last executing test programs:

13.030433092s ago: executing program 2 (id=1923):
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000029000/0x18000)=nil, 0x0, 0x0, 0x7d, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$kcm(0x11, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000440)={'syzkaller0\x00', <r3=>0x0})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r4)
r5 = socket(0x400000000010, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffff9, {0x0, 0x0, 0x0, r6, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=@newtfilter={0x70, 0x2c, 0xf3f, 0x70fd2c, 0x25dfdbbd, {0x0, 0x0, 0x0, r6, {0xc, 0xc}, {}, {0x7, 0x300}}, [@filter_kind_options=@f_basic={{0xa}, {0x40, 0x2, [@TCA_BASIC_EMATCHES={0x3c, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x2}}, @TCA_EMATCH_TREE_LIST={0x30, 0x2, 0x0, 0x1, [@TCF_EM_META={0x18, 0x1, 0x0, 0x0, {{0x7, 0x4, 0x1}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x0, 0x86, 0x2}, {0x5, 0x7}}}]}}, @TCF_EM_CANID={0x14, 0x2, 0x0, 0x0, {{0x1, 0x7, 0x4}, {{0x3, 0x0, 0x1}, {0x4, 0x0, 0x1}}}}]}]}]}}]}, 0x70}, 0x1, 0x0, 0x0, 0x20041090}, 0x4880)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
sendmsg$kcm(r2, &(0x7f00000000c0)={&(0x7f0000000500)=@xdp={0x2c, 0x7, r3, 0x1006}, 0x80, &(0x7f0000000640)}, 0x20004014)

7.903608092s ago: executing program 2 (id=1930):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = openat$selinux_policy(0xffffff9c, &(0x7f0000000300), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r2, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000b40)={0xffffffffffffffff, 0xfffff000}, 0xc)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r3 = dup3(r1, r0, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, 0x0)

7.439664702s ago: executing program 2 (id=1933):
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$kcm(0x29, 0x2, 0x0)
sendmmsg(r0, &(0x7f00000080c0)=[{{&(0x7f00000001c0)=@rxrpc=@in6={0x21, 0x2, 0x2, 0x1c, {0xa, 0x4e24, 0x6, @loopback, 0x815d}}, 0x80, &(0x7f0000000900)=[{&(0x7f0000000400)="c995239e884cb6d845b7d1ce9a2afacdde7f588458856479e3bd36949979b098fb56eab8d14b3ac414ec39459df23d59a2fbe4c836f46e6e64d19e9b6fd6ba578d6873fcb717429dd963bf6267eb2f21e49160db80c76274cfce4e0aac65a6160fce46f395025e603a86b003a7281ec69e52c3f8b2f7d01f8af610e47eae1561030f9d07ef0b7ba1ebec75e7e9825faf87e4f456489151c66fe2d285ef54d8c8d55b3d83e8e34b4db0", 0xa9}, {&(0x7f0000000540)="cd066d19b17b6b42550476", 0xb}, {0x0}], 0x3, &(0x7f0000000980)}}], 0x1, 0x4000045)
ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x89e0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/kcm\x00')
preadv(r2, 0x0, 0x0, 0x182, 0x0)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r3, 0xaf01, 0x0)
r4 = eventfd(0xfffffff9)
ioctl$VHOST_SET_LOG_FD(r3, 0x4004af07, &(0x7f0000000240)=r4)
ioctl$VHOST_SET_VRING_KICK(r3, 0x4008af20, &(0x7f0000000040)={0x1, r4})
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/246, 0x0, &(0x7f0000000480)=""/70, 0x100000})
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0x73, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_SET_VRING_ERR(r3, 0x4008af22, &(0x7f00000002c0)={0x1, r4})
ioctl$VHOST_VSOCK_SET_RUNNING(r3, 0x4004af61, &(0x7f0000000300)=0x1)

