last executing test programs:

2m19.79821796s ago: executing program 3 (id=259):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
epoll_create1(0x99344c68e635bb3)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004", @ANYRES32=0x0, @ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x28}, 0x1, 0x0, 0x0, 0x44000}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
r4 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
r5 = memfd_create(&(0x7f0000000540)='y\x105\xfb\xf7u\x83%\x1f\xe09@:r\xc2\xb9x0\x90P\x03\x00\x00\x00\x00\x00\x00\x00\xfe,\x1c\xf1\xdd\xcf]\xac\xbc\t\xbb\xfc\xa4j\x9f\xceX\x8f5=\xaa\xd5\xe9n\xab s\xa5\x00\x8d\tV\t\x91\x18\x06O\xb0=D\xda\xb6F\x1a\xc82\x8b\xc0l\xd0\x89d\xe6\xb7\xd8\x97\xb8\xde\xa3\x89\"%/u\x17\xdam\x8d\x01Lh\x1e^\x9ej\x1c\xc5\xf0\xf6\x92\x05\x9aH\x00\'\xd4\x94d[\v\xfc\xad\x0f\xa8\xc5\xad\x001\x8b%\xaa?\x00\x00\x00\x00\x00\x00\x00\nj\x8c\xef\x90\xc0Z\xfa\x1a\xb3\xf0wVq\xe9d\xf8N\x80\xd1g\xd8e\xc8\x16\xad1\x02\xab\xce3\xb2\xb0\xd1\x11\xf0\xc2Gj+kV', 0x2)
ftruncate(r5, 0xfbff)
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$inet6(r6, 0x0, 0x4000)
fcntl$addseals(r5, 0x409, 0x7)
ioctl$UDMABUF_CREATE(r4, 0x40187542, &(0x7f0000000000)={r5, 0x0, 0x0, 0x4000})
r7 = openat$pfkey(0xffffffffffffff9c, 0x0, 0x301000, 0x0)
mmap$xdp(&(0x7f0000aad000/0x1000)=nil, 0x1000, 0x4, 0x80010, r7, 0x100000000)
listen(0xffffffffffffffff, 0xf740)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="611230000000000061134c0000000000bf20000000000000160005003f1b48013d030100000000009500000000000000bc26000000000000bf67000000000000070600000fff07006702000003000000360600000ee600f0bf052000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a83683d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf5fe7030586"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) (fail_nth: 1)
syz_usb_connect(0x2, 0xe4, 0x0, 0x0)

2m18.994517369s ago: executing program 3 (id=261):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000840)={&(0x7f0000000900)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x5c, 0x5c, 0x8, [@enum={0xb, 0xa, 0x0, 0x6, 0x4, [{0x5, 0x8}, {0x6, 0x7ff}, {0xb, 0x5}, {0xc, 0x200}, {0x2, 0x8000}, {0x7, 0x7}, {0x7, 0x7fffffff}, {0xd, 0x4fe}, {0xd, 0xfffffe00}, {0xe}]}]}, {0x0, [0x0, 0x5f, 0x30, 0x2e, 0x61, 0x30]}}, 0x0, 0x7c, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000340)={r0, 0x20, &(0x7f0000000100)={0x0, 0x0, <r1=>0x0, 0x0}}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000580), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x6c, r7, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x3a, @in6={0xa, 0x0, 0x0, @loopback}}, {0x20, 0x2, @in6={0xa, 0x0, 0x0, @remote}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}]}]}, 0x6c}}, 0x0)
sendmsg$inet(r5, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
sendmsg$inet(r9, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r8, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=[@cred={{0x1c}}], 0x20}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
sendmsg$inet(r11, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000001840)=r1, 0x4)
r12 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700", @ANYRES32=r13, @ANYBLOB="0000000000000000280012000c000100766574"], 0x48}}, 0x0)
r14 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0)
r15 = dup(r14)
write$UHID_INPUT(r15, &(0x7f0000001040)={0x18, {"a2e3ad21ed6b52f99cfbf4c087f70c9b3e6ee7ff7fc6e5539b9b3b0e8b9b411b5d30091b080d29428f0e1ac6e7049b3468959b4c9a242a9b67f3988f7ef319520200ffe8d178708c523c921b1b25380a169b63d336cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca5b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b4124351601611c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb77ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b405177548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e05130935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b3110b932a4d02da711b757fe43c06d21e35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc238a081ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed714887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee658e4cb5e930ed624806c43a006dc9336d07c2b8081c128ad2706f48261f7897084c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264d2700c838fa2c7b34252600c9654e502dcea39cb6bc3eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c6000064b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa70826ad01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x100d}}, 0xfffffdef)
r16 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000640)=@generic={&(0x7f0000000600)='./file0\x00', 0x0, 0x18}, 0x18)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000006c0)={0xffffffffffffffff, <r17=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0xc, 0x19, &(0x7f00000003c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x3f}, {}, {}, [@printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x20000}}, @map_idx_val={0x18, 0x0, 0x6, 0x0, 0x2}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000140)='GPL\x00', 0x9, 0xd5, &(0x7f00000004c0)=""/213, 0x41000, 0x0, '\x00', r13, @fallback=0x1f, r9, 0x8, 0x0, 0x0, 0x10, &(0x7f00000005c0)={0x1, 0xa, 0x61, 0x8}, 0x10, 0x0, r15, 0x4, &(0x7f0000000700)=[r16, r17], &(0x7f0000000740)=[{0x0, 0x4, 0x10, 0x3}, {0x4, 0x3, 0xd, 0xc}, {0x1, 0x1, 0xb, 0x4}, {0x4, 0x2, 0x8, 0x7}], 0x10, 0x4, @void, @value}, 0x94)
sendmsg$nl_route(r12, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=@newlink={0x48, 0x10, 0x1, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2102}, [@IFLA_IFNAME={0x14, 0x3, 'netdevsim0\x00'}, @IFLA_VFINFO_LIST={0x14, 0x16, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, [@IFLA_VF_TRUST={0xc, 0x9, {0x26, 0x3}}]}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x40804}, 0x400c800)

2m17.955475724s ago: executing program 3 (id=267):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000400)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
r4 = syz_io_uring_setup(0x82e, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000080))
io_uring_register$IORING_REGISTER_PBUF_RING(r4, 0x16, &(0x7f0000000380)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1)

2m16.743790599s ago: executing program 3 (id=271):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)

2m16.585852191s ago: executing program 3 (id=272):
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x801008, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_MESH(r1, &(0x7f0000000480)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000018}, 0xc, &(0x7f00000003c0)={&(0x7f0000000680)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="20002abd7000fedbdf250f00000208003a00c00e00000500350084370025f51fa40e1d855677fcd0e50f0008003c00070000000800310002000000239e582a87e2f82bed8fc25ec9800af227c1c8d841cbd34d79919c8183f2a1f95dc67dee4b6df81c424974519306be1d3efeff053841742211588f991eef565d0c1786ffc34faaacfd6973e8dd3328f814bf62db84739cf6490b5d37ce87ade8185fbbfcddefeb407eeb47ea741fe44eca2b8b27d475b2463b45065d6d69fb84eb211690990d16bfdd19288bb2cd61cda65c24e1aa123e95c24c25a8c666287ce7c992d81d"], 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x20000001)
pipe2$9p(&(0x7f0000000240)={<r3=>0xffffffffffffffff}, 0x0)
r4 = dup(r0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file1\x00', &(0x7f0000004380), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[], [], 0x6b}})
write$P9_RVERSION(r4, &(0x7f0000000140)=ANY=[@ANYBLOB="1500000065ffff0800000018003950323032302e4c"], 0x15)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdir(&(0x7f0000000440)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x80000008b}, 0x0)
r5 = add_key$user(&(0x7f0000000640), &(0x7f0000000540), &(0x7f00000000c0), 0xc6, 0xfffffffffffffffd)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
keyctl$dh_compute(0x17, &(0x7f0000000080)={r5, r5, r5}, 0x0, 0x0, 0x0)
openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000040)='tracefs\x00', 0x0, 0x0)
socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
mount$tmpfs(0x0, &(0x7f0000000080)='./file1\x00', 0x0, 0x20020, &(0x7f00000004c0)={[{}], [{@audit}, {@euid_lt}, {@audit}]})
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
open(&(0x7f0000000000)='.\x00', 0x0, 0x0)

2m15.471204663s ago: executing program 3 (id=278):
capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000100))
r0 = syz_io_uring_setup(0x10d, 0x0, &(0x7f0000000380)=<r1=>0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r4=>0x0})
r5 = socket$can_bcm(0x1d, 0x2, 0x2)
sendmsg$can_bcm(r5, &(0x7f0000000480)={&(0x7f0000000080)={0x1d, r4}, 0x10, &(0x7f00000000c0)={&(0x7f0000000400)={0x1, 0x4ef, 0x0, {}, {}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "d0c9a1258bcb4530"}}, 0x48}}, 0x4)
sendmsg$can_bcm(r5, &(0x7f00000005c0)={&(0x7f0000000180)={0x1d, r4}, 0x10, 0x0, 0x2, 0x0, 0x0, 0x24}, 0x20000080)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001240)=@newchain={0x9b4, 0x64, 0x100, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x9}, {0x9}, {0xfff2, 0x1002e}}, [@TCA_RATE={0x6, 0x5, {0x6, 0x8}}, @filter_kind_options=@f_flower={{0xb}, {0x64, 0x2, [@TCA_FLOWER_KEY_MPLS_OPTS={0x28, 0x63, 0x0, 0x1, @TCA_FLOWER_KEY_MPLS_OPTS_LSE={0x24, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_MPLS_OPT_LSE_DEPTH={0x5, 0x1, 0x59}, @TCA_FLOWER_KEY_MPLS_OPT_LSE_LABEL={0x8}, @TCA_FLOWER_KEY_MPLS_OPT_LSE_DEPTH={0x5, 0x1, 0x3}, @TCA_FLOWER_KEY_MPLS_OPT_LSE_TC={0x5}]}}, @TCA_FLOWER_KEY_ENC_UDP_SRC_PORT_MASK={0x6}, @TCA_FLOWER_KEY_IP_PROTO={0x5, 0x9, 0x2}, @TCA_FLOWER_KEY_IP_TOS_MASK={0x5, 0x4a, 0xe5}, @TCA_FLOWER_KEY_VLAN_ID={0x6, 0x17, 0x4c3}, @TCA_FLOWER_KEY_ENC_IPV4_SRC_MASK={0x8}, @TCA_FLOWER_KEY_ENC_KEY_ID={0x8, 0x1a, 0xac}, @TCA_FLOWER_KEY_TCP_DST={0x6}]}}, @TCA_CHAIN={0x8, 0xb, 0x1}, @TCA_CHAIN={0x8, 0xb, 0x3}, @filter_kind_options=@f_cgroup={{0xb}, {0x8b8, 0x2, [@TCA_CGROUP_ACT={0x4}, @TCA_CGROUP_POLICE={0x450, 0x2, [@TCA_POLICE_RATE64={0xc, 0x8, 0x9}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x90, 0x5, 0x5, 0xfffffffd, 0xff, 0x200000, 0x8, 0xb941, 0x3, 0xfffffffb, 0x1, 0xb5, 0x8, 0x9, 0xb41, 0x3173, 0x7, 0x1000, 0x5, 0x6, 0x6, 0xd4e, 0x327, 0x0, 0x400, 0x2, 0x215, 0x2, 0x5, 0x0, 0x2, 0x662a, 0x4, 0xe, 0xff, 0x6, 0xe4d4, 0xffffffff, 0x800, 0x3, 0x1, 0x6, 0x0, 0x2, 0x1, 0x7, 0x128, 0x7f, 0x8, 0x8, 0xb, 0x2, 0x3, 0xff, 0x8, 0x0, 0x10, 0x1, 0xffff, 0x7, 0x1, 0x9, 0xb, 0x80000000, 0x0, 0x8, 0x7, 0x8, 0x7ff, 0x5, 0xb7, 0x1, 0x4c3, 0x450, 0x2, 0x4, 0x14ea, 0xfffffffa, 0x7f, 0x6, 0x10, 0xa393, 0xe185, 0xfffffffa, 0x3, 0x2, 0x7, 0x1, 0x7, 0x9, 0x8, 0x8e, 0xe, 0x7ff, 0x2, 0x7f, 0xbab, 0x8001, 0x3, 0x6, 0xf, 0x7, 0x7fff, 0x1, 0x1, 0xc1e6, 0x7fff, 0x0, 0x5, 0x7f, 0x8000, 0x8, 0xb6d0, 0x6, 0xfffffffd, 0x4, 0x1, 0x80, 0x7fffffff, 0x7, 0x100, 0x9, 0x5, 0x4e31, 0x7fff, 0x1, 0x3, 0x7, 0x8001, 0xffffffff, 0xfffffc00, 0x80000001, 0xff, 0x401, 0x9498, 0x4, 0x5, 0x3, 0xf3b9, 0x81, 0xff, 0x3, 0x9, 0x5, 0x872, 0x8, 0x9, 0x5, 0x1, 0x10, 0x5e9a, 0x5, 0x1, 0x1, 0x1, 0x3, 0x205, 0x4, 0x6, 0x4, 0x24e, 0x2, 0x81, 0x32d8, 0x8, 0xf, 0x0, 0x2, 0x100, 0x9, 0x2e, 0x2, 0x8, 0xfffffffa, 0xfe, 0x7fffffff, 0x89, 0xa, 0xb, 0x4, 0x4, 0x1, 0x3, 0x0, 0x10001, 0x3, 0x1, 0x4, 0x33, 0x3, 0x5, 0x2, 0x6, 0x0, 0x1, 0x0, 0x80000000, 0x6d0, 0xf, 0x9, 0xffffff91, 0x2, 0xc8f, 0x3, 0xe1, 0x17b40b1c, 0xf, 0x6, 0x6, 0x7fffffff, 0x8, 0x1, 0x9, 0x6, 0x0, 0xab585a83, 0x9, 0x7, 0x9, 0x4, 0x5, 0xff1b, 0x9, 0x8, 0x6, 0x7, 0x7, 0x101, 0x2, 0x11c, 0x2, 0x1, 0x0, 0x2, 0x2, 0x6, 0x0, 0x7, 0x3, 0x0, 0x6, 0x0, 0x2, 0x80000000, 0x6, 0x8, 0x8, 0x4, 0x8, 0x800, 0x4, 0x40, 0x81, 0xd9ab, 0x8, 0x9]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x1, 0x0, 0x4, 0x81, 0x9, {0x7f, 0x2, 0x6, 0x7, 0x0, 0xffffffff}, {0x3, 0x2, 0x5, 0x5, 0xfe00, 0x7f}, 0x7, 0x13a, 0x2}}]}, @TCA_CGROUP_POLICE={0x54, 0x2, [@TCA_POLICE_AVRATE={0x8, 0x4, 0x1}, @TCA_POLICE_TBF={0x3c, 0x1, {0xc, 0x10000000, 0x7, 0x8, 0x6a, {0x4, 0x0, 0x401, 0x8, 0x6, 0x7}, {0x73, 0x2, 0xfffd, 0x81, 0x5, 0x3}, 0x3, 0x7, 0x7fffffff}}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x6}]}, @TCA_CGROUP_POLICE={0x40, 0x2, [@TCA_POLICE_TBF={0x3c, 0x1, {0x9, 0x20000000, 0x9, 0x1, 0x3, {0x80, 0x0, 0xff, 0x0, 0x1, 0x8}, {0xff, 0x1, 0x20, 0x0, 0x2000, 0x8}, 0x7, 0x7, 0x7}}]}, @TCA_CGROUP_ACT={0x3cc, 0x1, [@m_vlan={0x110, 0xf, 0x0, 0x0, {{0x9}, {0x14, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x6}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x8100}]}, {0xd4, 0x6, "42eec57eeb5403913cf3fa76070bfd465498f642d1c202a5143c37d1ac98371ac15d31abac0c160f1ec231f080d4a21edd32016242e92321a506179cc54c6df41718b8befc67db68a87af5225fa2ed335ff8b4be08af65c2a040f50a6d4f8dc4762282af079f2b6bd39ef95e0ffba3f31a60272066e44f8133f339a582e3915433f5d1c6eeafbe4f65754a330386955f9ea48c6e5c4a8f88d8c5b6dc91a8bba2b391ceebde8a0eb9aa651000c6fb01ea81496927453ef8c91654428cce2cbf34cc63da4fa4338906b207bbe40438352b"}, {0xc}, {0xc, 0x8, {0x1, 0x2}}}}, @m_mirred={0x12c, 0x8, 0x0, 0x0, {{0xb}, {0x44, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x7, 0x64a, 0x20000000, 0xc, 0x7}, 0x3}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0xfffffff8, 0x3ff, 0x10000000, 0x0, 0x1}, 0x4, r4}}]}, {0xbd, 0x6, "cc79549e645402e1765b464b5e8ec9fc8cbea59c2641e786697925bd9870e7fdcf3bb3c7c21ee8ffe3e921dc08fab948a5ca9dca1a31acba8e8841c2582497accaba60abc969f3796f46b442db3029c339a578c57a5a23e7e49b5eebce3e28f5c12d19aa8bb2fa993edeb085e9968b6128cacdeba47504a751cdeea637f719df9a5e3c753bd2477e3d3daa52360c473e1a735bfb4eeb1eadd1dd03c22441b2ca1fe7ade47b5d415ab4012394a96b8ba785baff80035fe246ad"}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}, @m_ife={0x108, 0x11, 0x0, 0x0, {{0x8}, {0x38, 0x2, 0x0, 0x1, [@TCA_IFE_SMAC={0xa, 0x4, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}, @TCA_IFE_METALST={0x28, 0x6, [@IFE_META_SKBMARK={0x4, 0x1, @void}, @IFE_META_SKBMARK={0x4, 0x1, @void}, @IFE_META_SKBMARK={0x8, 0x1, @val=0x6b44}, @IFE_META_PRIO={0x8, 0x3, @val=0x3}, @IFE_META_SKBMARK={0x8, 0x1, @val=0xff}, @IFE_META_PRIO={0x4, 0x3, @void}]}]}, {0xaa, 0x6, "9677efe430de85d84d281c3460f0b6ad4e1b3a56fc396c6716f92242baed58070cacb5d9a4b02aa43404a5561db01d7d636abe37b62fac4b714269c00d4cb2c1cf5c0b4f1604e561baadf25c02b23167f380a4d92e2b393e6cca23c8d6eddfb0faf01ac8df5ab2a4d98ca0549fcc21799e3a5fbb719cecd1bec7248570cedd887cac40bcb9b9f5a6b9ac420011968a94f6ba8313aa2cc1e8ce410f40d2b2795fecde3ccd108e"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x3}}}}, @m_gact={0x84, 0x3, 0x0, 0x0, {{0x9}, {0x58, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x5, 0x36, 0x8, 0x9, 0xd}}, @TCA_GACT_PROB={0xc, 0x3, {0x0, 0x15b6, 0x4}}, @TCA_GACT_PARMS={0x18, 0x2, {0x6, 0x1, 0x1000000e, 0x3, 0x6}}, @TCA_GACT_PARMS={0x18, 0x2, {0xe9, 0xfffffff7, 0x0, 0x4, 0x8}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}}, @TCA_CHAIN={0x8, 0xb, 0x4}, @filter_kind_options=@f_flower={{0xb}, {0x30, 0x2, [@TCA_FLOWER_KEY_ARP_TIP_MASK={0x8, 0x3c, 0xffffffff}, @TCA_FLOWER_KEY_CT_ZONE={0x6}, @TCA_FLOWER_KEY_ARP_SHA_MASK={0xa, 0x40, [0xff, 0xff, 0xff, 0x0, 0xff, 0xff]}, @TCA_FLOWER_KEY_ENC_IPV4_SRC={0x8, 0x1b, @multicast1}, @TCA_FLOWER_KEY_TCP_SRC={0x6}]}}]}, 0x9b4}}, 0x0)
r7 = getuid()
sendmsg$nl_xfrm(r2, &(0x7f0000001940)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000000c0)={&(0x7f00000005c0)=@delsa={0x1360, 0x11, 0x200, 0x70bd29, 0x25dfdbfc, {@in6=@empty, 0x4d6, 0xa, 0x32}, [@replay_esn_val={0x2c, 0x17, {0x4, 0x70bd2b, 0x70bd26, 0x70bd28, 0x70bd2d, 0x6, [0x1, 0xfffffffa, 0x7, 0x3ff]}}, @XFRMA_SET_MARK_MASK={0x8, 0x1e, 0x9f6}, @algo_comp={0x1048, 0x3, {{'lzjh\x00'}, 0x8000, "91534462b47c6c1e63de6745b39f829041d2dd7a55d4c539c20821c61468bc3ab6494635ab6945649c4330da514315093d8cf73b80b00565784fc3dd995a3c56d33e3664f3daf2175fedcfefd255aff7793f7db82555133c0528be9c53423fa00fa3f19762ce52892fe2af103234bba110ecad12e3069864410c256d18f087b759708221b5580d792c016e93b37021127d0149408ae7574ff2d59592f7cf79b45e7547d45f7572e550b2b38c50e671cfb0a490a0076259d15d408d5549bad2c0297b89c3257e61c808e3b8fbccb65a1d8ea3d6a93f5e5c644e4f9eeb3fc56162cd8e3eee9493258925a0a225ba26389d6a15d2812b334b6fb7ce06bb875fac07e6a10437920701f615acd70fb8eaad226da95b4006a282b1b7ff9b85a221f48ce722daaa5079c78712ae3659248597b07d5b496068fa2f6939f978b8d99beb96087db63ced8fa36d29e611f46b43ca7a923de683c8f052ac41c7c34ff1e72e69b91f17f74838c1a7e9931f0716395e871d18892bc8cb92685743c7727551b42b4f82e0af4e4e65ff1cb896f8f233f02bdd215c497eaded23b606e35fc977cec95f389d3e0e77cf6644e1428061c779fc86c4fe27b0d10328714c7b4f02fd002f0c133a8b0cf066f0ac79f674186c7ca6441987bb88dc5ffdd79a0ec7f056a9f1248dec1a8962a6bdd9589b4f4a529ff58b4e2f434b02f57b6ec0b899019a12a1c229f7f8e04f228649239ba8fd48dbbdde934ece9f690ffd9de55d6981ad996018f4e2209f232e108f17af49354de42df0dca3d7767656dbfbe19d7cbf62ac6e6a03c7b0227f57545611ccd9f608112a202a8429b3397837f43136604b3b975ccdd6a09aff350eb68ba80d77ef73776f3c979a6ccb0e7184af0b5a3370d27314d0634e34940e2f2eab881e18b68b5af2b847bd605f53b4dd4ee0962f532e8ac36a13864f2371c54d1185f6b5b4796f4809dcf1c39421b4d58f037d95c3a168899f785c60f5035a320b205cad83be9e111cba251d92a554a8fdd1e60f659f23d517c73b3d1496568bfe452dc138116926f26dcd7701e0b199936eea931fc307fd6ad3228fb9bee7452d224d087f726ac24653caff5b392080c6d778e562cf0805386757744d003217e056e12920dbca2804ef9d227ffb877c602d03ee0e97b0b1bc2fca386a9b007b7b9e0657a2f8ff17833c85f2e36def0f235ccc5338a20ff8cb25621630b4308ee3cb41ee4af85d04052817a63d81e6c5b6272eb099e3ff5f921642ebe693958432e6647eb80783f1701ac4b72fc47768282440f7b4a122636f6e83abf002c1ddc460d501731ea91c0150964f40761e0715d5d5e79de3e2296820d439fb55c89e68ae0b93cf212885a129a3242b886bb276d393d2ff38e9ee94fc69736cf7a5716093cad94255cb01f77310baeb01ba0c92e1a5f73907dbc85f90acdbefd147f57ad5ef4c5a98bf8dc268fad361bce65992a8724f0680a277d680dfd7efc12acdfabc4b9051de764d1ec023df51acfe09b2ee1ed180c9cdefb5f10a268425b960d5fb7d4d41ad8c3c00ec73153a60166e3b333707f2b49ac2417b35654106f33832bf05c99c1460ed8c1af301803fb2cd734134c29ce45876f8e849b6c96c9276dd657064fe7e11f03b35edb8613c6e9165d06223e06576edf538cbe6368618ce79f5fe36ffc6cb428ef39736e56939b50ffbc1203c0a7a76f2a1eb96844e2da9b0224cc45a15521ec0028da0486dda78a9c2e27b654336f9e9ef5d38335ab7173a94eb495e5a2aa135515dc8c720d5f452f7c21e07cd1935147ec3342cb04ecb9188975970a84fe5a5505440fca4a6d6f9f76ab2edc2225f051ec8f0d7bceff27aee56f50da492be31fb9e717d4469279ee1cbb03075b48e145afd3776a737fd4edfaf56e3e9efc05d83690b0735be4ccec08e9c1148abf710227c2dd321a64491893cb77a5d77e0150b7a909f6287b910aaa46799a5199955e38e4002b3579224546b549e670c5c66960ac8b250e9f2a4e0547ffbaf30cd20066d585361b7e92f6b27041ce07dfa2a7a2baf5325953c2b464836d90fbe9768f00ac8eb15f71d8050ea0b199a0f7f9f0a4829176b14e3d1ded2e6a85a74e43402ed7334ddf10d5e0e419b83e934a614aea68dfcabc3df3b7a8ca0ea80bd9a10b8fd4ecb88fe9a5427f8363cb1e91a86abce03ab4ab863a06670353d52d1b7057a8a4f96c5420f85048a3ad41648c389a943f378436e65c50dc1552ef69326bb9a6f0a6822b5cabb69ba0e06fc76ac012515e93930b3cadff3d6e95dbeb24f50095f58dd4f2b3821be0ce935d1d66d5f0bf6dde9ba7a38ec03d842381cd54e61f4e26952c92f81765b3bf54510f2385978c3e0ed01bc09814226eb1e6b56c24e70bd8eed6bb1beee222e952d88ec30b9941ba7b86ad0f31d67731ab9b6a2be7560df6db5475ec8fc3010e54b39fd4bb15cf28b089de36a5fb51387f072100767e8c01295a9e2f2494142d164b94bb01a22ba4fb0a26f56ddc0312100f9d629dedf95dd1415793dd439b18c66b6c34c8ea8efe3b7053e0e9516483540b628dcbc72415352d9f46886ed2bcb4a8f7192ba931ad2bd703decd2677ff07d0a0f32b3e6e1764e305aa8fab1561fb05898c8781863362a3e1707c17d87c2db1f318b2ac55a419a88fb4452774d4791aca4579fa5495cfd832624308c70faac5731db8b28fbcd99d9acf42742f9e5e7cada0649ff6560adbcf1ce63420c6c6bfa9e079357b0398725ff0be9319809d50e2bb445b77cc4c4acb8807f7dbf40ddd880fc5235c1efc95eae617d591eed783197b8c9eff17fd03c016e72a097aa8a64d3522f409cf43e603007bfca0ab1eefccf769e71b173637e9c86d29dc13e8094876bb6877b0eb0688c9fc205c54e027ef301a40a8ee802aa52a4831d708b9b254d2b3c9870daf8af22bf5e802161cf5036c7e6059b59be66bdc54659d3d325bf74a594a8074eb0ae7d9bfa130203d9b2b123e05a74de21110f9623865141a06ef2a88175672ebf28d86c2fbab4c473c539b837f9c9068b52eb9cabc2ac8a9a6364a9d129f4e0214093ab28bac64510f41bba85ce1c7410073e7102e89827dc7af095a1b909ce836387ac371e511268e1a6a02ca840e96a3aefdfffc01af5c8885d7cbda40f5914f0e4d93e8c66f411b445e0074913aaa943979b65559b56094e7ff8acac59434800be77c9ae96ddba7c9d2ccbf22089f6fb69b14ae5b6281d45be1de75b009edf143c8aa80132eec66cc541ffd22f3379815ca90635207e04a43c68618477443060724ed49302bcc59871ff872e247978dc198274720711d3df589eb0a7173003a0580707882a388d716f8ec84ff7b7f11f045a5c2c3503fcb0dc9003763788f39a4ee4d0d412b7f863ba815070591f33fe366e8277eff57b9ba1f62a794c1bdf7fba7289d68df71a0bf51e3decfcb1505f2c6513a8ab444f2027cea166456aa46aaf382258084980744369ae04f0340d9a6a482abfe02d319a6dd16586e9da71667f41564c07aba26cdffc2107010ddd3b151566af86124c438fd1080316ac845638bede5e3b8221e454c9f7120d06003ace22bad51a01d7598330847c2ca7aff50653e3e2ee8c3648f904d46320c54b9794bc08674110c747681877c1c1f89228e2d903252298b09b5c05585303478131cee4ee6c3d8c2098eba03f242363d9a9e4d94c7f24f60ea256f610621a7bae9f272ba4c8c7aacd15dc2616435ea81f7ebec75f217a3781f0b2809a925e3932453fd2024060aedd468ff719c14b51ce56bd95efa4d8be45b16388fbc5d20b829d4501cb5daab3b78fb18ac6443aad60cdfa277816ac85f7004408291545667cb401d3bf749aa8b7731dc4de1633b05ce5069a03de8354f26a52a4ca2f8d752c5d022a0403d7a10f0616b12616e7224d70e73dcf2df4970768fd15a0257826b4c3c83aa7778518fd127af68201e1906987e606400be783e27dfab0d8c46696e29ed40513fdd8b71493c5b6a9e4bd34b52f70d3486e5c53c40c2770618a6c6b3c2ac3472f9f7c2ce62f9409b2b1974c473fa998938449f809bdc5b79360ae1a5e435a2ebe02a7413bcdbf3d511000fa90eb2acf2cd7b68e169356dcf84677d8297b28c5fc7f9f7fdcbd59140411d68f9aa494136604fc25474e4517263e3bc42ee8d83107f6b6ab9e9d4f142f13f6d5abdaa44c8af5963824271e79d9bdfb2ccc65285653ae19a835d391477e609e3801cb99d1a8d12c930c72f46e35373567ae93548911f2d3fff093617d1d174a6cf5e7d08b0192fbf2ac0424539d23c837817ad6fae67b7144b72f379f7ce58f1d9164fceb93b0c0068d407b29fb7335ee2ad4d010c62038191d4f4f6037c29fd7fd61df2b521ba97a23f490e6beaaf19a70ca45d782ce81a99654de30747737f0c275e9a2a66b219e103bf88c1bbfb897861662646ead8520528ded4933c0085d0f65963d10ad8ede8a35d193a171d64c9124a732376ee87dd57fabce9dba3f0a000c552beb1e184f1b38c3b167085957c06989827fa3911dbe33ee853c49a2146d12c125b02cecc44ef4935f764a8ea575d3064914519f644d014d34bd38661baa8b2c8878cee59b99e8532bdadd9ad17e419d9b12088009d99b690e30808903be6b29432deab018b0531c5c43f022cc0a3ae89be9ac46b2815e8eeb98d8d028057ca14e1192006945fb3760b5c14c0cd19237bb5f2e597879ab045a3f2e2392d4316fd3ef4a752b8370f4198fc437cc35ff8ce42e2abcb8813aa5b6fda5cd3e0b5708140476668911946a7e55ec9decb38ab091192c831eb08b327b8dfd4f221f6c1da26f5630689e4c3dc60e9a56eafbe46ba93be965a3714fec7a775fa68b7c02f7f0a194c2ad8afcf00c5909267c34c45484ca674bff7faf417663fe54a1976a011c07c99c9bdb83ea82e5ea630057c8408027586d28910d32e57077441e909fa33320cbdfb6f7a4de467b35108f97d2512808184dc259f2fc583db06c3476125504a00f2ec7571fb28f4c6b45b8ec979d303ae3954eb600684b6f39c5cea7af8672917fe46bd99fd868a994059d8d2ed3f4fd2b3b363cd643b5c053fa4dd86b63df8d8bc165ea6e1939927595d12529bb80c5c24965bfe5ed1231d9312cb4058b8d762a1c69bca68e42d9c5dd4fb9e152ef9076ba1db84933e664e5092e50af754341d932115e2bb42deec3eb7af7ef7de3c3a86f4eb8edac7488ad71544bdb0fbec5e46489970236aa2568fa1756c1d97abe233d5802692c648390fae8f11e66faefec055c3b783b5d361b96dbb7f9ce6fca8de9ee28c9cc1e42ed487366ed06512eb636f85e62a0d45647c3d54338d2daa10949b435a2737c01ba40119becfe3c47206768fa1da4636096082d9dff95d4a7322cecfa46a5eed9ef7fb2caadbc4e5d27a8e4434a60df96fede3ba1adf89bc330e4326c27d496a00fafaf29bab64bc3e3c6d41e90011d935b24798f760775e80d949b01537c4aba1b78543d4e6ce86a76dbfab9db41300253a63b679ca17439bddc9ec74b91261ba9ede2cc5a30648291dfff19f0a9e8a7b0f1dbc1886bd5719a52acbc6385f45b1255c0ac66c26c2d38d3f3beac073b39bf7aa753d8c03ee9819de5c33cb8334ff2a7056f5fd5ddf025ad4fec6ce88150217dad73a1af7f26730bb6e76df3c95b863db548d49c3ec5faf5883a668fdab899d84458d197413a9359a8474add1833fdd23fd83b29736f63b6d4b025aecc85283675d5f070c8a4931fe7173c9307"}}, @algo_auth_trunc={0x119, 0x14, {{'wp384\x00'}, 0x668, 0xa0, "076fe5c98bd93defd67b0b2ee4a7ca5039f1762fd157da1d6fda44e11967a2e7dbd74b6e4fcbb19e46827ae2be6310a520c71be83eceff8f9a8ce47aa78416d4ecbab4e2c9b5ffd465ebdb7fa7cc00c492fa2126b16ac7214debee0f32f41e28b63d9fb43bba20477b109f4f2d8fbdc81bd55ca66a3ca2feca472468f86033003c1ad69c1769f1e37be968e6882f769d93d8acbe38146aec2eadde66376805eb5a8c517f92f92c4160e7c14e6653ab42659820524c665a50cd5de9e5f05959846ae19c9ae28c460034a4c5b85f"}}, @extra_flags={0x8, 0x18, 0x3}, @algo_crypt={0xd8, 0x2, {{'lrw(cast6)\x00'}, 0x480, "5c269f1cf0aa7ef502812d142900b1b5e896acbcb93ddd8a325d801028933cea5fb5aaef5b5f539ac923f890ee99660ee72a8833f6d13c030b7922b056c4815d5c9addc2ae9c924a86181bb060a8ad1f8322b0571d7d4ac76f0a0cc23a3280b62adecb789f3d6c7e49d4d62d2d9a21b922dab103ce3360a3bbb835b29e12a729dcce74e408dc5b01bdb04803c3fbe389"}}, @XFRMA_IF_ID={0x8, 0x1f, 0x2}, @policy={0xac, 0x7, {{@in=@empty, @in=@multicast2, 0x4e21, 0x0, 0x4e20, 0x0, 0xa, 0x80, 0xa0, 0x6, r4, r7}, {0x6, 0x0, 0x6, 0x587, 0x8, 0x7, 0xc22a, 0x8}, {0x6, 0xfffffffffffffff9, 0x8, 0x6}, 0x8, 0x6e6bb3, 0x0, 0x0, 0x0, 0x3}}, @lastused={0xc, 0xf, 0x4}]}, 0x1360}}, 0xb7e094e8ce7e199c)
socket(0x6, 0x80000, 0xfffffff9)
syz_io_uring_submit(r1, 0x0, &(0x7f00000002c0)=@IORING_OP_WRITE_FIXED={0x5, 0xe, 0x2007, @fd=r0, 0x8, 0x2, 0x7, 0x21, 0x0, {0x1}})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
r9 = memfd_create(&(0x7f0000000240)='+\x8b\x8a\xa9\x16\x11\x91J\xbc+  \x18\x17\xc2:}\xa3\x9bO\xdd\xdf\xdf\x92\xd5\xed\xb4\x17\xe5\xd6\x9a\xb2\xd8\x9ba\xde\xb2.F\xc0\x99}|\xaf\xd3\x1d\x84[*_\x9f\x9d\xb0rYP\x1b\x9f \xe0\x9cgq\x103\x89\x11\x87Rv\x169\xdf\xe3>B\x04\x00\x00\x00W\xd3\xec\xfb\xdf?\xa2\x90+\xa4!\xb2\xf2\xff\x90\a\xc3\x12\xc4;\xffh\xf1x=\xb9c\xce\x03h\xdap\x88U\x1788\x82\xd7\xfd\x83\x00Sx\x91%\x99_\xfe\xd4c\x83\x86\x0f\xa4a-\xaf\x9e\xd9\xef\xe0)]\x00F\xfa\x03\xbc4\xc4\x9a\v\x03\x8b\xa4\xf3\x8f\xf4\"\'\xd3\a9\x14H}j&~\xe9\x16\x83o\xbd\xab\xcd[\xbd\xcb\x04\xfc\xe7\xe3\x9e?\x12\xf0\xf4\x83M3\xd88\x92?@\v\xe6\xd1\xd2\xe4\xde\xdaUeJ\x9fR\xd1`\xfa\xc8\v\xed\xfd\x0e\xc8\x89W\x847\x88\x82\x94\x14\xe33\xb7H\xc8b\xd6@3F#\xb7\x04C\x8dm\t\x16a\x0fI\xf4\xfe\xf8\x06j\x19Pz&\xb8\x0f\x98`W\xdb\xc6\"81A\xa4\x8bT\xf1\xcb\xab\xa3\t\xef\xdf&\x0e\xad\x03\x123.\xc2V\xaa\xd5\xf8\xde\x8aV\xa4p{\xcez\xa2\x92\xdb8*wLO\f\x97X\x05\x9a\xc2\xe8\x85\x9d\xcb\xc8\xf0\xc4\x01\x03\xe3?\x9f1\xf4\xfb\xa5y`KB\xdf\xae#\x94C\a\x04\xea\xccG\xf2\b\x8f\xf7\xb1\xe96\x90\xf5P\xa4\'\xce\xe3\xa24\x196\xc5Q\xa1K\x95\xd6\xfal\xe9\xd1\\\r&\xb2c\xb3\x8d\xa7\xb7\xa8\x03S\xbd\xdd\b{\xae\f\x10\xc2\xbb\xd0\xdd*\xa3\xb4\fJ\x00X\xab`N; LF\xa5D\xee\xdf\x7f\x80p\xf6o\x1c\xbdXR\xf2\xa0\x81a\xa1\xe1B\x93Xn\xaf\xfc\x05?\xab\xac\x91x\xa8#\xe1\xbeQ\xd1^\x9b\xb9)\xd3\n\xf7(3!\x18\b\xc0\xaampRl\xfdQ\x03\x8c\xd5\xe4\\\xed\x9a\xd1?\xd21\xc8\x90\x1dl|\xd1\x14\xbc3\xe0\x1e\x0e\xe6\x88Y\x99K\x93\x1c@_P\x8c\xc7\x9eZ\xb74KT:\x8a\xdbJ#w\x18\x14\x00\x93\x86\xa5wo\xf6M\xe7D\xf4*\xe3X\x1d\x19\x83\xa7w\xc7+7\x89s\xed\x8a\xd7O\xdd\rhh`\xc0\xa8$\x06pu\xa0\xd0L\x0ez@I\xb8\x83\xb2f\x93j\a0I\xc8l\xe5\x9b\x06\xb5\xac`d\xa3\xcf/\x14\x10\xab\xab\t\xec\xc1c\fA\xaf\x14\xef\xbap@*7\x86\xdf\',\x03Y\xb1$\xf0\xb5}\xf0\x82%)9`\x8f\x04\x85m\x80\xd2\xcf@\x06}\xea\xe7w`\xa5\x11\x9f\x9b\x9e\x8f\xb7cb\x1a\xe1\xcf\x87\x1c\\\xf5\xc21\xf7\x82C*\xd5;\x00\x00\x00\x00\x03\xba\xe3\xdc\x92\'\x8e\xd5\x7fG\xfd.\x91\x89T\x99t\xd4d,\xd5\x92O\xf1\xafT!Y\x8e\\\xac\xf7\x11R\x05p\x1a\"\r\xe9\xe5\x8b&\x0f\x8c\xfb\xef\xf8\xd5\x18\xde\xeb\xe5\x19\xdd\xebQ8\xc5iS+\x06D\x16\xfe\xf5.\xe5\v\x89\xb0\"\xa3M\xe9\x81\x11P\xdb\xc4\xc2y\x14\x04\x06\xf6\f\xb0\xecz\x8d`\xb5\x9b\xb43\xcc1\xa7\x9e\xa8\xb5\'\xc6MAe\x0f\xd1\xfcG\xc2/\xe8\xe9t\xcaQ\xf1\fI\x1chM\xc1\x92\xe3\xc3\x01M\xc8/\xefJ\xcb\xd0]\f\xff\xf5\x92\xce\x97Z\xea\xe8\x99\xfa\x96\xce\xa7\x02\xad\xa2\xce\x955\xeaNg\x02\xcd\xfd\x1a}.\xd3\"x\x89/8H\xc2\x93B\na)\x86\xa9U\xa0\xb7\x18\xfb\xe9\xd1\x97', 0x3)
write$binfmt_misc(r9, &(0x7f0000000740), 0xff67)
sendfile(r8, r9, &(0x7f0000000000), 0xfffb)
fcntl$addseals(r9, 0x409, 0x8)
lseek(r9, 0x100000, 0x3)
r10 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r10, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305-sse2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r10, 0x117, 0x1, 0x0, 0x0)
write(r9, 0x0, 0x0)
write(r0, &(0x7f0000000140)="f101e6102b1b24e827dff0e0220599fd47c1c0bf8a8f17b1b70a55daf913965a64478c2e56cce0d25e433d18fabfcc89595ba919e3b4fd6ed970627a158b9489aa2c185107689a5652191707fba3ee0644989bbc1e5d6e540a57e107ccd523f3c1d8ec2e385d702ef443a5001a334fc524d55d3487fe4aa780fe402944b20ff268c36ec2308eaa6f3d3b6aa84c63fc78b92968d6800114d9b9c2a6d77990126c94ad8df7497ae61c477d09e53a3169c315ce13e4c3651e806fae71f3013b6a5e66b87789d3841bffa425c8ecc65cf894153cd9e2f136c45ea84cbb9cf5cdece80ff5ee6cebcfd0aa82d26688dfdc718db58cfcc99b75ad1abe3c", 0xfa)
io_uring_enter(r0, 0x3f70, 0x0, 0x0, 0x0, 0x0)

