632][   T92] usb 4-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[  751.789392][   T92] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  751.880417][T12511] overlayfs: failed to resolve './file1': -2
[  751.968630][T12512] usb usb1: check_ctrlrecip: process 12512 (syz.1.1720) requesting ep 01 but needs 81
[  752.229503][   T92] usb 4-1: config 0 descriptor??
[  752.250720][   T92] gspca_main: sonixj-2.14.0 probing 0471:0327
[  752.600560][T12516] usb usb1: check_ctrlrecip: process 12516 (syz.4.1721) requesting ep 01 but needs 81
[  754.710316][   T92] gspca_sonixj: i2c_w8 err -110
[  754.748947][   T92] sonixj 4-1:0.0: probe with driver sonixj failed with error -110
[  754.771727][ T5899] usb 4-1: USB disconnect, device number 31
[  754.873343][T12526] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  756.341249][T12541] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1727'.
[  756.709996][T12546] syz_tun: entered promiscuous mode
[  756.715485][T12546] macsec1: entered promiscuous mode
[  756.721447][T12546] macsec1: entered allmulticast mode
[  756.726759][T12546] syz_tun: entered allmulticast mode
[  757.560550][ T5899] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  758.808874][ T5899] usb 4-1: Using ep0 maxpacket: 8
[  759.435930][T12546] syz_tun: left allmulticast mode
[  759.441254][T12546] syz_tun: left promiscuous mode
[  759.613804][ T5899] usb 4-1: device descriptor read/all, error -71
[  759.870485][T12554] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  760.657163][T12566] syz_tun: entered promiscuous mode
[  760.662695][T12566] macsec1: entered promiscuous mode
[  760.668023][T12566] macsec1: entered allmulticast mode
[  760.673351][T12566] syz_tun: entered allmulticast mode
[  761.559215][T12566] syz_tun: left allmulticast mode
[  761.565156][T12566] syz_tun: left promiscuous mode
[  762.001240][T12570] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  762.012308][T12570] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  762.044872][T12570] usb usb1: check_ctrlrecip: process 12570 (syz.2.1734) requesting ep 01 but needs 81
[  762.561879][T12577] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1737'.
[  766.853891][T12606] overlayfs: overlapping lowerdir path
[  766.865528][T12606] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  766.881206][T12606] usb usb1: check_ctrlrecip: process 12606 (syz.1.1744) requesting ep 01 but needs 81
[  767.584647][T12615] usb usb1: check_ctrlrecip: process 12615 (syz.2.1747) requesting ep 01 but needs 81
[  768.403299][T12616] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1746'.
[  768.994942][T12629] syz_tun: entered promiscuous mode
[  769.000417][T12629] macsec1: entered promiscuous mode
[  769.006269][T12629] macsec1: entered allmulticast mode
[  769.011604][T12629] syz_tun: entered allmulticast mode
[  770.856986][T12629] syz_tun: left allmulticast mode
[  770.866906][T12629] syz_tun: left promiscuous mode
[  771.826589][T12626] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  771.838429][T12626] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1750'.
[  773.151143][T12646] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  773.184328][T12646] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  773.201933][T12649] usb usb1: check_ctrlrecip: process 12649 (syz.4.1755) requesting ep 01 but needs 81
[  775.035192][T12664] overlayfs: failed to resolve './file1': -2
[  775.116890][T12665] usb usb1: check_ctrlrecip: process 12665 (syz.3.1758) requesting ep 01 but needs 81
[  779.111643][T12711] syz_tun: entered promiscuous mode
[  779.116974][T12711] macsec1: entered promiscuous mode
[  779.122381][T12711] macsec1: entered allmulticast mode
[  779.127717][T12711] syz_tun: entered allmulticast mode
[  780.039607][T12711] syz_tun: left allmulticast mode
[  780.045460][T12711] syz_tun: left promiscuous mode
[  782.171666][T12727] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  782.182756][T12727] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  782.213258][T12727] usb usb1: check_ctrlrecip: process 12727 (syz.3.1774) requesting ep 01 but needs 81
[  782.755823][T12731] syz_tun: entered promiscuous mode
[  782.761309][T12731] macsec1: entered promiscuous mode
[  782.767108][T12731] macsec1: entered allmulticast mode
[  782.772453][T12731] syz_tun: entered allmulticast mode
[  782.872022][T12731] syz_tun: left allmulticast mode
[  782.877736][T12731] syz_tun: left promiscuous mode
[  786.059503][T12743] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1778'.
[  787.838388][T12765] syz_tun: entered promiscuous mode
[  787.843733][T12765] macsec1: entered promiscuous mode
[  787.849091][T12765] macsec1: entered allmulticast mode
[  787.854379][T12765] syz_tun: entered allmulticast mode
[  787.864139][T12765] syz_tun: left allmulticast mode
[  787.870171][T12765] syz_tun: left promiscuous mode
[  788.479236][T12768] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  789.440289][T12778] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1788'.
[  795.820527][T12835] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  795.831852][T12835] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  796.076866][T12835] usb usb1: check_ctrlrecip: process 12835 (syz.0.1803) requesting ep 01 but needs 81
[  796.798560][T12844] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  796.809957][T12844] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  797.082922][T12844] usb usb1: check_ctrlrecip: process 12844 (syz.0.1806) requesting ep 01 but needs 81
[  799.415763][T12857] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  799.426845][T12857] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  799.469845][T12857] usb usb1: check_ctrlrecip: process 12857 (syz.1.1808) requesting ep 01 but needs 81
[  801.943250][T12867] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  801.955743][T12867] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  801.989042][T12867] usb usb1: check_ctrlrecip: process 12867 (syz.4.1811) requesting ep 01 but needs 81
[  802.118324][T12869] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1814'.
[  805.486440][T12900] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1812'.
[  806.078563][T12907] netlink: 888 bytes leftover after parsing attributes in process `syz.3.1818'.
[  806.087744][T12907] netlink: 137 bytes leftover after parsing attributes in process `syz.3.1818'.
[  806.096865][T12907] sch_tbf: burst 720 is lower than device lo mtu (65550) !
[  807.013809][T12918] syz_tun: entered promiscuous mode
[  807.019368][T12918] macsec1: entered promiscuous mode
[  807.025324][T12918] macsec1: entered allmulticast mode
[  807.030687][T12918] syz_tun: entered allmulticast mode
[  807.975696][T12918] syz_tun: left allmulticast mode
[  807.981852][T12918] syz_tun: left promiscuous mode
[  808.189404][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  808.195827][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  810.240416][T12920] [U] 
[  811.694206][T12921] [U] 
[  812.848897][T12962] netlink: 888 bytes leftover after parsing attributes in process `syz.1.1828'.
[  812.858017][T12962] netlink: 137 bytes leftover after parsing attributes in process `syz.1.1828'.
[  812.867136][T12962] sch_tbf: burst 720 is lower than device lo mtu (65550) !
[  813.518865][T12964] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1831'.
[  814.001696][T12955] [U] 
[  815.344253][T12985] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1834'.
[  816.471159][   T48] usb 5-1: new high-speed USB device number 43 using dummy_hcd
[  816.596448][T12996] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  816.607453][T12996] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  816.627959][T12996] usb usb1: check_ctrlrecip: process 12996 (syz.2.1838) requesting ep 01 but needs 81
[  816.698948][   T48] usb 5-1: Using ep0 maxpacket: 16
[  816.705502][   T48] usb 5-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[  816.717438][   T48] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  816.729066][  T880] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[  816.859574][   T48] usb 5-1: config 0 descriptor??
[  816.878894][   T48] gspca_main: sonixj-2.14.0 probing 0471:0327
[  816.890732][  T880] usb 2-1: Using ep0 maxpacket: 32
[  817.291849][  T880] usb 2-1: config 0 has an invalid interface number: 35 but max is 0
[  817.316856][   T30] audit: type=1400 audit(1751821862.315:403): avc:  denied  { create } for  pid=13000 comm="syz.0.1841" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  817.336490][  T880] usb 2-1: config 0 has no interface number 0
[  817.344044][   T30] audit: type=1400 audit(1751821862.345:404): avc:  denied  { bind } for  pid=13000 comm="syz.0.1841" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  817.350988][T13007] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1839'.
[  817.381174][  T880] usb 2-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f
[  817.391144][  T880] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  817.412569][  T880] usb 2-1: Product: syz
[  817.416774][  T880] usb 2-1: Manufacturer: syz
[  817.421705][  T880] usb 2-1: SerialNumber: syz
[  817.449182][  T880] usb 2-1: config 0 descriptor??
[  817.807427][T13014] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  818.066431][  T880] radio-si470x 2-1:0.35: this is not a si470x device.
[  818.345988][  T880] radio-raremono 2-1:0.35: Thanko's Raremono connected: (10C4:818A)
[  818.889026][   T48] gspca_sonixj: reg_w1 err -110
[  819.463274][   T48] sonixj 5-1:0.0: probe with driver sonixj failed with error -110
[  819.985002][ T5899] usb 5-1: USB disconnect, device number 43
[  820.205678][  T880] radio-raremono 2-1:0.35: raremono_cmd_main failed (-71)
[  820.357452][  T880] radio-raremono 2-1:0.35: V4L2 device registered as radio48
[  820.554477][  T880] usb 2-1: USB disconnect, device number 41
[  820.673035][  T880] radio-raremono 2-1:0.35: Thanko's Raremono disconnected
[  821.119054][ T5899] usb 5-1: new high-speed USB device number 44 using dummy_hcd
[  821.492590][ T5899] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  821.505788][ T5899] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  821.989974][T13039] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  822.001400][T13039] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  822.095328][T13039] usb usb1: check_ctrlrecip: process 13039 (syz.0.1850) requesting ep 01 but needs 81
[  822.516559][ T5899] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  822.543196][ T5899] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  822.573541][T13025] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  822.661873][ T5899] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  822.942623][T13025] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  822.958865][   T30] audit: type=1400 audit(1751821867.935:405): avc:  denied  { mount } for  pid=13024 comm="syz.4.1847" name="/" dev="rpc_pipefs" ino=33873 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1
[  823.073356][T13049] syz_tun: entered promiscuous mode
[  823.078940][T13049] macsec1: entered promiscuous mode
[  823.084968][T13049] macsec1: entered allmulticast mode
[  823.090298][T13049] syz_tun: entered allmulticast mode
[  824.920216][T13049] syz_tun: left allmulticast mode
[  824.925375][T13049] syz_tun: left promiscuous mode
[  825.098019][ T5944] usb 5-1: USB disconnect, device number 44
[  825.416391][   T30] audit: type=1400 audit(1751821870.405:406): avc:  denied  { create } for  pid=13056 comm="syz.0.1855" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  825.876188][   T30] audit: type=1400 audit(1751821870.415:407): avc:  denied  { bind } for  pid=13056 comm="syz.0.1855" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  825.928850][   T30] audit: type=1400 audit(1751821870.415:408): avc:  denied  { name_bind } for  pid=13056 comm="syz.0.1855" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1
[  826.043994][   T30] audit: type=1400 audit(1751821870.415:409): avc:  denied  { node_bind } for  pid=13056 comm="syz.0.1855" saddr=fe80::f src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[  826.223948][   T30] audit: type=1400 audit(1751821870.415:410): avc:  denied  { write } for  pid=13056 comm="syz.0.1855" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  826.278836][   T30] audit: type=1400 audit(1751821870.845:411): avc:  denied  { unmount } for  pid=5837 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1
[  826.479107][   T30] audit: type=1400 audit(1751821871.475:412): avc:  denied  { load_policy } for  pid=13069 comm="syz.1.1859" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  826.573680][T13072] pimreg: entered allmulticast mode
[  826.641618][T13072] netlink: 'syz.1.1859': attribute type 4 has an invalid length.
[  826.675136][T13070] SELinux: failed to load policy
[  826.733607][T13072] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1859'.
[  826.749185][   T30] audit: type=1400 audit(1751821871.745:413): avc:  denied  { kexec_image_load } for  pid=13069 comm="syz.1.1859" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[  826.797145][T13076] sp0: Synchronizing with TNC
[  826.979515][   T30] audit: type=1400 audit(1751821871.985:414): avc:  denied  { getopt } for  pid=13073 comm="syz.4.1861" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  827.056101][T13084] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  827.067281][T13084] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  827.099126][T13084] usb usb1: check_ctrlrecip: process 13084 (syz.3.1862) requesting ep 01 but needs 81
[  827.313120][T13086] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1865'.
[  827.326200][T13086] bridge0: port 2(bridge_slave_1) entered disabled state
[  827.362916][T13086] bridge_slave_1 (unregistering): left allmulticast mode
[  827.388969][T13086] bridge_slave_1 (unregistering): left promiscuous mode
[  827.398863][T13086] bridge0: port 2(bridge_slave_1) entered disabled state
[  827.658894][ T5899] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  828.041673][T13086] hfsplus: unable to find HFS+ superblock
[  828.150929][ T5899] usb 3-1: config 0 has an invalid interface number: 250 but max is 0
[  828.166168][ T5899] usb 3-1: config 0 has no interface number 0
[  828.177889][ T5899] usb 3-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[  828.208960][ T5899] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  828.283259][ T5899] usb 3-1: Product: syz
[  828.295458][ T5899] usb 3-1: Manufacturer: syz
[  828.318653][ T5899] usb 3-1: SerialNumber: syz
[  828.361662][ T5899] usb 3-1: config 0 descriptor??
[  828.595010][ T5899] usb-storage 3-1:0.250: USB Mass Storage device detected
[  828.784751][ T5944] usb 3-1: USB disconnect, device number 31
[  828.816845][   T30] audit: type=1400 audit(1751821873.815:415): avc:  denied  { append } for  pid=13114 comm="syz.4.1872" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  828.948760][   T30] audit: type=1400 audit(1751821873.945:416): avc:  denied  { read write } for  pid=13114 comm="syz.4.1872" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  828.979001][   T30] audit: type=1400 audit(1751821873.945:417): avc:  denied  { open } for  pid=13114 comm="syz.4.1872" path="/dev/cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  829.649159][T13127] overlayfs: overlapping lowerdir path
[  829.664967][T13124] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  829.681516][T13124] usb usb1: check_ctrlrecip: process 13124 (syz.2.1875) requesting ep 01 but needs 81
[  829.868014][T13134] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1879'.