7.351093849s ago: executing program 2 (id=1934):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000e5876e4040200516940a0000000109022400010000000009040000025883b2000905850140"], 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000280)={0x24, &(0x7f0000000040)={0x40, 0x5, 0xe0, {0xe0, 0x38, "4884c892db8dd2882e36c8beaecea34a7cec64748d447b91818fe4b960e785fbd565b062e43dc19a2ce04ca2b20b49a67eae5e3d7b2a8684d473ace1f33ae8860fefc05aa03de0d42441f9aaaeec3354d51891bc3a6c7a63562517362359a1214415cd942adeb7e9a0ded6b586616d595b54a4165009371d8ec15745559be559ca2170b68b754ea73cccc7d0516b69df737e32ddfe64ba9c64dd0b481fc78b40ca08ce33e4523ce74c0a775ca7aa0eda3df5ec9018bdf9f6414a131f1937d9c1dc7eddc7819ffbebd9d6fe673a7cb6a24098543c05779b4f5ab3d59fa111"}}, &(0x7f0000000140)={0x0, 0x3, 0x8d, @string={0x8d, 0x3, "9cd24458d7eb1b4f5103d7fb63374448c3a57b8ed24653a25cc0b46a5ae99c58e876224d69b684a04fe2aa4b02becbedb312d5eafca45a7b5208fa1330584f6d6be963fc009f5d7a3a0fd8fd486416aecef3c201f1c115a80643cce72b8af8be72d91936c5ca8cdc8f5af9010eed0c2053791de84eac600ed43183e5393c37a933910ba9d87887f19dbeba"}}, &(0x7f0000000200)={0x0, 0x22, 0x7, {[@global=@item_012={0x1, 0x1, 0xa, "ca"}, @main=@item_4={0x3, 0x0, 0xa, "975e8051"}]}}, &(0x7f0000000240)={0x0, 0x21, 0x9, {0x9, 0x21, 0x101, 0xc, 0x1, {0x22, 0x1de}}}}, &(0x7f0000000400)={0x2c, &(0x7f00000002c0)={0x40, 0x10, 0x35, "398ce2e8df08323b519c7cf3cf90c3a96c2caeb9ef3017ecb381bb25e653230a3220dd259de27a719a3a2a5049c579a446d9669fb8"}, &(0x7f0000000300)={0x0, 0xa, 0x1, 0x3}, &(0x7f0000000340)={0x0, 0x8, 0x1, 0x44}, &(0x7f0000000380)={0x20, 0x1, 0x2b, "4035e66ae3b1019c3c7334cd9ad0663ac36fabbed20542a84d8138695171b9376a687b36177c2600d13d9c"}, &(0x7f00000003c0)={0x20, 0x3, 0x1, 0x2}})

7.15103422s ago: executing program 4 (id=1936):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=@setlink={0x3c, 0x13, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2a82}, [@IFLA_MASTER={0x8, 0xa, r2}, @IFLA_ALT_IFNAME={0x14, 0x35, 'bridge_slave_0\x00'}]}, 0x3c}}, 0x0)
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$kvm(0xffffffffffffff9c, 0x0, 0xb0f01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_role_change={{0x12, 0x8}, {0xcb, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x8}}}, 0xb)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000580)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000001a40)=""/102392, 0x18ff8)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
r4 = fsopen(&(0x7f0000000040)='sockfs\x00', 0x1)
r5 = syz_io_uring_setup(0x6cf2, &(0x7f0000000280)={0x0, 0x10008cc8, 0x10100, 0x6, 0x10b}, &(0x7f0000000080), &(0x7f0000000100), 0x0)
io_uring_enter(r5, 0x7a98, 0x0, 0x0, 0x0, 0xfffffffffffffc76)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000180)='rootcontext', &(0x7f0000000440)='5\xfd\x04\xc6\xc9]\v\xd6S9q\x0f#\x93\x9d\xeb\x00\xcf\xb2~9*\xa9\x1d:\x06u46N\xd93\xe1\xa2\x05\x83Z\xbc\xbeT\x16\xab\xfb=4\xa6\x10,\"\xee\xf8o+\x02\xd8\xaft_\r\x1d\"\xc8\\k\xcc4\x96\xdbA\x02[\x16\xb4\xca\xa5n\x87\xdb\xb3\x1f\xbb\xc0\x9f\xc2\x9e\t[\xba\x9e\xfd\xc76#\x8f\xc6\xe7\x11\x8fL\xd97<cAZR\n w\xe6\x1c\xf0(\x96H\x88\x00\xd3\x1c\x16cj\x10\xd8\x92\xc9ad\xc0aR\x12\xd3\xc2J\xcb\x9a\xa5\xce#{e\xd3\x11\xc5]\xb4F1\xfb\xe6\xd4T\v\x87\x04\xcf\b.\xcaO\x04\x0f\x062\xcaL\x81\xa6\xbbp\xd3\xc6$4t (W\x92nr\xbe,\b\xdb\x7f[', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
getpgid(0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r7, &(0x7f0000000200)='asymmetric\x00', &(0x7f0000000140)=@secondary)
sendmsg$nl_generic(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="2c0000004000a5012bbd700000000000047c00000400c2800c0001800600060008"], 0x2c}, 0x1, 0x0, 0x0, 0x4048011}, 0x44000)