2m0.178756474s ago: executing program 32 (id=278):
capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000100))
r0 = syz_io_uring_setup(0x10d, 0x0, &(0x7f0000000380)=<r1=>0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r4=>0x0})
r5 = socket$can_bcm(0x1d, 0x2, 0x2)
sendmsg$can_bcm(r5, &(0x7f0000000480)={&(0x7f0000000080)={0x1d, r4}, 0x10, &(0x7f00000000c0)={&(0x7f0000000400)={0x1, 0x4ef, 0x0, {}, {}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "d0c9a1258bcb4530"}}, 0x48}}, 0x4)
sendmsg$can_bcm(r5, &(0x7f00000005c0)={&(0x7f0000000180)={0x1d, r4}, 0x10, 0x0, 0x2, 0x0, 0x0, 0x24}, 0x20000080)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001240)=@newchain={0x9b4, 0x64, 0x100, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x9}, {0x9}, {0xfff2, 0x1002e}}, [@TCA_RATE={0x6, 0x5, {0x6, 0x8}}, @filter_kind_options=@f_flower={{0xb}, {0x64, 0x2, [@TCA_FLOWER_KEY_MPLS_OPTS={0x28, 0x63, 0x0, 0x1, @TCA_FLOWER_KEY_MPLS_OPTS_LSE={0x24, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_MPLS_OPT_LSE_DEPTH={0x5, 0x1, 0x59}, @TCA_FLOWER_KEY_MPLS_OPT_LSE_LABEL={0x8}, @TCA_FLOWER_KEY_MPLS_OPT_LSE_DEPTH={0x5, 0x1, 0x3}, @TCA_FLOWER_KEY_MPLS_OPT_LSE_TC={0x5}]}}, @TCA_FLOWER_KEY_ENC_UDP_SRC_PORT_MASK={0x6}, @TCA_FLOWER_KEY_IP_PROTO={0x5, 0x9, 0x2}, @TCA_FLOWER_KEY_IP_TOS_MASK={0x5, 0x4a, 0xe5}, @TCA_FLOWER_KEY_VLAN_ID={0x6, 0x17, 0x4c3}, @TCA_FLOWER_KEY_ENC_IPV4_SRC_MASK={0x8}, @TCA_FLOWER_KEY_ENC_KEY_ID={0x8, 0x1a, 0xac}, @TCA_FLOWER_KEY_TCP_DST={0x6}]}}, @TCA_CHAIN={0x8, 0xb, 0x1}, @TCA_CHAIN={0x8, 0xb, 0x3}, @filter_kind_options=@f_cgroup={{0xb}, {0x8b8, 0x2, [@TCA_CGROUP_ACT={0x4}, @TCA_CGROUP_POLICE={0x450, 0x2, [@TCA_POLICE_RATE64={0xc, 0x8, 0x9}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x90, 0x5, 0x5, 0xfffffffd, 0xff, 0x200000, 0x8, 0xb941, 0x3, 0xfffffffb, 0x1, 0xb5, 0x8, 0x9, 0xb41, 0x3173, 0x7, 0x1000, 0x5, 0x6, 0x6, 0xd4e, 0x327, 0x0, 0x400, 0x2, 0x215, 0x2, 0x5, 0x0, 0x2, 0x662a, 0x4, 0xe, 0xff, 0x6, 0xe4d4, 0xffffffff, 0x800, 0x3, 0x1, 0x6, 0x0, 0x2, 0x1, 0x7, 0x128, 0x7f, 0x8, 0x8, 0xb, 0x2, 0x3, 0xff, 0x8, 0x0, 0x10, 0x1, 0xffff, 0x7, 0x1, 0x9, 0xb, 0x80000000, 0x0, 0x8, 0x7, 0x8, 0x7ff, 0x5, 0xb7, 0x1, 0x4c3, 0x450, 0x2, 0x4, 0x14ea, 0xfffffffa, 0x7f, 0x6, 0x10, 0xa393, 0xe185, 0xfffffffa, 0x3, 0x2, 0x7, 0x1, 0x7, 0x9, 0x8, 0x8e, 0xe, 0x7ff, 0x2, 0x7f, 0xbab, 0x8001, 0x3, 0x6, 0xf, 0x7, 0x7fff, 0x1, 0x1, 0xc1e6, 0x7fff, 0x0, 0x5, 0x7f, 0x8000, 0x8, 0xb6d0, 0x6, 0xfffffffd, 0x4, 0x1, 0x80, 0x7fffffff, 0x7, 0x100, 0x9, 0x5, 0x4e31, 0x7fff, 0x1, 0x3, 0x7, 0x8001, 0xffffffff, 0xfffffc00, 0x80000001, 0xff, 0x401, 0x9498, 0x4, 0x5, 0x3, 0xf3b9, 0x81, 0xff, 0x3, 0x9, 0x5, 0x872, 0x8, 0x9, 0x5, 0x1, 0x10, 0x5e9a, 0x5, 0x1, 0x1, 0x1, 0x3, 0x205, 0x4, 0x6, 0x4, 0x24e, 0x2, 0x81, 0x32d8, 0x8, 0xf, 0x0, 0x2, 0x100, 0x9, 0x2e, 0x2, 0x8, 0xfffffffa, 0xfe, 0x7fffffff, 0x89, 0xa, 0xb, 0x4, 0x4, 0x1, 0x3, 0x0, 0x10001, 0x3, 0x1, 0x4, 0x33, 0x3, 0x5, 0x2, 0x6, 0x0, 0x1, 0x0, 0x80000000, 0x6d0, 0xf, 0x9, 0xffffff91, 0x2, 0xc8f, 0x3, 0xe1, 0x17b40b1c, 0xf, 0x6, 0x6, 0x7fffffff, 0x8, 0x1, 0x9, 0x6, 0x0, 0xab585a83, 0x9, 0x7, 0x9, 0x4, 0x5, 0xff1b, 0x9, 0x8, 0x6, 0x7, 0x7, 0x101, 0x2, 0x11c, 0x2, 0x1, 0x0, 0x2, 0x2, 0x6, 0x0, 0x7, 0x3, 0x0, 0x6, 0x0, 0x2, 0x80000000, 0x6, 0x8, 0x8, 0x4, 0x8, 0x800, 0x4, 0x40, 0x81, 0xd9ab, 0x8, 0x9]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x1, 0x0, 0x4, 0x81, 0x9, {0x7f, 0x2, 0x6, 0x7, 0x0, 0xffffffff}, {0x3, 0x2, 0x5, 0x5, 0xfe00, 0x7f}, 0x7, 0x13a, 0x2}}]}, @TCA_CGROUP_POLICE={0x54, 0x2, [@TCA_POLICE_AVRATE={0x8, 0x4, 0x1}, @TCA_POLICE_TBF={0x3c, 0x1, {0xc, 0x10000000, 0x7, 0x8, 0x6a, {0x4, 0x0, 0x401, 0x8, 0x6, 0x7}, {0x73, 0x2, 0xfffd, 0x81, 0x5, 0x3}, 0x3, 0x7, 0x7fffffff}}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x6}]}, @TCA_CGROUP_POLICE={0x40, 0x2, [@TCA_POLICE_TBF={0x3c, 0x1, {0x9, 0x20000000, 0x9, 0x1, 0x3, {0x80, 0x0, 0xff, 0x0, 0x1, 0x8}, {0xff, 0x1, 0x20, 0x0, 0x2000, 0x8}, 0x7, 0x7, 0x7}}]}, @TCA_CGROUP_ACT={0x3cc, 0x1, [@m_vlan={0x110, 0xf, 0x0, 0x0, {{0x9}, {0x14, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x6}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x8100}]}, {0xd4, 0x6, "42eec57eeb5403913cf3fa76070bfd465498f642d1c202a5143c37d1ac98371ac15d31abac0c160f1ec231f080d4a21edd32016242e92321a506179cc54c6df41718b8befc67db68a87af5225fa2ed335ff8b4be08af65c2a040f50a6d4f8dc4762282af079f2b6bd39ef95e0ffba3f31a60272066e44f8133f339a582e3915433f5d1c6eeafbe4f65754a330386955f9ea48c6e5c4a8f88d8c5b6dc91a8bba2b391ceebde8a0eb9aa651000c6fb01ea81496927453ef8c91654428cce2cbf34cc63da4fa4338906b207bbe40438352b"}, {0xc}, {0xc, 0x8, {0x1, 0x2}}}}, @m_mirred={0x12c, 0x8, 0x0, 0x0, {{0xb}, {0x44, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x7, 0x64a, 0x20000000, 0xc, 0x7}, 0x3}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0xfffffff8, 0x3ff, 0x10000000, 0x0, 0x1}, 0x4, r4}}]}, {0xbd, 0x6, "cc79549e645402e1765b464b5e8ec9fc8cbea59c2641e786697925bd9870e7fdcf3bb3c7c21ee8ffe3e921dc08fab948a5ca9dca1a31acba8e8841c2582497accaba60abc969f3796f46b442db3029c339a578c57a5a23e7e49b5eebce3e28f5c12d19aa8bb2fa993edeb085e9968b6128cacdeba47504a751cdeea637f719df9a5e3c753bd2477e3d3daa52360c473e1a735bfb4eeb1eadd1dd03c22441b2ca1fe7ade47b5d415ab4012394a96b8ba785baff80035fe246ad"}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}, @m_ife={0x108, 0x11, 0x0, 0x0, {{0x8}, {0x38, 0x2, 0x0, 0x1, [@TCA_IFE_SMAC={0xa, 0x4, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}, @TCA_IFE_METALST={0x28, 0x6, [@IFE_META_SKBMARK={0x4, 0x1, @void}, @IFE_META_SKBMARK={0x4, 0x1, @void}, @IFE_META_SKBMARK={0x8, 0x1, @val=0x6b44}, @IFE_META_PRIO={0x8, 0x3, @val=0x3}, @IFE_META_SKBMARK={0x8, 0x1, @val=0xff}, @IFE_META_PRIO={0x4, 0x3, @void}]}]}, {0xaa, 0x6, "9677efe430de85d84d281c3460f0b6ad4e1b3a56fc396c6716f92242baed58070cacb5d9a4b02aa43404a5561db01d7d636abe37b62fac4b714269c00d4cb2c1cf5c0b4f1604e561baadf25c02b23167f380a4d92e2b393e6cca23c8d6eddfb0faf01ac8df5ab2a4d98ca0549fcc21799e3a5fbb719cecd1bec7248570cedd887cac40bcb9b9f5a6b9ac420011968a94f6ba8313aa2cc1e8ce410f40d2b2795fecde3ccd108e"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x3}}}}, @m_gact={0x84, 0x3, 0x0, 0x0, {{0x9}, {0x58, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x5, 0x36, 0x8, 0x9, 0xd}}, @TCA_GACT_PROB={0xc, 0x3, {0x0, 0x15b6, 0x4}}, @TCA_GACT_PARMS={0x18, 0x2, {0x6, 0x1, 0x1000000e, 0x3, 0x6}}, @TCA_GACT_PARMS={0x18, 0x2, {0xe9, 0xfffffff7, 0x0, 0x4, 0x8}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}}, @TCA_CHAIN={0x8, 0xb, 0x4}, @filter_kind_options=@f_flower={{0xb}, {0x30, 0x2, [@TCA_FLOWER_KEY_ARP_TIP_MASK={0x8, 0x3c, 0xffffffff}, @TCA_FLOWER_KEY_CT_ZONE={0x6}, @TCA_FLOWER_KEY_ARP_SHA_MASK={0xa, 0x40, [0xff, 0xff, 0xff, 0x0, 0xff, 0xff]}, @TCA_FLOWER_KEY_ENC_IPV4_SRC={0x8, 0x1b, @multicast1}, @TCA_FLOWER_KEY_TCP_SRC={0x6}]}}]}, 0x9b4}}, 0x0)
r7 = getuid()
sendmsg$nl_xfrm(r2, &(0x7f0000001940)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000000c0)={&(0x7f00000005c0)=@delsa={0x1360, 0x11, 0x200, 0x70bd29, 0x25dfdbfc, {@in6=@empty, 0x4d6, 0xa, 0x32}, [@replay_esn_val={0x2c, 0x17, {0x4, 0x70bd2b, 0x70bd26, 0x70bd28, 0x70bd2d, 0x6, [0x1, 0xfffffffa, 0x7, 0x3ff]}}, @XFRMA_SET_MARK_MASK={0x8, 0x1e, 0x9f6}, @algo_comp={0x1048, 0x3, {{'lzjh\x00'}, 0x8000, "91534462b47c6c1e63de6745b39f829041d2dd7a55d4c539c20821c61468bc3ab6494635ab6945649c4330da514315093d8cf73b80b00565784fc3dd995a3c56d33e3664f3daf2175fedcfefd255aff7793f7db82555133c0528be9c53423fa00fa3f19762ce52892fe2af103234bba110ecad12e3069864410c256d18f087b759708221b5580d792c016e93b37021127d0149408ae7574ff2d59592f7cf79b45e7547d45f7572e550b2b38c50e671cfb0a490a0076259d15d408d5549bad2c0297b89c3257e61c808e3b8fbccb65a1d8ea3d6a93f5e5c644e4f9eeb3fc56162cd8e3eee9493258925a0a225ba26389d6a15d2812b334b6fb7ce06bb875fac07e6a10437920701f615acd70fb8eaad226da95b4006a282b1b7ff9b85a221f48ce722daaa5079c78712ae3659248597b07d5b496068fa2f6939f978b8d99beb96087db63ced8fa36d29e611f46b43ca7a923de683c8f052ac41c7c34ff1e72e69b91f17f74838c1a7e9931f0716395e871d18892bc8cb92685743c7727551b42b4f82e0af4e4e65ff1cb896f8f233f02bdd215c497eaded23b606e35fc977cec95f389d3e0e77cf6644e1428061c779fc86c4fe27b0d10328714c7b4f02fd002f0c133a8b0cf066f0ac79f674186c7ca6441987bb88dc5ffdd79a0ec7f056a9f1248dec1a8962a6bdd9589b4f4a529ff58b4e2f434b02f57b6ec0b899019a12a1c229f7f8e04f228649239ba8fd48dbbdde934ece9f690ffd9de55d6981ad996018f4e2209f232e108f17af49354de42df0dca3d7767656dbfbe19d7cbf62ac6e6a03c7b0227f57545611ccd9f608112a202a8429b3397837f43136604b3b975ccdd6a09aff350eb68ba80d77ef73776f3c979a6ccb0e7184af0b5a3370d27314d0634e34940e2f2eab881e18b68b5af2b847bd605f53b4dd4ee0962f532e8ac36a13864f2371c54d1185f6b5b4796f4809dcf1c39421b4d58f037d95c3a168899f785c60f5035a320b205cad83be9e111cba251d92a554a8fdd1e60f659f23d517c73b3d1496568bfe452dc138116926f26dcd7701e0b199936eea931fc307fd6ad3228fb9bee7452d224d087f726ac24653caff5b392080c6d778e562cf0805386757744d003217e056e12920dbca2804ef9d227ffb877c602d03ee0e97b0b1bc2fca386a9b007b7b9e0657a2f8ff17833c85f2e36def0f235ccc5338a20ff8cb25621630b4308ee3cb41ee4af85d04052817a63d81e6c5b6272eb099e3ff5f921642ebe693958432e6647eb80783f1701ac4b72fc47768282440f7b4a122636f6e83abf002c1ddc460d501731ea91c0150964f40761e0715d5d5e79de3e2296820d439fb55c89e68ae0b93cf212885a129a3242b886bb276d393d2ff38e9ee94fc69736cf7a5716093cad94255cb01f77310baeb01ba0c92e1a5f73907dbc85f90acdbefd147f57ad5ef4c5a98bf8dc268fad361bce65992a8724f0680a277d680dfd7efc12acdfabc4b9051de764d1ec023df51acfe09b2ee1ed180c9cdefb5f10a268425b960d5fb7d4d41ad8c3c00ec73153a60166e3b333707f2b49ac2417b35654106f33832bf05c99c1460ed8c1af301803fb2cd734134c29ce45876f8e849b6c96c9276dd657064fe7e11f03b35edb8613c6e9165d06223e06576edf538cbe6368618ce79f5fe36ffc6cb428ef39736e56939b50ffbc1203c0a7a76f2a1eb96844e2da9b0224cc45a15521ec0028da0486dda78a9c2e27b654336f9e9ef5d38335ab7173a94eb495e5a2aa135515dc8c720d5f452f7c21e07cd1935147ec3342cb04ecb9188975970a84fe5a5505440fca4a6d6f9f76ab2edc2225f051ec8f0d7bceff27aee56f50da492be31fb9e717d4469279ee1cbb03075b48e145afd3776a737fd4edfaf56e3e9efc05d83690b0735be4ccec08e9c1148abf710227c2dd321a64491893cb77a5d77e0150b7a909f6287b910aaa46799a5199955e38e4002b3579224546b549e670c5c66960ac8b250e9f2a4e0547ffbaf30cd20066d585361b7e92f6b27041ce07dfa2a7a2baf5325953c2b464836d90fbe9768f00ac8eb15f71d8050ea0b199a0f7f9f0a4829176b14e3d1ded2e6a85a74e43402ed7334ddf10d5e0e419b83e934a614aea68dfcabc3df3b7a8ca0ea80bd9a10b8fd4ecb88fe9a5427f8363cb1e91a86abce03ab4ab863a06670353d52d1b7057a8a4f96c5420f85048a3ad41648c389a943f378436e65c50dc1552ef69326bb9a6f0a6822b5cabb69ba0e06fc76ac012515e93930b3cadff3d6e95dbeb24f50095f58dd4f2b3821be0ce935d1d66d5f0bf6dde9ba7a38ec03d842381cd54e61f4e26952c92f81765b3bf54510f2385978c3e0ed01bc09814226eb1e6b56c24e70bd8eed6bb1beee222e952d88ec30b9941ba7b86ad0f31d67731ab9b6a2be7560df6db5475ec8fc3010e54b39fd4bb15cf28b089de36a5fb51387f072100767e8c01295a9e2f2494142d164b94bb01a22ba4fb0a26f56ddc0312100f9d629dedf95dd1415793dd439b18c66b6c34c8ea8efe3b7053e0e9516483540b628dcbc72415352d9f46886ed2bcb4a8f7192ba931ad2bd703decd2677ff07d0a0f32b3e6e1764e305aa8fab1561fb05898c8781863362a3e1707c17d87c2db1f318b2ac55a419a88fb4452774d4791aca4579fa5495cfd832624308c70faac5731db8b28fbcd99d9acf42742f9e5e7cada0649ff6560adbcf1ce63420c6c6bfa9e079357b0398725ff0be9319809d50e2bb445b77cc4c4acb8807f7dbf40ddd880fc5235c1efc95eae617d591eed783197b8c9eff17fd03c016e72a097aa8a64d3522f409cf43e603007bfca0ab1eefccf769e71b173637e9c86d29dc13e8094876bb6877b0eb0688c9fc205c54e027ef301a40a8ee802aa52a4831d708b9b254d2b3c9870daf8af22bf5e802161cf5036c7e6059b59be66bdc54659d3d325bf74a594a8074eb0ae7d9bfa130203d9b2b123e05a74de21110f9623865141a06ef2a88175672ebf28d86c2fbab4c473c539b837f9c9068b52eb9cabc2ac8a9a6364a9d129f4e0214093ab28bac64510f41bba85ce1c7410073e7102e89827dc7af095a1b909ce836387ac371e511268e1a6a02ca840e96a3aefdfffc01af5c8885d7cbda40f5914f0e4d93e8c66f411b445e0074913aaa943979b65559b56094e7ff8acac59434800be77c9ae96ddba7c9d2ccbf22089f6fb69b14ae5b6281d45be1de75b009edf143c8aa80132eec66cc541ffd22f3379815ca90635207e04a43c68618477443060724ed49302bcc59871ff872e247978dc198274720711d3df589eb0a7173003a0580707882a388d716f8ec84ff7b7f11f045a5c2c3503fcb0dc9003763788f39a4ee4d0d412b7f863ba815070591f33fe366e8277eff57b9ba1f62a794c1bdf7fba7289d68df71a0bf51e3decfcb1505f2c6513a8ab444f2027cea166456aa46aaf382258084980744369ae04f0340d9a6a482abfe02d319a6dd16586e9da71667f41564c07aba26cdffc2107010ddd3b151566af86124c438fd1080316ac845638bede5e3b8221e454c9f7120d06003ace22bad51a01d7598330847c2ca7aff50653e3e2ee8c3648f904d46320c54b9794bc08674110c747681877c1c1f89228e2d903252298b09b5c05585303478131cee4ee6c3d8c2098eba03f242363d9a9e4d94c7f24f60ea256f610621a7bae9f272ba4c8c7aacd15dc2616435ea81f7ebec75f217a3781f0b2809a925e3932453fd2024060aedd468ff719c14b51ce56bd95efa4d8be45b16388fbc5d20b829d4501cb5daab3b78fb18ac6443aad60cdfa277816ac85f7004408291545667cb401d3bf749aa8b7731dc4de1633b05ce5069a03de8354f26a52a4ca2f8d752c5d022a0403d7a10f0616b12616e7224d70e73dcf2df4970768fd15a0257826b4c3c83aa7778518fd127af68201e1906987e606400be783e27dfab0d8c46696e29ed40513fdd8b71493c5b6a9e4bd34b52f70d3486e5c53c40c2770618a6c6b3c2ac3472f9f7c2ce62f9409b2b1974c473fa998938449f809bdc5b79360ae1a5e435a2ebe02a7413bcdbf3d511000fa90eb2acf2cd7b68e169356dcf84677d8297b28c5fc7f9f7fdcbd59140411d68f9aa494136604fc25474e4517263e3bc42ee8d83107f6b6ab9e9d4f142f13f6d5abdaa44c8af5963824271e79d9bdfb2ccc65285653ae19a835d391477e609e3801cb99d1a8d12c930c72f46e35373567ae93548911f2d3fff093617d1d174a6cf5e7d08b0192fbf2ac0424539d23c837817ad6fae67b7144b72f379f7ce58f1d9164fceb93b0c0068d407b29fb7335ee2ad4d010c62038191d4f4f6037c29fd7fd61df2b521ba97a23f490e6beaaf19a70ca45d782ce81a99654de30747737f0c275e9a2a66b219e103bf88c1bbfb897861662646ead8520528ded4933c0085d0f65963d10ad8ede8a35d193a171d64c9124a732376ee87dd57fabce9dba3f0a000c552beb1e184f1b38c3b167085957c06989827fa3911dbe33ee853c49a2146d12c125b02cecc44ef4935f764a8ea575d3064914519f644d014d34bd38661baa8b2c8878cee59b99e8532bdadd9ad17e419d9b12088009d99b690e30808903be6b29432deab018b0531c5c43f022cc0a3ae89be9ac46b2815e8eeb98d8d028057ca14e1192006945fb3760b5c14c0cd19237bb5f2e597879ab045a3f2e2392d4316fd3ef4a752b8370f4198fc437cc35ff8ce42e2abcb8813aa5b6fda5cd3e0b5708140476668911946a7e55ec9decb38ab091192c831eb08b327b8dfd4f221f6c1da26f5630689e4c3dc60e9a56eafbe46ba93be965a3714fec7a775fa68b7c02f7f0a194c2ad8afcf00c5909267c34c45484ca674bff7faf417663fe54a1976a011c07c99c9bdb83ea82e5ea630057c8408027586d28910d32e57077441e909fa33320cbdfb6f7a4de467b35108f97d2512808184dc259f2fc583db06c3476125504a00f2ec7571fb28f4c6b45b8ec979d303ae3954eb600684b6f39c5cea7af8672917fe46bd99fd868a994059d8d2ed3f4fd2b3b363cd643b5c053fa4dd86b63df8d8bc165ea6e1939927595d12529bb80c5c24965bfe5ed1231d9312cb4058b8d762a1c69bca68e42d9c5dd4fb9e152ef9076ba1db84933e664e5092e50af754341d932115e2bb42deec3eb7af7ef7de3c3a86f4eb8edac7488ad71544bdb0fbec5e46489970236aa2568fa1756c1d97abe233d5802692c648390fae8f11e66faefec055c3b783b5d361b96dbb7f9ce6fca8de9ee28c9cc1e42ed487366ed06512eb636f85e62a0d45647c3d54338d2daa10949b435a2737c01ba40119becfe3c47206768fa1da4636096082d9dff95d4a7322cecfa46a5eed9ef7fb2caadbc4e5d27a8e4434a60df96fede3ba1adf89bc330e4326c27d496a00fafaf29bab64bc3e3c6d41e90011d935b24798f760775e80d949b01537c4aba1b78543d4e6ce86a76dbfab9db41300253a63b679ca17439bddc9ec74b91261ba9ede2cc5a30648291dfff19f0a9e8a7b0f1dbc1886bd5719a52acbc6385f45b1255c0ac66c26c2d38d3f3beac073b39bf7aa753d8c03ee9819de5c33cb8334ff2a7056f5fd5ddf025ad4fec6ce88150217dad73a1af7f26730bb6e76df3c95b863db548d49c3ec5faf5883a668fdab899d84458d197413a9359a8474add1833fdd23fd83b29736f63b6d4b025aecc85283675d5f070c8a4931fe7173c9307"}}, @algo_auth_trunc={0x119, 0x14, {{'wp384\x00'}, 0x668, 0xa0, "076fe5c98bd93defd67b0b2ee4a7ca5039f1762fd157da1d6fda44e11967a2e7dbd74b6e4fcbb19e46827ae2be6310a520c71be83eceff8f9a8ce47aa78416d4ecbab4e2c9b5ffd465ebdb7fa7cc00c492fa2126b16ac7214debee0f32f41e28b63d9fb43bba20477b109f4f2d8fbdc81bd55ca66a3ca2feca472468f86033003c1ad69c1769f1e37be968e6882f769d93d8acbe38146aec2eadde66376805eb5a8c517f92f92c4160e7c14e6653ab42659820524c665a50cd5de9e5f05959846ae19c9ae28c460034a4c5b85f"}}, @extra_flags={0x8, 0x18, 0x3}, @algo_crypt={0xd8, 0x2, {{'lrw(cast6)\x00'}, 0x480, "5c269f1cf0aa7ef502812d142900b1b5e896acbcb93ddd8a325d801028933cea5fb5aaef5b5f539ac923f890ee99660ee72a8833f6d13c030b7922b056c4815d5c9addc2ae9c924a86181bb060a8ad1f8322b0571d7d4ac76f0a0cc23a3280b62adecb789f3d6c7e49d4d62d2d9a21b922dab103ce3360a3bbb835b29e12a729dcce74e408dc5b01bdb04803c3fbe389"}}, @XFRMA_IF_ID={0x8, 0x1f, 0x2}, @policy={0xac, 0x7, {{@in=@empty, @in=@multicast2, 0x4e21, 0x0, 0x4e20, 0x0, 0xa, 0x80, 0xa0, 0x6, r4, r7}, {0x6, 0x0, 0x6, 0x587, 0x8, 0x7, 0xc22a, 0x8}, {0x6, 0xfffffffffffffff9, 0x8, 0x6}, 0x8, 0x6e6bb3, 0x0, 0x0, 0x0, 0x3}}, @lastused={0xc, 0xf, 0x4}]}, 0x1360}}, 0xb7e094e8ce7e199c)
socket(0x6, 0x80000, 0xfffffff9)
syz_io_uring_submit(r1, 0x0, &(0x7f00000002c0)=@IORING_OP_WRITE_FIXED={0x5, 0xe, 0x2007, @fd=r0, 0x8, 0x2, 0x7, 0x21, 0x0, {0x1}})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
r9 = memfd_create(&(0x7f0000000240)='+\x8b\x8a\xa9\x16\x11\x91J\xbc+  \x18\x17\xc2:}\xa3\x9bO\xdd\xdf\xdf\x92\xd5\xed\xb4\x17\xe5\xd6\x9a\xb2\xd8\x9ba\xde\xb2.F\xc0\x99}|\xaf\xd3\x1d\x84[*_\x9f\x9d\xb0rYP\x1b\x9f \xe0\x9cgq\x103\x89\x11\x87Rv\x169\xdf\xe3>B\x04\x00\x00\x00W\xd3\xec\xfb\xdf?\xa2\x90+\xa4!\xb2\xf2\xff\x90\a\xc3\x12\xc4;\xffh\xf1x=\xb9c\xce\x03h\xdap\x88U\x1788\x82\xd7\xfd\x83\x00Sx\x91%\x99_\xfe\xd4c\x83\x86\x0f\xa4a-\xaf\x9e\xd9\xef\xe0)]\x00F\xfa\x03\xbc4\xc4\x9a\v\x03\x8b\xa4\xf3\x8f\xf4\"\'\xd3\a9\x14H}j&~\xe9\x16\x83o\xbd\xab\xcd[\xbd\xcb\x04\xfc\xe7\xe3\x9e?\x12\xf0\xf4\x83M3\xd88\x92?@\v\xe6\xd1\xd2\xe4\xde\xdaUeJ\x9fR\xd1`\xfa\xc8\v\xed\xfd\x0e\xc8\x89W\x847\x88\x82\x94\x14\xe33\xb7H\xc8b\xd6@3F#\xb7\x04C\x8dm\t\x16a\x0fI\xf4\xfe\xf8\x06j\x19Pz&\xb8\x0f\x98`W\xdb\xc6\"81A\xa4\x8bT\xf1\xcb\xab\xa3\t\xef\xdf&\x0e\xad\x03\x123.\xc2V\xaa\xd5\xf8\xde\x8aV\xa4p{\xcez\xa2\x92\xdb8*wLO\f\x97X\x05\x9a\xc2\xe8\x85\x9d\xcb\xc8\xf0\xc4\x01\x03\xe3?\x9f1\xf4\xfb\xa5y`KB\xdf\xae#\x94C\a\x04\xea\xccG\xf2\b\x8f\xf7\xb1\xe96\x90\xf5P\xa4\'\xce\xe3\xa24\x196\xc5Q\xa1K\x95\xd6\xfal\xe9\xd1\\\r&\xb2c\xb3\x8d\xa7\xb7\xa8\x03S\xbd\xdd\b{\xae\f\x10\xc2\xbb\xd0\xdd*\xa3\xb4\fJ\x00X\xab`N; LF\xa5D\xee\xdf\x7f\x80p\xf6o\x1c\xbdXR\xf2\xa0\x81a\xa1\xe1B\x93Xn\xaf\xfc\x05?\xab\xac\x91x\xa8#\xe1\xbeQ\xd1^\x9b\xb9)\xd3\n\xf7(3!\x18\b\xc0\xaampRl\xfdQ\x03\x8c\xd5\xe4\\\xed\x9a\xd1?\xd21\xc8\x90\x1dl|\xd1\x14\xbc3\xe0\x1e\x0e\xe6\x88Y\x99K\x93\x1c@_P\x8c\xc7\x9eZ\xb74KT:\x8a\xdbJ#w\x18\x14\x00\x93\x86\xa5wo\xf6M\xe7D\xf4*\xe3X\x1d\x19\x83\xa7w\xc7+7\x89s\xed\x8a\xd7O\xdd\rhh`\xc0\xa8$\x06pu\xa0\xd0L\x0ez@I\xb8\x83\xb2f\x93j\a0I\xc8l\xe5\x9b\x06\xb5\xac`d\xa3\xcf/\x14\x10\xab\xab\t\xec\xc1c\fA\xaf\x14\xef\xbap@*7\x86\xdf\',\x03Y\xb1$\xf0\xb5}\xf0\x82%)9`\x8f\x04\x85m\x80\xd2\xcf@\x06}\xea\xe7w`\xa5\x11\x9f\x9b\x9e\x8f\xb7cb\x1a\xe1\xcf\x87\x1c\\\xf5\xc21\xf7\x82C*\xd5;\x00\x00\x00\x00\x03\xba\xe3\xdc\x92\'\x8e\xd5\x7fG\xfd.\x91\x89T\x99t\xd4d,\xd5\x92O\xf1\xafT!Y\x8e\\\xac\xf7\x11R\x05p\x1a\"\r\xe9\xe5\x8b&\x0f\x8c\xfb\xef\xf8\xd5\x18\xde\xeb\xe5\x19\xdd\xebQ8\xc5iS+\x06D\x16\xfe\xf5.\xe5\v\x89\xb0\"\xa3M\xe9\x81\x11P\xdb\xc4\xc2y\x14\x04\x06\xf6\f\xb0\xecz\x8d`\xb5\x9b\xb43\xcc1\xa7\x9e\xa8\xb5\'\xc6MAe\x0f\xd1\xfcG\xc2/\xe8\xe9t\xcaQ\xf1\fI\x1chM\xc1\x92\xe3\xc3\x01M\xc8/\xefJ\xcb\xd0]\f\xff\xf5\x92\xce\x97Z\xea\xe8\x99\xfa\x96\xce\xa7\x02\xad\xa2\xce\x955\xeaNg\x02\xcd\xfd\x1a}.\xd3\"x\x89/8H\xc2\x93B\na)\x86\xa9U\xa0\xb7\x18\xfb\xe9\xd1\x97', 0x3)
write$binfmt_misc(r9, &(0x7f0000000740), 0xff67)
sendfile(r8, r9, &(0x7f0000000000), 0xfffb)
fcntl$addseals(r9, 0x409, 0x8)
lseek(r9, 0x100000, 0x3)
r10 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r10, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305-sse2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r10, 0x117, 0x1, 0x0, 0x0)
write(r9, 0x0, 0x0)
write(r0, &(0x7f0000000140)="f101e6102b1b24e827dff0e0220599fd47c1c0bf8a8f17b1b70a55daf913965a64478c2e56cce0d25e433d18fabfcc89595ba919e3b4fd6ed970627a158b9489aa2c185107689a5652191707fba3ee0644989bbc1e5d6e540a57e107ccd523f3c1d8ec2e385d702ef443a5001a334fc524d55d3487fe4aa780fe402944b20ff268c36ec2308eaa6f3d3b6aa84c63fc78b92968d6800114d9b9c2a6d77990126c94ad8df7497ae61c477d09e53a3169c315ce13e4c3651e806fae71f3013b6a5e66b87789d3841bffa425c8ecc65cf894153cd9e2f136c45ea84cbb9cf5cdece80ff5ee6cebcfd0aa82d26688dfdc718db58cfcc99b75ad1abe3c", 0xfa)
io_uring_enter(r0, 0x3f70, 0x0, 0x0, 0x0, 0x0)