[  829.884429][T13134] openvswitch: netlink: Missing key (keys=40, expected=80)
[  830.175994][ T5899] usb 5-1: new full-speed USB device number 45 using dummy_hcd
[  830.376985][ T5899] usb 5-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  830.402099][ T5899] usb 5-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[  830.440597][ T5899] usb 5-1: config 0 interface 0 has no altsetting 0
[  830.467018][ T5899] usb 5-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00
[  830.486389][ T5899] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  830.502964][ T5899] usb 5-1: config 0 descriptor??
[  830.950327][   T30] audit: type=1400 audit(1751821875.955:418): avc:  denied  { create } for  pid=13129 comm="syz.4.1878" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  831.042157][T13155] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1878'.
[  831.212801][  T880] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[  831.294635][ T5899] hid-steam 0003:28DE:1102.0004: hidraw0: USB HID v0.01 Device [HID 28de:1102] on usb-dummy_hcd.4-1/input0
[  831.324829][   T30] audit: type=1400 audit(1751821876.035:419): avc:  denied  { connect } for  pid=13129 comm="syz.4.1878" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  831.371908][ T5899] usb 5-1: USB disconnect, device number 45
[  831.466304][T13157] fido_id[13157]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  831.520144][  T880] usb 2-1: Using ep0 maxpacket: 16
[  831.541679][  T880] usb 2-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[  831.570414][  T880] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  831.704533][  T880] usb 2-1: config 0 descriptor??
[  831.717779][  T880] gspca_main: sonixj-2.14.0 probing 0471:0327
[  831.875793][   T30] audit: type=1400 audit(1751821876.855:420): avc:  denied  { write } for  pid=13162 comm="syz.0.1887" name="hwrng" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  831.960193][T13170] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  831.971358][T13170] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  832.003284][T13170] usb usb1: check_ctrlrecip: process 13170 (syz.3.1888) requesting ep 01 but needs 81
[  832.106032][T13173] capability: warning: `syz.2.1889' uses deprecated v2 capabilities in a way that may be insecure
[  833.198849][   T30] audit: type=1400 audit(1751821878.175:421): avc:  denied  { execute } for  pid=13185 comm="syz.0.1894" path="/380/blkio.bfq.io_wait_time_recursive" dev="tmpfs" ino=2114 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  833.237223][T13188] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1892'.
[  833.657105][T13186] futex_wake_op: syz.0.1894 tries to shift op by -1; fix this program
[  834.354090][  T880] gspca_sonixj: reg_r err -32
[  834.358991][  T880] sonixj 2-1:0.0: probe with driver sonixj failed with error -32
[  834.735945][  T880] usb 2-1: USB disconnect, device number 42
[  835.929796][   T30] audit: type=1400 audit(1751821880.925:422): avc:  denied  { ioctl } for  pid=13211 comm="syz.2.1900" path="socket:[35109]" dev="sockfs" ino=35109 ioctlcmd=0x7453 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  836.199183][ T5899] usb 3-1: new full-speed USB device number 32 using dummy_hcd
[  836.349707][ T5899] usb 3-1: device descriptor read/64, error -71
[  836.455462][   T30] audit: type=1400 audit(1751821881.455:423): avc:  denied  { write } for  pid=13230 comm="syz.1.1904" path="socket:[35134]" dev="sockfs" ino=35134 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  836.479410][T13236] Bluetooth: MGMT ver 1.23
[  836.761191][T13240] netlink: 'syz.3.1906': attribute type 10 has an invalid length.
[  836.779034][ T5899] usb 3-1: new full-speed USB device number 33 using dummy_hcd
[  836.822398][   T30] audit: type=1400 audit(1751821881.805:424): avc:  denied  { create } for  pid=13237 comm="syz.3.1906" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  836.908843][ T5899] usb 3-1: device descriptor read/64, error -71
[  837.015979][T13243] netdevsim netdevsim3 netdevsim0: entered allmulticast mode
[  837.023980][ T5899] usb usb3-port1: attempt power cycle
[  837.289198][   T30] audit: type=1400 audit(1751821882.185:425): avc:  denied  { ioctl } for  pid=13227 comm="syz.4.1903" path="socket:[34429]" dev="sockfs" ino=34429 ioctlcmd=0x8905 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  837.405156][ T5899] usb 3-1: new full-speed USB device number 34 using dummy_hcd
[  837.458170][ T5899] usb 3-1: device descriptor read/8, error -71
[  837.557848][T13249] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1909'.
[  837.719054][ T5899] usb 3-1: new full-speed USB device number 35 using dummy_hcd
[  837.760038][ T5899] usb 3-1: device descriptor read/8, error -71
[  837.785016][T13254] syz.4.1911 uses old SIOCAX25GETINFO
[  837.898307][T13254] overlayfs: missing 'lowerdir'
[  837.903602][T13257] overlayfs: missing 'lowerdir'
[  837.916972][   T30] audit: type=1400 audit(1751821882.895:426): avc:  denied  { mounton } for  pid=13253 comm="syz.4.1911" path="/399/file0" dev="ramfs" ino=34476 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=dir permissive=1
[  839.043678][   T30] audit: type=1400 audit(1751821884.045:427): avc:  denied  { unmount } for  pid=5837 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  839.099186][ T5899] usb usb3-port1: unable to enumerate USB device
[  839.291311][T13278] xt_hashlimit: max too large, truncated to 1048576
[  840.077286][   T30] audit: type=1400 audit(1751821885.075:428): avc:  denied  { unmount } for  pid=5837 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  840.149480][T13283] sd 0:0:1:0: PR command failed: 1026
[  840.163442][T13283] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  840.187005][   T30] audit: type=1400 audit(1751821885.145:429): avc:  denied  { read } for  pid=13282 comm="syz.0.1919" name="file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  840.235914][T13283] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  840.277030][   T30] audit: type=1400 audit(1751821885.145:430): avc:  denied  { open } for  pid=13282 comm="syz.0.1919" path="/384/file0/file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  840.299970][    C0] vkms_vblank_simulate: vblank timer overrun
[  840.420861][   T30] audit: type=1400 audit(1751821885.145:431): avc:  denied  { ioctl } for  pid=13282 comm="syz.0.1919" path="/384/file0/file0" dev="fuse" ino=0 ioctlcmd=0x70cb scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  842.520573][T13299] [U] 
[  843.665807][T13306] [U] 
[  844.903204][T13324] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1930'.
[  844.956529][T13324] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1930'.
[  845.349083][ T5944] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[  845.534344][ T5944] usb 4-1: Using ep0 maxpacket: 8
[  845.556288][ T5944] usb 4-1: config 0 has an invalid interface number: 186 but max is 0
[  845.576801][ T5944] usb 4-1: config 0 has no interface number 0
[  845.607950][ T5944] usb 4-1: config 0 interface 186 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  845.763726][ T5944] usb 4-1: config 0 interface 186 altsetting 0 has an endpoint descriptor with address 0x9A, changing to 0x8A
[  845.856944][ T5944] usb 4-1: config 0 interface 186 altsetting 0 endpoint 0x8A has invalid maxpacket 49152, setting to 1024
[  845.981623][ T5944] usb 4-1: config 0 interface 186 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  846.061191][ T5944] usb 4-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5
[  846.107344][ T5944] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  846.151284][ T5944] usb 4-1: Product: syz
[  846.155446][ T5944] usb 4-1: Manufacturer: syz
[  846.270964][ T5944] usb 4-1: SerialNumber: syz
[  846.285168][ T5944] usb 4-1: config 0 descriptor??
[  846.578703][T13348] syz_tun: entered promiscuous mode
[  846.584240][T13348] macsec1: entered promiscuous mode
[  846.589963][T13348] macsec1: entered allmulticast mode
[  846.595275][T13348] syz_tun: entered allmulticast mode
[  847.521726][T13348] syz_tun: left allmulticast mode
[  847.527269][T13348] syz_tun: left promiscuous mode
[  848.192017][ T5944] iowarrior 4-1:0.186: IOWarrior product=0x1505, serial= interface=186 now attached to iowarrior0
[  848.322484][ T5944] usb 4-1: USB disconnect, device number 34
[  848.840147][T13364] syz.2.1941 uses obsolete (PF_INET,SOCK_PACKET)
[  849.232745][ T5899] hid-generic 00A0:0006:0003.0005: unknown main item tag 0x0
[  849.248932][ T5899] hid-generic 00A0:0006:0003.0005: unknown main item tag 0x0
[  849.258167][ T5899] hid-generic 00A0:0006:0003.0005: unknown main item tag 0x0
[  849.268292][ T5899] hid-generic 00A0:0006:0003.0005: unknown main item tag 0x0
[  849.278408][ T5899] hid-generic 00A0:0006:0003.0005: unknown main item tag 0x0
[  849.286240][ T5899] hid-generic 00A0:0006:0003.0005: unknown main item tag 0x0
[  849.303801][ T5899] hid-generic 00A0:0006:0003.0005: unknown main item tag 0x0
[  849.335659][ T5899] hid-generic 00A0:0006:0003.0005: unknown main item tag 0x0
[  849.388907][ T5899] hid-generic 00A0:0006:0003.0005: unknown main item tag 0x0
[  849.425135][ T5899] hid-generic 00A0:0006:0003.0005: unknown main item tag 0x0
[  849.446331][ T5899] hid-generic 00A0:0006:0003.0005: unknown main item tag 0x0
[  849.483410][ T5899] hid-generic 00A0:0006:0003.0005: unknown main item tag 0x0
[  849.509600][ T5899] hid-generic 00A0:0006:0003.0005: unknown main item tag 0x0
[  849.678159][ T5899] hid-generic 00A0:0006:0003.0005: unknown main item tag 0x0
[  849.685848][ T5899] hid-generic 00A0:0006:0003.0005: unknown main item tag 0x0
[  849.700823][ T5899] hid-generic 00A0:0006:0003.0005: hidraw0: <UNKNOWN> HID v0.05 Device [syz1] on syz0
[  850.822947][T13386] fido_id[13386]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  851.593969][T13384] syz.3.1947 (13384): drop_caches: 2
[  851.710400][T13384] syz.3.1947 (13384): drop_caches: 2
[  851.824236][   T30] kauditd_printk_skb: 1 callbacks suppressed
[  851.824251][   T30] audit: type=1400 audit(1751821896.815:433): avc:  denied  { mounton } for  pid=13378 comm="syz.4.1948" path="/406/file0" dev="rpc_pipefs" ino=34665 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=dir permissive=1
[  852.089856][   T30] audit: type=1400 audit(1751821897.015:434): avc:  denied  { setopt } for  pid=13374 comm="syz.3.1947" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  852.678893][    T9] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  852.855010][    T9] usb 3-1: config 17 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  852.928619][    T9] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  852.989017][    T9] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  853.051000][    T9] usb 3-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  853.101496][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  853.146729][T13396] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  854.769763][T13388] Set syz1 is full, maxelem 65536 reached
[  855.615917][    T9] aiptek 3-1:17.0: Aiptek using 400 ms programming speed
[  855.742627][    T9] input: Aiptek as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:17.0/input/input30
[  856.051428][   T30] audit: type=1400 audit(1751821901.045:435): avc:  denied  { create } for  pid=13413 comm="syz.1.1958" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  856.162479][T13420] FAULT_INJECTION: forcing a failure.
[  856.162479][T13420] name failslab, interval 1, probability 0, space 0, times 1
[  856.188690][   T30] audit: type=1400 audit(1751821901.115:436): avc:  denied  { connect } for  pid=13413 comm="syz.1.1958" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  856.228998][T13420] CPU: 1 UID: 0 PID: 13420 Comm: syz.1.1958 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) 
[  856.229022][T13420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  856.229031][T13420] Call Trace:
[  856.229037][T13420]  <TASK>
[  856.229043][T13420]  dump_stack_lvl+0x16c/0x1f0
[  856.229072][T13420]  should_fail_ex+0x512/0x640
[  856.229095][T13420]  ? fs_reclaim_acquire+0xae/0x150
[  856.229115][T13420]  should_failslab+0xc2/0x120
[  856.229141][T13420]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  856.229165][T13420]  ? security_inode_alloc+0x3b/0x2b0
[  856.229190][T13420]  security_inode_alloc+0x3b/0x2b0
[  856.229213][T13420]  inode_init_always_gfp+0xce4/0x1030
[  856.229242][T13420]  alloc_inode+0x86/0x240
[  856.229260][T13420]  sock_alloc+0x40/0x280
[  856.229286][T13420]  do_accept+0xf7/0x530
[  856.229313][T13420]  ? do_raw_spin_lock+0x12c/0x2b0
[  856.229334][T13420]  ? __pfx_do_accept+0x10/0x10
[  856.229370][T13420]  __sys_accept4+0x100/0x1c0
[  856.229391][T13420]  ? __pfx___sys_accept4+0x10/0x10
[  856.229411][T13420]  ? __pfx_ksys_write+0x10/0x10
[  856.229438][T13420]  __x64_sys_accept4+0x96/0x100
[  856.229457][T13420]  ? lockdep_hardirqs_on+0x7c/0x110
[  856.229481][T13420]  do_syscall_64+0xcd/0x4c0
[  856.229509][T13420]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  856.229527][T13420] RIP: 0033:0x7f5298d8e929
[  856.229541][T13420] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  856.229556][T13420] RSP: 002b:00007f5299b67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000120
[  856.229573][T13420] RAX: ffffffffffffffda RBX: 00007f5298fb6080 RCX: 00007f5298d8e929
[  856.229584][T13420] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000008
[  856.229594][T13420] RBP: 00007f5299b67090 R08: 0000000000000000 R09: 0000000000000000
[  856.229604][T13420] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  856.229613][T13420] R13: 0000000000000000 R14: 00007f5298fb6080 R15: 00007ffcfb357fa8
[  856.229637][T13420]  </TASK>
[  856.583377][   T30] audit: type=1400 audit(1751821901.165:437): avc:  denied  { listen } for  pid=13413 comm="syz.1.1958" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  856.689177][T13424] syz_tun: entered promiscuous mode
[  856.694607][T13424] macsec1: entered promiscuous mode
[  856.700191][T13424] macsec1: entered allmulticast mode
[  856.705489][T13424] syz_tun: entered allmulticast mode
[  856.892960][   T92] usb 3-1: USB disconnect, device number 36
[  856.892975][    C0] aiptek 3-1:17.0: aiptek_irq - usb_submit_urb failed with result -19
[  858.566794][T13424] syz_tun: left allmulticast mode
[  858.572076][T13424] syz_tun: left promiscuous mode
[  858.655041][T13427] FAULT_INJECTION: forcing a failure.