clock_adjtime(0x3, &(0x7f0000004dc0)={0xb, 0x400000000045, 0xffffffff80000000, 0x80006, 0x80000000, 0x7cca, 0x6, 0x5, 0xffffffffffffffc0, 0x4, 0xd, 0x7, 0xf, 0x8c, 0xd01, 0x0, 0x4, 0x40000080008, 0x7, 0x8000, 0x2, 0x7, 0x1, 0x9016, 0x11, 0x8000008})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)

6.351753229s ago: executing program 3 (id=1939):
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x10, 0x3, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x320, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
io_uring_setup(0x6e1e, &(0x7f0000000100)={0x0, 0x23d4, 0x800, 0xfffffffc, 0x100087})
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(0xffffffffffffffff, 0xc01864c2, &(0x7f00000004c0))
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x6)
ioctl$KVM_GET_XSAVE2(r5, 0x9000aecf, &(0x7f0000ffd000/0x2000)=nil)
r6 = socket(0x1e, 0x1, 0x0)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='new default user:syz 00000000000000004093 '], 0x2a, 0x0)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
connect$tipc(r6, &(0x7f0000000000)=@name={0x1e, 0x2, 0x1, {{}, 0x3}}, 0x10)
write$binfmt_misc(r6, &(0x7f0000000340), 0x2000011a)
r7 = landlock_create_ruleset(0x0, 0x0, 0x0)
landlock_restrict_self(r7, 0x9)

6.204328711s ago: executing program 4 (id=1940):
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000029000/0x18000)=nil, 0x0, 0x0, 0x7d, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$kcm(0x11, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000440)={'syzkaller0\x00', <r3=>0x0})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r4)
r5 = socket(0x400000000010, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffff9, {0x0, 0x0, 0x0, r6, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=@newtfilter={0x70, 0x2c, 0xf3f, 0x70fd2c, 0x25dfdbbd, {0x0, 0x0, 0x0, r6, {0xc, 0xc}, {}, {0x7, 0x300}}, [@filter_kind_options=@f_basic={{0xa}, {0x40, 0x2, [@TCA_BASIC_EMATCHES={0x3c, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x2}}, @TCA_EMATCH_TREE_LIST={0x30, 0x2, 0x0, 0x1, [@TCF_EM_META={0x18, 0x1, 0x0, 0x0, {{0x7, 0x4, 0x1}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x0, 0x86, 0x2}, {0x5, 0x7}}}]}}, @TCF_EM_CANID={0x14, 0x2, 0x0, 0x0, {{0x1, 0x7, 0x4}, {{0x3, 0x0, 0x1}, {0x4, 0x0, 0x1}}}}]}]}]}}]}, 0x70}, 0x1, 0x0, 0x0, 0x20041090}, 0x4880)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
sendmsg$kcm(r2, &(0x7f00000000c0)={&(0x7f0000000500)=@xdp={0x2c, 0x7, r3, 0x1006}, 0x80, &(0x7f0000000640)=[{0x0}], 0x1}, 0x20004014)

5.373397735s ago: executing program 3 (id=1945):
socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x32, 0xffffffffffffffff, 0x8528c000) (async, rerun: 64)
r0 = socket(0x40000000015, 0x5, 0x0)
setsockopt$sock_int(r0, 0x1, 0x23, &(0x7f0000000000)=0x2, 0x4) (async)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10) (async)
recvmmsg(r0, &(0x7f00000040c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000015c0)=""/127, 0x7f}}], 0x1, 0x0, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x2, 0x0, @loopback}, 0x10) (async)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
r1 = getpid()
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000000)={0x1, 0x4}, 0x4)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x2}, 0x4) (async)
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e) (async, rerun: 64)
sendmmsg$unix(r0, &(0x7f00000bd000), 0x0, 0x48000) (rerun: 64)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x301880, 0x20d)
write$tun(r3, &(0x7f0000000000)=ANY=[@ANYBLOB="000000f40000aaaaaaaa11aa0ed800000000000000"], 0x15) (async)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0) (async)