14.957099623s ago: executing program 5 (id=704):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_XCRS(r2, 0x4188aea7, &(0x7f0000000000)=ANY=[])

13.343399261s ago: executing program 5 (id=714):
socket$inet_udp(0x2, 0x2, 0x0)
ioctl$SYNC_IOC_MERGE(0xffffffffffffffff, 0xc0303e03, &(0x7f00000000c0)={"4ed53c21a0e371d637458b309525bd9b08ae8adaf6e958866bdd1aaa6b19d9ce"})
sendmsg$ETHTOOL_MSG_RINGS_GET(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, 0x0}, 0x0)
syz_open_procfs(0x0, &(0x7f00000001c0)='net/netlink\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$unix(0x1, 0x1, 0x0)
syz_extract_tcp_res(0x0, 0x1, 0xfffff7ed)
bind$unix(r2, &(0x7f00000002c0)=@file={0x1, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x6e)

12.302472969s ago: executing program 5 (id=716):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x18)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
munlock(&(0x7f0000032000/0x2000)=nil, 0x2000)

8.792870426s ago: executing program 4 (id=742):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x22, &(0x7f0000000000)=ANY=[@ANYBLOB="aaabaaaaaaaaaaaaaaaaaaaa060307896406000002aaaaaa"], 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000000), 0x60902, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

7.106155005s ago: executing program 4 (id=750):
unshare(0x28000600)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
writev(0xffffffffffffffff, 0x0, 0x0)
socket(0x2, 0x3, 0xff)
r2 = openat$yama_ptrace_scope(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
lseek(r2, 0xfffffffffffffffc, 0x4)

7.039516963s ago: executing program 2 (id=751):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000008c0)='blkio.bfq.io_serviced\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0xfea7)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x2)
syz_clone3(&(0x7f0000000380)={0x201000400, &(0x7f00000000c0), &(0x7f0000000140)=<r2=>0x0, &(0x7f0000000180), {0x2d}, &(0x7f0000000580)=""/92, 0x5c, &(0x7f0000000280)=""/176, &(0x7f0000000340)=[0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0], 0x4, {r0}}, 0x58)
syz_open_procfs(r2, &(0x7f0000000400)='net/rt6_stats\x00')
socket(0x10, 0x80803, 0x0)
ioctl$KDGKBDIACR(r1, 0x4b4a, &(0x7f0000000000)=""/166)

5.74608782s ago: executing program 5 (id=753):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
syz_emit_ethernet(0xfdef, &(0x7f0000000380)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0xeaff, 0x0, 0x0, 0x33, 0x0, @private, @broadcast}, {0x0, 0x0, 0x8}}}}}, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
ioctl$TCSETAF(r0, 0x5408, &(0x7f00000000c0)={0x7f, 0x0, 0x0, 0xb9ff})
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0))
r1 = syz_open_pts(r0, 0x0)
r2 = dup3(r1, r0, 0x0)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0x17)

5.671494247s ago: executing program 4 (id=754):
pipe2(&(0x7f00000001c0), 0x84000)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x0)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000380)=0x14)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace(0x10, r0)
ptrace$getregs(0xc, r0, 0x869, &(0x7f0000000480)=""/172)
rename(0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000000180)={0x0, 0x8, 0x2, {0x0, 0x1}, {0x47, 0x6}, @cond=[{0x84, 0x402, 0x404, 0x4, 0x1, 0x29}, {0x0, 0xa0, 0x3, 0x5, 0x800, 0xff01}]})
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x822b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x12d8)

4.494455037s ago: executing program 4 (id=756):
r0 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
sendmsg$inet(r0, &(0x7f0000000340)={&(0x7f0000000140)={0x2, 0x4e20, @broadcast}, 0x10, 0x0}, 0x4)