[  858.655041][T13427] name failslab, interval 1, probability 0, space 0, times 0
[  858.684227][T13427] CPU: 0 UID: 0 PID: 13427 Comm: syz.2.1960 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) 
[  858.684251][T13427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  858.684261][T13427] Call Trace:
[  858.684267][T13427]  <TASK>
[  858.684274][T13427]  dump_stack_lvl+0x16c/0x1f0
[  858.684303][T13427]  should_fail_ex+0x512/0x640
[  858.684336][T13427]  should_failslab+0xc2/0x120
[  858.684361][T13427]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  858.684385][T13427]  ? skb_clone+0x190/0x3f0
[  858.684413][T13427]  skb_clone+0x190/0x3f0
[  858.684437][T13427]  netlink_deliver_tap+0xabd/0xd30
[  858.684469][T13427]  netlink_unicast+0x5df/0x7f0
[  858.684490][T13427]  ? __pfx_netlink_unicast+0x10/0x10
[  858.684515][T13427]  netlink_sendmsg+0x8d1/0xdd0
[  858.684537][T13427]  ? __pfx_netlink_sendmsg+0x10/0x10
[  858.684564][T13427]  ____sys_sendmsg+0xa95/0xc70
[  858.684583][T13427]  ? copy_msghdr_from_user+0x10a/0x160
[  858.684607][T13427]  ? __pfx_____sys_sendmsg+0x10/0x10
[  858.684636][T13427]  ___sys_sendmsg+0x134/0x1d0
[  858.684661][T13427]  ? __pfx____sys_sendmsg+0x10/0x10
[  858.684682][T13427]  ? __lock_acquire+0x622/0x1c90
[  858.684732][T13427]  __sys_sendmsg+0x16d/0x220
[  858.684756][T13427]  ? __pfx___sys_sendmsg+0x10/0x10
[  858.684796][T13427]  do_syscall_64+0xcd/0x4c0
[  858.684824][T13427]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  858.684842][T13427] RIP: 0033:0x7f79efd8e929
[  858.684856][T13427] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  858.684872][T13427] RSP: 002b:00007f79f0bc3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  858.684890][T13427] RAX: ffffffffffffffda RBX: 00007f79effb5fa0 RCX: 00007f79efd8e929
[  858.684899][T13427] RDX: 0000000020000010 RSI: 0000200000001000 RDI: 0000000000000003
[  858.684908][T13427] RBP: 00007f79f0bc3090 R08: 0000000000000000 R09: 0000000000000000
[  858.684916][T13427] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  858.684924][T13427] R13: 0000000000000000 R14: 00007f79effb5fa0 R15: 00007ffffc7a5a18
[  858.684944][T13427]  </TASK>
[  859.091589][T13429] Device name cannot be null; rc = [-22]
[  859.704907][T13441] netlink: 888 bytes leftover after parsing attributes in process `syz.3.1962'.
[  859.714045][T13441] netlink: 137 bytes leftover after parsing attributes in process `syz.3.1962'.
[  859.723142][T13441] sch_tbf: burst 720 is lower than device lo mtu (65550) !
[  860.238537][   T30] audit: type=1400 audit(1751821905.145:438): avc:  denied  { ioctl } for  pid=13434 comm="syz.2.1964" path="socket:[34754]" dev="sockfs" ino=34754 ioctlcmd=0x660f scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  860.390299][   T30] audit: type=1400 audit(1751821905.145:439): avc:  denied  { setopt } for  pid=13434 comm="syz.2.1964" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  860.410099][   T30] audit: type=1400 audit(1751821905.175:440): avc:  denied  { remount } for  pid=13434 comm="syz.2.1964" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  860.942084][T13454] overlayfs: overlapping lowerdir path
[  861.022819][T13455] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  861.052550][T13455] usb usb1: check_ctrlrecip: process 13455 (syz.2.1967) requesting ep 01 but needs 81
[  861.601592][   T30] audit: type=1400 audit(1751821906.515:441): avc:  denied  { append } for  pid=13452 comm="syz.4.1968" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  862.099504][T13463] FAULT_INJECTION: forcing a failure.
[  862.099504][T13463] name failslab, interval 1, probability 0, space 0, times 0
[  862.112326][T13463] CPU: 0 UID: 0 PID: 13463 Comm: syz.2.1969 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) 
[  862.112340][T13463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  862.112347][T13463] Call Trace:
[  862.112351][T13463]  <TASK>
[  862.112355][T13463]  dump_stack_lvl+0x16c/0x1f0
[  862.112374][T13463]  should_fail_ex+0x512/0x640
[  862.112390][T13463]  ? fs_reclaim_acquire+0xae/0x150
[  862.112403][T13463]  should_failslab+0xc2/0x120
[  862.112420][T13463]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  862.112435][T13463]  ? security_inode_alloc+0x3b/0x2b0
[  862.112452][T13463]  security_inode_alloc+0x3b/0x2b0
[  862.112473][T13463]  inode_init_always_gfp+0xce4/0x1030
[  862.112492][T13463]  alloc_inode+0x86/0x240
[  862.112504][T13463]  sock_alloc+0x40/0x280
[  862.112522][T13463]  do_accept+0xf7/0x530
[  862.112535][T13463]  ? do_raw_spin_lock+0x12c/0x2b0
[  862.112549][T13463]  ? __pfx_do_accept+0x10/0x10
[  862.112570][T13463]  __sys_accept4+0x100/0x1c0
[  862.112583][T13463]  ? __pfx___sys_accept4+0x10/0x10
[  862.112596][T13463]  ? __pfx_ksys_write+0x10/0x10
[  862.112613][T13463]  __x64_sys_accept4+0x96/0x100
[  862.112625][T13463]  ? lockdep_hardirqs_on+0x7c/0x110
[  862.112641][T13463]  do_syscall_64+0xcd/0x4c0
[  862.112658][T13463]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  862.112670][T13463] RIP: 0033:0x7f79efd8e929
[  862.112679][T13463] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  862.112690][T13463] RSP: 002b:00007f79f0bc3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000120
[  862.112700][T13463] RAX: ffffffffffffffda RBX: 00007f79effb5fa0 RCX: 00007f79efd8e929
[  862.112706][T13463] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000008
[  862.112712][T13463] RBP: 00007f79f0bc3090 R08: 0000000000000000 R09: 0000000000000000
[  862.112718][T13463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  862.112724][T13463] R13: 0000000000000000 R14: 00007f79effb5fa0 R15: 00007ffffc7a5a18
[  862.112738][T13463]  </TASK>
[  862.347616][   T30] audit: type=1400 audit(1751821907.105:442): avc:  denied  { bind } for  pid=13461 comm="syz.2.1969" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  862.678946][T13472] sd 0:0:1:0: PR command failed: 1026
[  862.684499][T13472] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  862.691516][T13472] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  862.723463][T13470] tipc: Started in network mode
[  862.815687][T13470] tipc: Node identity eaae332ba3b2, cluster identity 4711
[  862.949139][T13470] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  862.957317][T13470] syzkaller0: mtu greater than device maximum
[  863.048174][T13469] tipc: Disabling bearer <eth:syzkaller0>
[  864.393815][   T30] audit: type=1400 audit(1751821909.395:443): avc:  denied  { accept } for  pid=13480 comm="syz.3.1976" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  864.671285][T13498] overlayfs: overlapping lowerdir path
[  864.754099][T13499] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  864.783413][T13499] usb usb1: check_ctrlrecip: process 13499 (syz.1.1979) requesting ep 01 but needs 81
[  865.022129][ T5944] usb 3-1: new full-speed USB device number 37 using dummy_hcd
[  865.147139][T13506] netlink: 'syz.0.1982': attribute type 1 has an invalid length.
[  865.172463][T13506] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1982'.
[  865.182870][T13506] netlink: 'syz.0.1982': attribute type 1 has an invalid length.
[  865.190676][T13506] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1982'.
[  865.193821][ T5944] usb 3-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77
[  865.210660][ T5944] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  865.218650][ T5944] usb 3-1: Product: syz
[  865.223074][T13508] netlink: 'syz.0.1982': attribute type 1 has an invalid length.
[  865.235055][ T5944] usb 3-1: Manufacturer: syz
[  865.242764][ T5944] usb 3-1: SerialNumber: syz
[  865.263782][ T5944] usb 3-1: config 0 descriptor??
[  865.282100][ T5944] gspca_main: sq905-2.14.0 probing 2770:9120
[  865.300210][T13511] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  865.315881][T13511] batman_adv: batadv0: Removing interface: batadv_slave_0
[  865.340206][T13511] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  865.354868][T13511] batman_adv: batadv0: Removing interface: batadv_slave_1
[  865.395577][   T30] audit: type=1400 audit(1751821910.335:444): avc:  denied  { create } for  pid=13512 comm="syz.0.1984" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  865.562548][T13516] sp0: Synchronizing with TNC
[  865.649819][   T30] audit: type=1400 audit(1751821910.335:445): avc:  denied  { ioctl } for  pid=13512 comm="syz.0.1984" path="socket:[35738]" dev="sockfs" ino=35738 ioctlcmd=0x1501 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  865.812317][T13510] [U] è
[  866.176993][ T5899] usb 5-1: new full-speed USB device number 46 using dummy_hcd
[  866.357540][ T5899] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  866.369432][ T5899] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  866.383407][ T5899] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  866.392516][ T5899] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  866.618252][   T30] audit: type=1400 audit(1751821911.615:446): avc:  denied  { getopt } for  pid=13530 comm="syz.1.1991" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  866.695337][ T5899] usb 5-1: usb_control_msg returned -32
[  866.706426][ T5899] usbtmc 5-1:16.0: can't read capabilities
[  866.987992][ T5944] gspca_sq905: bulk read fail (-22) len 0/4
[  866.994028][ T5944] sq905 3-1:0.0: probe with driver sq905 failed with error -5
[  867.004545][ T5944] usb 3-1: USB disconnect, device number 37
[  867.046564][T13536] usbtmc 5-1:16.0: usbtmc_ioctl_request failed -32
[  867.054361][   T92] usb 5-1: USB disconnect, device number 46
[  867.348212][   T30] audit: type=1400 audit(1751821912.345:447): avc:  denied  { append } for  pid=13542 comm="syz.3.1993" name="sg0" dev="devtmpfs" ino=758 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  867.374411][   T30] audit: type=1400 audit(1751821912.345:448): avc:  denied  { ioctl } for  pid=13542 comm="syz.3.1993" path="/dev/sg0" dev="devtmpfs" ino=758 ioctlcmd=0x1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  867.441675][T13538] [U] 
[  867.745296][T13559] netlink: 504 bytes leftover after parsing attributes in process `syz.3.1997'.
[  867.892517][T13562] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1997'.
[  868.406512][T13561] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  869.125463][   T30] audit: type=1400 audit(1751821914.125:449): avc:  denied  { map } for  pid=13577 comm="syz.0.2001" path="/dev/dri/card1" dev="devtmpfs" ino=628 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  869.192876][   T30] audit: type=1400 audit(1751821914.155:450): avc:  denied  { execute } for  pid=13577 comm="syz.0.2001" path="/dev/dri/card1" dev="devtmpfs" ino=628 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  869.622162][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  869.628545][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  869.941644][T13589] [U] 
[  870.062910][T13597] binder_alloc: 13584: binder_alloc_buf, no vma
[  870.629840][T13600] FAULT_INJECTION: forcing a failure.
[  870.629840][T13600] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  870.754758][T13600] CPU: 0 UID: 0 PID: 13600 Comm: syz.4.2007 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) 
[  870.754776][T13600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  870.754782][T13600] Call Trace:
[  870.754786][T13600]  <TASK>
[  870.754790][T13600]  dump_stack_lvl+0x16c/0x1f0
[  870.754811][T13600]  should_fail_ex+0x512/0x640
[  870.754829][T13600]  _copy_to_user+0x32/0xd0
[  870.754847][T13600]  simple_read_from_buffer+0xcb/0x170
[  870.754865][T13600]  proc_fail_nth_read+0x197/0x270
[  870.754880][T13600]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  870.754896][T13600]  ? rw_verify_area+0xcf/0x680
[  870.754912][T13600]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  870.754934][T13600]  vfs_read+0x1e1/0xc60
[  870.754954][T13600]  ? __pfx___mutex_lock+0x10/0x10
[  870.754971][T13600]  ? __pfx_vfs_read+0x10/0x10
[  870.754989][T13600]  ? __fget_files+0x20e/0x3c0
[  870.755010][T13600]  ksys_read+0x12a/0x250
[  870.755024][T13600]  ? __pfx_ksys_read+0x10/0x10
[  870.755042][T13600]  do_syscall_64+0xcd/0x4c0
[  870.755061][T13600]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  870.755072][T13600] RIP: 0033:0x7f54cad8d33c
[  870.755081][T13600] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  870.755091][T13600] RSP: 002b:00007f54cbc93030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  870.755102][T13600] RAX: ffffffffffffffda RBX: 00007f54cafb5fa0 RCX: 00007f54cad8d33c
[  870.755109][T13600] RDX: 000000000000000f RSI: 00007f54cbc930a0 RDI: 0000000000000003
[  870.755115][T13600] RBP: 00007f54cbc93090 R08: 0000000000000000 R09: 0000000000000000
[  870.755122][T13600] R10: 000000000000003a R11: 0000000000000246 R12: 0000000000000001
[  870.755128][T13600] R13: 0000000000000000 R14: 00007f54cafb5fa0 R15: 00007ffcf77279a8
[  870.755141][T13600]  </TASK>
[  870.943701][T13603] unknown channel width for channel at 909000KHz?