execve(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) (async)
r4 = socket(0x2, 0x80805, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000340)=0xc) (async)
r5 = socket$inet6(0xa, 0x3, 0x40)
bind(r5, &(0x7f0000000000)=@hci={0xa, 0x0, 0x2}, 0x80) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='\\\x00\x00'], 0x5c}}, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)

5.327635551s ago: executing program 1 (id=1946):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000201b4510fc0428155d6d010203010902120001000000000904"], 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [], {0x14}}, 0x28}, 0x1, 0x0, 0x0, 0x2000094}, 0x4000800)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000000180), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x0)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="bb163e8ab3ce1c000000", @ANYRES16=r2, @ANYBLOB="00022cbd7000fcdbdf250c0000000800320009000000"], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000000)

5.183365327s ago: executing program 3 (id=1947):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x38011, r0, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0xf)
r1 = syz_open_dev$video4linux(&(0x7f0000000000), 0x1, 0x0)
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$SCSI_IOCTL_GET_PCI(0xffffffffffffffff, 0x5393, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x3c}}, 0xc010)
ioctl$VIDIOC_LOG_STATUS(r1, 0x5646, 0x0)
ioctl$VIDIOC_EXPBUF(r1, 0xc0405610, &(0x7f0000000040)={0xa, 0x5, 0x5785})
mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x9)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x8}, 0x3b)
ioctl$FE_GET_FRONTEND(r3, 0x80246f4d, &(0x7f0000000280))
ioctl$SG_SCSI_RESET(0xffffffffffffffff, 0x2284, 0x0)
r7 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
epoll_pwait2(r7, &(0x7f0000000080)=[{}, {}, {}], 0x3, &(0x7f00000000c0)={0x0, 0x3938700}, &(0x7f0000000100), 0x8)
sendfile(r0, r0, 0x0, 0x2000fb)

4.246716019s ago: executing program 3 (id=1948):
syz_usb_connect$uac3(0x3, 0x80, &(0x7f00000007c0)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x40, 0x2b73, 0x34, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x6e, 0x3, 0x1, 0x7f, 0x0, 0x6, {0x8, 0xb, 0x0, 0x2, 0x1, 0x22, 0x30, 0x23}, {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x30, 0x0, {{0xa, 0x24, 0x1, 0x9, 0xa, 0x9}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x60, 0x25, 0x3, 0x5, {0xa, 0x25, 0x25, 0x401, 0x5, 0x2}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x200, 0x77, 0x3, 0xc0, {0xa, 0x25, 0x25, 0x7fffffff, 0x5, 0x4}}}}}}}}]}}, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100))
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000380)={0x0}}, 0x0)
r0 = openat$kvm(0xffffff9c, &(0x7f0000000540), 0x8000, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0xfffff34, 0x0, [{0xf88e470f, 0xed}]})
r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f00000002c0), 0x103081, 0x0)