4.355555488s ago: executing program 4 (id=757):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000c80)=ANY=[@ANYBLOB="12010000000000406d0422c2000000000001090224000100000000090400000103000000092100000001220b0009058103"], 0x0)
socket$inet(0x2, 0x1, 0xa4c8)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000100)={0x2c, &(0x7f0000000680)=ANY=[@ANYBLOB="00000b0000000b00304d9481"], 0x0, 0x0, 0x0, 0x0}, 0x0)

4.355169623s ago: executing program 2 (id=758):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r0, &(0x7f0000004280)={0x0, 0x0, &(0x7f0000004240)={&(0x7f0000000000)={0x28, 0x3, 0x8, 0x3, 0x0, 0x0, {0xa}, [@CTA_TIMEOUT_DATA={0x4, 0x4, 0x0, 0x1, @sctp}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x11}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x8847}]}, 0x28}, 0x1, 0x0, 0x0, 0x4010}, 0x0)

4.324425448s ago: executing program 1 (id=759):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
pwritev(0xffffffffffffffff, 0x0, 0x0, 0xb9c4, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f00000003c0)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x53cb1000)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
vmsplice(r3, &(0x7f0000000400)=[{&(0x7f0000000140)}], 0x1, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0xd764]}, 0x8, 0x800)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000e40)=@mangle={'mangle\x00', 0x64, 0x6, 0x6a8, 0x1b8, 0x0, 0x1b8, 0x460, 0x318, 0x5d8, 0x5d8, 0x5d8, 0x5d8, 0x5d8, 0x6, 0x0, {[{{@ipv6={@private2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', [], [], 'hsr0\x00', 'ip6erspan0\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x0, 0x5}}}, {{@ipv6={@mcast1, @local, [], [], 'pimreg1\x00', 'ip6tnl0\x00', {}, {}, 0x11, 0x0, 0x0, 0x48}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@remote}}}, {{@ipv6={@mcast2, @loopback, [], [], 'veth0_to_team\x00', 'syzkaller0\x00'}, 0x0, 0x100, 0x160, 0x0, {}, [@common=@unspec=@connmark={{0x30}}, @common=@eui64={{0x28}}]}, @common=@inet=@HMARK={0x60}}, {{@uncond, 0x0, 0x120, 0x148, 0x0, {}, [@common=@frag={{0x30}}, @common=@hbh={{0x48}}]}, @inet=@DSCP={0x28}}, {{@uncond, 0x0, 0x138, 0x178, 0x0, {}, [@common=@dst={{0x48}}, @common=@dst={{0x48}}]}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@dev}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x708)

4.222136028s ago: executing program 2 (id=760):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
setsockopt$bt_BT_SECURITY(r0, 0x112, 0x4, &(0x7f0000003000)={0x2}, 0x2)
sendmsg$sock(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x80c4)

3.343431171s ago: executing program 1 (id=761):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="48040000", @ANYRES16=r2, @ANYBLOB="01e5c300000000fb04003b1c210008000300", @ANYRES32=r1, @ANYBLOB="2c0433005000de295b3acba52ee4080211000001505050505050"], 0x448}}, 0x0)

3.134607016s ago: executing program 0 (id=762):
r0 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e22, @remote}, 0x10)
sendmmsg$inet(r0, &(0x7f0000005240), 0x4000095, 0x0)
getpeername$packet(r0, 0x0, 0x0)

3.110403275s ago: executing program 5 (id=763):
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0xb, 0x10000007, 0x5, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

3.023544707s ago: executing program 2 (id=764):
r0 = socket(0xa, 0x1, 0x0)
ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000300)={@loopback, @private0, @private2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000c3})

3.023278581s ago: executing program 1 (id=765):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
semctl$IPC_RMID(0x0, 0x0, 0x0)

2.955506258s ago: executing program 5 (id=766):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000000000406a05140300000000000109022400010000500009040000010300000009210000000122070009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000240)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x7, {[@local=@item_012={0x1, 0x2, 0x4, "b4"}, @main=@item_4={0x3, 0x0, 0xb, "bb51f33c"}]}}, 0x0}, 0x0)

2.256424097s ago: executing program 2 (id=767):
r0 = shmget$private(0x0, 0x13000, 0x1, &(0x7f0000feb000/0x13000)=nil)
r1 = shmat(r0, &(0x7f0000ffa000/0x3000)=nil, 0x400c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x3)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
memfd_create(0x0, 0x2)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='contention_end\x00', r4}, 0x10)
setsockopt$inet6_IPV6_RTHDR(0xffffffffffffffff, 0x29, 0x39, 0x0, 0x0)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r5, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
ftruncate(0xffffffffffffffff, 0x796c)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_buf(r6, 0x6, 0x21, &(0x7f0000000200)="24fc911e918c74ad7a0e599e17a90ecabe833ca12054887f4142a64471dbe048", 0x20)
getsockopt$inet_tcp_buf(r6, 0x6, 0x21, 0x0, &(0x7f0000000080))
mprotect(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0xd)
mremap(&(0x7f0000ff1000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000fff000/0x1000)=nil)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r7, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, "ff00f7000000000000000000af88008300"})
r8 = syz_open_pts(r7, 0x141601)
ioctl$TIOCGICOUNT(r8, 0x545d, 0x0)
shmdt(r1)

2.199517438s ago: executing program 1 (id=768):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

2.199159752s ago: executing program 0 (id=769):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r3 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r3, 0x0, 0x23, &(0x7f0000000040)={@dev={0xac, 0x14, 0x14, 0x39}, @dev={0xac, 0x14, 0x14, 0x38}}, 0xc)
socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_msfilter(r3, 0x0, 0x29, 0x0, 0x57)
r4 = socket$netlink(0x10, 0x3, 0x0)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17", 0x2b}], 0x1)
setsockopt$inet_mreqsrc(r3, 0x0, 0x24, 0x0, 0x0)

1.811355183s ago: executing program 0 (id=770):
syz_emit_vhci(&(0x7f00000002c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x0, 0xc}, @l2cap_cid_signaling={{0x8}, [@l2cap_disconn_rsp={{0x7, 0x7, 0x4}, {0xe, 0x8}}]}}, 0x11)

1.691526577s ago: executing program 0 (id=771):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
getpriority(0x2, 0x80000000)
syz_clone(0x20300000, 0x0, 0x0, 0x0, 0x0, 0x0)
wait4(0xffffffffffffffff, 0x0, 0x80000000, 0x0)

799.438723ms ago: executing program 2 (id=772):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='mem_disconnect\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="1802000000000000000000000000000085000000a000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN_LIVE(0xa, &(0x7f0000000080)={r2, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

723.956175ms ago: executing program 1 (id=773):
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
socket$inet6(0xa, 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x200000000000000)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000000000008202"])

486.473121ms ago: executing program 0 (id=774):
pipe(&(0x7f0000000540)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000200)=[{&(0x7f0000000040)='wi', 0x2}], 0x1, 0x1)
close(r1)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
connect$inet(r2, &(0x7f0000000080)={0x2, 0x0, @empty}, 0x10)
splice(r0, 0x0, r1, 0x0, 0x4, 0x2)

323.517647ms ago: executing program 0 (id=775):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000100)=ANY=[@ANYBLOB="2c0000001e00431b000000000000000007"], 0x2c}}, 0x0)

323.193938ms ago: executing program 1 (id=776):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB, @ANYRES32=0x0], 0x50)
syz_emit_vhci(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
getpgrp(0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f00000003c0)=@filter={'filter\x00', 0x42, 0x4, 0x2e8, 0xffffffff, 0x0, 0x98, 0x98, 0xffffffff, 0xffffffff, 0x2e0, 0x98, 0x2e0, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x3e020000, 0x70, 0x98, 0x0, {0x88000000}}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x4}}}, {{@uncond, 0x0, 0x70, 0xd0, 0x0, {0x122}}, @common=@SET={0x60}}, {{@uncond, 0x0, 0xc0, 0xe8, 0x0, {}, [@common=@osf={{0x50}, {'syz0\x00'}}]}, @REJECT={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x348)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000940)=ANY=[@ANYBLOB="8000000002010102000000000000000002000006600002"], 0x80}}, 0x4000)

0s ago: executing program 4 (id=777):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x0)
syz_emit_ethernet(0x5a, &(0x7f0000003dc0)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "00ee00", 0x24, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x9, 0xc2, 0x1, 0x0, 0x4, {[@sack_perm={0x4, 0x2}, @mss={0x2, 0x4, 0xe000}, @timestamp={0x8, 0xfffffffffffffffd, 0x10001, 0x5005}]}}}}}}}}, 0x0)

kernel console output (not intermixed with test programs):