[  870.950294][T13603] unknown channel width for channel at 909000KHz?
[  870.956679][T13603] unknown channel width for channel at 909000KHz?
[  871.239472][T13609] FAULT_INJECTION: forcing a failure.
[  871.239472][T13609] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  871.368846][T13609] CPU: 1 UID: 0 PID: 13609 Comm: syz.4.2012 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) 
[  871.368873][T13609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  871.368882][T13609] Call Trace:
[  871.368888][T13609]  <TASK>
[  871.368895][T13609]  dump_stack_lvl+0x16c/0x1f0
[  871.368925][T13609]  should_fail_ex+0x512/0x640
[  871.368953][T13609]  _copy_to_user+0x32/0xd0
[  871.368979][T13609]  video_usercopy+0xf3e/0x1720
[  871.369006][T13609]  ? __pfx___video_do_ioctl+0x10/0x10
[  871.369028][T13609]  ? selinux_kernel_read_file+0xd0/0x130
[  871.369053][T13609]  ? __pfx_video_usercopy+0x10/0x10
[  871.369093][T13609]  v4l2_ioctl+0x1ba/0x250
[  871.369114][T13609]  ? __pfx_v4l2_ioctl+0x10/0x10
[  871.369137][T13609]  __x64_sys_ioctl+0x18e/0x210
[  871.369161][T13609]  do_syscall_64+0xcd/0x4c0
[  871.369189][T13609]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  871.369207][T13609] RIP: 0033:0x7f54cad8e929
[  871.369221][T13609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  871.369238][T13609] RSP: 002b:00007f54cbc93038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  871.369255][T13609] RAX: ffffffffffffffda RBX: 00007f54cafb5fa0 RCX: 00007f54cad8e929
[  871.369266][T13609] RDX: 0000200000000040 RSI: 00000000c0405602 RDI: 0000000000000003
[  871.369276][T13609] RBP: 00007f54cbc93090 R08: 0000000000000000 R09: 0000000000000000
[  871.369287][T13609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  871.369297][T13609] R13: 0000000000000000 R14: 00007f54cafb5fa0 R15: 00007ffcf77279a8
[  871.369320][T13609]  </TASK>
[  871.540785][    C1] vkms_vblank_simulate: vblank timer overrun
[  874.478820][   T92] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[  874.645844][   T30] audit: type=1400 audit(1751821919.645:451): avc:  denied  { write } for  pid=13640 comm="syz.1.2020" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  874.670545][   T92] usb 4-1: Using ep0 maxpacket: 16
[  874.696995][   T92] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  874.706822][   T92] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  874.720097][   T92] usb 4-1: New USB device found, idVendor=045e, idProduct=9994, bcdDevice=fc.3c
[  874.729386][   T92] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  874.757662][   T92] usb 4-1: config 0 descriptor??
[  874.835931][   T92] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  875.459673][T13652] syz_tun: entered promiscuous mode
[  875.464963][T13652] macsec1: entered promiscuous mode
[  875.470409][T13652] macsec1: entered allmulticast mode
[  875.475686][T13652] syz_tun: entered allmulticast mode
[  875.978063][T13652] syz_tun: left allmulticast mode
[  875.984302][T13652] syz_tun: left promiscuous mode
[  876.333795][T13667] FAULT_INJECTION: forcing a failure.
[  876.333795][T13667] name failslab, interval 1, probability 0, space 0, times 0
[  876.355505][T13667] CPU: 0 UID: 0 PID: 13667 Comm: syz.2.2029 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) 
[  876.355532][T13667] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  876.355542][T13667] Call Trace:
[  876.355548][T13667]  <TASK>
[  876.355555][T13667]  dump_stack_lvl+0x16c/0x1f0
[  876.355586][T13667]  should_fail_ex+0x512/0x640
[  876.355614][T13667]  should_failslab+0xc2/0x120
[  876.355641][T13667]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  876.355666][T13667]  ? skb_clone+0x190/0x3f0
[  876.355695][T13667]  skb_clone+0x190/0x3f0
[  876.355721][T13667]  netlink_deliver_tap+0xabd/0xd30
[  876.355755][T13667]  netlink_unicast+0x5df/0x7f0
[  876.355776][T13667]  ? __pfx_netlink_unicast+0x10/0x10
[  876.355802][T13667]  netlink_sendmsg+0x8d1/0xdd0
[  876.355824][T13667]  ? __pfx_netlink_sendmsg+0x10/0x10
[  876.355853][T13667]  ____sys_sendmsg+0xa95/0xc70
[  876.355872][T13667]  ? copy_msghdr_from_user+0x10a/0x160
[  876.355896][T13667]  ? __pfx_____sys_sendmsg+0x10/0x10
[  876.355927][T13667]  ___sys_sendmsg+0x134/0x1d0
[  876.355953][T13667]  ? __pfx____sys_sendmsg+0x10/0x10
[  876.355975][T13667]  ? __lock_acquire+0x622/0x1c90
[  876.356025][T13667]  __sys_sendmsg+0x16d/0x220
[  876.356050][T13667]  ? __pfx___sys_sendmsg+0x10/0x10
[  876.356093][T13667]  do_syscall_64+0xcd/0x4c0
[  876.356119][T13667]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  876.356138][T13667] RIP: 0033:0x7f79efd8e929
[  876.356153][T13667] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  876.356170][T13667] RSP: 002b:00007f79f0bc3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  876.356188][T13667] RAX: ffffffffffffffda RBX: 00007f79effb5fa0 RCX: 00007f79efd8e929
[  876.356199][T13667] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003
[  876.356210][T13667] RBP: 00007f79f0bc3090 R08: 0000000000000000 R09: 0000000000000000
[  876.356220][T13667] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  876.356230][T13667] R13: 0000000000000000 R14: 00007f79effb5fa0 R15: 00007ffffc7a5a18
[  876.356254][T13667]  </TASK>
[  877.499077][T13672] netlink: 14 bytes leftover after parsing attributes in process `syz.4.2032'.
[  878.107871][ T5944] usb 4-1: USB disconnect, device number 35
[  878.151946][T13672] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  878.162100][T13672] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  878.171508][T13672] bond0 (unregistering): Released all slaves
[  878.189064][   T30] audit: type=1400 audit(1751821923.135:452): avc:  denied  { name_bind } for  pid=13671 comm="syz.4.2032" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  878.230310][   T30] audit: type=1400 audit(1751821923.135:453): avc:  denied  { ioctl } for  pid=13671 comm="syz.4.2032" path="/dev/rtc0" dev="devtmpfs" ino=921 ioctlcmd=0x700a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  878.294228][T13690] FAULT_INJECTION: forcing a failure.
[  878.294228][T13690] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  878.361744][T13690] CPU: 0 UID: 0 PID: 13690 Comm: syz.2.2036 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) 
[  878.361770][T13690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  878.361780][T13690] Call Trace:
[  878.361786][T13690]  <TASK>
[  878.361793][T13690]  dump_stack_lvl+0x16c/0x1f0
[  878.361822][T13690]  should_fail_ex+0x512/0x640
[  878.361849][T13690]  _copy_from_user+0x2e/0xd0
[  878.361875][T13690]  copy_from_sockptr_offset.constprop.0+0x153/0x1a0
[  878.361900][T13690]  ? __pfx_copy_from_sockptr_offset.constprop.0+0x10/0x10
[  878.361926][T13690]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  878.361956][T13690]  do_ip_getsockopt+0x27f/0x2220
[  878.361982][T13690]  ? __pfx_do_ip_getsockopt+0x10/0x10
[  878.362006][T13690]  ? register_lock_class+0x41/0x4c0
[  878.362031][T13690]  ? __lock_acquire+0xb8a/0x1c90
[  878.362056][T13690]  ? __mutex_trylock_common+0xe9/0x250
[  878.362073][T13690]  ? __pfx___mutex_trylock_common+0x10/0x10
[  878.362091][T13690]  ? __pfx___might_resched+0x10/0x10
[  878.362121][T13690]  ? rcu_is_watching+0x12/0xc0
[  878.362143][T13690]  ? trace_contention_end+0xdd/0x130
[  878.362160][T13690]  ? __mutex_lock+0x1ca/0xb90
[  878.362189][T13690]  ip_getsockopt+0x9b/0x1e0
[  878.362211][T13690]  ? __pfx___mutex_lock+0x10/0x10
[  878.362236][T13690]  ? __pfx_ip_getsockopt+0x10/0x10
[  878.362266][T13690]  tcp_getsockopt+0xa1/0x100
[  878.362295][T13690]  smc_getsockopt+0x165/0x370
[  878.362314][T13690]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  878.362342][T13690]  ? __pfx_smc_getsockopt+0x10/0x10
[  878.362365][T13690]  ? __pfx_smc_getsockopt+0x10/0x10
[  878.362385][T13690]  do_sock_getsockopt+0x3fc/0x800
[  878.362405][T13690]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  878.362421][T13690]  ? __fget_files+0x204/0x3c0
[  878.362460][T13690]  __sys_getsockopt+0x12f/0x260
[  878.362489][T13690]  __x64_sys_getsockopt+0xbd/0x160
[  878.362511][T13690]  ? do_syscall_64+0x91/0x4c0
[  878.362536][T13690]  ? lockdep_hardirqs_on+0x7c/0x110
[  878.362559][T13690]  do_syscall_64+0xcd/0x4c0
[  878.362585][T13690]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  878.362602][T13690] RIP: 0033:0x7f79efd8e929
[  878.362616][T13690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  878.362632][T13690] RSP: 002b:00007f79f0bc3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  878.362649][T13690] RAX: ffffffffffffffda RBX: 00007f79effb5fa0 RCX: 00007f79efd8e929
[  878.362660][T13690] RDX: 0000000000000053 RSI: 0000000000000000 RDI: 0000000000000003
[  878.362669][T13690] RBP: 00007f79f0bc3090 R08: 00002000000001c0 R09: 0000000000000000
[  878.362680][T13690] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  878.362691][T13690] R13: 0000000000000000 R14: 00007f79effb5fa0 R15: 00007ffffc7a5a18
[  878.362714][T13690]  </TASK>
[  878.669332][   T30] audit: type=1400 audit(1751821923.645:454): avc:  denied  { unmount } for  pid=5826 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  878.819725][T13696] FAULT_INJECTION: forcing a failure.
[  878.819725][T13696] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  878.899121][T13696] CPU: 0 UID: 0 PID: 13696 Comm: syz.2.2038 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) 
[  878.899148][T13696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  878.899158][T13696] Call Trace:
[  878.899164][T13696]  <TASK>
[  878.899171][T13696]  dump_stack_lvl+0x16c/0x1f0
[  878.899201][T13696]  should_fail_ex+0x512/0x640
[  878.899229][T13696]  _copy_to_user+0x32/0xd0
[  878.899257][T13696]  simple_read_from_buffer+0xcb/0x170
[  878.899284][T13696]  proc_fail_nth_read+0x197/0x270
[  878.899308][T13696]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  878.899333][T13696]  ? rw_verify_area+0xcf/0x680
[  878.899352][T13696]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  878.899374][T13696]  vfs_read+0x1e1/0xc60
[  878.899401][T13696]  ? __pfx___mutex_lock+0x10/0x10
[  878.899427][T13696]  ? __pfx_vfs_read+0x10/0x10
[  878.899457][T13696]  ? __fget_files+0x20e/0x3c0
[  878.899489][T13696]  ksys_read+0x12a/0x250
[  878.899511][T13696]  ? __pfx_ksys_read+0x10/0x10
[  878.899534][T13696]  ? fput+0x70/0xf0
[  878.899554][T13696]  do_syscall_64+0xcd/0x4c0
[  878.899582][T13696]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  878.899599][T13696] RIP: 0033:0x7f79efd8d33c
[  878.899613][T13696] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  878.899629][T13696] RSP: 002b:00007f79f0bc3030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  878.899647][T13696] RAX: ffffffffffffffda RBX: 00007f79effb5fa0 RCX: 00007f79efd8d33c
[  878.899659][T13696] RDX: 000000000000000f RSI: 00007f79f0bc30a0 RDI: 0000000000000004
[  878.899669][T13696] RBP: 00007f79f0bc3090 R08: 0000000000000000 R09: 0000000000000000
[  878.899679][T13696] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  878.899689][T13696] R13: 0000000000000000 R14: 00007f79effb5fa0 R15: 00007ffffc7a5a18
[  878.899714][T13696]  </TASK>
[  879.159442][T13705] syz_tun: entered promiscuous mode
[  879.164724][T13705] macsec1: entered promiscuous mode
[  879.170748][T13705] macsec1: entered allmulticast mode
[  879.176189][T13705] syz_tun: entered allmulticast mode
[  879.716680][T13705] syz_tun: left allmulticast mode
[  879.723210][T13705] syz_tun: left promiscuous mode
[  880.096378][   T13] Bluetooth: hci5: Frame reassembly failed (-84)
[  880.372780][   T30] audit: type=1400 audit(1751821925.365:455): avc:  denied  { ioctl } for  pid=13712 comm="syz.2.2044" path="/dev/fuse" dev="devtmpfs" ino=99 ioctlcmd=0xe500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  880.630418][T13727] fuse: Bad value for 'group_id'
[  880.698731][T13729] overlayfs: missing 'lowerdir'
[  880.833146][T13733] 9pnet_fd: Insufficient options for proto=fd
[  880.839604][T13727] fuse: Bad value for 'group_id'
[  881.346241][   T30] audit: type=1400 audit(1751821926.265:456): avc:  denied  { accept } for  pid=13735 comm="syz.2.2051" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[  881.464494][T13747] FAULT_INJECTION: forcing a failure.