sendmsg$key(r1, &(0x7f0000001940)={0x0, 0x0, &(0x7f0000001900)={&(0x7f0000000840)={0x2, 0x15, 0x2, 0x8, 0x212, 0x0, 0x70bd2d, 0x25dfdbfc, [@sadb_x_nat_t_port={0x1, 0x15, 0x4e24}, @sadb_x_nat_t_type={0x1, 0x14, 0x3}, @sadb_key={0x201, 0x5330fc8a585dbcd1, 0x8000, 0x0, "4568c77f4686c55910a6e2ed640547acfcdeefe709c760859b03801d47bd6e25475e24175576400171a739d153fdbcbcf58c9bcbd191796417a8f66ca68dc1abcbc8172e732ae124b653a132ea017a553da737e5ceae293a87aceec7939ce10481f65fe6d9a8e1fa4189085bf317b0552a286d8c265f99706704a454a5c0acb311807cc1def8a692f26386c189bac24cf444ea0546b42d6652ca56530a63f85c2922f6d2a099fe15a22b7f009e61fefd2ec3c3bdb043acbca441bee64d1afe8146bb6aaa203fcf951ff54985a71e7cd6d9287cee79355dc9cdf375cd059d87cf954c676f5da752f5ed5b7893cbd60bc761b5da89a1eee00cfc1f88994c899894b61fcc75ed84073a5240529d52560a2819cd78b92e42156358d595d15fe2a160d5cd00175e99ab83056bb4ba49a24c150ee17d33a00091d53f15eef6a7ddc9f528357121b8493f37e5348ef0693d4401a7ab45826c09de4946bc679d5e0f0684ea1b030ce593a5c53252968b3f6ebcd17b9b577c82aae8cd48696a4c5a994b0cfacfee3c752b5bb616b7d6b2167a8d7be642485bd75f5bd688593d7700d6274cfe5d7a23a368611283c897ae3431febe162c8535a03d7e66343afbc926fa0a72a08c5721300fb691c50a051696487567fa053cd146a9a6ffcb26005495276b1011d6238e0e60ecad286452a972b9fb56b8a18688e6cb711712f002a10b18ae582b5eff1c305a801d97cfe5b87ec82c6afdec87fffd82df14e2e7892ee015d010310d44dc6b379f77a455988232c6bbc88f9f2a8a51b6e7d5d7f1cbc828ca7eac85d7879d7d9ffcd34e8f8a530d9355b5ce8067fd8395f1f0e01b80187b286289696f2a8b083262eef029aacba3a5bb0363da020dd3451840c9b270de49ae94042f9fb3adf2c3ab5a75813bbe4a17564198969ac0ceee90735f0d247c3fd7255843fe70bc86b9831229298b28797b2b65f3364348d2cca3e8be718f2a4b163680b476125fdd8137c0f03d96efe1d74f359a0d187d80ca7f1e966a5fabd642fb87e776c61bcaec3c996351e8890f58745f54fcdb6a433cc63f777fb85d0d6b162579ae742722e4e0134391f1a0030915dd1bef1bb060dc17245f56b533d37c4a72256797a73fcc18fe092c6d314c5ceba938aefcbd12c8006c6b19239e20ba955014f60f8732a4abd5315084969e3391df615f60298b5dabf9f2d729d6dca6280cd59af554818acf443133b9d36f86517c57e12959ce1e95bbc485fa09ad450591d164f161a77fc81eac7d6db98095c3a2e5add354ad8498eb706378e29c130c7f7609b8530a0d2576a7edfd8dba84d8cc038980ddc56503c9ce91c7e93880001680f74228db7892d53b55fdcf9907e7b11c0cf29509c54f7f295b89f1882de34a0589498da9dc8096d66c1c752564bde2c930d29e7a26c3c4f2a0c9e96036a473bdce207fd2a54e4a070f2ded8e0c292c51ffe41464a14b154e3f5b179a0e7cb56973104bbf176edc2e646c4b7b48e345776239dd51e6cce3250a800259b76dfd7f5c3c0a1eff7629d1bec396581c114ef29a7ef652a3bbbdc533f18faf4d8bbd3d617c90840c7a43c8d790a79f081025f95c9af2d6609fb22bba6199e84096838a9bbe94906e9639105d082dcf690d9531fbee43178e54a00f77459583fe41497a6c4b51f3aa57e77bfab78576f1c9dbffdd063be8fcfe0692280679b61d0d423c2e15890f2854f3f3785c6a8ef48363f08305156ef4b85b88ac33467d2d0b1751cfbae458b520c4016519d308de6e7be0a04a177b3a50e0a3fae95c4c4abc01e03aec5858fe38ecee7ec842648c9b98a90117f34b758e0dbb973a7803c48cdea2645ec1969c613b52e52e3defea4317c382f191153f3504468d0f438d77cfcbbc3e7d04ca8e802f350e94905bce17c2fa5bc68047e53eeda8891bd0016e418afd67c2a0da33b7ff4fb6d3f598c52aa7ac5812dd6d9b31d9997d0a6324ea7b368d9004dabfee5fa9de98ecaef6d4e9cf318659d15d91da025334fc29e865b9218b418321e7c36485f0930ee3c915dda3a8da96d6af9fa349bea4d1932b9ffe9e75f53288c5b8402f394bfc76ff079964236587e4a8a4e41879ed810aaf948554c8e2e5ac95371264d9f565b3db41d0f0c425246769f0a090287a48b5e6145ee58598f45425a1b1f7cda088a3e02517c08b6017b2bd5cc7067eb56701c265a21c90eb2af36bde4aca62b967d380ea76a8eb95f96887e61c8b96dcd6b66ad33449a00d0f9a6e96d50c71630334a74b5999fc8fddf82a8d5372cffef8f4c60041d5911ada9825952f46fcd577aadd2b9b9389e17c27412649063eabce6e03157b941abda3d1f4db785f3e06c885ac0830f398c76e56c08bd285b35f9b456563d2692b6d9178d0d3baacc016ca5445f9b4acbc0a37d6c4a38129b8e223bd3155d31a05256a1ae329e36b204f4c719c3cc5f7fb10e808e9656a6bea9ae4e4b6968a2300e2f918523edef476821a5173bc29b650b725fc3be9d721db1f8be8b21d8a4a5d0f761711c0d71c8bdfffbea7b0f05dc38bd3dd5024a74320d41a3ec0ee6853efa0ea26db1250ba7