z.4.236" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  112.638299][    C1] vkms_vblank_simulate: vblank timer overrun
[  112.781608][ T6729] sctp: [Deprecated]: syz.1.232 (pid 6729) Use of int in maxseg socket option.
[  112.781608][ T6729] Use struct sctp_assoc_value instead
[  112.834165][   T29] audit: type=1400 audit(1738676124.138:412): avc:  denied  { search } for  pid=5175 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  112.948153][    T9] usb 4-1: USB disconnect, device number 6
[  112.961129][ T5867] hub 2-1:4.0: config failed, can't read hub descriptor (err -22)
[  113.011336][ T5867] usb 2-1: USB disconnect, device number 6
[  114.912445][ T6763] netlink: 32 bytes leftover after parsing attributes in process `syz.2.243'.
[  114.988334][ T6766] netlink: 256 bytes leftover after parsing attributes in process `syz.2.246'.
[  115.005762][ T6766] netlink: 56 bytes leftover after parsing attributes in process `syz.2.246'.
[  115.096870][ T5817] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  115.212742][   T29] audit: type=1400 audit(1738676126.508:413): avc:  denied  { setopt } for  pid=6771 comm="syz.2.247" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  115.269731][ T5817] usb 2-1: Using ep0 maxpacket: 8
[  115.307059][ T5817] usb 2-1: New USB device found, idVendor=05c6, idProduct=9275, bcdDevice=85.16
[  115.335475][ T5817] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  115.366773][ T5817] usb 2-1: Product: syz
[  115.378702][ T5817] usb 2-1: Manufacturer: syz
[  115.399486][ T5817] usb 2-1: SerialNumber: syz
[  116.403189][ T5817] qmi_wwan 2-1:5.0: bogus CDC Union: master=0, slave=1
[  116.524431][ T5817] qmi_wwan 2-1:5.0: probe with driver qmi_wwan failed with error -22
[  116.548273][ T5817] usb 2-1: USB disconnect, device number 7
[  117.420062][ T5867] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  117.629822][ T5867] usb 1-1: Using ep0 maxpacket: 8
[  117.642586][ T5867] usb 1-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=3a.b2
[  117.664970][ T5867] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  117.703831][ T5867] usb 1-1: Product: syz
[  117.719723][ T5867] usb 1-1: Manufacturer: syz
[  117.738363][ T5867] usb 1-1: SerialNumber: syz
[  117.793606][ T5867] usb 1-1: config 0 descriptor??
[  118.189237][   T29] audit: type=1400 audit(1738676129.488:414): avc:  denied  { accept } for  pid=6791 comm="syz.0.251" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[  118.218280][ T6810] FAULT_INJECTION: forcing a failure.
[  118.218280][ T6810] name failslab, interval 1, probability 0, space 0, times 1
[  118.231283][ T6810] CPU: 0 UID: 0 PID: 6810 Comm: syz.4.255 Not tainted 6.14.0-rc1-syzkaller-00020-g0de63bb7d919 #0
[  118.231304][ T6810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  118.231313][ T6810] Call Trace:
[  118.231318][ T6810]  <TASK>
[  118.231325][ T6810]  dump_stack_lvl+0x16c/0x1f0
[  118.231348][ T6810]  should_fail_ex+0x50a/0x650
[  118.231369][ T6810]  ? trace_lock_acquire+0x14e/0x1f0
[  118.231391][ T6810]  should_failslab+0xc2/0x120
[  118.231410][ T6810]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  118.231427][ T6810]  ? batadv_tt_local_add+0x791/0x20f0
[  118.231457][ T6810]  batadv_tt_local_add+0x791/0x20f0
[  118.231485][ T6810]  ? __pfx___lock_acquire+0x10/0x10
[  118.231511][ T6810]  ? __pfx_batadv_tt_local_add+0x10/0x10
[  118.231535][ T6810]  ? find_held_lock+0x2d/0x110
[  118.231553][ T6810]  ? batadv_get_vid+0xc2/0x290
[  118.231579][ T6810]  batadv_interface_tx+0x7a3/0x1b70
[  118.231602][ T6810]  ? __pfx_batadv_interface_tx+0x10/0x10
[  118.231622][ T6810]  ? dev_queue_xmit_nit+0x8d7/0xbc0
[  118.231644][ T6810]  ? netif_skb_features+0x3b0/0xd50
[  118.231663][ T6810]  dev_hard_start_xmit+0x9a/0x7b0
[  118.231682][ T6810]  __dev_queue_xmit+0x7f0/0x43e0
[  118.231699][ T6810]  ? __pfx_lock_release+0x10/0x10
[  118.231718][ T6810]  ? trace_lock_acquire+0x14e/0x1f0
[  118.231736][ T6810]  ? __pfx___dev_queue_xmit+0x10/0x10
[  118.231752][ T6810]  ? __might_fault+0xe0/0x190
[  118.231772][ T6810]  ? _copy_from_iter+0x15e/0x1560
[  118.231797][ T6810]  ? trace_lock_acquire+0x14e/0x1f0
[  118.231820][ T6810]  ? packet_parse_headers+0x79c/0xb10
[  118.231838][ T6810]  ? __asan_memset+0x23/0x50
[  118.231860][ T6810]  ? packet_parse_headers+0x7a8/0xb10
[  118.231878][ T6810]  ? packet_parse_headers+0x21e/0xb10
[  118.231900][ T6810]  ? __pfx_packet_parse_headers+0x10/0x10
[  118.231924][ T6810]  packet_xmit+0x23e/0x360
[  118.231944][ T6810]  packet_sendmsg+0x272b/0x56c0
[  118.231963][ T6810]  ? avc_has_perm+0x80/0x1c0
[  118.231989][ T6810]  ? sock_has_perm+0x25a/0x2f0
[  118.232006][ T6810]  ? __pfx_sock_has_perm+0x10/0x10
[  118.232026][ T6810]  ? __pfx_packet_sendmsg+0x10/0x10
[  118.232057][ T6810]  __sys_sendto+0x488/0x4f0
[  118.232077][ T6810]  ? __pfx___sys_sendto+0x10/0x10
[  118.232116][ T6810]  ? ksys_write+0x1ba/0x250
[  118.232140][ T6810]  ? __pfx_ksys_write+0x10/0x10
[  118.232167][ T6810]  __x64_sys_sendto+0xe0/0x1c0
[  118.232189][ T6810]  ? do_syscall_64+0x91/0x250
[  118.232205][ T6810]  ? lockdep_hardirqs_on+0x7c/0x110
[  118.232221][ T6810]  do_syscall_64+0xcd/0x250
[  118.232239][ T6810]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.232261][ T6810] RIP: 0033:0x7f736db8cda9
[  118.232274][ T6810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  118.232289][ T6810] RSP: 002b:00007f736ea26038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  118.232304][ T6810] RAX: ffffffffffffffda RBX: 00007f736dda5fa0 RCX: 00007f736db8cda9
[  118.232315][ T6810] RDX: 00000000000005dc RSI: 0000000020000000 RDI: 0000000000000003
[  118.232324][ T6810] RBP: 00007f736ea26090 R08: 0000000020000340 R09: 0000000000000014
[  118.232333][ T6810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  118.232342][ T6810] R13: 0000000000000000 R14: 00007f736dda5fa0 R15: 00007ffe6d54a8c8
[  118.232364][ T6810]  </TASK>
[  118.826469][ T5817] libceph: connect (1)[c::]:6789 error -101
[  118.832666][ T5817] libceph: mon0 (1)[c::]:6789 connect error
[  119.342396][ T5817] libceph: connect (1)[c::]:6789 error -101
[  119.362007][ T6813] ceph: No mds server is up or the cluster is laggy
[  119.372514][ T5817] libceph: mon0 (1)[c::]:6789 connect error
[  119.938283][ T5867] gspca_main: sunplus-2.14.0 probing 04a5:3003
[  119.973048][ T6833] tipc: Invalid UDP bearer configuration
[  119.973068][ T6833] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  119.995445][ T5867] gspca_sunplus: reg_w_riv err -71
[  120.037086][ T5867] sunplus 1-1:0.0: probe with driver sunplus failed with error -71
[  120.056260][ T6837] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  120.100004][ T5867] usb 1-1: USB disconnect, device number 5
[  120.494456][   T29] audit: type=1400 audit(1738676131.748:415): avc:  denied  { ioctl } for  pid=6839 comm="syz.0.262" path="socket:[11698]" dev="sockfs" ino=11698 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  120.584152][   T29] audit: type=1400 audit(1738676131.768:416): avc:  denied  { create } for  pid=6839 comm="syz.0.262" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  120.709701][   T29] audit: type=1400 audit(1738676132.008:417): avc:  denied  { setopt } for  pid=6839 comm="syz.0.262" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  120.738072][   T29] audit: type=1400 audit(1738676132.028:418): avc:  denied  { setopt } for  pid=6844 comm="syz.4.263" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  120.980552][ T6813] netlink: 8 bytes leftover after parsing attributes in process `syz.2.257'.
[  120.994222][ T6813] netlink: 8 bytes leftover after parsing attributes in process `syz.2.257'.
[  121.069903][   T25] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  121.314480][   T25] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  121.358498][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  121.412976][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  121.469018][   T25] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  121.583260][ T6869] fuse: Unknown parameter 'fd0x0000000000000007'
[  121.846821][   T25] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  121.855964][   T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  121.866197][   T25] usb 2-1: config 0 descriptor??
[  122.241177][ T5867] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  122.282516][   T25] plantronics 0003:047F:FFFF.0008: No inputs registered, leaving
[  122.304759][   T25] plantronics 0003:047F:FFFF.0008: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  122.341411][   T25] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65380 sclass=netlink_route_socket pid=25 comm=kworker/1:0
[  122.392426][ T6877] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65381 sclass=netlink_route_socket pid=6877 comm=syz.3.272
[  122.409805][ T5867] usb 5-1: Using ep0 maxpacket: 16
[  122.416285][ T5867] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  122.439773][ T5867] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  122.459761][ T5867] usb 5-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00
[  122.480192][   T29] audit: type=1400 audit(1738676133.768:419): avc:  denied  { mount } for  pid=6875 comm="syz.3.272" name="/" dev="autofs" ino=12617 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  122.502638][ T5867] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  122.569456][ T6880] netlink: 'syz.0.274': attribute type 1 has an invalid length.
[  122.571347][ T5867] usb 5-1: config 0 descriptor??
[  122.590741][   T29] audit: type=1326 audit(1738676133.788:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6875 comm="syz.3.272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6973f8cda9 code=0x7ffc0000
[  122.636078][   T29] audit: type=1326 audit(1738676133.788:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6875 comm="syz.3.272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=250 compat=0 ip=0x7f6973f8cda9 code=0x7ffc0000
[  122.660875][   T29] audit: type=1326 audit(1738676133.788:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6875 comm="syz.3.272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6973f8cda9 code=0x7ffc0000
[  122.685452][   T29] audit: type=1326 audit(1738676133.788:423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6875 comm="syz.3.272" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6973f8cda9 code=0x7ffc0000
[  122.951167][ T6892] netlink: 80 bytes leftover after parsing attributes in process `syz.2.277'.
[  122.960239][ T6892] netlink: 16 bytes leftover after parsing attributes in process `syz.2.277'.
[  123.065437][ T5867] corsair 0003:1B1C:1B02.0009: hidraw1: USB HID v0.00 Device [HID 1b1c:1b02] on usb-dummy_hcd.4-1/input0
[  123.341289][   T29] kauditd_printk_skb: 36 callbacks suppressed
[  123.341303][   T29] audit: type=1400 audit(1738676134.648:460): avc:  denied  { unmount } for  pid=5829 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  123.531434][ T5867] corsair 0003:1B1C:1B02.0009: Read invalid backlight brightness: 56.
[  123.573122][   T29] audit: type=1400 audit(1738676134.648:461): avc:  denied  { unmount } for  pid=5829 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  123.600352][ T6895] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  123.615675][ T6895] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  123.657548][  T117] usb 5-1: USB disconnect, device number 5
[  124.160400][    T9] usb 2-1: reset high-speed USB device number 8 using dummy_hcd
[  125.384334][   T29] audit: type=1400 audit(1738676136.688:462): avc:  denied  { read } for  pid=6923 comm="syz.1.285" name="usbmon0" dev="devtmpfs" ino=716 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  125.641918][   T29] audit: type=1400 audit(1738676136.688:463): avc:  denied  { open } for  pid=6923 comm="syz.1.285" path="/dev/usbmon0" dev="devtmpfs" ino=716 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  125.902576][   T29] audit: type=1400 audit(1738676137.208:464): avc:  denied  { mounton } for  pid=6929 comm="syz.2.288" path="/63/file0" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=file permissive=1
[  126.083554][  T117] usb 2-1: USB disconnect, device number 8
[  126.271807][   T29] audit: type=1400 audit(1738676137.508:465): avc:  denied  { ioctl } for  pid=6931 comm="syz.1.289" path="socket:[12797]" dev="sockfs" ino=12797 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  127.217926][   T29] audit: type=1400 audit(1738676138.518:466): avc:  denied  { setopt } for  pid=6945 comm="syz.0.292" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  127.263605][   T29] audit: type=1400 audit(1738676138.568:467): avc:  denied  { create } for  pid=6948 comm="syz.1.293" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  127.265595][ T6949] netlink: 12 bytes leftover after parsing attributes in process `syz.1.293'.
[  127.316384][ T6949] netlink: 12 bytes leftover after parsing attributes in process `syz.1.293'.
[  127.319238][ T6952] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=6952 comm=syz.0.295
[  127.339705][   T29] audit: type=1400 audit(1738676138.628:468): avc:  denied  { setopt } for  pid=6948 comm="syz.1.293" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  127.434776][   T29] audit: type=1400 audit(1738676138.738:469): avc:  denied  { create } for  pid=6956 comm="syz.4.297" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  128.887525][ T6968] input: syz0 as /devices/virtual/input/input11
[  131.092261][ T6995] netlink: 64 bytes leftover after parsing attributes in process `syz.4.306'.
[  132.199194][    T9] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  132.376352][ T7010] program syz.4.312 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  132.396754][   T29] audit: type=1400 audit(1738676143.698:470): avc:  denied  { setopt } for  pid=7009 comm="syz.4.312" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  132.425375][   T29] audit: type=1400 audit(1738676143.728:471): avc:  denied  { write } for  pid=7009 comm="syz.4.312" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  132.440426][ T7012] fuse: Bad value for 'fd'
[  132.472544][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[  132.478906][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[  132.501148][    T9] usb 2-1: config 0 interface 0 altsetting 7 endpoint 0x81 has invalid wMaxPacketSize 0
[  132.519234][    T9] usb 2-1: config 0 interface 0 has no altsetting 0
[  132.837637][    T9] usb 2-1: New USB device found, idVendor=05ac, idProduct=0269, bcdDevice= 0.00
[  132.950808][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  132.977566][    T9] usb 2-1: config 0 descriptor??
[  133.646518][   T29] audit: type=1400 audit(1738676144.458:472): avc:  denied  { execute_no_trans } for  pid=7019 comm="syz.0.316" path="/64/bus/file1" dev="overlay" ino=361 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  135.016643][ T5822] Bluetooth: hci1: command tx timeout
[  135.021549][    T9] usbhid 2-1:0.0: can't add hid device: -71
[  135.028029][    T9] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  135.166692][   T29] audit: type=1400 audit(1738676146.468:473): avc:  denied  { append } for  pid=7036 comm="syz.1.320" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  135.199460][    T9] usb 2-1: USB disconnect, device number 9
[  135.249550][ T7039] netlink: 20 bytes leftover after parsing attributes in process `syz.2.317'.
[  135.258571][ T7039] netlink: 20 bytes leftover after parsing attributes in process `syz.2.317'.
[  136.288581][ T7049] netlink: 8 bytes leftover after parsing attributes in process `syz.1.320'.
[  136.299094][ T7049] netlink: 8 bytes leftover after parsing attributes in process `syz.1.320'.
[  136.365482][   T29] audit: type=1400 audit(1738676147.668:474): avc:  denied  { setattr } for  pid=7044 comm="syz.0.322" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  136.494597][ T7047] block device autoloading is deprecated and will be removed.
[  136.632371][   T29] audit: type=1400 audit(1738676147.928:475): avc:  denied  { append } for  pid=7062 comm="syz.1.325" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  136.885895][    T9] usb 1-1: new full-speed USB device number 6 using dummy_hcd
[  137.050410][   T29] audit: type=1400 audit(1738676148.348:476): avc:  denied  { read } for  pid=7062 comm="syz.1.325" dev="sockfs" ino=12249 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  137.071746][    T9] usb 1-1: device descriptor read/64, error -71
[  137.576302][   T29] audit: type=1400 audit(1738676148.868:477): avc:  denied  { read } for  pid=7062 comm="syz.1.325" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  137.610978][    T9] usb 1-1: new full-speed USB device number 7 using dummy_hcd
[  137.647016][   T29] audit: type=1400 audit(1738676148.868:478): avc:  denied  { open } for  pid=7062 comm="syz.1.325" path="/dev/snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  137.750065][    T9] usb 1-1: device descriptor read/64, error -71
[  137.880646][    T9] usb usb1-port1: attempt power cycle
[  138.128304][ T7071] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  138.160087][ T7071] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  138.198449][ T7071] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  138.219826][    T9] usb 1-1: new full-speed USB device number 8 using dummy_hcd
[  138.239455][ T7071] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  138.248305][    T9] usb 1-1: device descriptor read/8, error -71
[  138.259052][ T7071] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  138.308859][ T7071] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  138.337897][ T7071] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  138.344319][ T7071] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  138.629817][    T9] usb 1-1: new full-speed USB device number 9 using dummy_hcd
[  138.666622][    T9] usb 1-1: device descriptor read/8, error -71
[  138.733416][ T7071] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  138.779969][    T9] usb usb1-port1: unable to enumerate USB device
[  138.919855][ T7071] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  139.486561][ T7071] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  139.547862][ T7071] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  139.662598][ T7071] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  139.728987][ T7071] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  139.825927][ T5822] Bluetooth: hci0: command 0x0c1a tx timeout
[  139.863719][ T7071] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  140.446246][ T5818] Bluetooth: hci1: command 0x0c1a tx timeout
[  140.446285][ T5831] Bluetooth: hci2: command 0x0c1a tx timeout
[  140.471277][ T5831] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  140.486179][ T5831] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  140.495170][ T5831] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  140.509967][ T5831] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  140.520327][ T5831] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  140.528079][ T5831] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  140.554142][   T29] audit: type=1400 audit(1738676151.848:479): avc:  denied  { mounton } for  pid=7095 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  140.765627][ T7095] chnl_net:caif_netlink_parms(): no params data found
[  141.120389][ T5831] Bluetooth: hci3: command 0x0c1a tx timeout
[  141.322054][ T7100] ucma_write: process 200 (syz.1.335) changed security contexts after opening file descriptor, this is not allowed.
[  141.853403][ T3591] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.919997][ T5831] Bluetooth: hci0: command 0x0c1a tx timeout
[  142.043849][ T7095] bridge0: port 1(bridge_slave_0) entered blocking state
[  142.052640][ T7095] bridge0: port 1(bridge_slave_0) entered disabled state
[  142.172525][ T7095] bridge_slave_0: entered allmulticast mode
[  142.199072][ T7095] bridge_slave_0: entered promiscuous mode
[  142.589826][ T5831] Bluetooth: hci2: command 0x0c1a tx timeout
[  142.596227][ T5831] Bluetooth: hci1: command 0x0c1a tx timeout
[  142.603613][ T5831] Bluetooth: hci5: command tx timeout
[  142.966716][ T3591] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.017354][ T7095] bridge0: port 2(bridge_slave_1) entered blocking state
[  143.056417][ T7095] bridge0: port 2(bridge_slave_1) entered disabled state
[  143.072957][ T7095] bridge_slave_1: entered allmulticast mode
[  143.081171][ T7095] bridge_slave_1: entered promiscuous mode
[  143.276942][ T3591] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.289656][ T5822] Bluetooth: hci3: command 0x0c1a tx timeout
[  143.318647][ T7095] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  143.362908][ T7095] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  143.377202][   T25] libceph: connect (1)[c::]:6789 error -101
[  143.387242][   T25] libceph: mon0 (1)[c::]:6789 connect error
[  143.406898][ T7155] ceph: No mds server is up or the cluster is laggy
[  143.553170][ T3591] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  143.791608][ T7095] team0: Port device team_slave_0 added
[  143.839515][ T7095] team0: Port device team_slave_1 added
[  143.995465][ T5822] Bluetooth: hci0: command 0x0c1a tx timeout
[  144.007605][ T7095] batman_adv: batadv0: Adding interface: batadv_slave_0
[  144.024891][ T7095] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  144.051061][ T7095] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  144.061965][ T7170] netlink: 4 bytes leftover after parsing attributes in process `syz.1.352'.
[  144.080518][ T7095] batman_adv: batadv0: Adding interface: batadv_slave_1
[  144.088195][ T7095] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  144.117043][ T7095] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  144.182041][ T7169] cifs: Unknown parameter 'mode'
[  144.237412][ T5822] Bluetooth: hci1: unexpected event for opcode 0x0000
[  144.255677][ T7095] hsr_slave_0: entered promiscuous mode
[  144.262104][ T7095] hsr_slave_1: entered promiscuous mode
[  144.268075][ T7095] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  144.279707][ T7095] Cannot create hsr debugfs directory
[  144.319916][ T3591] bridge_slave_1: left allmulticast mode
[  144.326268][ T3591] bridge_slave_1: left promiscuous mode
[  144.342362][ T3591] bridge0: port 2(bridge_slave_1) entered disabled state
[  144.418029][ T3591] bridge_slave_0: left allmulticast mode
[  144.423811][ T3591] bridge_slave_0: left promiscuous mode
[  144.429527][ T3591] bridge0: port 1(bridge_slave_0) entered disabled state
[  144.519809][    T9] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  144.659868][ T5822] Bluetooth: hci5: command tx timeout
[  144.665355][ T5822] Bluetooth: hci2: command 0x0c1a tx timeout
[  144.671489][    T9] usb 2-1: Using ep0 maxpacket: 8
[  144.681291][    T9] usb 2-1: config index 0 descriptor too short (expected 1298, got 18)
[  144.691649][   T29] audit: type=1400 audit(1738676155.958:480): avc:  denied  { write } for  pid=7177 comm="syz.2.355" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  144.956346][    T9] usb 2-1: config 0 has an invalid interface number: 0 but max is -1
[  144.974715][    T9] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 0
[  144.985995][    T9] usb 2-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2
[  144.995393][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  145.003490][    T9] usb 2-1: Product: syz
[  145.008415][    T9] usb 2-1: Manufacturer: syz
[  145.013143][    T9] usb 2-1: SerialNumber: syz
[  145.021473][    T9] usb 2-1: config 0 descriptor??
[  145.164381][   T29] audit: type=1400 audit(1738676156.468:481): avc:  denied  { audit_write } for  pid=7179 comm="syz.0.356" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  145.188803][ T7190] gfs2: path_lookup on c:©ÐÃÎl\àç—Ãà{z`bH¾CT�H­Y3€ôs[Ó|lt™—˜‰¾wo9�U¦š¤¿?ôиuûCÂZ¦3Û{«mU1q•w
E»:úShäoŠå‘ì|sú-¨`ÑℨƻdÓ�3Cí3+‹ß returned error -2
[  145.252188][    T9] usb 2-1: dvb_usb_v2: found a 'Terratec H7' in warm state
[  145.349744][ T5831] Bluetooth: hci3: command 0x0c1a tx timeout
[  145.899225][   T29] audit: type=1326 audit(1738676157.168:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7195 comm="syz.2.359" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1644b8cda9 code=0x0
[  146.170042][ T3591] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  146.181186][ T3591] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  146.710753][ T5831] Bluetooth: hci5: command tx timeout
[  146.754411][ T3591] bond0 (unregistering): Released all slaves
[  146.884684][   T29] audit: type=1400 audit(1738676158.188:483): avc:  denied  { map } for  pid=7205 comm="syz.2.362" path="socket:[14488]" dev="sockfs" ino=14488 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  146.939354][   T29] audit: type=1400 audit(1738676158.188:484): avc:  denied  { accept } for  pid=7205 comm="syz.2.362" path="socket:[14488]" dev="sockfs" ino=14488 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  147.371393][    T9] usb write operation failed. (-71)
[  147.387055][    T9] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  147.410199][    T9] dvbdev: DVB: registering new adapter (Terratec H7)
[  147.442595][    T9] usb 2-1: media controller created
[  147.462842][    T9] usb read operation failed. (-71)
[  147.468325][    T9] usb write operation failed. (-71)
[  147.476035][    T9] dvb_usb_az6007 2-1:0.0: probe with driver dvb_usb_az6007 failed with error -5
[  147.488334][    T9] usb 2-1: USB disconnect, device number 10
[  148.030318][ T7224] loop2: detected capacity change from 0 to 7
[  148.040946][ T7224] Dev loop2: unable to read RDB block 7
[  148.046586][ T7224]  loop2: unable to read partition table
[  148.052321][ T7224] loop2: partition table beyond EOD, truncated
[  148.058474][ T7224] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  148.186269][ T7095] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  148.319748][ T5831] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  148.329515][ T5831] Bluetooth: hci1: Injecting HCI hardware error event
[  148.342339][ T5831] Bluetooth: hci1: hardware error 0x00
[  148.379352][ T3591] hsr_slave_0: left promiscuous mode
[  148.406808][ T3591] hsr_slave_1: left promiscuous mode
[  148.438673][ T3591] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  148.465216][ T3591] batman_adv: batadv0: Removing interface: batadv_slave_0
[  148.497387][ T3591] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  148.599847][ T3591] batman_adv: batadv0: Removing interface: batadv_slave_1
[  148.612910][ T3591] veth1_macvtap: left promiscuous mode
[  148.618776][ T3591] veth0_macvtap: left promiscuous mode
[  148.624570][ T3591] veth1_vlan: left promiscuous mode
[  148.630235][ T3591] veth0_vlan: left promiscuous mode
[  148.699877][ T7237] trusted_key: encrypted_key: insufficient parameters specified
[  148.791510][ T5822] Bluetooth: hci5: command tx timeout
[  149.363884][  T117] IPVS: starting estimator thread 0...
[  149.496159][ T7248] IPVS: using max 33 ests per chain, 79200 per kthread
[  149.733376][ T3591] team0 (unregistering): Port device team_slave_1 removed
[  149.841620][ T7256] FAULT_INJECTION: forcing a failure.
[  149.841620][ T7256] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  149.854725][ T7256] CPU: 1 UID: 0 PID: 7256 Comm: syz.4.375 Not tainted 6.14.0-rc1-syzkaller-00020-g0de63bb7d919 #0
[  149.854748][ T7256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  149.854759][ T7256] Call Trace:
[  149.854765][ T7256]  <TASK>
[  149.854771][ T7256]  dump_stack_lvl+0x16c/0x1f0
[  149.854795][ T7256]  should_fail_ex+0x50a/0x650
[  149.854823][ T7256]  _copy_to_user+0x32/0xd0
[  149.854841][ T7256]  simple_read_from_buffer+0xd0/0x160
[  149.854868][ T7256]  proc_fail_nth_read+0x198/0x270
[  149.854892][ T7256]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  149.854917][ T7256]  ? rw_verify_area+0xcf/0x680
[  149.854940][ T7256]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  149.854962][ T7256]  vfs_read+0x1df/0xbf0
[  149.854987][ T7256]  ? __fget_files+0x1fc/0x3a0
[  149.855003][ T7256]  ? __pfx___mutex_lock+0x10/0x10
[  149.855021][ T7256]  ? __pfx_vfs_read+0x10/0x10
[  149.855058][ T7256]  ? __fget_files+0x206/0x3a0
[  149.855082][ T7256]  ksys_read+0x12b/0x250
[  149.855106][ T7256]  ? __pfx_ksys_read+0x10/0x10
[  149.855139][ T7256]  do_syscall_64+0xcd/0x250
[  149.855158][ T7256]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.855181][ T7256] RIP: 0033:0x7f736db8b7bc
[  149.855194][ T7256] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  149.855209][ T7256] RSP: 002b:00007f736e9e4030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  149.855225][ T7256] RAX: ffffffffffffffda RBX: 00007f736dda6160 RCX: 00007f736db8b7bc
[  149.855235][ T7256] RDX: 000000000000000f RSI: 00007f736e9e40a0 RDI: 0000000000000008
[  149.855245][ T7256] RBP: 00007f736e9e4090 R08: 0000000000000000 R09: 0000000000000000
[  149.855254][ T7256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  149.855263][ T7256] R13: 0000000000000000 R14: 00007f736dda6160 R15: 00007ffe6d54a8c8
[  149.855285][ T7256]  </TASK>
[  150.131813][ T3591] team0 (unregistering): Port device team_slave_0 removed
[  150.472180][ T5831] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  150.474855][ T7262] netlink: 64 bytes leftover after parsing attributes in process `syz.4.376'.
[  151.606144][ T7265] netlink: 64 bytes leftover after parsing attributes in process `syz.1.377'.
[  152.095243][ T7095] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  152.104339][ T7095] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  152.203374][ T7095] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  152.451168][ T7095] 8021q: adding VLAN 0 to HW filter on device bond0
[  152.495868][ T7095] 8021q: adding VLAN 0 to HW filter on device team0
[  152.507271][ T3303] bridge0: port 1(bridge_slave_0) entered blocking state
[  152.514377][ T3303] bridge0: port 1(bridge_slave_0) entered forwarding state
[  152.543667][   T51] bridge0: port 2(bridge_slave_1) entered blocking state
[  152.550820][   T51] bridge0: port 2(bridge_slave_1) entered forwarding state
[  152.561694][ T7278] netlink: 'syz.0.380': attribute type 9 has an invalid length.
[  153.008475][ T7287] netlink: 64 bytes leftover after parsing attributes in process `syz.0.381'.
[  153.725325][ T7095] 8021q: adding VLAN 0 to HW filter on device batadv0
[  153.909053][ T7095] veth0_vlan: entered promiscuous mode
[  153.935737][ T7095] veth1_vlan: entered promiscuous mode
[  153.968394][   T29] audit: type=1400 audit(1738676165.258:485): avc:  denied  { bind } for  pid=7297 comm="syz.0.384" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  153.981748][ T7095] veth0_macvtap: entered promiscuous mode
[  154.295377][ T7095] veth1_macvtap: entered promiscuous mode