[  881.464494][T13747] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  881.478281][T13747] CPU: 0 UID: 0 PID: 13747 Comm: syz.3.2054 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) 
[  881.478306][T13747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  881.478316][T13747] Call Trace:
[  881.478322][T13747]  <TASK>
[  881.478328][T13747]  dump_stack_lvl+0x16c/0x1f0
[  881.478358][T13747]  should_fail_ex+0x512/0x640
[  881.478386][T13747]  _copy_from_user+0x2e/0xd0
[  881.478412][T13747]  io_sqe_files_register+0x219/0x960
[  881.478441][T13747]  ? __pfx_io_sqe_files_register+0x10/0x10
[  881.478468][T13747]  ? __mutex_trylock_common+0xe9/0x250
[  881.478488][T13747]  ? __pfx___mutex_trylock_common+0x10/0x10
[  881.478509][T13747]  __io_uring_register+0x130a/0x2440
[  881.478534][T13747]  ? trace_contention_end+0xdd/0x130
[  881.478551][T13747]  ? __pfx___io_uring_register+0x10/0x10
[  881.478573][T13747]  ? __mutex_lock+0x1ca/0xb90
[  881.478600][T13747]  ? __x64_sys_io_uring_register+0x159/0x280
[  881.478626][T13747]  ? __pfx___mutex_lock+0x10/0x10
[  881.478657][T13747]  ? __fget_files+0x20e/0x3c0
[  881.478680][T13747]  ? __fput_deferred+0x420/0x480
[  881.478705][T13747]  __x64_sys_io_uring_register+0x169/0x280
[  881.478732][T13747]  do_syscall_64+0xcd/0x4c0
[  881.478763][T13747]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  881.478781][T13747] RIP: 0033:0x7fde0258e929
[  881.478796][T13747] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  881.478812][T13747] RSP: 002b:00007fde03493038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab
[  881.478829][T13747] RAX: ffffffffffffffda RBX: 00007fde027b5fa0 RCX: 00007fde0258e929
[  881.478841][T13747] RDX: 0000200000000180 RSI: 0000000000000002 RDI: 0000000000000003
[  881.478851][T13747] RBP: 00007fde03493090 R08: 0000000000000000 R09: 0000000000000000
[  881.478862][T13747] R10: 00000000000000fe R11: 0000000000000246 R12: 0000000000000001
[  881.478872][T13747] R13: 0000000000000000 R14: 00007fde027b5fa0 R15: 00007ffd72f0ecc8
[  881.478896][T13747]  </TASK>
[  882.048840][ T5944] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[  882.059012][   T48] usb 4-1: new high-speed USB device number 36 using dummy_hcd
[  882.108885][ T5841] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  882.201645][ T5944] usb 2-1: Using ep0 maxpacket: 32
[  882.211392][   T48] usb 4-1: config 48 has an invalid descriptor of length 0, skipping remainder of the config
[  882.229579][ T5944] usb 2-1: too many configurations: 104, using maximum allowed: 8
[  882.285562][   T48] usb 4-1: New USB device found, idVendor=1784, idProduct=0006, bcdDevice=bb.2f
[  882.299680][   T48] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  882.315992][ T5944] usb 2-1: unable to read config index 0 descriptor/start: -61
[  882.327263][   T48] usb 4-1: Product: syz
[  882.336015][ T5944] usb 2-1: can't read configurations, error -61
[  882.342392][   T48] usb 4-1: Manufacturer: syz
[  882.347713][   T48] usb 4-1: SerialNumber: syz
[  882.634013][T13776] overlayfs: overlapping lowerdir path
[  883.042831][T13778] overlayfs: missing 'lowerdir'
[  883.220087][T13777] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  883.398955][T13755] netlink: 'syz.3.2057': attribute type 1 has an invalid length.
[  883.406799][   T30] audit: type=1400 audit(1751821928.395:457): avc:  denied  { connect } for  pid=13754 comm="syz.3.2057" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  883.494363][ T5944] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[  883.502246][T13775] usb usb1: check_ctrlrecip: process 13775 (syz.2.2063) requesting ep 01 but needs 81
[  883.521017][T13773] usb usb1: check_ctrlrecip: process 13773 (syz.0.2061) requesting ep 01 but needs 81
[  883.542459][T13755] netlink: 188 bytes leftover after parsing attributes in process `syz.3.2057'.
[  884.190601][ T6299] nci: nci_rf_discover_ntf_packet: unsupported rf_tech_and_mode 0x1b
[  884.313580][ T5944] usb 2-1: Using ep0 maxpacket: 32
[  884.320981][ T5944] usb 2-1: too many configurations: 104, using maximum allowed: 8
[  884.332704][ T5944] usb 2-1: unable to read config index 0 descriptor/start: -61
[  884.341002][ T5944] usb 2-1: can't read configurations, error -61
[  884.348511][ T5944] usb usb2-port1: attempt power cycle
[  884.536271][T13799] FAULT_INJECTION: forcing a failure.
[  884.536271][T13799] name failslab, interval 1, probability 0, space 0, times 0
[  884.549002][T13799] CPU: 1 UID: 0 PID: 13799 Comm: syz.4.2069 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) 
[  884.549025][T13799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  884.549036][T13799] Call Trace:
[  884.549042][T13799]  <TASK>
[  884.549048][T13799]  dump_stack_lvl+0x16c/0x1f0
[  884.549082][T13799]  should_fail_ex+0x512/0x640
[  884.549115][T13799]  should_failslab+0xc2/0x120
[  884.549142][T13799]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  884.549167][T13799]  ? skb_clone+0x190/0x3f0
[  884.549195][T13799]  skb_clone+0x190/0x3f0
[  884.549220][T13799]  netlink_deliver_tap+0xabd/0xd30
[  884.549254][T13799]  netlink_unicast+0x5df/0x7f0
[  884.549275][T13799]  ? __pfx_netlink_unicast+0x10/0x10
[  884.549301][T13799]  netlink_sendmsg+0x8d1/0xdd0
[  884.549324][T13799]  ? __pfx_netlink_sendmsg+0x10/0x10
[  884.549351][T13799]  ____sys_sendmsg+0xa95/0xc70
[  884.549370][T13799]  ? copy_msghdr_from_user+0x10a/0x160
[  884.549394][T13799]  ? __pfx_____sys_sendmsg+0x10/0x10
[  884.549425][T13799]  ___sys_sendmsg+0x134/0x1d0
[  884.549450][T13799]  ? __pfx____sys_sendmsg+0x10/0x10
[  884.549472][T13799]  ? __lock_acquire+0x622/0x1c90
[  884.549523][T13799]  __sys_sendmsg+0x16d/0x220
[  884.549548][T13799]  ? __pfx___sys_sendmsg+0x10/0x10
[  884.549591][T13799]  do_syscall_64+0xcd/0x4c0
[  884.549619][T13799]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  884.549637][T13799] RIP: 0033:0x7f54cad8e929
[  884.549651][T13799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  884.549667][T13799] RSP: 002b:00007f54cbc93038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  884.549685][T13799] RAX: ffffffffffffffda RBX: 00007f54cafb5fa0 RCX: 00007f54cad8e929
[  884.549696][T13799] RDX: 0000000020040054 RSI: 0000200000006040 RDI: 0000000000000004
[  884.549707][T13799] RBP: 00007f54cbc93090 R08: 0000000000000000 R09: 0000000000000000
[  884.549716][T13799] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  884.549727][T13799] R13: 0000000000000000 R14: 00007f54cafb5fa0 R15: 00007ffcf77279a8
[  884.549751][T13799]  </TASK>
[  884.934837][T13805] use of bytesused == 0 is deprecated and will be removed in the future,
[  884.961209][T13805] use the actual size instead.
[  885.083355][T13810] syz_tun: entered promiscuous mode
[  885.088809][T13810] macsec1: entered promiscuous mode
[  885.094816][T13810] macsec1: entered allmulticast mode
[  885.100177][T13810] syz_tun: entered allmulticast mode
[  885.156997][ T5944] usb usb2-port1: Cannot enable. Maybe the USB cable is bad?
[  885.218917][T13755] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  885.429302][ T5944] usb 2-1: new full-speed USB device number 46 using dummy_hcd
[  885.526032][ T5944] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  885.845569][ T5944] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2
[  885.950897][T13810] syz_tun: left allmulticast mode
[  885.956922][T13810] syz_tun: left promiscuous mode
[  886.044520][ T5944] usb 2-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  886.107756][ T5944] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  886.123395][   T48] usb 4-1: USB disconnect, device number 36
[  886.205197][ T5944] usb 2-1: config 0 descriptor??
[  886.233052][ T5944] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  886.254482][ T5944] dvb-usb: bulk message failed: -22 (3/0)
[  886.285587][ T5944] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  886.334100][ T5944] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  886.345998][T13805] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  886.392617][ T5944] usb 2-1: media controller created
[  886.408847][T13805] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  886.443831][ T5944] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  886.504086][T13805] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  886.549681][T13805] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  886.556664][ T5944] dvb-usb: bulk message failed: -22 (6/0)
[  886.571407][T13804] netlink: 'syz.1.2071': attribute type 13 has an invalid length.
[  886.583479][ T5944] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  886.618960][ T5944] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input31
[  886.652623][ T5944] dvb-usb: schedule remote query interval to 150 msecs.
[  886.669745][ T5944] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  886.672686][T13805] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  886.695234][T13805] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  886.773232][T13805] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  886.785562][T13805] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[  886.829655][ T5944] dvb-usb: bulk message failed: -22 (1/0)
[  886.839101][ T5944] dvb-usb: error while querying for an remote control event.
[  886.860961][T13804] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  886.879331][   T48] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[  886.903324][ T5899] usb 2-1: USB disconnect, device number 46
[  886.926906][ T5899] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  887.061942][   T48] usb 3-1: config 0 has no interfaces?
[  887.073013][   T48] usb 3-1: New USB device found, idVendor=10cf, idProduct=0702, bcdDevice= 0.00
[  887.089816][   T48] usb 3-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  887.097962][   T48] usb 3-1: Product: syz
[  887.105582][   T48] usb 3-1: SerialNumber: syz
[  887.123002][   T48] usb 3-1: rejected 1 configuration due to insufficient available bus power
[  887.136062][   T48] usb 3-1: no configuration chosen from 1 choice
[  887.753133][T13865] netlink: 'syz.4.2074': attribute type 10 has an invalid length.
[  887.768723][   T30] audit: type=1400 audit(1751821932.755:458): avc:  denied  { bind } for  pid=13864 comm="syz.4.2074" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  888.167493][T13878] overlayfs: missing 'lowerdir'
[  888.189714][T13878] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  888.860090][T13878] usb usb1: check_ctrlrecip: process 13878 (syz.1.2075) requesting ep 01 but needs 81
[  889.671398][   T48] usb 3-1: USB disconnect, device number 38
[  890.152304][   T30] audit: type=1400 audit(1751821934.955:459): avc:  denied  { write } for  pid=13890 comm="syz.4.2078" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  890.367197][   T48] kernel write not supported for file /dsp (pid: 48 comm: kworker/1:1)
[  890.907670][T13919] netlink: 'syz.1.2085': attribute type 10 has an invalid length.
[  890.942591][T13919] bridge0: port 2(bridge_slave_1) entered disabled state
[  890.949802][T13919] bridge0: port 1(bridge_slave_0) entered disabled state
[  890.964861][T13919] bridge0: port 2(bridge_slave_1) entered blocking state
[  890.972033][T13919] bridge0: port 2(bridge_slave_1) entered forwarding state
[  890.979469][T13919] bridge0: port 1(bridge_slave_0) entered blocking state
[  890.986585][T13919] bridge0: port 1(bridge_slave_0) entered forwarding state
[  890.999170][T13919] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  931.062113][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  931.068435][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  992.500705][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  992.507010][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1044.340056][   T31] INFO: task kworker/1:2:92 blocked for more than 143 seconds.
[ 1044.347650][   T31]       Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0
[ 1044.355315][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1044.364028][   T31] task:kworker/1:2     state:D stack:23208 pid:92    tgid:92    ppid:2      task_flags:0x4208060 flags:0x00004000
[ 1044.376062][   T31] Workqueue: events rfkill_global_led_trigger_worker
[ 1044.382809][   T31] Call Trace:
[ 1044.386083][   T31]  <TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1044.389045][   T31]  __schedule+0x116a/0x5de0
[ 1044.393677][   T31]  ? __lock_acquire+0xb8a/0x1c90
[ 1044.398626][   T31]  ? __pfx___schedule+0x10/0x10
[ 1044.403544][   T31]  ? find_held_lock+0x2b/0x80
[ 1044.408228][   T31]  ? schedule+0x2d7/0x3a0
[ 1044.412628][   T31]  schedule+0xe7/0x3a0
[ 1044.416700][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1044.422292][   T31]  __mutex_lock+0x6c7/0xb90
[ 1044.448755][   T31]  ? rfkill_global_led_trigger_worker+0x1b/0x160
[ 1044.455111][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1044.493732][   T31]  ? lock_acquire+0x62/0x350
[ 1044.498340][   T31]  ? rfkill_global_led_trigger_worker+0x1b/0x160
[ 1044.504697][   T31]  rfkill_global_led_trigger_worker+0x1b/0x160
[ 1044.510994][   T31]  process_one_work+0x9cf/0x1b70
[ 1044.515934][   T31]  ? __pfx_process_one_work+0x10/0x10
[ 1044.521339][   T31]  ? assign_work+0x1a0/0x250
[ 1044.525922][   T31]  worker_thread+0x6c8/0xf10
[ 1044.530651][   T31]  ? __kthread_parkme+0x19e/0x250
[ 1044.535660][   T31]  ? __pfx_worker_thread+0x10/0x10
[ 1044.540806][   T31]  kthread+0x3c2/0x780
[ 1044.544873][   T31]  ? __pfx_kthread+0x10/0x10
[ 1044.549562][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1044.554325][   T31]  ? __pfx_kthread+0x10/0x10
[ 1044.559172][   T31]  ret_from_fork+0x5d4/0x6f0
[ 1044.563765][   T31]  ? __pfx_kthread+0x10/0x10
[ 1044.568330][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1044.573127][   T31]  </TASK>
[ 1044.576222][   T31] INFO: task syz-executor:5826 blocked for more than 143 seconds.
[ 1044.587486][   T31]       Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0
[ 1044.595214][   T31]       Blocked by coredump.