fda20f6f546c892a0950198e7233ad27696ffe4018b02c878a57a521da7aa1df0b0afdf95d94f14e9eb258bd5be7678065abf507f644c39d3e9e735f6627a42f098415d806299ead6a80e260eb4a2ebdd364d7a6f690a3ef7e8a312c3a3619ceb6de8bd58472c3e160c4fb9102adfbfed4e4a56fc7cd3ec3216cc38e540ba079447f0f6137d25ccc4f2eed85e0ec06236dbe7ccc28683b2137eab120a7ca2d0df8cd7bc835cfd80731702d7b514037ce92bb3705b18725387ffeaa7f7490e4903d648dbb9a066bbaa5ab357aa2c41312972ab02b62dddb5f7d4d80cc09f6fc8b5ea0355fd8fc13325f4e625b7b50a96c05c732b5ea54e6553f51499959154e18e1c4a19465a538cb9768492cbbf2ac9a800e4cf8a7a9b9174854296cff98813c8db4ada26d17cc7ed9c0de342be38d398386696f3f3bed4acdd3f4b2c86b644198ffea0769624d79aea9ca592be69f8f8589904c2237f29d5009b7904587e05a4450acd65e512f5d3f1502af8df2ef878c22352918d90cd4c26a6be4fe6365022f183f2a15615cf7b0f0ef6c538b38a068c3cb7f75452b6e79e8a146e8d55bd37ad86c4f85e190d9490a5ed385382e17badfbdbd1fef0183d16e9f7b32e744283b1b15f788b0b0b1bf556ab33c9cec2a99f1cae3f8b0992293cd2832a64d90147f3c6f0fc6bd99abf2fab9daf41c828abd9a834abd1aac7588f0eca4f9a212ae60dcd1067239c49763cfefdfe00fc3f7c730101afd17d536eb28fd6d1a9b4a14bc252588cb431ec489a827d80a71b643254c4fcf8b01cdad764b41fa31adac3b397f70d47e351826080ba906fd4c9d61833cebf8edee91378851177b7e278e8d3184e8e4b8bb51fbfd798839d3f2bf59ca4290b5967ad8b9a4d436dd2a3fc1fa828a1b92be0a179b871b17c7cc65f3dabe2410256ee90e8b963450459407ba42348e9bd19903e285ff5c599c8117933f48528f52e029c11f537a369909af06e4e636b5422fd3d07248dd0f92192ed6291cd07addb4c783d21e72e3beceed1630999952f2c6458cd8418153092ebc70fdd2fc08977801ded186a41b5195211a8b483952b90a8511dde5b67c4de53170a56997e2928da76244961e4f5470d490015c54fbaa1168d28ae220a390312dadd14f7c50885696929c021a6421cef70d14e36a9c28cb9e441cebd8a6cd4adb19b2027c355b39549a57774195021c4b658f3634d1519e16aa28afc17dc37e2ab20e9b7e7d909e61c2aa5016d687c2552f4d1e67f50ddd62f9a27a831862c0a7795570ebf95adeab44e57f8bcde02330b78cdaa82b7987bc62ad35509d7c2c23873fcbc4cabe099ba1429fb6fc9f147161e78ff538dda41f8700246629c48bf92683072b6fce1b2ca892ecb4b20e058e30f5314bfa903f11cf44d30def4749f79d8ef46508d837e1b3f6c0f2c83bee7a9ffbc63f4b8e8918db17dbe5879099c338d56b05e662a81c08e33c7521af253969abc07f9f7b534e5921a9f0c17bf15cff39f32748e46aaa8b76480a6349edc1422d1dae7c1735e0429586bbe5583e5171baaf66a549336803dd1dd88da06f5d897a9ee372b7950dfc0e1767218501e0332ccf465fde69735d8551ad3e985ec84f7e33b0f738d3bd264c4277fed0f988a854895e37700fab006ffdcc7d5a106ce2a2c4f1c0679ff6c14cf11882cb3cc0a23ac9b691095828f3eb0e4cdc1ba3baa0b8b4b4b983696b97aebc27e0c091d3db2c2a20aadf588cc93be45b3353f45de3a91d12ce1dc832c83fbdf47c8e63f968ff29416159794d9d55893343734ef439c20d9036a1dc2a77a3531a8f594381b9e84e55822bb84a283e82027e813f90b82f0c10480646788e41c04c174ade0b52768c4b5d5442d72067948dbf8069179d98c3561a0f39e782ccf7ab1381f65ecf15192645f41914c1c939a21d8a8958dcc9e4022fafde4535f9839a1672d1e002f3127176005f0742821c56cb926991f19f81baf061373c0e3fb5f53d6fc60ca98efa94494ddf66593866b6a9cdd806ad8bbf2576f31e53b7fc489489b8352a1ee52f0a5cf9cc3a4e489e862aaf06925fd87f9b083f200241a3bc8c104a3655c93c37324557e53c15e7c592afb325b120e9941f2e8832423f43befcce040b7da35495067d9cb91d1837bb7be49fcf1b86339744caf915dbfad2b616bf7f96d6240596d85e404d8d7d175a4fb9a3cab56939dd8723363b3f5a5c94bbc70a7a6623bf5a6bee6332ff0b6af6824a2cc91f0093b276db9c66022c036573c4f987f69681fddc2e51f0edee53bfbfe7020c864a955464b4cf0cf42c9dbec132a75dc22e47dfca64c7bbd738727ea5493bac4b9bc362b1fcd95ea828ec82edd2bcff58dbe4b6ca9f6b1bb2a2564a194f2b311829b73d66ab8f3e11fbdff44c1ee81f59b14cf2646eba6b2220d5c4c634f915bea4bdd891b1e207c83865