[  154.337772][ T7095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  154.363383][ T7095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.414431][ T7095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  154.436763][ T7095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.463876][ T7095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  154.485114][ T7095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.509734][ T7095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  154.561125][ T7095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.579521][ T7095] batman_adv: batadv0: Interface activated: batadv_slave_0
[  154.623169][ T7095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  154.662983][ T7095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.708740][ T7095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  154.722183][ T7095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.733384][ T7095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  154.747039][ T7095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.757048][ T7095] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  154.768507][ T7095] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.803318][ T7095] batman_adv: batadv0: Interface activated: batadv_slave_1
[  154.839911][ T7095] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  154.856924][ T7095] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  154.872659][ T7095] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  154.883136][ T7095] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  154.970413][ T6388] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  154.982606][ T6388] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  155.270330][ T5867] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  155.278103][   T29] audit: type=1400 audit(1738676166.428:486): avc:  denied  { ioctl } for  pid=7317 comm="syz.0.388" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 ioctlcmd=0xf514 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  155.286426][ T6388] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  155.318449][ T6388] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  155.319833][   T29] audit: type=1400 audit(1738676166.618:487): avc:  denied  { append } for  pid=7317 comm="syz.0.388" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  155.512610][ T5867] usb 5-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[  155.599229][ T5867] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  155.627809][ T5817] libceph: connect (1)[c::]:6789 error -101
[  155.652191][ T7327] ceph: No mds server is up or the cluster is laggy
[  156.195775][ T5867] usb 5-1: Product: syz
[  156.212230][ T5817] libceph: mon0 (1)[c::]:6789 connect error
[  156.226772][ T5867] usb 5-1: Manufacturer: syz
[  156.240438][   T29] audit: type=1400 audit(1738676166.658:488): avc:  denied  { mounton } for  pid=7095 comm="syz-executor" path="/root/syzkaller.6WElBH/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  156.275799][ T5867] usb 5-1: SerialNumber: syz
[  156.387785][ T5867] usb 5-1: config 0 descriptor??
[  156.403785][   T29] audit: type=1400 audit(1738676166.668:489): avc:  denied  { mount } for  pid=7095 comm="syz-executor" name="/" dev="gadgetfs" ino=7344 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  156.755929][ T7341] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  156.768757][ T7341] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  156.890046][ T5867] hso 5-1:0.0: Failed to find BULK IN ep
[  156.925018][ T5867] usb-storage 5-1:0.0: USB Mass Storage device detected
[  157.253133][    T9] usb 5-1: USB disconnect, device number 6
[  157.850517][ T7352] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  157.915848][ T7356] netlink: 'syz.2.394': attribute type 8 has an invalid length.
[  158.104439][ T7355] workqueue: Failed to create a rescuer kthread for wq "ceph-completion": -EINTR
[  158.413725][   T29] audit: type=1400 audit(1738676169.718:490): avc:  denied  { map } for  pid=7359 comm="syz.5.395" path="socket:[15186]" dev="sockfs" ino=15186 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[  159.711821][ T7393] tmpfs: Bad value for 'mpol'
[  159.756376][ T7383] netlink: 'syz.5.403': attribute type 39 has an invalid length.
[  160.613229][  T117] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  160.720606][ T7411] FAULT_INJECTION: forcing a failure.
[  160.720606][ T7411] name failslab, interval 1, probability 0, space 0, times 0
[  160.733263][ T7411] CPU: 0 UID: 0 PID: 7411 Comm: syz.1.409 Not tainted 6.14.0-rc1-syzkaller-00020-g0de63bb7d919 #0
[  160.733275][ T7411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  160.733281][ T7411] Call Trace:
[  160.733284][ T7411]  <TASK>
[  160.733288][ T7411]  dump_stack_lvl+0x16c/0x1f0
[  160.733302][ T7411]  should_fail_ex+0x50a/0x650
[  160.733318][ T7411]  should_failslab+0xc2/0x120
[  160.733328][ T7411]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  160.733338][ T7411]  ? skb_clone+0x190/0x3f0
[  160.733352][ T7411]  skb_clone+0x190/0x3f0
[  160.733363][ T7411]  netlink_deliver_tap+0xabd/0xd30
[  160.733376][ T7411]  netlink_unicast+0x5e1/0x7f0
[  160.733388][ T7411]  ? __pfx_netlink_unicast+0x10/0x10
[  160.733401][ T7411]  netlink_sendmsg+0x8b8/0xd70
[  160.733412][ T7411]  ? __pfx_netlink_sendmsg+0x10/0x10
[  160.733427][ T7411]  ____sys_sendmsg+0xaaf/0xc90
[  160.733440][ T7411]  ? copy_msghdr_from_user+0x10b/0x160
[  160.733450][ T7411]  ? __pfx_____sys_sendmsg+0x10/0x10
[  160.733468][ T7411]  ___sys_sendmsg+0x135/0x1e0
[  160.733479][ T7411]  ? __pfx____sys_sendmsg+0x10/0x10
[  160.733495][ T7411]  ? __pfx_lock_release+0x10/0x10
[  160.733507][ T7411]  ? trace_lock_acquire+0x14e/0x1f0
[  160.733522][ T7411]  ? __fget_files+0x206/0x3a0
[  160.733533][ T7411]  __sys_sendmsg+0x16e/0x220
[  160.733544][ T7411]  ? __pfx___sys_sendmsg+0x10/0x10
[  160.733562][ T7411]  do_syscall_64+0xcd/0x250
[  160.733573][ T7411]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.733585][ T7411] RIP: 0033:0x7f94b318cda9
[  160.733593][ T7411] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  160.733602][ T7411] RSP: 002b:00007f94b3fe3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  160.733611][ T7411] RAX: ffffffffffffffda RBX: 00007f94b33a5fa0 RCX: 00007f94b318cda9
[  160.733617][ T7411] RDX: 0000000000000000 RSI: 00000000200006c0 RDI: 0000000000000003
[  160.733622][ T7411] RBP: 00007f94b3fe3090 R08: 0000000000000000 R09: 0000000000000000
[  160.733627][ T7411] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  160.733632][ T7411] R13: 0000000000000000 R14: 00007f94b33a5fa0 R15: 00007ffe7a42daa8
[  160.733643][ T7411]  </TASK>
[  160.968889][ T7412] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  160.976365][ T7412] IPv6: NLM_F_CREATE should be set when creating new route
[  161.296843][ T3591] Bluetooth: hci4: Frame reassembly failed (-84)
[  161.361553][  T117] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  161.379787][  T117] usb 3-1: New USB device found, idVendor=28de, idProduct=1205, bcdDevice= 0.00
[  161.390420][  T117] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.400308][  T117] usb 3-1: config 0 descriptor??
[  161.693581][ T7422] veth0_vlan: entered allmulticast mode
[  161.726708][ T7422] veth0_vlan: left promiscuous mode
[  161.735045][ T7422] veth0_vlan: entered promiscuous mode
[  161.812755][   T29] audit: type=1400 audit(1738676173.108:491): avc:  denied  { sqpoll } for  pid=7394 comm="syz.2.407" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  162.178516][   T29] audit: type=1400 audit(1738676173.478:492): avc:  denied  { getopt } for  pid=7394 comm="syz.2.407" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  162.424259][  T117] hid-steam 0003:28DE:1205.000A: unknown main item tag 0x0
[  162.431796][  T117] hid-steam 0003:28DE:1205.000A: unknown main item tag 0x0
[  162.439108][  T117] hid-steam 0003:28DE:1205.000A: unknown main item tag 0x0
[  162.446635][  T117] hid-steam 0003:28DE:1205.000A: item fetching failed at offset 3/5
[  162.455631][  T117] hid-steam 0003:28DE:1205.000A: steam_probe:parse of hid interface failed
[  162.464598][  T117] hid-steam 0003:28DE:1205.000A: probe with driver hid-steam failed with error -22
[  162.664069][ T7432] tmpfs: Bad value for 'mpol'
[  162.665083][ T7395] netlink: 'syz.2.407': attribute type 4 has an invalid length.
[  162.700608][ T5869] usb 3-1: USB disconnect, device number 10
[  163.109726][ T5831] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  163.224496][   T29] audit: type=1400 audit(1738676174.528:493): avc:  denied  { ioctl } for  pid=7433 comm="syz.4.417" path="/dev/usbmon3" dev="devtmpfs" ino=725 ioctlcmd=0x9205 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  163.608640][ T5869] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  163.950304][ T5869] usb 5-1: device descriptor read/64, error -71
[  164.189784][ T5869] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  164.826350][ T7455] netlink: 64 bytes leftover after parsing attributes in process `syz.5.420'.
[  165.439724][ T5869] usb 5-1: device descriptor read/64, error -71
[  165.560062][ T5869] usb usb5-port1: attempt power cycle
[  166.529809][ T5869] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  166.599757][  T117] usb 6-1: new full-speed USB device number 2 using dummy_hcd
[  166.751965][ T5869] usb 5-1: device not accepting address 9, error -71
[  166.847643][  T117] usb 6-1: device descriptor read/64, error -71
[  166.987874][ T7476] netlink: 20 bytes leftover after parsing attributes in process `syz.1.427'.
[  166.996942][ T7476] netlink: 20 bytes leftover after parsing attributes in process `syz.1.427'.
[  167.203461][  T117] usb 6-1: new full-speed USB device number 3 using dummy_hcd
[  167.410232][  T117] usb 6-1: device descriptor read/64, error -71
[  167.600600][  T117] usb usb6-port1: attempt power cycle
[  167.939699][  T117] usb 6-1: new full-speed USB device number 4 using dummy_hcd
[  167.990238][  T117] usb 6-1: device descriptor read/8, error -71
[  168.529696][  T117] usb 6-1: new full-speed USB device number 5 using dummy_hcd
[  168.562729][  T117] usb 6-1: device descriptor read/8, error -71
[  168.651400][ T7493] syzkaller0: entered promiscuous mode
[  168.656900][ T7493] syzkaller0: entered allmulticast mode
[  168.689889][  T117] usb usb6-port1: unable to enumerate USB device
[  168.914229][ T7502] 9pnet_fd: Insufficient options for proto=fd
[  168.956188][  T971] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  168.964266][   T29] audit: type=1400 audit(1738676180.218:494): avc:  denied  { mounton } for  pid=7501 comm="syz.4.436" path="/proc/357" dev="proc" ino=15544 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  169.004566][   T29] audit: type=1400 audit(1738676180.308:495): avc:  denied  { shutdown } for  pid=7503 comm="syz.1.437" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  169.911253][ T7512] veth0_vlan: entered allmulticast mode
[  169.926015][ T7512] veth0_vlan: left promiscuous mode
[  169.932234][ T7512] veth0_vlan: entered promiscuous mode
[  170.375947][  T117] IPVS: starting estimator thread 0...
[  170.413635][  T971] usb 3-1: Using ep0 maxpacket: 16
[  170.420756][  T971] usb 3-1: config 0 has an invalid interface number: 251 but max is 0
[  170.428937][  T971] usb 3-1: config 0 has no interface number 0
[  170.442393][  T971] usb 3-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16
[  170.454840][  T971] usb 3-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[  170.470425][   T25] usb 6-1: new full-speed USB device number 6 using dummy_hcd
[  170.484531][  T971] usb 3-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[  170.493770][  T971] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  170.501856][ T7517] IPVS: using max 29 ests per chain, 69600 per kthread
[  170.511396][  T971] usb 3-1: Product: syz
[  170.515623][  T971] usb 3-1: Manufacturer: syz
[  170.520508][  T971] usb 3-1: SerialNumber: syz
[  170.537167][  T971] usb 3-1: config 0 descriptor??
[  170.551471][ T7491] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  170.559924][ T7491] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  170.632870][   T25] usb 6-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  170.656194][   T25] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  170.679959][   T25] usb 6-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  170.696347][   T25] usb 6-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  170.707719][   T25] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  170.720334][   T25] usb 6-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  170.737234][   T25] usb 6-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  170.748429][   T25] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  170.764304][   T25] usb 6-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  170.893774][   T25] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  170.907024][ T7491] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  170.922810][ T7491] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  170.976350][   T25] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  171.010141][   T25] usb 6-1: Product: syz
[  171.026344][   T25] usb 6-1: Manufacturer: syz
[  171.049421][   T25] usb 6-1: SerialNumber: syz
[  171.746043][   T25] adutux 6-1:168.0: interrupt endpoints not found
[  171.782132][   T25] usb 6-1: USB disconnect, device number 6
[  171.995942][ T5831] Bluetooth: hci3: unexpected event for opcode 0x0005
[  173.099655][   T29] audit: type=1400 audit(1738676184.398:496): avc:  denied  { getopt } for  pid=7539 comm="syz.2.445" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  173.121338][ T7538] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64
[  173.128960][ T7538] audit: out of memory in audit_log_start
[  173.157206][ T7532] netlink: 24 bytes leftover after parsing attributes in process `syz.4.444'.
[  173.218545][   T29] audit: type=1400 audit(1738676184.398:497): avc:  denied  { read } for  pid=7539 comm="syz.2.445" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  174.236964][ T7546] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  174.392564][ T7546] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  174.491718][   T29] audit: type=1400 audit(1738676185.798:498): avc:  denied  { map } for  pid=7553 comm="syz.0.449" path="/dev/bus/usb/009/001" dev="devtmpfs" ino=749 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  174.520158][ T7546] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  174.569709][   T29] audit: type=1400 audit(1738676185.798:499): avc:  denied  { execute } for  pid=7553 comm="syz.0.449" path="/dev/bus/usb/009/001" dev="devtmpfs" ino=749 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  174.614399][ T7546] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  174.670679][ T7546] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  174.679284][   T29] audit: type=1400 audit(1738676185.818:500): avc:  denied  { create } for  pid=7555 comm="syz.4.450" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  174.707660][   T29] audit: type=1400 audit(1738676185.818:501): avc:  denied  { ioctl } for  pid=7555 comm="syz.4.450" path="socket:[15778]" dev="sockfs" ino=15778 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  174.746483][   T29] audit: type=1400 audit(1738676185.818:502): avc:  denied  { ioctl } for  pid=7555 comm="syz.4.450" path="socket:[15773]" dev="sockfs" ino=15773 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  174.773145][ T7546] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  175.509758][ T5831] Bluetooth: hci0: command 0x0c1a tx timeout
[  175.678383][ T7569] veth0_vlan: entered allmulticast mode
[  175.707849][ T7569] veth0_vlan: left promiscuous mode
[  175.716109][ T7569] veth0_vlan: entered promiscuous mode
[  176.201572][  T971] asix 3-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -110
[  176.255736][  T971] asix 3-1:0.251 (unnamed net_device) (uninitialized): Failed to read MAC address: -110
[  176.299784][  T971] asix 3-1:0.251: probe with driver asix failed with error -5
[  176.469777][ T5831] Bluetooth: hci2: command 0x0c1a tx timeout
[  176.559911][ T5831] Bluetooth: hci3: command 0x0c1a tx timeout
[  176.629754][ T5831] Bluetooth: hci5: command 0x0c1a tx timeout
[  177.577157][   T25] usb 3-1: USB disconnect, device number 11
[  178.290038][  T117] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  178.579727][  T117] usb 3-1: Using ep0 maxpacket: 16
[  178.591067][  T117] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  178.606661][  T117] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  178.618529][  T117] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  178.628786][  T117] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  178.637322][  T117] usb 3-1: Product: syz
[  178.641732][  T117] usb 3-1: Manufacturer: syz
[  178.646369][  T117] usb 3-1: SerialNumber: syz
[  178.739741][    T9] usb 5-1: new full-speed USB device number 11 using dummy_hcd
[  178.759758][ T5831] Bluetooth: hci5: command 0x0c1a tx timeout
[  178.860524][ T7596] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  178.869210][ T7596] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  178.999546][    T9] usb 5-1: config 0 has an invalid interface number: 29 but max is 0
[  179.131651][    T9] usb 5-1: config 0 has no interface number 0
[  179.191008][    T9] usb 5-1: config 0 interface 29 has no altsetting 0
[  179.336485][    T9] usb 5-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=39.ac
[  179.346722][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  179.626874][    T9] usb 5-1: Product: syz
[  179.631154][    T9] usb 5-1: Manufacturer: syz
[  179.635794][    T9] usb 5-1: SerialNumber: syz
[  179.642225][    T9] usb 5-1: config 0 descriptor??
[  180.101104][    T9] peak_usb 5-1:0.29: PEAK-System PCAN-USB X6 v180 fw v53.105.158 (2 channels)
[  180.309252][   T29] audit: type=1326 audit(1738676191.608:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7601 comm="syz.4.464" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f736db8cda9 code=0x0
[  180.399824][   T25] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  180.409347][    T9] peak_usb 5-1:0.29 can0: sending command failure: -22
[  180.416736][ T7596] netlink: 20 bytes leftover after parsing attributes in process `syz.2.462'.
[  180.425867][    T9] peak_usb 5-1:0.29 can0: sending command failure: -22
[  180.439515][    T9] peak_usb 5-1:0.29 can0: sending command failure: -22
[  180.564990][ T7596] ip6tnl0: entered promiscuous mode
[  180.791244][ T5831] Bluetooth: hci5: command 0x0c1a tx timeout
[  181.070418][    T9] peak_usb 5-1:0.29: probe with driver peak_usb failed with error -22
[  181.080958][   T25] usb 6-1: config index 0 descriptor too short (expected 1298, got 18)
[  181.089346][   T25] usb 6-1: config 0 has an invalid interface number: 0 but max is -1
[  181.097694][   T25] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 0
[  181.122085][   T25] usb 6-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  181.144291][   T25] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  181.165288][   T25] usb 6-1: Product: syz
[  181.175210][   T25] usb 6-1: Manufacturer: syz
[  181.187614][   T25] usb 6-1: SerialNumber: syz
[  181.203664][   T25] usb 6-1: config 0 descriptor??
[  181.709673][   T25] usb 6-1: Firmware: major: 1, minor: 38, hardware type: UNKNOWN (64)
[  181.918673][   T25] usb 6-1: failed to fetch extended address, random address set
[  181.937296][   T25] usb 6-1: atusb_probe: initialization failed, error = -524
[  181.946050][   T25] atusb 6-1:0.0: probe with driver atusb failed with error -524
[  181.963960][   T25] usb 6-1: USB disconnect, device number 7
[  181.982802][  T117] usb 3-1: 0:2 : does not exist
[  182.013205][  T117] usb 3-1: 5:0: failed to get current value for ch 0 (-22)
[  182.077154][  T117] usb 3-1: USB disconnect, device number 12
[  182.143335][ T7636] netlink: 'syz.0.472': attribute type 39 has an invalid length.
[  182.171267][   T25] usb 5-1: USB disconnect, device number 11
[  182.438423][ T7646] netlink: 64 bytes leftover after parsing attributes in process `syz.2.473'.
[  182.923579][ T7641] ceph: No mds server is up or the cluster is laggy
[  183.211683][ T7651] FAULT_INJECTION: forcing a failure.
[  183.211683][ T7651] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  183.225073][ T7651] CPU: 1 UID: 0 PID: 7651 Comm: syz.5.475 Not tainted 6.14.0-rc1-syzkaller-00020-g0de63bb7d919 #0
[  183.225094][ T7651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  183.225103][ T7651] Call Trace:
[  183.225109][ T7651]  <TASK>
[  183.225115][ T7651]  dump_stack_lvl+0x16c/0x1f0
[  183.225138][ T7651]  should_fail_ex+0x50a/0x650
[  183.225166][ T7651]  _copy_from_user+0x2e/0xd0
[  183.225192][ T7651]  xsk_setsockopt+0x6ba/0xa10
[  183.225216][ T7651]  ? __pfx_xsk_setsockopt+0x10/0x10
[  183.225246][ T7651]  ? selinux_socket_setsockopt+0x6a/0x80
[  183.225268][ T7651]  ? __pfx_xsk_setsockopt+0x10/0x10
[  183.225290][ T7651]  do_sock_setsockopt+0x222/0x480
[  183.225315][ T7651]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  183.225339][ T7651]  ? lock_acquire+0x2f/0xb0
[  183.225374][ T7651]  __sys_setsockopt+0x1a0/0x230
[  183.225398][ T7651]  __x64_sys_setsockopt+0xbd/0x160
[  183.225417][ T7651]  ? do_syscall_64+0x91/0x250
[  183.225435][ T7651]  ? lockdep_hardirqs_on+0x7c/0x110
[  183.225451][ T7651]  do_syscall_64+0xcd/0x250
[  183.225470][ T7651]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.225492][ T7651] RIP: 0033:0x7f329578cda9
[  183.225505][ T7651] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  183.225527][ T7651] RSP: 002b:00007f32965db038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  183.225543][ T7651] RAX: ffffffffffffffda RBX: 00007f32959a6160 RCX: 00007f329578cda9
[  183.225554][ T7651] RDX: 0000000000000004 RSI: 000000000000011b RDI: 0000000000000008
[  183.225563][ T7651] RBP: 00007f32965db090 R08: 0000000000000020 R09: 0000000000000000
[  183.225573][ T7651] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000001
[  183.225583][ T7651] R13: 0000000000000000 R14: 00007f32959a6160 R15: 00007ffc5f592c28
[  183.225605][ T7651]  </TASK>
[  183.509276][ T7641] netlink: 8 bytes leftover after parsing attributes in process `syz.4.474'.
[  183.660945][ T7641] netlink: 8 bytes leftover after parsing attributes in process `syz.4.474'.
[  185.319826][  T117] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  186.052680][  T117] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  186.059762][   T25] usb 6-1: new full-speed USB device number 8 using dummy_hcd
[  186.070109][  T117] usb 2-1: New USB device found, idVendor=28de, idProduct=1205, bcdDevice= 0.00
[  186.070136][  T117] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  186.071446][  T117] usb 2-1: config 0 descriptor??
[  186.262455][   T25] usb 6-1: config 0 has an invalid interface number: 29 but max is 0
[  186.309685][   T25] usb 6-1: config 0 has no interface number 0
[  186.316126][   T25] usb 6-1: config 0 interface 29 has no altsetting 0
[  186.330829][   T25] usb 6-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=39.ac
[  186.340267][   T25] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  186.348303][   T25] usb 6-1: Product: syz
[  186.352615][   T25] usb 6-1: Manufacturer: syz
[  186.357250][   T25] usb 6-1: SerialNumber: syz
[  186.420088][ T7691] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  186.946155][  T117] hid-steam 0003:28DE:1205.000B: unknown main item tag 0x0
[  186.953659][  T117] hid-steam 0003:28DE:1205.000B: unknown main item tag 0x0
[  186.954785][ T7671] netlink: 'syz.1.480': attribute type 4 has an invalid length.
[  186.972084][  T117] hid-steam 0003:28DE:1205.000B: unknown main item tag 0x0
[  186.980564][   T25] usb 6-1: config 0 descriptor??
[  186.985606][  T117] hid-steam 0003:28DE:1205.000B: item fetching failed at offset 3/5
[  186.999154][  T117] hid-steam 0003:28DE:1205.000B: steam_probe:parse of hid interface failed
[  187.007955][    T8] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  187.018673][  T117] hid-steam 0003:28DE:1205.000B: probe with driver hid-steam failed with error -22
[  187.038900][  T117] usb 2-1: USB disconnect, device number 11
[  187.169916][    T8] usb 5-1: Using ep0 maxpacket: 16
[  187.183049][    T8] usb 5-1: config 0 has an invalid interface number: 8 but max is 0
[  187.203885][    T8] usb 5-1: config 0 has no interface number 0
[  187.204041][   T25] peak_usb 6-1:0.29: PEAK-System PCAN-USB X6 v180 fw v53.105.158 (2 channels)
[  187.214171][    T8] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  187.232377][    T8] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  187.244592][    T8] usb 5-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  187.253869][    T8] usb 5-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  187.262038][    T8] usb 5-1: Product: syz
[  187.266321][    T8] usb 5-1: SerialNumber: syz
[  187.272172][    T8] usb 5-1: config 0 descriptor??
[  187.279595][    T8] cm109 5-1:0.8: invalid payload size 0, expected 4
[  187.287029][    T8] input: CM109 USB driver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.8/input/input12
[  187.434959][    T8] IPVS: starting estimator thread 0...
[  187.441964][   T29] audit: type=1326 audit(1738676198.748:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7679 comm="syz.5.484" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f329578cda9 code=0x0
[  187.546717][   T25] peak_usb 6-1:0.29 can0: sending command failure: -22
[  187.559850][ T7692] IPVS: using max 56 ests per chain, 134400 per kthread
[  187.571384][   T25] peak_usb 6-1:0.29 can0: sending command failure: -22
[  187.579010][   T25] peak_usb 6-1:0.29 can0: sending command failure: -22
[  187.608680][    C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[  187.616939][    C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[  187.624127][    C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[  187.632929][    C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[  187.640189][    C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[  187.647266][    C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[  187.650528][   T25] peak_usb 6-1:0.29: probe with driver peak_usb failed with error -22
[  187.654368][    C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[  187.670512][    C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[  187.677616][    C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[  187.684693][    C0] cm109 5-1:0.8: cm109_urb_ctl_callback: urb status -71
[  187.693020][    T8] usb 5-1: USB disconnect, device number 12
[  187.699009][    C0] cm109 5-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  187.716299][    T8] cm109 5-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  188.499349][ T5831] Bluetooth: hci3: unexpected event for opcode 0x1005
[  189.508228][    T8] usb 6-1: USB disconnect, device number 8
[  189.952200][ T7734] netlink: 20 bytes leftover after parsing attributes in process `syz.5.498'.
[  189.961561][ T7734] netlink: 20 bytes leftover after parsing attributes in process `syz.5.498'.
[  190.721305][ T7735] netlink: 'syz.2.499': attribute type 39 has an invalid length.
[  191.015961][ T7743] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  191.076248][ T7745] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  191.379526][ T7756] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  191.870123][ T7757] netlink: 80 bytes leftover after parsing attributes in process `syz.2.503'.
[  191.885135][ T7757] netlink: 8 bytes leftover after parsing attributes in process `syz.2.503'.
[  192.402085][   T29] audit: type=1400 audit(1738676203.448:505): avc:  denied  { append } for  pid=7737 comm="syz.0.500" name="sg0" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  193.367358][ T5831] Bluetooth: hci2: unexpected event for opcode 0x1005
[  193.745920][   T29] audit: type=1400 audit(1738676205.048:506): avc:  denied  { listen } for  pid=7773 comm="syz.5.509" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  193.771090][   T29] audit: type=1400 audit(1738676205.078:507): avc:  denied  { accept } for  pid=7773 comm="syz.5.509" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  193.848838][   T29] audit: type=1400 audit(1738676205.148:508): avc:  denied  { mount } for  pid=7773 comm="syz.5.509" name="/" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[  193.929988][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[  194.010379][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[  194.349803][ T7786] FAULT_INJECTION: forcing a failure.
[  194.349803][ T7786] name failslab, interval 1, probability 0, space 0, times 0
[  194.363182][ T7786] CPU: 1 UID: 0 PID: 7786 Comm: syz.4.510 Not tainted 6.14.0-rc1-syzkaller-00020-g0de63bb7d919 #0
[  194.363203][ T7786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  194.363213][ T7786] Call Trace:
[  194.363218][ T7786]  <TASK>
[  194.363224][ T7786]  dump_stack_lvl+0x16c/0x1f0
[  194.363247][ T7786]  should_fail_ex+0x50a/0x650
[  194.363271][ T7786]  ? fs_reclaim_acquire+0xae/0x150
[  194.363299][ T7786]  should_failslab+0xc2/0x120
[  194.363318][ T7786]  kmem_cache_alloc_lru_noprof+0x73/0x3d0
[  194.363337][ T7786]  ? __d_alloc+0x31/0xaa0
[  194.363359][ T7786]  __d_alloc+0x31/0xaa0
[  194.363382][ T7786]  ? mark_lock+0xb5/0xc60
[  194.363408][ T7786]  d_alloc+0x4a/0x1e0
[  194.363428][ T7786]  d_alloc_parallel+0xe7/0x12b0
[  194.363452][ T7786]  ? __d_lookup+0x25c/0x4a0
[  194.363476][ T7786]  ? trace_lock_acquire+0x14e/0x1f0
[  194.363495][ T7786]  ? lookup_open.isra.0+0x233/0x1580
[  194.363521][ T7786]  ? __pfx_d_alloc_parallel+0x10/0x10
[  194.363548][ T7786]  ? __d_lookup+0x266/0x4a0
[  194.363577][ T7786]  lookup_open.isra.0+0x667/0x1580
[  194.363606][ T7786]  ? __pfx_lookup_open.isra.0+0x10/0x10
[  194.363632][ T7786]  ? __pfx_try_to_compact_pages+0x10/0x10
[  194.363652][ T7786]  ? lock_acquire+0x2f/0xb0
[  194.363672][ T7786]  ? path_openat+0x15a4/0x2d80
[  194.363692][ T7786]  ? __pfx_try_to_compact_pages+0x10/0x10
[  194.363709][ T7786]  ? __pfx_down_write+0x10/0x10
[  194.363728][ T7786]  ? mnt_get_write_access+0x20c/0x300
[  194.363754][ T7786]  path_openat+0x904/0x2d80
[  194.363780][ T7786]  ? __pfx_path_openat+0x10/0x10
[  194.363796][ T7786]  ? __pfx___lock_acquire+0x10/0x10
[  194.363816][ T7786]  ? lock_acquire.part.0+0x11b/0x380
[  194.363839][ T7786]  ? find_held_lock+0x2d/0x110
[  194.363859][ T7786]  do_filp_open+0x20c/0x470
[  194.363876][ T7786]  ? __pfx_do_filp_open+0x10/0x10
[  194.363891][ T7786]  ? find_held_lock+0x2d/0x110
[  194.363927][ T7786]  ? alloc_fd+0x41f/0x760
[  194.363950][ T7786]  do_sys_openat2+0x17a/0x1e0
[  194.363971][ T7786]  ? __pfx_do_sys_openat2+0x10/0x10
[  194.363994][ T7786]  ? __fget_files+0x206/0x3a0
[  194.364015][ T7786]  __x64_sys_openat+0x175/0x210
[  194.364036][ T7786]  ? __pfx___x64_sys_openat+0x10/0x10
[  194.364055][ T7786]  ? ksys_write+0x1ba/0x250
[  194.364089][ T7786]  do_syscall_64+0xcd/0x250
[  194.364109][ T7786]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.364132][ T7786] RIP: 0033:0x7f736db8cda9