[ 1044.599858][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1044.608517][   T31] task:syz-executor    state:D stack:22552 pid:5826  tgid:5826  ppid:1      task_flags:0x40054c flags:0x00004006
[ 1044.620441][   T31] Call Trace:
[ 1044.623710][   T31]  <TASK>
[ 1044.626619][   T31]  __schedule+0x116a/0x5de0
[ 1044.631231][   T31]  ? __lock_acquire+0x622/0x1c90
[ 1044.636166][   T31]  ? __pfx___schedule+0x10/0x10
[ 1044.641171][   T31]  ? find_held_lock+0x2b/0x80
[ 1044.645836][   T31]  ? schedule+0x2d7/0x3a0
[ 1044.650177][   T31]  schedule+0xe7/0x3a0
[ 1044.654243][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1044.659718][   T31]  __mutex_lock+0x6c7/0xb90
[ 1044.664222][   T31]  ? rfkill_unregister+0xec/0x2c0
[ 1044.669541][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1044.674568][   T31]  ? device_del+0x6b6/0x9f0
[ 1044.679113][   T31]  ? __pfx_device_del+0x10/0x10
[ 1044.683960][   T31]  ? _raw_read_unlock+0x28/0x50
[ 1044.688832][   T31]  ? rfkill_unregister+0xec/0x2c0
[ 1044.693855][   T31]  rfkill_unregister+0xec/0x2c0
[ 1044.698741][   T31]  hci_unregister_dev+0x337/0x640
[ 1044.703770][   T31]  ? __pfx_vhci_release+0x10/0x10
[ 1044.708890][   T31]  vhci_release+0x79/0xf0
[ 1044.713228][   T31]  __fput+0x3ff/0xb70
[ 1044.717215][   T31]  task_work_run+0x150/0x240
[ 1044.721827][   T31]  ? __pfx_task_work_run+0x10/0x10
[ 1044.726940][   T31]  do_exit+0x86c/0x2bd0
[ 1044.731109][   T31]  ? find_held_lock+0x2b/0x80
[ 1044.735783][   T31]  ? __pfx_do_exit+0x10/0x10
[ 1044.740404][   T31]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1044.745421][   T31]  ? find_held_lock+0x2b/0x80
[ 1044.750267][   T31]  do_group_exit+0xd3/0x2a0
[ 1044.754780][   T31]  get_signal+0x2673/0x26d0
[ 1044.759426][   T31]  ? __pfx___schedule+0x10/0x10
[ 1044.764278][   T31]  ? __pfx_get_signal+0x10/0x10
[ 1044.769151][   T31]  ? __do_sys_wait4+0xd1/0x170
[ 1044.773905][   T31]  arch_do_signal_or_restart+0x8f/0x7d0
[ 1044.779597][   T31]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1044.785752][   T31]  ? xfd_validate_state+0x61/0x180
[ 1044.791037][   T31]  exit_to_user_mode_loop+0x84/0x110
[ 1044.796323][   T31]  do_syscall_64+0x3f6/0x4c0
[ 1044.800947][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1044.806832][   T31] RIP: 0033:0x7fde02584b97
[ 1044.811247][   T31] RSP: 002b:00007ffd72f0f020 EFLAGS: 00000293 ORIG_RAX: 000000000000003d
[ 1044.819691][   T31] RAX: fffffffffffffe00 RBX: 00000000000005c7 RCX: 00007fde02584b97
[ 1044.827650][   T31] RDX: 0000000040000000 RSI: 00007ffd72f0f08c RDI: 00000000ffffffff
[ 1044.835713][   T31] RBP: 00007ffd72f0f08c R08: 0000000000000000 R09: 0000000000000000
[ 1044.843721][   T31] R10: 0000000000000000 R11: 0000000000000293 R12: 00000000000001a6
[ 1044.851724][   T31] R13: 000055557ea9b590 R14: 00000000000d7dca R15: 00007ffd72f0f0e0
[ 1044.859817][   T31]  </TASK>
[ 1044.862879][   T31] INFO: task syz.3.2057:13755 blocked for more than 143 seconds.
[ 1044.872438][   T31]       Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0
[ 1044.880210][   T31]       Blocked by coredump.
[ 1044.884787][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1044.893659][   T31] task:syz.3.2057      state:D stack:26520 pid:13755 tgid:13754 ppid:5826   task_flags:0x40054c flags:0x00004006
[ 1044.905765][   T31] Call Trace:
[ 1044.909094][   T31]  <TASK>
[ 1044.912024][   T31]  __schedule+0x116a/0x5de0
[ 1044.916513][   T31]  ? __lock_acquire+0x622/0x1c90
[ 1044.921486][   T31]  ? __pfx___schedule+0x10/0x10
[ 1044.926337][   T31]  ? find_held_lock+0x2b/0x80
[ 1044.931042][   T31]  ? schedule+0x2d7/0x3a0
[ 1044.935370][   T31]  schedule+0xe7/0x3a0
[ 1044.940996][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1044.946456][   T31]  __mutex_lock+0x6c7/0xb90
[ 1044.950982][   T31]  ? rfkill_unregister+0xec/0x2c0
[ 1044.956000][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1044.961128][   T31]  ? device_del+0x6b6/0x9f0
[ 1044.965634][   T31]  ? __pfx_device_del+0x10/0x10
[ 1044.970526][   T31]  ? rfkill_unregister+0xec/0x2c0
[ 1044.975549][   T31]  rfkill_unregister+0xec/0x2c0
[ 1044.980585][   T31]  nfc_unregister_device+0x94/0x330
[ 1044.985795][   T31]  ? __pfx_virtual_ncidev_close+0x10/0x10
[ 1044.991553][   T31]  virtual_ncidev_close+0x4b/0xa0
[ 1044.996573][   T31]  __fput+0x3ff/0xb70
[ 1045.000612][   T31]  task_work_run+0x150/0x240
[ 1045.005200][   T31]  ? __pfx_task_work_run+0x10/0x10
[ 1045.010357][   T31]  do_exit+0x86c/0x2bd0
[ 1045.014514][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1045.019326][   T31]  ? irqentry_exit+0x3b/0x90
[ 1045.023925][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1045.029152][   T31]  ? __pfx_do_exit+0x10/0x10
[ 1045.033743][   T31]  ? preempt_schedule_common+0x44/0xc0
[ 1045.039250][   T31]  do_group_exit+0xd3/0x2a0
[ 1045.043755][   T31]  get_signal+0x2673/0x26d0
[ 1045.048243][   T31]  ? __pfx_get_signal+0x10/0x10
[ 1045.053221][   T31]  arch_do_signal_or_restart+0x8f/0x7d0
[ 1045.058922][   T31]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1045.065080][   T31]  exit_to_user_mode_loop+0x84/0x110
[ 1045.070375][   T31]  do_syscall_64+0x3f6/0x4c0
[ 1045.074978][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1045.080922][   T31] RIP: 0033:0x7fde0258e929
[ 1045.085327][   T31] RSP: 002b:00007fde03493038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1045.093809][   T31] RAX: 000000000000001c RBX: 00007fde027b5fa0 RCX: 00007fde0258e929
[ 1045.101835][   T31] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 000000000000000b
[ 1045.109827][   T31] RBP: 00007fde02610b39 R08: 0000000000000000 R09: 0000000000000000
[ 1045.117793][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1045.125822][   T31] R13: 0000000000000000 R14: 00007fde027b5fa0 R15: 00007ffd72f0ecc8
[ 1045.133803][   T31]  </TASK>
[ 1045.136809][   T31] INFO: task syz.0.2068:13805 blocked for more than 144 seconds.
[ 1045.144550][   T31]       Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0
[ 1045.152183][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1045.160856][   T31] task:syz.0.2068      state:D stack:25016 pid:13805 tgid:13797 ppid:5828   task_flags:0x400040 flags:0x00004006
[ 1045.172807][   T31] Call Trace:
[ 1045.176063][   T31]  <TASK>
[ 1045.179030][   T31]  __schedule+0x116a/0x5de0
[ 1045.183536][   T31]  ? __lock_acquire+0x622/0x1c90
[ 1045.188453][   T31]  ? __pfx___schedule+0x10/0x10
[ 1045.193320][   T31]  ? find_held_lock+0x2b/0x80
[ 1045.198003][   T31]  ? schedule+0x2d7/0x3a0
[ 1045.202340][   T31]  schedule+0xe7/0x3a0
[ 1045.206404][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1045.211877][   T31]  __mutex_lock+0x6c7/0xb90
[ 1045.216381][   T31]  ? nfc_dev_down+0x2d/0x2e0
[ 1045.221019][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1045.226048][   T31]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1045.231113][   T31]  ? nfc_dev_down+0x2d/0x2e0
[ 1045.235713][   T31]  ? mark_held_locks+0x49/0x80
[ 1045.240509][   T31]  nfc_dev_down+0x2d/0x2e0
[ 1045.244926][   T31]  nfc_rfkill_set_block+0x39/0xe0
[ 1045.249974][   T31]  ? __pfx_nfc_rfkill_set_block+0x10/0x10
[ 1045.255694][   T31]  rfkill_set_block+0x1fb/0x550
[ 1045.260555][   T31]  rfkill_fop_write+0x2c0/0x580
[ 1045.265400][   T31]  ? __pfx_rfkill_fop_write+0x10/0x10
[ 1045.270803][   T31]  ? __pfx_bpf_lsm_inode_listsecurity+0x10/0x10
[ 1045.277037][   T31]  ? security_file_permission+0x71/0x210
[ 1045.282686][   T31]  ? rw_verify_area+0xcf/0x680
[ 1045.287446][   T31]  ? __pfx_rfkill_fop_write+0x10/0x10
[ 1045.292839][   T31]  vfs_write+0x2a0/0x1150
[ 1045.297167][   T31]  ? __pfx_vfs_write+0x10/0x10
[ 1045.302134][   T31]  ? find_held_lock+0x2b/0x80
[ 1045.306810][   T31]  ? __fget_files+0x204/0x3c0
[ 1045.311504][   T31]  ? __fget_files+0x20e/0x3c0
[ 1045.316183][   T31]  ksys_write+0x1f8/0x250
[ 1045.320542][   T31]  ? __pfx_ksys_write+0x10/0x10
[ 1045.325392][   T31]  do_syscall_64+0xcd/0x4c0
[ 1045.329918][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1045.335804][   T31] RIP: 0033:0x7fc73b98e929
[ 1045.340239][   T31] RSP: 002b:00007fc73c7d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1045.348645][   T31] RAX: ffffffffffffffda RBX: 00007fc73bbb5fa0 RCX: 00007fc73b98e929
[ 1045.356630][   T31] RDX: 0000000000000008 RSI: 0000200000000080 RDI: 0000000000000003
[ 1045.364623][   T31] RBP: 00007fc73ba10b39 R08: 0000000000000000 R09: 0000000000000000
[ 1045.372623][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1045.380691][   T31] R13: 0000000000000000 R14: 00007fc73bbb5fa0 R15: 00007ffde7c00e38
[ 1045.388673][   T31]  </TASK>
[ 1045.391717][   T31] INFO: task syz.2.2084:13915 blocked for more than 144 seconds.
[ 1045.399490][   T31]       Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0
[ 1045.407103][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1045.415769][   T31] task:syz.2.2084      state:D stack:24200 pid:13915 tgid:13914 ppid:5829   task_flags:0x400140 flags:0x00004004
[ 1045.427701][   T31] Call Trace:
[ 1045.431004][   T31]  <TASK>
[ 1045.433928][   T31]  __schedule+0x116a/0x5de0
[ 1045.438415][   T31]  ? __lock_acquire+0x622/0x1c90
[ 1045.443370][   T31]  ? __pfx___schedule+0x10/0x10
[ 1045.448230][   T31]  ? find_held_lock+0x2b/0x80
[ 1045.452916][   T31]  ? schedule+0x2d7/0x3a0
[ 1045.457243][   T31]  schedule+0xe7/0x3a0
[ 1045.461404][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1045.466857][   T31]  __mutex_lock+0x6c7/0xb90
[ 1045.471423][   T31]  ? rfkill_register+0x3a/0xb40
[ 1045.476289][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1045.481339][   T31]  ? clear_pending_if_disabled+0xa8/0x210
[ 1045.487058][   T31]  ? __pfx_netdev_run_todo+0x10/0x10
[ 1045.493757][   T31]  ? mod_delayed_work_on+0x1a7/0x1c0
[ 1045.499071][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1045.504277][   T31]  ? mod_delayed_work_on+0x14c/0x1c0
[ 1045.509606][   T31]  ? rfkill_register+0x3a/0xb40
[ 1045.514463][   T31]  rfkill_register+0x3a/0xb40
[ 1045.519187][   T31]  wiphy_register+0x2239/0x2850
[ 1045.524031][   T31]  ? netdev_run_todo+0x864/0x1320
[ 1045.529085][   T31]  ? __pfx_wiphy_register+0x10/0x10
[ 1045.534283][   T31]  ? ieee80211_init_rate_ctrl_alg+0x125/0x6b0
[ 1045.540367][   T31]  ieee80211_register_hw+0x24ac/0x4140
[ 1045.545823][   T31]  ? __pfx_ieee80211_register_hw+0x10/0x10
[ 1045.551649][   T31]  ? find_held_lock+0x2b/0x80
[ 1045.556323][   T31]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1045.562222][   T31]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[ 1045.568020][   T31]  ? __hrtimer_setup+0x176/0x280
[ 1045.572985][   T31]  mac80211_hwsim_new_radio+0x3034/0x54d0
[ 1045.578763][   T31]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[ 1045.584828][   T31]  hwsim_new_radio_nl+0xb51/0x12c0
[ 1045.589973][   T31]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1045.595522][   T31]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[ 1045.602968][   T31]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[ 1045.610381][   T31]  genl_family_rcv_msg_doit+0x206/0x2f0
[ 1045.615923][   T31]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1045.622803][   T31]  ? bpf_lsm_capable+0x9/0x10
[ 1045.627493][   T31]  ? security_capable+0x7e/0x260
[ 1045.632480][   T31]  ? ns_capable+0xd7/0x110
[ 1045.636905][   T31]  genl_rcv_msg+0x55c/0x800
[ 1045.641440][   T31]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1045.646458][   T31]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[ 1045.652033][   T31]  ? __lock_acquire+0x622/0x1c90
[ 1045.656963][   T31]  netlink_rcv_skb+0x155/0x420
[ 1045.661730][   T31]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1045.666749][   T31]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1045.672083][   T31]  ? netlink_deliver_tap+0x1ae/0xd30
[ 1045.677374][   T31]  ? is_vmalloc_addr+0x86/0xa0
[ 1045.682152][   T31]  genl_rcv+0x28/0x40
[ 1045.686138][   T31]  netlink_unicast+0x53a/0x7f0
[ 1045.690928][   T31]  ? __pfx_netlink_unicast+0x10/0x10
[ 1045.696210][   T31]  netlink_sendmsg+0x8d1/0xdd0
[ 1045.701061][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1045.706345][   T31]  ____sys_sendmsg+0xa95/0xc70
[ 1045.711137][   T31]  ? copy_msghdr_from_user+0x10a/0x160
[ 1045.716598][   T31]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1045.721898][   T31]  ? preempt_schedule_thunk+0x16/0x30
[ 1045.727270][   T31]  ? try_to_wake_up+0xa2f/0x1680
[ 1045.732264][   T31]  ___sys_sendmsg+0x134/0x1d0
[ 1045.736940][   T31]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1045.742162][   T31]  ? __lock_acquire+0x622/0x1c90
[ 1045.747133][   T31]  __sys_sendmsg+0x16d/0x220
[ 1045.751770][   T31]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1045.756892][   T31]  ? __x64_sys_futex+0x1e0/0x4c0
[ 1045.761892][   T31]  do_syscall_64+0xcd/0x4c0
[ 1045.766398][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1045.772309][   T31] RIP: 0033:0x7f79efd8e929
[ 1045.776712][   T31] RSP: 002b:00007f79f0bc3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1045.785153][   T31] RAX: ffffffffffffffda RBX: 00007f79effb5fa0 RCX: 00007f79efd8e929
[ 1045.793150][   T31] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000004
[ 1045.801118][   T31] RBP: 00007f79efe10b39 R08: 0000000000000000 R09: 0000000000000000
[ 1045.809107][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1045.817067][   T31] R13: 0000000000000000 R14: 00007f79effb5fa0 R15: 00007ffffc7a5a18
[ 1045.825072][   T31]  </TASK>
[ 1045.828089][   T31] INFO: task syz.4.2086:13923 blocked for more than 144 seconds.