afb01b2c9f49cf1f2ecf7971a27d97a340eb146f1285d40ced3e7b29151b88685fb473a93bce15aa37db9f3e2342a22d002c46de60ee207856557e0d938a5a09504e47116061565fea285e231209c6f92f8222533a479ee8ca505bb7abd52c393f4b104b8795e1935a88568bb3046b3eb7d80fcb585e0f30d21889b695fb2eb96f6310be26220e29d523d044da0367a536b8f703edc1b89412347e0a8c6891317e4f092a83b66e98eae6806d193522bea03d42723805e13a6817d0bb404a28f8be85e017370eb2180eb0063fa07f1fbd6a327e4bc48cf19f4ac0c9d942ae7f99f16dab3579f02d42ed735ac493ffeb358201c69830fc23a54f22043cffa11ba46fdb3916e928b1c72f4ea200e94a5a54cc6b4274ce80d940da2f30a0bdb0bd4da88e5aea6bbc04ce91268c4a8f6e43ef1f09724bbfd959d4cfbedead81eb4eeab199e47bf88fd34f72a35f4a37d1d2e89f7aed5db3b049d5faf2677e2563ad73753fdc68b90383d61b0fb840f3b1bce1cbeefe460ca88f85b2790098cde2482a2b75dc0b48fbb294475fb542c3be32da355402dfc9ac55956ea02ce620c4d61dbbe6388dea11c75f6c7074bb97f97ffb8137e2d3effcf04c200e1ccbac6381b76a7737ccd85bc54ba6467b03aa5bb52f7b08b2b9363792748eea4c7c41dc7285313f2bf6325b0eef6b6922bab730f23f59d86fa7cbc48581a7924267b8b09da9f6b4a9145a6f33f37fb3f9c01428238"}, @sadb_x_filter={0x5, 0x1a, @in=@local, @in6=@empty, 0x1d, 0x14, 0x10}, @sadb_x_kmaddress={0x5, 0x19, 0x0, @in={0x2, 0x4e20, @multicast1}, @in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x39}}}, @sadb_key={0x3, 0x8, 0x78, 0x0, "6930a3aad3dabe1348557026037729"}]}, 0x1090}}, 0x40)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x73, 0x2, 0x2, 0x4002804c4, 0x9, 0x8000000000000000, 0xc595, 0x0, 0x4, 0xefffffffffffffff, 0x2000000000000000, 0x5, 0x8d], 0xeeee8000, 0x2002d3})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000680)=@ipv6_newrule={0x4c, 0x20, 0x1, 0x70bd2a, 0x21dfdbf9, {0xa, 0x80, 0x14, 0x0, 0x0, 0x0, 0x0, 0x1, 0x10012}, [@FRA_DST={0x14, 0x1, @loopback}, @FIB_RULE_POLICY=@FRA_TABLE={0x8, 0xf, 0xffffffff}, @FRA_SRC={0x14, 0x2, @empty}]}, 0x4c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), r5)
sendmsg$DEVLINK_CMD_PORT_SET(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x74, r7, 0x300, 0x70bd26, 0x25dfdbff, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x6, 0x4, 0x1}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x6, 0x4, 0x3}}]}, 0x74}, 0x1, 0x0, 0x0, 0x8090}, 0x800)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_START_AP(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)={0x78, r6, 0x5, 0x70bd26, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x4c, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @val={0x2d, 0x1a, {0x1, 0x1, 0x7, 0x0, {0xa600000000000000, 0x2, 0x0, 0x3fe, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x9, 0x3}}, @val={0x72, 0x6}, @void, @void}}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x78}}, 0x20000014)

4.166633426s ago: executing program 2 (id=1949):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000100)={0xfffffff4, "ff0f000000000000f5a72d866b0000000000f0ffdefe00"})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0x2, &(0x7f0000000180)=0x800001, 0x4)
listen(r1, 0x0)
r2 = accept$phonet_pipe(0xffffffffffffffff, &(0x7f0000000140), &(0x7f0000000200)=0x10)
listen(r2, 0x5)
syz_emit_ethernet(0x0, 0x0, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r4 = openat$random(0xffffffffffffff9c, &(0x7f0000002500), 0x0, 0x0)
readv(r4, &(0x7f0000000440)=[{&(0x7f0000000080)=""/54, 0x36}, {0x0}], 0x2)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a44000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc0800034000000004400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d10300002c0000000e0a010200000000000000000a0000000900010073797a31000000000900020073797a310000000020000000000a03000000000000000000050000070900010073797a310000000014000000110001"], 0xf8}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x42, 0x0)