[  194.364145][ T7786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  194.364161][ T7786] RSP: 002b:00007f736e9e4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  194.364177][ T7786] RAX: ffffffffffffffda RBX: 00007f736dda6160 RCX: 00007f736db8cda9
[  194.364188][ T7786] RDX: 000000000000275a RSI: 0000000020000100 RDI: ffffffffffffff9c
[  194.364199][ T7786] RBP: 00007f736e9e4090 R08: 0000000000000000 R09: 0000000000000000
[  194.364209][ T7786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  194.364218][ T7786] R13: 0000000000000000 R14: 00007f736dda6160 R15: 00007ffe6d54a8c8
[  194.364242][ T7786]  </TASK>
[  194.716116][   T29] audit: type=1400 audit(1738676205.638:509): avc:  denied  { mount } for  pid=7779 comm="syz.4.510" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  195.087399][   T29] audit: type=1400 audit(1738676206.388:510): avc:  denied  { unmount } for  pid=5815 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  195.299655][ T7794] syzkaller1: entered promiscuous mode
[  195.309972][ T7794] syzkaller1: entered allmulticast mode
[  195.639537][ T7798] FAULT_INJECTION: forcing a failure.
[  195.639537][ T7798] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  195.649705][   T29] audit: type=1400 audit(1738676206.938:511): avc:  denied  { bind } for  pid=7793 comm="syz.1.515" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  195.701455][ T7798] CPU: 1 UID: 0 PID: 7798 Comm: syz.1.515 Not tainted 6.14.0-rc1-syzkaller-00020-g0de63bb7d919 #0
[  195.701485][ T7798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  195.701495][ T7798] Call Trace:
[  195.701500][ T7798]  <TASK>
[  195.701507][ T7798]  dump_stack_lvl+0x16c/0x1f0
[  195.701531][ T7798]  should_fail_ex+0x50a/0x650
[  195.701558][ T7798]  _copy_from_user+0x2e/0xd0
[  195.701583][ T7798]  copy_msghdr_from_user+0x99/0x160
[  195.701602][ T7798]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  195.701620][ T7798]  ? __lock_acquire+0xcc5/0x3c40
[  195.701650][ T7798]  ___sys_sendmsg+0xff/0x1e0
[  195.701670][ T7798]  ? __pfx____sys_sendmsg+0x10/0x10
[  195.701690][ T7798]  ? trace_lock_acquire+0x14e/0x1f0
[  195.701708][ T7798]  __sys_sendmmsg+0x201/0x420
[  195.701720][ T7798]  ? __pfx___sys_sendmmsg+0x10/0x10
[  195.701735][ T7798]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  195.701750][ T7798]  ? fput+0x67/0x440
[  195.701761][ T7798]  ? ksys_write+0x1ba/0x250
[  195.701774][ T7798]  ? __pfx_ksys_write+0x10/0x10
[  195.701789][ T7798]  __x64_sys_sendmmsg+0x9c/0x100
[  195.701799][ T7798]  ? lockdep_hardirqs_on+0x7c/0x110
[  195.701808][ T7798]  do_syscall_64+0xcd/0x250
[  195.701818][ T7798]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.701831][ T7798] RIP: 0033:0x7f94b318cda9
[  195.701839][ T7798] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  195.701848][ T7798] RSP: 002b:00007f94b3fc2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  195.701857][ T7798] RAX: ffffffffffffffda RBX: 00007f94b33a6080 RCX: 00007f94b318cda9
[  195.701862][ T7798] RDX: 00000000000002e9 RSI: 0000000020000480 RDI: 0000000000000008
[  195.701868][ T7798] RBP: 00007f94b3fc2090 R08: 0000000000000000 R09: 0000000000000000
[  195.701873][ T7798] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  195.701877][ T7798] R13: 0000000000000000 R14: 00007f94b33a6080 R15: 00007ffe7a42daa8
[  195.701888][ T7798]  </TASK>
[  196.151732][    T8] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  196.209922][   T29] audit: type=1400 audit(1738676206.978:512): avc:  denied  { unmount } for  pid=7095 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[  196.290000][  T117] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  196.550870][    T8] usb 5-1: config index 0 descriptor too short (expected 1298, got 18)
[  196.566301][    T8] usb 5-1: config 0 has an invalid interface number: 0 but max is -1
[  196.595870][    T8] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 0
[  196.659246][ T7805] netlink: 20 bytes leftover after parsing attributes in process `syz.2.517'.
[  196.699711][  T117] usb 1-1: Using ep0 maxpacket: 16
[  196.704978][    T8] usb 5-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  196.719720][  T117] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  196.739663][    T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  196.747771][  T117] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  196.770713][    T8] usb 5-1: Product: syz
[  196.774904][    T8] usb 5-1: Manufacturer: syz
[  196.797482][ T7805] netlink: 20 bytes leftover after parsing attributes in process `syz.2.517'.
[  197.386872][  T117] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  197.435863][    T8] usb 5-1: SerialNumber: syz
[  197.453228][    T8] usb 5-1: config 0 descriptor??
[  197.475702][  T117] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  197.500000][  T117] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  197.538115][  T117] usb 1-1: config 0 descriptor??
[  197.967836][  T117] microsoft 0003:045E:07DA.000C: collection stack underflow
[  197.975549][  T117] microsoft 0003:045E:07DA.000C: item 0 4 0 12 parsing failed
[  197.984068][  T117] microsoft 0003:045E:07DA.000C: parse failed
[  197.998503][  T117] microsoft 0003:045E:07DA.000C: probe with driver microsoft failed with error -22
[  198.087124][   T29] audit: type=1400 audit(1738676209.388:513): avc:  denied  { create } for  pid=7820 comm="syz.5.520" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  198.118630][   T29] audit: type=1400 audit(1738676209.388:514): avc:  denied  { getopt } for  pid=7820 comm="syz.5.520" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  198.184520][  T117] usb 1-1: USB disconnect, device number 10
[  198.757756][  T117] usb 5-1: USB disconnect, device number 13
[  198.856182][ T7829] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  200.112481][   T29] audit: type=1400 audit(1738676211.418:515): avc:  denied  { write } for  pid=7833 comm="syz.0.523" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  200.274374][ T5831] Bluetooth: hci2: unexpected event for opcode 0x1005
[  200.793650][ T7853] netlink: 20 bytes leftover after parsing attributes in process `syz.5.526'.
[  200.802702][ T7853] netlink: 20 bytes leftover after parsing attributes in process `syz.5.526'.
[  201.907278][   T29] audit: type=1400 audit(1738676213.208:516): avc:  denied  { bind } for  pid=7856 comm="syz.1.527" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  203.032852][ T7872] netlink: 64 bytes leftover after parsing attributes in process `syz.5.533'.
[  204.666579][ T7873] netlink: 'syz.4.532': attribute type 39 has an invalid length.
[  205.029798][  T117] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  205.181203][  T117] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  205.234660][  T117] usb 1-1: New USB device found, idVendor=28de, idProduct=1205, bcdDevice= 0.00
[  205.258665][  T117] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  205.283091][  T117] usb 1-1: config 0 descriptor??
[  205.408319][ T7899] 9pnet_fd: Insufficient options for proto=fd
[  205.928153][  T117] hid-steam 0003:28DE:1205.000D: unknown main item tag 0x0
[  206.182855][ T7903] netlink: 'syz.0.537': attribute type 4 has an invalid length.
[  206.503424][  T117] hid-steam 0003:28DE:1205.000D: unknown main item tag 0x0
[  206.512636][  T117] hid-steam 0003:28DE:1205.000D: unknown main item tag 0x0
[  206.519902][  T117] hid-steam 0003:28DE:1205.000D: item fetching failed at offset 3/5
[  206.528078][  T117] hid-steam 0003:28DE:1205.000D: steam_probe:parse of hid interface failed
[  206.539810][  T117] hid-steam 0003:28DE:1205.000D: probe with driver hid-steam failed with error -22
[  206.559861][  T117] usb 1-1: USB disconnect, device number 11
[  206.711223][   T29] audit: type=1400 audit(1738676218.018:517): avc:  denied  { getopt } for  pid=7911 comm="syz.1.543" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  207.199744][   T25] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  207.223972][ T5831] Bluetooth: hci0: unexpected event for opcode 0x1005
[  207.400380][   T25] usb 1-1: Using ep0 maxpacket: 16
[  207.522731][   T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  207.533830][   T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  207.543693][   T25] usb 1-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00
[  207.552824][   T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  207.563345][   T25] usb 1-1: config 0 descriptor??
[  207.802479][   T25] corsair 0003:1B1C:1B02.000E: hidraw0: USB HID v0.00 Device [HID 1b1c:1b02] on usb-dummy_hcd.0-1/input0
[  207.857787][   T25] corsair 0003:1B1C:1B02.000E: Failed to get K90 initial state (error -71).
[  207.891240][   T76] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  207.905081][   T25] usb 1-1: USB disconnect, device number 12
[  208.159849][  T971] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  208.194517][   T76] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  208.226364][   T76] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  208.226466][   T76] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  208.226655][   T76] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  208.226751][   T76] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  208.258575][   T76] usb 3-1: config 0 descriptor??
[  208.413027][   T29] audit: type=1400 audit(1738676219.668:518): avc:  denied  { read } for  pid=7944 comm="syz.0.552" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  208.432075][    C1] vkms_vblank_simulate: vblank timer overrun
[  208.559897][  T971] usb 6-1: Using ep0 maxpacket: 16
[  208.562014][   T29] audit: type=1400 audit(1738676219.748:519): avc:  denied  { write } for  pid=7944 comm="syz.0.552" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  208.605311][  T971] usb 6-1: config 8 has an invalid interface number: 39 but max is 0
[  208.622238][  T971] usb 6-1: config 8 has no interface number 0
[  208.628397][  T971] usb 6-1: config 8 interface 39 altsetting 1 has an endpoint descriptor with address 0xDF, changing to 0x8F
[  208.646037][  T971] usb 6-1: config 8 interface 39 altsetting 1 endpoint 0x8F has invalid wMaxPacketSize 0
[  208.656158][  T971] usb 6-1: config 8 interface 39 has no altsetting 0
[  208.671149][  T971] usb 6-1: New USB device found, idVendor=05ac, idProduct=c704, bcdDevice=62.77
[  208.689691][  T971] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  208.707306][  T971] usb 6-1: Product: syz
[  208.721890][  T971] usb 6-1: Manufacturer: syz
[  208.732802][  T971] usb 6-1: SerialNumber: syz
[  208.855926][   T76] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x3
[  208.863632][   T76] plantronics 0003:047F:FFFF.000F: bogus close delimiter
[  208.871084][   T76] plantronics 0003:047F:FFFF.000F: item 0 0 2 10 parsing failed
[  208.879248][   T76] plantronics 0003:047F:FFFF.000F: parse failed
[  208.889000][   T76] plantronics 0003:047F:FFFF.000F: probe with driver plantronics failed with error -22
[  209.488517][ T7943] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  209.503795][ T7943] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  209.628520][ T7943] 9pnet_fd: Insufficient options for proto=fd
[  209.658041][  T971] ipheth 6-1:8.39: Unable to find endpoints
[  209.679060][  T971] usb 6-1: USB disconnect, device number 9
[  209.899764][   T25] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  209.943214][   T29] audit: type=1400 audit(1738676221.248:520): avc:  denied  { ioctl } for  pid=7963 comm="syz.4.557" path="socket:[17808]" dev="sockfs" ino=17808 ioctlcmd=0x89e1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  210.049711][   T25] usb 2-1: Using ep0 maxpacket: 16
[  210.057303][   T25] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  210.065434][   T25] usb 2-1: config 0 has no interface number 0
[  210.073118][   T25] usb 2-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  210.082270][   T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  210.090271][   T25] usb 2-1: Product: syz
[  210.094496][   T25] usb 2-1: Manufacturer: syz
[  210.099076][   T25] usb 2-1: SerialNumber: syz
[  210.104662][   T25] usb 2-1: config 0 descriptor??
[  210.111964][   T25] gspca_main: spca1528-2.14.0 probing 04fc:1528
[  210.619747][  T971] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  210.691143][    T8] usb 3-1: USB disconnect, device number 13
[  210.769839][  T971] usb 6-1: Using ep0 maxpacket: 32
[  210.780033][  T971] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  210.807633][  T971] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  210.828022][  T971] usb 6-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  210.838197][  T971] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  210.862138][ T7981] overlayfs: invalid origin (0000)
[  210.874525][  T971] usb 6-1: config 0 descriptor??
[  210.889504][  T971] hub 6-1:0.0: USB hub found
[  211.035405][ T7988] netlink: 64 bytes leftover after parsing attributes in process `syz.2.561'.
[  211.684336][   T25] gspca_spca1528: reg_w err -110
[  211.689342][   T25] spca1528 2-1:0.1: probe with driver spca1528 failed with error -110
[  211.711259][   T25] usb 2-1: USB disconnect, device number 12
[  213.228634][  T971] hub 6-1:0.0: config failed, can't read hub descriptor (err -22)
[  213.261803][  T971] usbhid 6-1:0.0: can't add hid device: -71
[  213.297018][  T971] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  213.362451][  T971] usb 6-1: USB disconnect, device number 10
[  214.259702][    T8] usb 1-1: new full-speed USB device number 13 using dummy_hcd
[  214.424893][    T8] usb 1-1: config 0 has an invalid interface number: 29 but max is 0
[  214.449417][    T8] usb 1-1: config 0 has no interface number 0
[  214.466780][    T8] usb 1-1: config 0 interface 29 has no altsetting 0
[  214.491779][    T8] usb 1-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=39.ac
[  214.505275][    T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  214.523767][    T8] usb 1-1: Product: syz
[  214.527999][    T8] usb 1-1: Manufacturer: syz
[  214.538901][    T8] usb 1-1: SerialNumber: syz
[  214.560074][    T8] usb 1-1: config 0 descriptor??
[  214.858967][ T8026] syz.1.575: attempt to access beyond end of device
[  214.858967][ T8026] loop1: rw=2048, sector=2, nr_sectors = 1 limit=0
[  214.891610][ T8026] hfsplus: unable to find HFS+ superblock
[  214.959788][ T5869] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  215.057081][    T8] peak_usb 1-1:0.29: PEAK-System PCAN-USB X6 v180 fw v53.105.158 (2 channels)
[  215.111848][ T5869] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  215.111875][ T5869] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  215.111888][ T5869] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  215.111901][ T5869] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  215.111918][ T5869] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  215.111929][ T5869] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  215.112982][ T5869] usb 6-1: config 0 descriptor??
[  215.113395][ T8025] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  215.208664][ T8034] FAULT_INJECTION: forcing a failure.
[  215.208664][ T8034] name failslab, interval 1, probability 0, space 0, times 0
[  215.208719][ T8034] CPU: 1 UID: 0 PID: 8034 Comm: syz.4.577 Not tainted 6.14.0-rc1-syzkaller-00020-g0de63bb7d919 #0
[  215.208740][ T8034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  215.208750][ T8034] Call Trace:
[  215.208755][ T8034]  <TASK>
[  215.208762][ T8034]  dump_stack_lvl+0x16c/0x1f0
[  215.208785][ T8034]  should_fail_ex+0x50a/0x650
[  215.208807][ T8034]  ? irqentry_exit+0x3b/0x90
[  215.208826][ T8034]  should_failslab+0xc2/0x120
[  215.208845][ T8034]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  215.208864][ T8034]  ? skb_clone+0x190/0x3f0
[  215.208884][ T8034]  ? netlink_deliver_tap+0x60d/0xd30
[  215.208905][ T8034]  skb_clone+0x190/0x3f0
[  215.208927][ T8034]  netlink_deliver_tap+0xabd/0xd30
[  215.208949][ T8034]  netlink_unicast+0x5e1/0x7f0
[  215.208970][ T8034]  ? __pfx_netlink_unicast+0x10/0x10
[  215.208988][ T8034]  ? netlink_sendmsg+0x822/0xd70
[  215.209013][ T8034]  netlink_sendmsg+0x8b8/0xd70
[  215.209037][ T8034]  ? __pfx_netlink_sendmsg+0x10/0x10
[  215.209066][ T8034]  ____sys_sendmsg+0xaaf/0xc90
[  215.209090][ T8034]  ? lockdep_hardirqs_on+0x7c/0x110
[  215.209106][ T8034]  ? __pfx_____sys_sendmsg+0x10/0x10
[  215.209143][ T8034]  ___sys_sendmsg+0x135/0x1e0
[  215.209165][ T8034]  ? __pfx____sys_sendmsg+0x10/0x10
[  215.209215][ T8034]  ? __fget_files+0x206/0x3a0
[  215.209236][ T8034]  __sys_sendmsg+0x16e/0x220
[  215.209257][ T8034]  ? __pfx___sys_sendmsg+0x10/0x10
[  215.209294][ T8034]  do_syscall_64+0xcd/0x250
[  215.209314][ T8034]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.209336][ T8034] RIP: 0033:0x7f736db8cda9
[  215.209349][ T8034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  215.209364][ T8034] RSP: 002b:00007f736e9e4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  215.209380][ T8034] RAX: ffffffffffffffda RBX: 00007f736dda6160 RCX: 00007f736db8cda9
[  215.209391][ T8034] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000006
[  215.209400][ T8034] RBP: 00007f736e9e4090 R08: 0000000000000000 R09: 0000000000000000
[  215.209410][ T8034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  215.209419][ T8034] R13: 0000000000000000 R14: 00007f736dda6160 R15: 00007ffe6d54a8c8
[  215.209441][ T8034]  </TASK>
[  215.261417][   T29] audit: type=1326 audit(1738676226.458:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8031 comm="syz.4.577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f736db8cda9 code=0x7ffc0000
[  215.261475][   T29] audit: type=1326 audit(1738676226.458:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8031 comm="syz.4.577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f736db8cda9 code=0x7ffc0000
[  215.261566][   T29] audit: type=1326 audit(1738676226.458:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8031 comm="syz.4.577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7f736db8cda9 code=0x7ffc0000
[  215.261612][   T29] audit: type=1326 audit(1738676226.458:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8031 comm="syz.4.577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f736db8cda9 code=0x7ffc0000
[  215.261703][   T29] audit: type=1326 audit(1738676226.458:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8031 comm="syz.4.577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f736db8cda9 code=0x7ffc0000
[  215.261747][   T29] audit: type=1326 audit(1738676226.458:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8031 comm="syz.4.577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7f736db8cda9 code=0x7ffc0000
[  215.381740][   T29] audit: type=1326 audit(1738676226.668:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8013 comm="syz.0.571" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe2b518cda9 code=0x0
[  215.775506][   T29] audit: type=1326 audit(1738676227.078:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8031 comm="syz.4.577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f736db8cda9 code=0x7ffc0000
[  215.775602][   T29] audit: type=1326 audit(1738676227.078:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8031 comm="syz.4.577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f736db8cda9 code=0x7ffc0000
[  215.776037][    T8] peak_usb 1-1:0.29 can0: sending command failure: -22
[  215.776055][    T8] peak_usb 1-1:0.29 can0: sending command failure: -22
[  215.776064][    T8] peak_usb 1-1:0.29 can0: sending command failure: -22
[  215.830932][    T8] peak_usb 1-1:0.29: probe with driver peak_usb failed with error -22
[  215.839711][  T971] IPVS: starting estimator thread 0...
[  215.950431][ T8037] IPVS: using max 27 ests per chain, 64800 per kthread
[  216.255216][ T8039] netlink: 80 bytes leftover after parsing attributes in process `syz.4.578'.
[  216.381845][ T5869] plantronics 0003:047F:FFFF.0010: unknown main item tag 0xd
[  216.386044][ T5869] plantronics 0003:047F:FFFF.0010: No inputs registered, leaving
[  216.388248][ T5869] plantronics 0003:047F:FFFF.0010: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  216.402169][ T8049] netlink: 12 bytes leftover after parsing attributes in process `syz.4.580'.
[  216.931323][  T971] usb 1-1: USB disconnect, device number 13
[  217.022054][ T5869] usb 6-1: USB disconnect, device number 11
[  217.656634][ T5869] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  217.864410][ T5869] usb 5-1: Using ep0 maxpacket: 32
[  217.885307][ T5869] usb 5-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[  217.895194][ T5869] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  217.906926][ T5869] usb 5-1: config 0 descriptor??
[  217.917263][ T5869] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[  218.576913][ T8049] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not our slave
[  218.589644][ T8049] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1)
[  219.277068][ T5869] gspca_vc032x: reg_w err -110
[  219.281928][ T5869] gspca_vc032x: I2c Bus Busy Wait 00
[  219.287217][ T5869] gspca_vc032x: I2c Bus Busy Wait 00
[  219.292526][ T5869] gspca_vc032x: I2c Bus Busy Wait 00
[  219.297809][ T5869] gspca_vc032x: I2c Bus Busy Wait 00
[  219.496475][ T8092] netlink: 'syz.0.591': attribute type 39 has an invalid length.
[  219.520827][ T5869] gspca_vc032x: I2c Bus Busy Wait 00
[  219.526423][ T5869] gspca_vc032x: I2c Bus Busy Wait 00
[  219.551318][ T5869] gspca_vc032x: I2c Bus Busy Wait 00
[  219.690653][ T5869] gspca_vc032x: I2c Bus Busy Wait 00
[  219.719692][ T5869] gspca_vc032x: I2c Bus Busy Wait 00
[  219.725019][ T5869] gspca_vc032x: I2c Bus Busy Wait 00
[  219.812047][ T5869] gspca_vc032x: I2c Bus Busy Wait 00
[  219.817754][ T5869] gspca_vc032x: I2c Bus Busy Wait 00
[  219.827639][ T5869] gspca_vc032x: I2c Bus Busy Wait 00
[  219.847806][ T5869] gspca_vc032x: I2c Bus Busy Wait 00
[  219.853381][ T5869] gspca_vc032x: I2c Bus Busy Wait 00
[  219.868693][ T5869] gspca_vc032x: I2c Bus Busy Wait 00
[  219.876139][ T5869] gspca_vc032x: I2c Bus Busy Wait 00
[  219.881620][ T5869] gspca_vc032x: I2c Bus Busy Wait 00
[  219.886997][ T5869] gspca_vc032x: Unknown sensor...
[  219.897439][ T5869] vc032x 5-1:0.0: probe with driver vc032x failed with error -22
[  219.903699][ T8098] input: syz0 as /devices/virtual/input/input14
[  221.406605][  T971] usb 5-1: USB disconnect, device number 14
[  222.541587][ T8139] 9pnet_fd: Insufficient options for proto=fd
[  223.129747][    T8] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  223.346174][ T8146] FAULT_INJECTION: forcing a failure.
[  223.346174][ T8146] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  223.362322][    T8] usb 6-1: config index 0 descriptor too short (expected 23569, got 27)
[  223.365839][ T8146] CPU: 1 UID: 0 PID: 8146 Comm: syz.1.605 Not tainted 6.14.0-rc1-syzkaller-00020-g0de63bb7d919 #0
[  223.365860][ T8146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  223.365869][ T8146] Call Trace:
[  223.365873][ T8146]  <TASK>
[  223.365879][ T8146]  dump_stack_lvl+0x16c/0x1f0
[  223.365899][ T8146]  should_fail_ex+0x50a/0x650
[  223.365922][ T8146]  _copy_from_user+0x2e/0xd0
[  223.365944][ T8146]  memdup_user+0x71/0xd0
[  223.365964][ T8146]  strndup_user+0x78/0xe0
[  223.365984][ T8146]  __x64_sys_fsopen+0x9c/0x240
[  223.366002][ T8146]  do_syscall_64+0xcd/0x250
[  223.366019][ T8146]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.366039][ T8146] RIP: 0033:0x7f94b318cda9
[  223.366051][ T8146] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  223.366064][ T8146] RSP: 002b:00007f94b3fe3038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae
[  223.366078][ T8146] RAX: ffffffffffffffda RBX: 00007f94b33a5fa0 RCX: 00007f94b318cda9
[  223.366088][ T8146] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000200000c0
[  223.366096][ T8146] RBP: 00007f94b3fe3090 R08: 0000000000000000 R09: 0000000000000000
[  223.366105][ T8146] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  223.366113][ T8146] R13: 0000000000000001 R14: 00007f94b33a5fa0 R15: 00007ffe7a42daa8
[  223.366132][ T8146]  </TASK>
[  223.513562][    T8] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  223.526591][    T8] usb 6-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  223.536067][    T8] usb 6-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  223.544454][    T8] usb 6-1: Manufacturer: syz
[  223.557567][    T8] usb 6-1: config 0 descriptor??
[  223.609867][    T8] rc_core: IR keymap rc-hauppauge not found
[  223.617847][    T8] Registered IR keymap rc-empty
[  223.624323][    T8] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0
[  223.635839][    T8] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input15
[  223.780509][    C0] igorplugusb 6-1:0.0: Error: urb status = -32
[  224.299968][    C0] igorplugusb 6-1:0.0: Error: urb status = -32
[  225.497571][   T29] audit: type=1400 audit(1738676236.798:530): avc:  denied  { create } for  pid=8155 comm="syz.0.607" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  225.884012][ T8175] netlink: 20 bytes leftover after parsing attributes in process `syz.2.611'.
[  225.893073][ T8175] netlink: 20 bytes leftover after parsing attributes in process `syz.2.611'.
[  225.903496][    T9] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  226.421008][    T9] usb 1-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  226.437619][    T9] usb 1-1: config 0 interface 0 has no altsetting 0
[  226.447163][    T9] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  226.459649][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  226.468756][    T9] usb 1-1: Product: syz
[  226.473347][    T9] usb 1-1: Manufacturer: syz
[  226.478060][    T9] usb 1-1: SerialNumber: syz
[  226.487376][    T9] usb 1-1: config 0 descriptor??
[  226.589570][ T5817] usb 6-1: USB disconnect, device number 12
[  226.606007][    T9] usb 1-1: selecting invalid altsetting 0
[  226.708153][  T971] usb 1-1: USB disconnect, device number 14
[  226.761060][   T29] audit: type=1400 audit(1738676238.058:531): avc:  denied  { ioctl } for  pid=8181 comm="syz.5.614" path="socket:[19049]" dev="sockfs" ino=19049 ioctlcmd=0x89f2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  226.890266][    T8] usb 3-1: new full-speed USB device number 14 using dummy_hcd
[  226.960549][ T8191] netlink: 8 bytes leftover after parsing attributes in process `syz.4.617'.
[  227.004035][   T29] audit: type=1400 audit(1738676238.308:532): avc:  denied  { read } for  pid=8190 comm="syz.4.617" name="ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  227.053210][   T29] audit: type=1400 audit(1738676238.308:533): avc:  denied  { open } for  pid=8190 comm="syz.4.617" path="/dev/ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  227.120973][    T8] usb 3-1: config 0 has an invalid interface number: 20 but max is 0
[  227.133988][    T8] usb 3-1: config 0 has no interface number 0
[  227.141458][    T8] usb 3-1: config 0 interface 20 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  227.770589][    T8] usb 3-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00
[  227.799717][    T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  227.817436][    T8] usb 3-1: Product: syz
[  227.825641][    T8] usb 3-1: Manufacturer: syz
[  227.832585][    T8] usb 3-1: SerialNumber: syz
[  227.840539][    T8] usb 3-1: config 0 descriptor??
[  227.848730][ T8180] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  227.857218][    T8] usb-storage 3-1:0.20: USB Mass Storage device detected
[  227.865627][    T8] usb-storage 3-1:0.20: Quirks match for vid 04e6 pid 000b: 4
[  228.089962][ T8180] netlink: 20 bytes leftover after parsing attributes in process `syz.2.613'.
[  228.141127][    T8] scsi host1: usb-storage 3-1:0.20
[  228.149419][ T5831] Bluetooth: hci5: unexpected event for opcode 0x1005
[  228.159508][    T8] usb 3-1: USB disconnect, device number 14
[  229.004627][ T8204] FAULT_INJECTION: forcing a failure.
[  229.004627][ T8204] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  229.085467][ T8204] CPU: 1 UID: 0 PID: 8204 Comm: syz.0.619 Not tainted 6.14.0-rc1-syzkaller-00020-g0de63bb7d919 #0
[  229.085493][ T8204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  229.085503][ T8204] Call Trace:
[  229.085509][ T8204]  <TASK>
[  229.085515][ T8204]  dump_stack_lvl+0x16c/0x1f0
[  229.085538][ T8204]  should_fail_ex+0x50a/0x650
[  229.085566][ T8204]  _copy_from_user+0x2e/0xd0
[  229.085593][ T8204]  __sys_bpf+0x21c/0x49c0
[  229.085611][ T8204]  ? __pfx_lock_release+0x10/0x10
[  229.085635][ T8204]  ? __pfx___sys_bpf+0x10/0x10
[  229.085651][ T8204]  ? vfs_write+0x306/0x1150
[  229.085681][ T8204]  ? __mutex_unlock_slowpath+0x164/0x6a0
[  229.085714][ T8204]  ? fput+0x67/0x440
[  229.085733][ T8204]  ? ksys_write+0x1ba/0x250
[  229.085757][ T8204]  ? __pfx_ksys_write+0x10/0x10
[  229.085785][ T8204]  __x64_sys_bpf+0x78/0xc0
[  229.085803][ T8204]  ? lockdep_hardirqs_on+0x7c/0x110
[  229.085819][ T8204]  do_syscall_64+0xcd/0x250
[  229.085838][ T8204]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.085860][ T8204] RIP: 0033:0x7fe2b518cda9
[  229.085873][ T8204] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  229.085889][ T8204] RSP: 002b:00007fe2b604c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  229.085906][ T8204] RAX: ffffffffffffffda RBX: 00007fe2b53a6080 RCX: 00007fe2b518cda9
[  229.085916][ T8204] RDX: 0000000000000050 RSI: 0000000020000180 RDI: 0000000000000000
[  229.085926][ T8204] RBP: 00007fe2b604c090 R08: 0000000000000000 R09: 0000000000000000
[  229.085935][ T8204] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  229.085944][ T8204] R13: 0000000000000000 R14: 00007fe2b53a6080 R15: 00007fff6cfe7ce8
[  229.085966][ T8204]  </TASK>
[  229.469515][ T8224] FAULT_INJECTION: forcing a failure.
[  229.469515][ T8224] name failslab, interval 1, probability 0, space 0, times 0
[  229.482280][ T8224] CPU: 1 UID: 0 PID: 8224 Comm: syz.5.623 Not tainted 6.14.0-rc1-syzkaller-00020-g0de63bb7d919 #0
[  229.482301][ T8224] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  229.482311][ T8224] Call Trace:
[  229.482316][ T8224]  <TASK>
[  229.482322][ T8224]  dump_stack_lvl+0x16c/0x1f0
[  229.482345][ T8224]  should_fail_ex+0x50a/0x650
[  229.482368][ T8224]  ? fs_reclaim_acquire+0xae/0x150
[  229.482400][ T8224]  should_failslab+0xc2/0x120
[  229.482419][ T8224]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  229.482437][ T8224]  ? getname_flags.part.0+0x4c/0x550
[  229.482461][ T8224]  getname_flags.part.0+0x4c/0x550
[  229.482480][ T8224]  getname_flags+0x93/0xf0
[  229.482498][ T8224]  user_path_at+0x24/0x60
[  229.482517][ T8224]  __x64_sys_chmod+0xe8/0x1c0
[  229.482531][ T8224]  ? __pfx___x64_sys_chmod+0x10/0x10
[  229.482550][ T8224]  do_syscall_64+0xcd/0x250
[  229.482564][ T8224]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.482582][ T8224] RIP: 0033:0x7f329578cda9
[  229.482592][ T8224] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  229.482604][ T8224] RSP: 002b:00007f32965db038 EFLAGS: 00000246 ORIG_RAX: 000000000000005a