[ 1045.835823][   T31]       Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0
[ 1045.843458][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1045.852132][   T31] task:syz.4.2086      state:D stack:27096 pid:13923 tgid:13922 ppid:5837   task_flags:0x400140 flags:0x00004004
[ 1045.864216][   T31] Call Trace:
[ 1045.867493][   T31]  <TASK>
[ 1045.870455][   T31]  __schedule+0x116a/0x5de0
[ 1045.874975][   T31]  ? __lock_acquire+0x622/0x1c90
[ 1045.879947][   T31]  ? __pfx___schedule+0x10/0x10
[ 1045.884798][   T31]  ? find_held_lock+0x2b/0x80
[ 1045.889499][   T31]  ? schedule+0x2d7/0x3a0
[ 1045.893827][   T31]  schedule+0xe7/0x3a0
[ 1045.897877][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1045.903362][   T31]  __mutex_lock+0x6c7/0xb90
[ 1045.907871][   T31]  ? genl_rcv_msg+0x577/0x800
[ 1045.912587][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1045.917613][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1045.922830][   T31]  ? __radix_tree_lookup+0x21f/0x2c0
[ 1045.928134][   T31]  ? genl_rcv_msg+0x577/0x800
[ 1045.932830][   T31]  genl_rcv_msg+0x577/0x800
[ 1045.937335][   T31]  ? __pfx___dev_queue_xmit+0x10/0x10
[ 1045.942740][   T31]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1045.947762][   T31]  ? __lock_acquire+0xb8a/0x1c90
[ 1045.952716][   T31]  netlink_rcv_skb+0x155/0x420
[ 1045.957471][   T31]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1045.962503][   T31]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1045.967785][   T31]  ? netlink_deliver_tap+0x1ae/0xd30
[ 1045.973094][   T31]  genl_rcv+0x28/0x40
[ 1045.977068][   T31]  netlink_unicast+0x53a/0x7f0
[ 1045.981875][   T31]  ? __pfx_netlink_unicast+0x10/0x10
[ 1045.987158][   T31]  netlink_sendmsg+0x8d1/0xdd0
[ 1045.991946][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1045.997244][   T31]  __sys_sendto+0x4a0/0x520
[ 1046.001790][   T31]  ? __pfx___sys_sendto+0x10/0x10
[ 1046.006817][   T31]  ? find_held_lock+0x2b/0x80
[ 1046.011536][   T31]  __x64_sys_sendto+0xe0/0x1c0
[ 1046.016298][   T31]  ? do_syscall_64+0x91/0x4c0
[ 1046.020993][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1046.026187][   T31]  do_syscall_64+0xcd/0x4c0
[ 1046.030759][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1046.036649][   T31] RIP: 0033:0x7f54cad907bc
[ 1046.041064][   T31] RSP: 002b:00007f54cbc91ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[ 1046.049491][   T31] RAX: ffffffffffffffda RBX: 00007f54cbc91fc0 RCX: 00007f54cad907bc
[ 1046.057450][   T31] RDX: 0000000000000024 RSI: 00007f54cbc92010 RDI: 0000000000000004
[ 1046.065430][   T31] RBP: 0000000000000000 R08: 00007f54cbc91f14 R09: 000000000000000c
[ 1046.073413][   T31] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004
[ 1046.081395][   T31] R13: 00007f54cbc91f68 R14: 00007f54cbc92010 R15: 0000000000000000
[ 1046.089402][   T31]  </TASK>
[ 1046.092420][   T31] INFO: task syz.1.2088:13934 blocked for more than 145 seconds.
[ 1046.100170][   T31]       Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0
[ 1046.107783][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1046.116466][   T31] task:syz.1.2088      state:D stack:28808 pid:13934 tgid:13933 ppid:5827   task_flags:0x400140 flags:0x00004004
[ 1046.128428][   T31] Call Trace:
[ 1046.131746][   T31]  <TASK>
[ 1046.134678][   T31]  __schedule+0x116a/0x5de0
[ 1046.139209][   T31]  ? __lock_acquire+0x622/0x1c90
[ 1046.144139][   T31]  ? __pfx___schedule+0x10/0x10
[ 1046.149026][   T31]  ? find_held_lock+0x2b/0x80
[ 1046.153699][   T31]  ? schedule+0x2d7/0x3a0
[ 1046.158009][   T31]  schedule+0xe7/0x3a0
[ 1046.162082][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1046.167536][   T31]  __mutex_lock+0x6c7/0xb90
[ 1046.172045][   T31]  ? stack_trace_save+0x8e/0xc0
[ 1046.176897][   T31]  ? stack_depot_save_flags+0x28/0xa40
[ 1046.182381][   T31]  ? genl_rcv_msg+0x577/0x800
[ 1046.187054][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1046.192094][   T31]  ? kasan_save_stack+0x42/0x60
[ 1046.196941][   T31]  ? kasan_save_stack+0x33/0x60
[ 1046.201794][   T31]  ? netlink_alloc_large_skb+0x69/0x130
[ 1046.207329][   T31]  ? netlink_sendmsg+0x6a1/0xdd0
[ 1046.212279][   T31]  ? __sys_sendto+0x4a0/0x520
[ 1046.216950][   T31]  ? __x64_sys_sendto+0xe0/0x1c0
[ 1046.221905][   T31]  ? do_syscall_64+0xcd/0x4c0
[ 1046.226581][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1046.232657][   T31]  ? __radix_tree_lookup+0x21f/0x2c0
[ 1046.237940][   T31]  ? genl_rcv_msg+0x577/0x800
[ 1046.242636][   T31]  genl_rcv_msg+0x577/0x800
[ 1046.247143][   T31]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1046.252184][   T31]  ? __lock_acquire+0xb8a/0x1c90
[ 1046.257122][   T31]  ? __lock_acquire+0x622/0x1c90
[ 1046.262233][   T31]  netlink_rcv_skb+0x155/0x420
[ 1046.267007][   T31]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1046.272056][   T31]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1046.277339][   T31]  ? netlink_deliver_tap+0x1ae/0xd30
[ 1046.282643][   T31]  ? is_vmalloc_addr+0x86/0xa0
[ 1046.287406][   T31]  genl_rcv+0x28/0x40
[ 1046.291423][   T31]  netlink_unicast+0x53a/0x7f0
[ 1046.296186][   T31]  ? __pfx_netlink_unicast+0x10/0x10
[ 1046.301490][   T31]  netlink_sendmsg+0x8d1/0xdd0
[ 1046.306248][   T31]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1046.311570][   T31]  __sys_sendto+0x4a0/0x520
[ 1046.316077][   T31]  ? __pfx___sys_sendto+0x10/0x10
[ 1046.321129][   T31]  ? find_held_lock+0x2b/0x80
[ 1046.325814][   T31]  __x64_sys_sendto+0xe0/0x1c0
[ 1046.330612][   T31]  ? do_syscall_64+0x91/0x4c0
[ 1046.335289][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1046.340693][   T31]  do_syscall_64+0xcd/0x4c0
[ 1046.345199][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1046.351107][   T31] RIP: 0033:0x7f5298d907bc
[ 1046.355518][   T31] RSP: 002b:00007f5299b86ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[ 1046.363955][   T31] RAX: ffffffffffffffda RBX: 00007f5299b86fc0 RCX: 00007f5298d907bc
[ 1046.371949][   T31] RDX: 0000000000000028 RSI: 00007f5299b87010 RDI: 0000000000000005
[ 1046.379936][   T31] RBP: 0000000000000000 R08: 00007f5299b86f14 R09: 000000000000000c
[ 1046.387904][   T31] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000005
[ 1046.396155][   T31] R13: 00007f5299b86f68 R14: 00007f5299b87010 R15: 0000000000000000
[ 1046.404605][   T31]  </TASK>
[ 1046.407618][   T31] INFO: task syz-executor:13945 blocked for more than 145 seconds.
[ 1046.415517][   T31]       Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0
[ 1046.423201][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1046.431922][   T31] task:syz-executor    state:D stack:28712 pid:13945 tgid:13945 ppid:1      task_flags:0x400040 flags:0x00004000
[ 1046.443850][   T31] Call Trace:
[ 1046.447103][   T31]  <TASK>
[ 1046.450051][   T31]  __schedule+0x116a/0x5de0
[ 1046.454556][   T31]  ? __lock_acquire+0x622/0x1c90
[ 1046.459507][   T31]  ? __pfx___schedule+0x10/0x10
[ 1046.464356][   T31]  ? find_held_lock+0x2b/0x80
[ 1046.469086][   T31]  ? schedule+0x2d7/0x3a0
[ 1046.473415][   T31]  schedule+0xe7/0x3a0
[ 1046.477461][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1046.482936][   T31]  __mutex_lock+0x6c7/0xb90
[ 1046.487438][   T31]  ? rfkill_register+0x3a/0xb40
[ 1046.492331][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1046.497359][   T31]  ? lockdep_init_map_type+0x5c/0x280
[ 1046.502816][   T31]  ? __init_waitqueue_head+0xca/0x150
[ 1046.508186][   T31]  ? rfkill_register+0x3a/0xb40
[ 1046.513101][   T31]  ? rfkill_alloc+0x25b/0x330
[ 1046.517780][   T31]  rfkill_register+0x3a/0xb40
[ 1046.522498][   T31]  hci_register_dev+0x3cc/0xc60
[ 1046.527361][   T31]  __vhci_create_device+0x357/0x7f0
[ 1046.532597][   T31]  vhci_write+0x2c0/0x480
[ 1046.536925][   T31]  vfs_write+0x6c4/0x1150
[ 1046.541323][   T31]  ? __pfx_vhci_write+0x10/0x10
[ 1046.546173][   T31]  ? __pfx_vfs_write+0x10/0x10
[ 1046.550987][   T31]  ? find_held_lock+0x2b/0x80
[ 1046.555662][   T31]  ? find_held_lock+0x2b/0x80
[ 1046.560343][   T31]  ksys_write+0x12a/0x250
[ 1046.564667][   T31]  ? __pfx_ksys_write+0x10/0x10
[ 1046.569559][   T31]  do_syscall_64+0xcd/0x4c0
[ 1046.574064][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1046.579957][   T31] RIP: 0033:0x7fe2c258d3a0
[ 1046.584361][   T31] RSP: 002b:00007ffcfd80c118 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 1046.592824][   T31] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fe2c258d3a0
[ 1046.600812][   T31] RDX: 0000000000000002 RSI: 00007ffcfd80c12a RDI: 00000000000000ca
[ 1046.608801][   T31] RBP: 00007fe2c27b6738 R08: 0000000000000000 R09: 00007fe2c32ed6c0
[ 1046.616759][   T31] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000008
[ 1046.624746][   T31] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[ 1046.632799][   T31]  </TASK>
[ 1046.635808][   T31] INFO: task syz-executor:13947 blocked for more than 145 seconds.