[  229.482617][ T8224] RAX: ffffffffffffffda RBX: 00007f32959a6160 RCX: 00007f329578cda9
[  229.482625][ T8224] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000180
[  229.482632][ T8224] RBP: 00007f32965db090 R08: 0000000000000000 R09: 0000000000000000
[  229.482639][ T8224] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  229.482647][ T8224] R13: 0000000000000000 R14: 00007f32959a6160 R15: 00007ffc5f592c28
[  229.482663][ T8224]  </TASK>
[  229.488350][ T8224] netlink: 52 bytes leftover after parsing attributes in process `syz.5.623'.
[  229.833957][ T8227] netlink: 20 bytes leftover after parsing attributes in process `syz.1.624'.
[  229.842914][ T8227] netlink: 20 bytes leftover after parsing attributes in process `syz.1.624'.
[  230.154720][   T29] audit: type=1400 audit(1738676240.768:534): avc:  denied  { mount } for  pid=8218 comm="syz.5.623" name="/" dev="configfs" ino=1048 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  230.264964][   T29] audit: type=1400 audit(1738676240.788:535): avc:  denied  { read } for  pid=8218 comm="syz.5.623" name="/" dev="configfs" ino=1048 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  230.296141][   T29] audit: type=1400 audit(1738676240.788:536): avc:  denied  { open } for  pid=8218 comm="syz.5.623" path="/44/file0" dev="configfs" ino=1048 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  230.333856][   T29] audit: type=1400 audit(1738676240.788:537): avc:  denied  { ioctl } for  pid=8218 comm="syz.5.623" path="/44/file0" dev="configfs" ino=1048 ioctlcmd=0x1285 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  230.363275][   T29] audit: type=1400 audit(1738676241.568:538): avc:  denied  { unmount } for  pid=7095 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  230.536773][ T8241] netlink: 'syz.4.628': attribute type 39 has an invalid length.
[  230.581227][   T25] usb 2-1: new full-speed USB device number 13 using dummy_hcd
[  231.142549][ T8254] FAULT_INJECTION: forcing a failure.
[  231.142549][ T8254] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  231.695732][ T8257] netlink: 20 bytes leftover after parsing attributes in process `syz.4.633'.
[  231.704685][ T8257] netlink: 20 bytes leftover after parsing attributes in process `syz.4.633'.
[  232.090262][ T8254] CPU: 1 UID: 0 PID: 8254 Comm: syz.5.632 Not tainted 6.14.0-rc1-syzkaller-00020-g0de63bb7d919 #0
[  232.090290][ T8254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  232.090300][ T8254] Call Trace:
[  232.090305][ T8254]  <TASK>
[  232.090311][ T8254]  dump_stack_lvl+0x16c/0x1f0
[  232.090334][ T8254]  should_fail_ex+0x50a/0x650
[  232.090364][ T8254]  _copy_from_user+0x2e/0xd0
[  232.090398][ T8254]  __x64_sys_sendfile64+0x121/0x220
[  232.090416][ T8254]  ? ksys_write+0x1ba/0x250
[  232.090439][ T8254]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  232.090464][ T8254]  do_syscall_64+0xcd/0x250
[  232.090484][ T8254]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  232.090507][ T8254] RIP: 0033:0x7f329578cda9
[  232.090520][ T8254] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  232.090535][ T8254] RSP: 002b:00007f32965db038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  232.090552][ T8254] RAX: ffffffffffffffda RBX: 00007f32959a6160 RCX: 00007f329578cda9
[  232.090562][ T8254] RDX: 0000000020002080 RSI: 0000000000000009 RDI: 000000000000000a
[  232.090572][ T8254] RBP: 00007f32965db090 R08: 0000000000000000 R09: 0000000000000000
[  232.090581][ T8254] R10: 000000000000023b R11: 0000000000000246 R12: 0000000000000001
[  232.090590][ T8254] R13: 0000000000000000 R14: 00007f32959a6160 R15: 00007ffc5f592c28
[  232.090612][ T8254]  </TASK>
[  232.095129][   T25] usb 2-1: config 0 has an invalid interface number: 29 but max is 0
[  232.493765][   T25] usb 2-1: config 0 has no interface number 0
[  232.509646][   T25] usb 2-1: config 0 interface 29 has no altsetting 0
[  232.538681][   T25] usb 2-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=39.ac
[  232.583275][   T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  232.615015][   T25] usb 2-1: Product: syz
[  232.627017][   T25] usb 2-1: Manufacturer: syz
[  232.639784][   T25] usb 2-1: SerialNumber: syz
[  232.652345][   T25] usb 2-1: config 0 descriptor??
[  232.737663][ T8270] netlink: 'syz.0.637': attribute type 39 has an invalid length.
[  232.957332][   T25] peak_usb 2-1:0.29: PEAK-System PCAN-USB X6 v180 fw v53.105.158 (2 channels)
[  233.088713][   T29] audit: type=1326 audit(1738676244.388:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8228 comm="syz.1.627" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f94b318cda9 code=0x0
[  233.197393][   T25] peak_usb 2-1:0.29 can0: sending command failure: -22
[  233.206254][   T25] peak_usb 2-1:0.29 can0: sending command failure: -22
[  233.221640][   T25] peak_usb 2-1:0.29 can0: sending command failure: -22
[  233.450521][ T8281] netlink: 'syz.5.641': attribute type 39 has an invalid length.
[  233.632076][   T25] peak_usb 2-1:0.29: probe with driver peak_usb failed with error -22
[  234.513389][  T971] usb 2-1: USB disconnect, device number 13
[  234.605421][ T8301] fuse: Bad value for 'fd'
[  235.497581][   T29] audit: type=1400 audit(1738676246.738:540): avc:  denied  { write } for  pid=8300 comm="syz.5.648" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  235.915663][ T8319] netlink: 12 bytes leftover after parsing attributes in process `syz.2.653'.
[  236.057719][ T8324] netlink: 8 bytes leftover after parsing attributes in process `syz.4.651'.
[  236.680744][ T5869] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  236.830803][ T5869] usb 6-1: Using ep0 maxpacket: 8
[  236.949838][ T8335] netlink: 'syz.4.656': attribute type 39 has an invalid length.
[  237.005524][ T5869] usb 6-1: config index 0 descriptor too short (expected 1298, got 18)
[  237.192968][ T5869] usb 6-1: config 0 has an invalid interface number: 0 but max is -1
[  237.270769][ T5869] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 0
[  237.306136][ T5869] usb 6-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2
[  237.336064][ T5869] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  237.355689][ T5869] usb 6-1: Product: syz
[  237.366299][ T5869] usb 6-1: Manufacturer: syz
[  237.377513][ T5869] usb 6-1: SerialNumber: syz
[  237.394205][ T5869] usb 6-1: config 0 descriptor??
[  237.624380][ T5869] usb 6-1: dvb_usb_v2: found a 'Terratec H7' in warm state
[  238.272983][    T9] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  239.013718][    T9] usb 1-1: Using ep0 maxpacket: 8
[  239.022141][    T9] usb 1-1: config index 0 descriptor too short (expected 1298, got 18)
[  239.032502][    T9] usb 1-1: config 0 has an invalid interface number: 0 but max is -1
[  239.043497][    T9] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 0
[  239.056141][    T9] usb 1-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2
[  239.067643][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  239.077339][    T9] usb 1-1: Product: syz
[  239.080574][   T29] audit: type=1400 audit(1738676250.378:541): avc:  denied  { setopt } for  pid=8361 comm="syz.1.664" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  239.083770][    T9] usb 1-1: Manufacturer: syz
[  239.109006][    T9] usb 1-1: SerialNumber: syz
[  239.115614][    T9] usb 1-1: config 0 descriptor??
[  239.555115][    T9] usb 1-1: dvb_usb_v2: found a 'Terratec H7' in warm state
[  239.638920][ T5869] usb write operation failed. (-71)
[  239.646719][ T5869] usb 6-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  239.661384][ T5869] dvbdev: DVB: registering new adapter (Terratec H7)
[  239.669114][ T5869] usb 6-1: media controller created
[  239.674861][ T5869] usb read operation failed. (-71)
[  239.680486][ T5869] usb write operation failed. (-71)
[  239.688556][ T5869] dvb_usb_az6007 6-1:0.0: probe with driver dvb_usb_az6007 failed with error -5
[  239.699841][ T5869] usb 6-1: USB disconnect, device number 13
[  239.732275][   T29] audit: type=1400 audit(1738676251.038:542): avc:  denied  { mount } for  pid=8368 comm="syz.2.667" name="/" dev="ramfs" ino=19454 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  240.732357][ T8377] FAULT_INJECTION: forcing a failure.
[  240.732357][ T8377] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  240.750084][ T8377] CPU: 0 UID: 0 PID: 8377 Comm: syz.4.669 Not tainted 6.14.0-rc1-syzkaller-00020-g0de63bb7d919 #0
[  240.750108][ T8377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  240.750118][ T8377] Call Trace:
[  240.750123][ T8377]  <TASK>
[  240.750130][ T8377]  dump_stack_lvl+0x16c/0x1f0
[  240.750152][ T8377]  should_fail_ex+0x50a/0x650
[  240.750175][ T8377]  ? __pfx___might_resched+0x10/0x10
[  240.750210][ T8377]  should_fail_alloc_page+0xe7/0x130
[  240.750231][ T8377]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  240.750261][ T8377]  __alloc_frozen_pages_noprof+0x18e/0x2470
[  240.750280][ T8377]  ? __pfx_mark_lock+0x10/0x10
[  240.750301][ T8377]  ? hlock_class+0x4e/0x130
[  240.750317][ T8377]  ? __pfx_mark_lock+0x10/0x10
[  240.750338][ T8377]  ? hlock_class+0x4e/0x130
[  240.750353][ T8377]  ? mark_lock+0xb5/0xc60
[  240.750376][ T8377]  ? hlock_class+0x4e/0x130
[  240.750393][ T8377]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  240.750412][ T8377]  ? mark_lock+0xb5/0xc60
[  240.750438][ T8377]  ? mark_lock+0xb5/0xc60
[  240.750457][ T8377]  ? __pfx___lock_acquire+0x10/0x10
[  240.750480][ T8377]  ? hlock_class+0x4e/0x130
[  240.750496][ T8377]  ? __pfx_mark_lock+0x10/0x10
[  240.750516][ T8377]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  240.750543][ T8377]  ? policy_nodemask+0xea/0x4e0
[  240.750564][ T8377]  alloc_pages_mpol+0x1fc/0x540
[  240.750584][ T8377]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  240.750604][ T8377]  ? find_held_lock+0x2d/0x110
[  240.750624][ T8377]  folio_alloc_mpol_noprof+0x36/0x2f0
[  240.750647][ T8377]  vma_alloc_folio_noprof+0xee/0x1b0
[  240.750667][ T8377]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  240.750690][ T8377]  ? __pfx___lock_acquire+0x10/0x10
[  240.750720][ T8377]  do_wp_page+0x105a/0x4670
[  240.750751][ T8377]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  240.750774][ T8377]  ? __pfx_do_wp_page+0x10/0x10
[  240.750795][ T8377]  ? rcu_is_watching+0x12/0xc0
[  240.750816][ T8377]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  240.750831][ T8377]  ? lock_acquire+0x2f/0xb0
[  240.750851][ T8377]  ? __handle_mm_fault+0xf22/0x2c60
[  240.750872][ T8377]  __handle_mm_fault+0x1c7c/0x2c60
[  240.750896][ T8377]  ? __pfx___handle_mm_fault+0x10/0x10
[  240.750911][ T8377]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  240.750949][ T8377]  ? find_vma+0xc0/0x140
[  240.750970][ T8377]  ? __pfx_find_vma+0x10/0x10
[  240.750996][ T8377]  handle_mm_fault+0x3fa/0xaa0
[  240.751018][ T8377]  do_user_addr_fault+0x7a3/0x13f0
[  240.751046][ T8377]  exc_page_fault+0x5c/0xc0
[  240.751064][ T8377]  asm_exc_page_fault+0x26/0x30
[  240.751085][ T8377] RIP: 0010:__put_user_4+0x11/0x20
[  240.751102][ T8377] Code: 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90
[  240.751118][ T8377] RSP: 0018:ffffc9001bd3fd58 EFLAGS: 00050206
[  240.751132][ T8377] RAX: 00000000fffffff2 RBX: 0000000000000000 RCX: 0000000020001000
[  240.751143][ T8377] RDX: ffff888063b32440 RSI: ffffffff821e8682 RDI: ffffffff8bd34c80
[  240.751153][ T8377] RBP: 00000000fffffff2 R08: 0000000000000000 R09: fffffbfff20c4502
[  240.751163][ T8377] R10: ffffffff90622817 R11: 0000000000000000 R12: dffffc0000000000
[  240.751172][ T8377] R13: 0000000020000000 R14: 0000000000000000 R15: ffff888063b32440
[  240.751196][ T8377]  ? kernel_move_pages+0xca2/0x1560
[  240.751220][ T8377]  kernel_move_pages+0xcb6/0x1560
[  240.751250][ T8377]  ? __pfx_kernel_move_pages+0x10/0x10
[  240.751278][ T8377]  ? fput+0x67/0x440
[  240.751297][ T8377]  ? ksys_write+0x1ba/0x250
[  240.751321][ T8377]  ? __pfx_ksys_write+0x10/0x10
[  240.751348][ T8377]  __x64_sys_move_pages+0xe0/0x1c0
[  240.751369][ T8377]  ? do_syscall_64+0x91/0x250
[  240.751385][ T8377]  ? lockdep_hardirqs_on+0x7c/0x110
[  240.751401][ T8377]  do_syscall_64+0xcd/0x250
[  240.751420][ T8377]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.751442][ T8377] RIP: 0033:0x7f736db8cda9
[  240.751454][ T8377] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  240.751469][ T8377] RSP: 002b:00007f736ea26038 EFLAGS: 00000246 ORIG_RAX: 0000000000000117
[  240.751483][ T8377] RAX: ffffffffffffffda RBX: 00007f736dda5fa0 RCX: 00007f736db8cda9
[  240.751493][ T8377] RDX: 0000000020000040 RSI: 00000000000020a0 RDI: 0000000000000000
[  240.751502][ T8377] RBP: 00007f736ea26090 R08: 0000000020000000 R09: 0000000000000000
[  240.751511][ T8377] R10: 0000000020001180 R11: 0000000000000246 R12: 0000000000000001
[  240.751521][ T8377] R13: 0000000000000001 R14: 00007f736dda5fa0 R15: 00007ffe6d54a8c8
[  240.751543][ T8377]  </TASK>
[  241.349244][ T8392] netlink: 68 bytes leftover after parsing attributes in process `syz.1.670'.
[  241.401430][   T29] audit: type=1400 audit(1738676252.698:543): avc:  denied  { ioctl } for  pid=8385 comm="syz.4.672" path="socket:[20511]" dev="sockfs" ino=20511 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  241.412998][    T9] usb write operation failed. (-71)
[  241.433544][    T9] usb 1-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  241.443957][    T9] dvbdev: DVB: registering new adapter (Terratec H7)
[  241.450818][    T9] usb 1-1: media controller created
[  241.457170][    T9] usb read operation failed. (-71)
[  241.462782][    T9] usb write operation failed. (-71)
[  241.469136][    T9] dvb_usb_az6007 1-1:0.0: probe with driver dvb_usb_az6007 failed with error -5
[  241.480185][    T9] usb 1-1: USB disconnect, device number 15
[  241.769755][    T8] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  241.919758][    T8] usb 6-1: Using ep0 maxpacket: 8
[  241.928094][    T8] usb 6-1: config 0 has no interfaces?
[  241.933659][    T8] usb 6-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8d.58
[  241.966646][    T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  241.989147][    T8] usb 6-1: config 0 descriptor??
[  242.056310][   T29] audit: type=1400 audit(1738676253.358:544): avc:  denied  { write } for  pid=8403 comm="syz.0.678" name="rtc0" dev="devtmpfs" ino=921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  242.241701][    T8] usb 6-1: USB disconnect, device number 14
[  242.373153][   T29] audit: type=1400 audit(1738676253.678:545): avc:  denied  { block_suspend } for  pid=8418 comm="syz.1.685" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  242.495801][ T8423] netlink: 12 bytes leftover after parsing attributes in process `syz.0.687'.
[  242.515035][ T8423] netlink: 12 bytes leftover after parsing attributes in process `syz.0.687'.
[  242.523992][ T8423] netlink: 16 bytes leftover after parsing attributes in process `syz.0.687'.
[  242.660754][   T29] audit: type=1326 audit(1738676253.968:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8428 comm="syz.0.690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2b518cda9 code=0x7fc00000
[  243.447366][   T29] audit: type=1326 audit(1738676254.748:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8428 comm="syz.0.690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2b518cda9 code=0x7fc00000
[  243.531463][   T29] audit: type=1326 audit(1738676254.788:548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8428 comm="syz.0.690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=208 compat=0 ip=0x7fe2b518cda9 code=0x7fc00000
[  243.612059][   T29] audit: type=1326 audit(1738676254.788:549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8428 comm="syz.0.690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2b518cda9 code=0x7fc00000
[  243.686341][   T29] audit: type=1326 audit(1738676254.788:550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8428 comm="syz.0.690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2b518cda9 code=0x7fc00000
[  243.973280][ T8472] netlink: 156 bytes leftover after parsing attributes in process `syz.4.701'.
[  244.746511][ T8483] loop5: detected capacity change from 0 to 1
[  244.925427][   T29] kauditd_printk_skb: 63 callbacks suppressed
[  244.925458][   T29] audit: type=1400 audit(1738676256.128:614): avc:  denied  { name_bind } for  pid=8474 comm="syz.0.705" src=28196 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1
[  245.188851][ T8487] input: syz1 as /devices/virtual/input/input16
[  245.310533][   T29] audit: type=1400 audit(1738676256.128:615): avc:  denied  { node_bind } for  pid=8474 comm="syz.0.705" src=28196 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[  246.508536][    T9] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  246.659890][    T9] usb 5-1: Using ep0 maxpacket: 32
[  246.674558][ T8510] netlink: 128 bytes leftover after parsing attributes in process `syz.1.719'.
[  246.695838][    T9] usb 5-1: config 0 has an invalid interface number: 67 but max is 0
[  246.708019][ T8510] netlink: 128 bytes leftover after parsing attributes in process `syz.1.719'.
[  246.719689][    T9] usb 5-1: config 0 has no interface number 0
[  246.743929][    T9] usb 5-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  246.759640][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  246.775206][    T9] usb 5-1: Product: syz
[  246.834622][    T9] usb 5-1: Manufacturer: syz
[  246.894065][    T9] usb 5-1: SerialNumber: syz
[  247.150321][    T9] usb 5-1: config 0 descriptor??
[  247.181040][    T9] smsc95xx v2.0.0
[  247.184703][    T9] smsc95xx 5-1:0.67 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  247.208350][    T9] smsc95xx 5-1:0.67: probe with driver smsc95xx failed with error -22
[  247.760474][ T5831] Bluetooth: hci0: Dropping invalid advertising data
[  247.768646][ T5831] Bluetooth: hci0: Malformed LE Event: 0x02
[  247.770632][    T8] usb 5-1: USB disconnect, device number 15
[  249.396730][   T29] audit: type=1326 audit(1738676260.108:616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8547 comm="syz.1.731" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f94b318cda9 code=0x0
[  249.595768][ T5831] Bluetooth: hci0: connection err: -111
[  250.630103][ T5831] Bluetooth: hci3: unexpected event for opcode 0x0406
[  251.699968][   T29] audit: type=1400 audit(1738676262.068:617): avc:  denied  { write } for  pid=8593 comm="syz.0.747" name="hwrng" dev="devtmpfs" ino=83 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  252.278491][   T29] audit: type=1400 audit(1738676263.458:618): avc:  denied  { listen } for  pid=8597 comm="syz.1.748" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  255.361192][ T8629] xt_TPROXY: Can be used only with -p tcp or -p udp
[  255.450210][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[  255.456567][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[  255.679714][    T9] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  255.893578][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  255.925275][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  255.963777][    T9] usb 5-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  255.993819][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  256.120030][    T9] usb 5-1: config 0 descriptor??
[  256.589800][  T971] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  257.012562][    T9] lg-g15 0003:046D:C222.0011: unknown main item tag 0x0
[  257.019561][    T9] lg-g15 0003:046D:C222.0011: unknown main item tag 0x0
[  257.049707][    T9] lg-g15 0003:046D:C222.0011: unknown main item tag 0x0
[  257.082997][    T9] lg-g15 0003:046D:C222.0011: unknown main item tag 0x0
[  257.085142][  T971] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  257.119652][ T5831] Bluetooth: hci2: ACL packet for unknown connection handle 200
[  257.128501][    T9] lg-g15 0003:046D:C222.0011: hidraw0: USB HID v0.00 Device [HID 046d:c222] on usb-dummy_hcd.4-1/input0
[  257.149469][  T971] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  257.179361][  T971] usb 6-1: New USB device found, idVendor=056a, idProduct=0314, bcdDevice= 0.00
[  257.188596][  T971] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  257.200133][  T971] usb 6-1: config 0 descriptor??
[  258.001429][   T29] audit: type=1326 audit(1738676269.308:619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8660 comm="syz.0.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2b518cda9 code=0x7ffc0000
[  258.039714][   T29] audit: type=1326 audit(1738676269.308:620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8660 comm="syz.0.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2b518cda9 code=0x7ffc0000
[  258.090693][   T25] usb 5-1: USB disconnect, device number 16
[  258.127166][   T29] audit: type=1326 audit(1738676269.328:621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8660 comm="syz.0.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=140 compat=0 ip=0x7fe2b518cda9 code=0x7ffc0000
[  258.221618][   T29] audit: type=1326 audit(1738676269.328:622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8660 comm="syz.0.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2b518cda9 code=0x7ffc0000
[  258.336050][   T29] audit: type=1326 audit(1738676269.328:623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8660 comm="syz.0.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2b518cda9 code=0x7ffc0000
[  258.426270][   T29] audit: type=1326 audit(1738676269.328:624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8660 comm="syz.0.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fe2b518cda9 code=0x7ffc0000
[  258.432452][  T971] wacom 0003:056A:0314.0012: Unknown device_type for 'HID 056a:0314'. Assuming pen.
[  258.510763][  T971] wacom 0003:056A:0314.0012: hidraw0: USB HID v0.00 Device [HID 056a:0314] on usb-dummy_hcd.5-1/input0
[  258.513076][ T8671] netlink: 12 bytes leftover after parsing attributes in process `syz.0.775'.
[  258.539679][   T29] audit: type=1326 audit(1738676269.458:625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8660 comm="syz.0.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2b518cda9 code=0x7ffc0000
[  258.549184][  T971] input: Wacom Intuos Pro S Pen as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:056A:0314.0012/input/input17
[  258.620209][   T29] audit: type=1326 audit(1738676269.458:626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8660 comm="syz.0.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe2b518cda9 code=0x7ffc0000
[  258.999567][ T5178] 
[  259.001921][ T5178] ======================================================
[  259.008933][ T5178] WARNING: possible circular locking dependency detected
[  259.015943][ T5178] 6.14.0-rc1-syzkaller-00020-g0de63bb7d919 #0 Not tainted
[  259.023044][ T5178] ------------------------------------------------------
[  259.030062][ T5178] acpid/5178 is trying to acquire lock:
[  259.035597][ T5178] ffff888046c39e20 (&hdev->ll_open_lock){+.+.}-{4:4}, at: hid_hw_open+0x25/0x170
[  259.044744][ T5178] 
[  259.044744][ T5178] but task is already holding lock:
[  259.052101][ T5178] ffff8880365892c0 (&dev->mutex#2){+.+.}-{4:4}, at: input_open_device+0x5c/0x390
[  259.061255][ T5178] 
[  259.061255][ T5178] which lock already depends on the new lock.
[  259.061255][ T5178] 
[  259.071655][ T5178] 
[  259.071655][ T5178] the existing dependency chain (in reverse order) is:
[  259.079831][ T8674] netlink: 12 bytes leftover after parsing attributes in process `syz.1.776'.
[  259.080649][ T5178] 
[  259.080649][ T5178] -> #1 (
[  259.089471][ T8674] netlink: 92 bytes leftover after parsing attributes in process `syz.1.776'.
[  259.094555][ T5178] &dev->mutex#2){+.+.}-{4:4}:
[  259.094580][ T5178]        __mutex_lock+0x19b/0xb10
[  259.094599][ T5178]        __input_unregister_device+0x24/0x470
[  259.094614][ T5178]        input_unregister_device+0xb9/0x100
[  259.094625][ T5178]        steam_sensors_unregister.part.0+0x10c/0x2c0
[  259.131618][ T5178]        steam_client_ll_open+0xbc/0x100
[  259.137230][ T5178]        hid_hw_open+0xe2/0x170
[  259.142068][ T5178]        hidraw_open+0x274/0x7e0
[  259.146975][ T5178]        chrdev_open+0x237/0x6a0
[  259.151882][ T5178]        do_dentry_open+0x735/0x1c40
[  259.157142][ T5178]        vfs_open+0x82/0x3f0
[  259.161703][ T5178]        path_openat+0x1e88/0x2d80
[  259.166782][ T5178]        do_filp_open+0x20c/0x470
[  259.171776][ T5178]        do_sys_openat2+0x17a/0x1e0
[  259.176944][ T5178]        __x64_sys_openat+0x175/0x210
[  259.182287][ T5178]        do_syscall_64+0xcd/0x250
[  259.187283][ T5178]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.193688][ T5178] 
[  259.193688][ T5178] -> #0 (&hdev->ll_open_lock){+.+.}-{4:4}:
[  259.201649][ T5178]        __lock_acquire+0x249e/0x3c40
[  259.206995][ T5178]        lock_acquire.part.0+0x11b/0x380
[  259.212601][ T5178]        __mutex_lock+0x19b/0xb10
[  259.217596][ T5178]        hid_hw_open+0x25/0x170
[  259.222418][ T5178]        input_open_device+0x230/0x390
[  259.227863][ T5178]        mousedev_open_device+0xe0/0x140
[  259.233467][ T5178]        mousedev_open+0x2ff/0x580
[  259.238560][ T5178]        chrdev_open+0x237/0x6a0
[  259.243471][ T5178]        do_dentry_open+0x735/0x1c40
[  259.248730][ T5178]        vfs_open+0x82/0x3f0
[  259.253289][ T5178]        path_openat+0x1e88/0x2d80
[  259.258368][ T5178]        do_filp_open+0x20c/0x470
[  259.263361][ T5178]        do_sys_openat2+0x17a/0x1e0
[  259.268528][ T5178]        __x64_sys_openat+0x175/0x210
[  259.273870][ T5178]        do_syscall_64+0xcd/0x250
[  259.278865][ T5178]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.285252][ T5178] 
[  259.285252][ T5178] other info that might help us debug this:
[  259.285252][ T5178] 
[  259.295461][ T5178]  Possible unsafe locking scenario:
[  259.295461][ T5178] 
[  259.302878][ T5178]        CPU0                    CPU1
[  259.308213][ T5178]        ----                    ----
[  259.313545][ T5178]   lock(&dev->mutex#2);
[  259.317763][ T5178]                                lock(&hdev->ll_open_lock);
[  259.325014][ T5178]                                lock(&dev->mutex#2);
[  259.331760][ T5178]   lock(&hdev->ll_open_lock);
[  259.336492][ T5178] 
[  259.336492][ T5178]  *** DEADLOCK ***
[  259.336492][ T5178] 
[  259.344604][ T5178] 2 locks held by acpid/5178:
[  259.349248][ T5178]  #0: ffff888012cb6160 (&mousedev->mutex#2){+.+.}-{4:4}, at: mousedev_open_device+0x23/0x140
[  259.359483][ T5178]  #1: ffff8880365892c0 (&dev->mutex#2){+.+.}-{4:4}, at: input_open_device+0x5c/0x390
[  259.369018][ T5178] 
[  259.369018][ T5178] stack backtrace:
[  259.374878][ T5178] CPU: 1 UID: 0 PID: 5178 Comm: acpid Not tainted 6.14.0-rc1-syzkaller-00020-g0de63bb7d919 #0
[  259.374890][ T5178] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  259.374895][ T5178] Call Trace:
[  259.374899][ T5178]  <TASK>
[  259.374904][ T5178]  dump_stack_lvl+0x116/0x1f0
[  259.374915][ T5178]  print_circular_bug+0x490/0x760
[  259.374928][ T5178]  check_noncircular+0x31a/0x400
[  259.374939][ T5178]  ? __pfx_check_noncircular+0x10/0x10
[  259.374950][ T5178]  ? hlock_class+0x4e/0x130
[  259.374959][ T5178]  ? mark_lock+0xb5/0xc60
[  259.374970][ T5178]  ? lockdep_lock+0xc6/0x200
[  259.374979][ T5178]  ? __pfx_lockdep_lock+0x10/0x10
[  259.374988][ T5178]  __lock_acquire+0x249e/0x3c40
[  259.375001][ T5178]  ? __pfx___lock_acquire+0x10/0x10
[  259.375013][ T5178]  ? finish_task_switch.isra.0+0x217/0xcc0
[  259.375025][ T5178]  ? lockdep_hardirqs_on+0x7c/0x110
[  259.375035][ T5178]  lock_acquire.part.0+0x11b/0x380
[  259.375046][ T5178]  ? hid_hw_open+0x25/0x170
[  259.375062][ T5178]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  259.375074][ T5178]  ? rcu_is_watching+0x12/0xc0
[  259.375083][ T5178]  ? trace_lock_acquire+0x14e/0x1f0
[  259.375092][ T5178]  ? hid_hw_open+0x25/0x170
[  259.375102][ T5178]  ? lock_acquire+0x2f/0xb0
[  259.375113][ T5178]  ? hid_hw_open+0x25/0x170
[  259.375123][ T5178]  __mutex_lock+0x19b/0xb10
[  259.375132][ T5178]  ? hid_hw_open+0x25/0x170
[  259.375142][ T5178]  ? hid_hw_open+0x25/0x170
[  259.375152][ T5178]  ? __pfx___mutex_lock+0x10/0x10
[  259.375161][ T5178]  ? mark_held_locks+0x9f/0xe0
[  259.375174][ T5178]  ? hid_hw_open+0x25/0x170
[  259.375183][ T5178]  hid_hw_open+0x25/0x170
[  259.375195][ T5178]  input_open_device+0x230/0x390
[  259.375209][ T5178]  ? __pfx_wacom_open+0x10/0x10
[  259.375220][ T5178]  mousedev_open_device+0xe0/0x140
[  259.375232][ T5178]  mousedev_open+0x2ff/0x580
[  259.375244][ T5178]  ? __pfx_mousedev_open+0x10/0x10
[  259.375255][ T5178]  chrdev_open+0x237/0x6a0
[  259.375264][ T5178]  ? __pfx_chrdev_open+0x10/0x10
[  259.375273][ T5178]  ? file_set_fsnotify_mode+0x130/0x5d0
[  259.375286][ T5178]  do_dentry_open+0x735/0x1c40
[  259.375299][ T5178]  ? __pfx_chrdev_open+0x10/0x10
[  259.375308][ T5178]  ? inode_permission+0xdd/0x5f0
[  259.375319][ T5178]  vfs_open+0x82/0x3f0
[  259.375328][ T5178]  ? may_open+0x1f2/0x400
[  259.375338][ T5178]  path_openat+0x1e88/0x2d80
[  259.375348][ T5178]  ? __pfx_path_openat+0x10/0x10
[  259.375356][ T5178]  ? __pfx___lock_acquire+0x10/0x10
[  259.375368][ T5178]  do_filp_open+0x20c/0x470
[  259.375376][ T5178]  ? __pfx_do_filp_open+0x10/0x10
[  259.375383][ T5178]  ? find_held_lock+0x2d/0x110
[  259.375394][ T5178]  ? alloc_fd+0x41f/0x760
[  259.375403][ T5178]  do_sys_openat2+0x17a/0x1e0
[  259.375413][ T5178]  ? __pfx_do_sys_openat2+0x10/0x10
[  259.375424][ T5178]  __x64_sys_openat+0x175/0x210
[  259.375435][ T5178]  ? __pfx___x64_sys_openat+0x10/0x10
[  259.375447][ T5178]  do_syscall_64+0xcd/0x250
[  259.375457][ T5178]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.375469][ T5178] RIP: 0033:0x7f04de7499a4
[  259.375477][ T5178] Code: 24 20 48 8d 44 24 30 48 89 44 24 28 64 8b 04 25 18 00 00 00 85 c0 75 2c 44 89 e2 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 76 60 48 8b 15 55 a4 0d 00 f7 d8 64 89 02 48 83
[  259.375486][ T5178] RSP: 002b:00007ffd24510730 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  259.375495][ T5178] RAX: ffffffffffffffda RBX: 00007ffd24510a18 RCX: 00007f04de7499a4
[  259.375500][ T5178] RDX: 0000000000080800 RSI: 00007ffd24510918 RDI: 00000000ffffff9c
[  259.375505][ T5178] RBP: 00007ffd24510918 R08: 00000000000000f4 R09: 00007ffd24510918
[  259.375511][ T5178] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000080800
[  259.375515][ T5178] R13: 0000000000000040 R14: 00007ffd24510a18 R15: 00007ffd24510918
[  259.375523][ T5178]  </TASK>
[  259.731622][    C1] vkms_vblank_simulate: vblank timer overrun
[  260.169628][   T29] audit: type=1326 audit(1738676269.458:627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8666 comm="syz.0.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fe2b51bf665 code=0x7ffc0000
[  260.192928][   T29] audit: type=1326 audit(1738676269.608:628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8666 comm="syz.0.771" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7fe2b518cda9 code=0x7ffc0000
[  260.282119][  T971] usb 6-1: USB disconnect, device number 15