[ 1046.643700][   T31]       Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0
[ 1046.651360][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1046.660055][   T31] task:syz-executor    state:D stack:28712 pid:13947 tgid:13947 ppid:1      task_flags:0x400040 flags:0x00004000
[ 1046.672016][   T31] Call Trace:
[ 1046.675282][   T31]  <TASK>
[ 1046.678189][   T31]  __schedule+0x116a/0x5de0
[ 1046.682705][   T31]  ? __pfx_stack_trace_save+0x10/0x10
[ 1046.688075][   T31]  ? stack_depot_save_flags+0x28/0xa40
[ 1046.693552][   T31]  ? kasan_set_track+0x20/0x20
[ 1046.698315][   T31]  ? __lock_acquire+0x622/0x1c90
[ 1046.703272][   T31]  ? __pfx___schedule+0x10/0x10
[ 1046.708120][   T31]  ? find_held_lock+0x2b/0x80
[ 1046.712873][   T31]  ? schedule+0x2d7/0x3a0
[ 1046.717207][   T31]  schedule+0xe7/0x3a0
[ 1046.721298][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1046.726751][   T31]  __mutex_lock+0x6c7/0xb90
[ 1046.731262][   T31]  ? rfkill_register+0x3a/0xb40
[ 1046.736107][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1046.741152][   T31]  ? lockdep_init_map_type+0x5c/0x280
[ 1046.746513][   T31]  ? __init_waitqueue_head+0xca/0x150
[ 1046.751942][   T31]  ? rfkill_register+0x3a/0xb40
[ 1046.756785][   T31]  ? rfkill_alloc+0x25b/0x330
[ 1046.761470][   T31]  rfkill_register+0x3a/0xb40
[ 1046.766142][   T31]  hci_register_dev+0x3cc/0xc60
[ 1046.771024][   T31]  __vhci_create_device+0x357/0x7f0
[ 1046.776233][   T31]  vhci_write+0x2c0/0x480
[ 1046.780614][   T31]  vfs_write+0x6c4/0x1150
[ 1046.784948][   T31]  ? __pfx_vhci_write+0x10/0x10
[ 1046.789866][   T31]  ? __pfx_vfs_write+0x10/0x10
[ 1046.794629][   T31]  ? find_held_lock+0x2b/0x80
[ 1046.799323][   T31]  ? find_held_lock+0x2b/0x80
[ 1046.803995][   T31]  ksys_write+0x12a/0x250
[ 1046.808300][   T31]  ? __pfx_ksys_write+0x10/0x10
[ 1046.813169][   T31]  do_syscall_64+0xcd/0x4c0
[ 1046.817672][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1046.823569][   T31] RIP: 0033:0x7fb93f38d3a0
[ 1046.827972][   T31] RSP: 002b:00007ffcf4ddb048 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[ 1046.836431][   T31] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fb93f38d3a0
[ 1046.844410][   T31] RDX: 0000000000000002 RSI: 00007ffcf4ddb05a RDI: 00000000000000ca
[ 1046.852383][   T31] RBP: 00007fb93f5b6738 R08: 0000000000000000 R09: 00007fb9400ed6c0
[ 1046.860355][   T31] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000008
[ 1046.868299][   T31] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[ 1046.876323][   T31]  </TASK>
[ 1046.879354][   T31] 
[ 1046.879354][   T31] Showing all locks held in the system:
[ 1046.887038][   T31] 1 lock held by khungtaskd/31:
[ 1046.891911][   T31]  #0: ffffffff8e5c4940 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0
[ 1046.901887][   T31] 4 locks held by kworker/u8:2/36:
[ 1046.906996][   T31] 3 locks held by kworker/1:2/92:
[ 1046.912093][   T31]  #0: ffff88801b878d48 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[ 1046.922557][   T31]  #1: ffffc900025cfd10 ((work_completion)(&rfkill_global_led_trigger_work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[ 1046.935428][   T31]  #2: ffffffff90803c48 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_global_led_trigger_worker+0x1b/0x160
[ 1046.946851][   T31] 2 locks held by getty/5589:
[ 1046.951560][   T31]  #0: ffff8880324a70a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[ 1046.961350][   T31]  #1: ffffc9000333b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0
[ 1046.971439][   T31] 1 lock held by syz-executor/5826:
[ 1046.976617][   T31]  #0: ffffffff90803c48 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_unregister+0xec/0x2c0
[ 1046.986730][   T31] 2 locks held by syz.3.2057/13755:
[ 1046.991967][   T31]  #0: ffff88805d6c5100 (&dev->mutex){....}-{4:4}, at: nfc_unregister_device+0x60/0x330
[ 1047.001747][   T31]  #1: ffffffff90803c48 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_unregister+0xec/0x2c0
[ 1047.011870][   T31] 2 locks held by syz.0.2068/13805:
[ 1047.017059][   T31]  #0: ffffffff90803c48 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_fop_write+0x166/0x580
[ 1047.027190][   T31]  #1: ffff88805d6c5100 (&dev->mutex){....}-{4:4}, at: nfc_dev_down+0x2d/0x2e0
[ 1047.036222][   T31] 3 locks held by syz.2.2084/13915:
[ 1047.041427][   T31]  #0: ffffffff904069b0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[ 1047.049703][   T31]  #1: ffffffff90406a68 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x577/0x800
[ 1047.058665][   T31]  #2: ffffffff90803c48 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x3a/0xb40
[ 1047.068605][   T31] 2 locks held by syz.4.2086/13923:
[ 1047.073961][   T31]  #0: ffffffff904069b0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[ 1047.082172][   T31]  #1: ffffffff90406a68 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x577/0x800
[ 1047.091161][   T31] 2 locks held by syz.1.2088/13934:
[ 1047.096333][   T31]  #0: ffffffff904069b0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[ 1047.104508][   T31]  #1: ffffffff90406a68 (genl_mutex){+.+.}-{4:4}, at: genl_rcv_msg+0x577/0x800
[ 1047.113497][   T31] 2 locks held by syz-executor/13945:
[ 1047.118883][   T31]  #0: ffff88807d115118 (&data->open_mutex){+.+.}-{4:4}, at: vhci_write+0x2b4/0x480
[ 1047.128295][   T31]  #1: ffffffff90803c48 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x3a/0xb40
[ 1047.138213][   T31] 2 locks held by syz-executor/13947:
[ 1047.143631][   T31]  #0: ffff888051aac118 (&data->open_mutex){+.+.}-{4:4}, at: vhci_write+0x2b4/0x480
[ 1047.153060][   T31]  #1: ffffffff90803c48 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x3a/0xb40
[ 1047.163014][   T31] 2 locks held by syz-executor/13950:
[ 1047.168372][   T31]  #0: ffff888032fce918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_write+0x2b4/0x480
[ 1047.177820][   T31]  #1: ffffffff90803c48 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x3a/0xb40
[ 1047.187767][   T31] 2 locks held by syz-executor/13952:
[ 1047.193160][   T31]  #0: ffff8880334a2918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_write+0x2b4/0x480
[ 1047.202591][   T31]  #1: ffffffff90803c48 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x3a/0xb40
[ 1047.212514][   T31] 2 locks held by syz-executor/13954:
[ 1047.217867][   T31]  #0: ffff88802a660118 (&data->open_mutex){+.+.}-{4:4}, at: vhci_write+0x2b4/0x480
[ 1047.227350][   T31]  #1: ffffffff90803c48 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x3a/0xb40
[ 1047.237309][   T31] 2 locks held by syz-executor/13960:
[ 1047.242676][   T31]  #0: ffff88807d403918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_write+0x2b4/0x480
[ 1047.252072][   T31]  #1: ffffffff90803c48 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x3a/0xb40
[ 1047.262021][   T31] 2 locks held by syz-executor/13963:
[ 1047.267360][   T31]  #0: ffff88802b774118 (&data->open_mutex){+.+.}-{4:4}, at: vhci_write+0x2b4/0x480
[ 1047.276763][   T31]  #1: ffffffff90803c48 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x3a/0xb40
[ 1047.286696][   T31] 2 locks held by syz-executor/13966:
[ 1047.292074][   T31]  #0: ffff88807aba7918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_write+0x2b4/0x480
[ 1047.301511][   T31]  #1: ffffffff90803c48 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x3a/0xb40
[ 1047.311477][   T31] 2 locks held by syz-executor/13968:
[ 1047.316832][   T31]  #0: ffff88802e7cf118 (&data->open_mutex){+.+.}-{4:4}, at: vhci_write+0x2b4/0x480
[ 1047.326242][   T31]  #1: ffffffff90803c48 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x3a/0xb40
[ 1047.336178][   T31] 2 locks held by syz-executor/13970:
[ 1047.341569][   T31]  #0: ffff888029353918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_write+0x2b4/0x480
[ 1047.350997][   T31]  #1: ffffffff90803c48 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x3a/0xb40
[ 1047.360936][   T31] 2 locks held by syz-executor/13976:
[ 1047.366290][   T31]  #0: ffff8880293d0918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_write+0x2b4/0x480
[ 1047.375703][   T31]  #1: ffffffff90803c48 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x3a/0xb40
[ 1047.385779][   T31] 2 locks held by syz-executor/13979:
[ 1047.391159][   T31]  #0: ffff888077a50918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_write+0x2b4/0x480
[ 1047.400579][   T31]  #1: ffffffff90803c48 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x3a/0xb40
[ 1047.410500][   T31] 2 locks held by syz-executor/13982:
[ 1047.415853][   T31]  #0: ffff88805b18d918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_write+0x2b4/0x480
[ 1047.425259][   T31]  #1: ffffffff90803c48 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x3a/0xb40
[ 1047.435224][   T31] 2 locks held by syz-executor/13984:
[ 1047.440632][   T31]  #0: ffff888059cc9118 (&data->open_mutex){+.+.}-{4:4}, at: vhci_write+0x2b4/0x480
[ 1047.450062][   T31]  #1: ffffffff90803c48 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x3a/0xb40
[ 1047.460081][   T31] 2 locks held by syz-executor/13986:
[ 1047.465443][   T31]  #0: ffff88807861c918 (&data->open_mutex){+.+.}-{4:4}, at: vhci_write+0x2b4/0x480
[ 1047.474896][   T31]  #1: ffffffff90803c48 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_register+0x3a/0xb40
[ 1047.484842][   T31] 
[ 1047.487143][   T31] =============================================
[ 1047.487143][   T31] 
[ 1047.495564][   T31] NMI backtrace for cpu 0
[ 1047.495576][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) 
[ 1047.495596][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1047.495607][   T31] Call Trace:
[ 1047.495613][   T31]  <TASK>
[ 1047.495619][   T31]  dump_stack_lvl+0x116/0x1f0
[ 1047.495646][   T31]  nmi_cpu_backtrace+0x27b/0x390
[ 1047.495666][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1047.495693][   T31]  nmi_trigger_cpumask_backtrace+0x29c/0x300
[ 1047.495715][   T31]  watchdog+0xf70/0x12c0
[ 1047.495740][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1047.495759][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1047.495785][   T31]  ? __kthread_parkme+0x19e/0x250
[ 1047.495811][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1047.495831][   T31]  kthread+0x3c2/0x780
[ 1047.495849][   T31]  ? __pfx_kthread+0x10/0x10
[ 1047.495868][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1047.495890][   T31]  ? __pfx_kthread+0x10/0x10
[ 1047.495914][   T31]  ret_from_fork+0x5d4/0x6f0
[ 1047.495938][   T31]  ? __pfx_kthread+0x10/0x10
[ 1047.495956][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1047.495987][   T31]  </TASK>
[ 1047.495994][   T31] Sending NMI from CPU 0 to CPUs 1:
[ 1047.613568][    C1] NMI backtrace for cpu 1
[ 1047.613579][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) 
[ 1047.613595][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1047.613602][    C1] RIP: 0010:pv_native_safe_halt+0xf/0x20
[ 1047.613622][    C1] Code: cb 6b 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 53 c0 21 00 fb f4 <e9> 0c fb 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
[ 1047.613635][    C1] RSP: 0018:ffffc90000197df8 EFLAGS: 000002c6
[ 1047.613646][    C1] RAX: 000000000458f021 RBX: 0000000000000001 RCX: ffffffff8b884c69
[ 1047.613655][    C1] RDX: 0000000000000000 RSI: ffffffff8de3176b RDI: ffffffff8c1588a0
[ 1047.613663][    C1] RBP: ffffed1003c56488 R08: 0000000000000001 R09: ffffed10170a6645
[ 1047.613672][    C1] R10: ffff8880b853322b R11: 0000000000000001 R12: 0000000000000001
[ 1047.613679][    C1] R13: ffff88801e2b2440 R14: ffffffff90a97650 R15: 0000000000000000
[ 1047.613688][    C1] FS:  0000000000000000(0000) GS:ffff888124815000(0000) knlGS:0000000000000000
[ 1047.613702][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1047.613711][    C1] CR2: 0000560d9f96ab48 CR3: 000000000e382000 CR4: 00000000003526f0
[ 1047.613719][    C1] Call Trace:
[ 1047.613724][    C1]  <TASK>
[ 1047.613728][    C1]  default_idle+0x13/0x20
[ 1047.613740][    C1]  default_idle_call+0x6d/0xb0
[ 1047.613751][    C1]  do_idle+0x391/0x510
[ 1047.613768][    C1]  ? __pfx_do_idle+0x10/0x10
[ 1047.613784][    C1]  ? trace_sched_exit_tp+0x31/0x130
[ 1047.613803][    C1]  cpu_startup_entry+0x4f/0x60
[ 1047.613818][    C1]  start_secondary+0x21d/0x2b0
[ 1047.613835][    C1]  ? __pfx_start_secondary+0x10/0x10
[ 1047.613853][    C1]  common_startup_64+0x13e/0x148
[ 1047.613871][    C1]  </TASK>
[ 1047.614561][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[ 1047.793018][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) 
[ 1047.804800][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1047.814834][   T31] Call Trace:
[ 1047.818092][   T31]  <TASK>
[ 1047.821005][   T31]  dump_stack_lvl+0x3d/0x1f0
[ 1047.825583][   T31]  panic+0x71c/0x800
[ 1047.829469][   T31]  ? __pfx_panic+0x10/0x10
[ 1047.833872][   T31]  ? preempt_schedule_thunk+0x16/0x30
[ 1047.839232][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1047.845197][   T31]  ? preempt_schedule_thunk+0x16/0x30
[ 1047.850555][   T31]  ? watchdog+0xdda/0x12c0
[ 1047.854955][   T31]  ? watchdog+0xdcd/0x12c0
[ 1047.859356][   T31]  watchdog+0xdeb/0x12c0
[ 1047.863587][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1047.868254][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1047.873443][   T31]  ? __kthread_parkme+0x19e/0x250
[ 1047.878456][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1047.883118][   T31]  kthread+0x3c2/0x780
[ 1047.887167][   T31]  ? __pfx_kthread+0x10/0x10
[ 1047.891737][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1047.896498][   T31]  ? __pfx_kthread+0x10/0x10
[ 1047.901070][   T31]  ret_from_fork+0x5d4/0x6f0
[ 1047.905645][   T31]  ? __pfx_kthread+0x10/0x10
[ 1047.910215][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1047.914968][   T31]  </TASK>
[ 1047.918146][   T31] Kernel Offset: disabled
[ 1047.922445][   T31] Rebooting in 86400 seconds..