pwrite64(r6, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000080)='./file2\x00')
ioctl$KVM_RUN(r6, 0xae80, 0x0)
creat(&(0x7f0000000040)='./file1\x00', 0x32)
r7 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x347102, 0x0)
r8 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000b40)=ANY=[@ANYBLOB="1201000000000010580413500000000000010902240001000050000904000081030000000921faff000122a00009058103"], 0x0)
syz_usb_control_io(r8, 0x0, 0x0)
syz_usb_control_io(r8, &(0x7f0000000540)={0x2c, &(0x7f0000000180)=ANY=[@ANYBLOB="4023a0"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r9 = syz_open_dev$evdev(&(0x7f00000000c0), 0x40, 0x0)
ioctl$EVIOCSKEYCODE(r9, 0x40084504, &(0x7f0000000080)=[0x7615cb14, 0x101])
ioctl$DMA_HEAP_IOCTL_ALLOC(r7, 0xc0184800, &(0x7f0000000100)={0x4, <r10=>r3})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x13, 0x9, &(0x7f00000014c0)=ANY=[@ANYBLOB="18010000756c6c2500000000002020207b1af8ff00000000bfa1000000000000070100001cfeffffb702000008000000b70300000000000085000000ce00000095"], &(0x7f0000001540)='GPL\x00', 0x2, 0x0, 0x0, 0x40f00, 0x2}, 0x94)
ioctl$DMA_BUF_SET_NAME_A(r5, 0x40086203, &(0x7f00000001c0)='\x02\x00\x00\x16\x05\x87\x00\x00\x00\x00\x00\x00\x00rol\x00')
ioctl$DMA_BUF_IOCTL_SYNC(r10, 0x40086200, &(0x7f0000000540)=0x1)

3.859007016s ago: executing program 1 (id=1950):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0xd, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x6)
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r2 = syz_open_dev$vim2m(&(0x7f0000000000), 0x3, 0x2)
r3 = fsopen(&(0x7f00000000c0)='devtmpfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x1, 0x0)
fchdir(r4)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x9, 0x5, 0x81, 0xffffffff})
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x11)
r6 = fanotify_init(0x200, 0x0)
fanotify_mark(r6, 0x1, 0x4800003e, r5, 0x0)
readv(r6, &(0x7f0000000440), 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f00000000c0)={0x100001, 0x2, 0x2})
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000740), 0x0, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$batadv(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000000180)={'batadv0\x00', <r9=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="01002cbd7000fbdbdf250f00000008000300", @ANYRES32=r9, @ANYBLOB="08002b0002000000"], 0x24}, 0x1, 0x0, 0x0, 0x20008040}, 0x4000)
r10 = syz_open_procfs(0x0, &(0x7f0000000040)='fdinfo/3\x00')
pread64(r10, &(0x7f0000001480)=""/265, 0x109, 0x6)
ioctl$TCSETS(r10, 0x5402, &(0x7f0000000040)={0x7, 0x5118f31b, 0xfffffffc, 0x3, 0x15, "b350558bdd3f7825f7cdb0d84b1d903039764a"})

2.663075455s ago: executing program 1 (id=1951):
r0 = socket$inet6_icmp(0xa, 0x2, 0x3a)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='wchan\x00')
preadv(r1, &(0x7f00000000c0)=[{&(0x7f0000000640)=""/4112, 0x1010}], 0x1, 0x4000, 0x0)
bind$inet6(r0, &(0x7f0000000240)={0xa, 0x2, 0x1000, @empty}, 0x1c)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e27, 0x8, @mcast2, 0x1009}, 0x1c)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@broadcast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x1, 0x6, "fbddf0", 0x8, 0x3a, 0xff, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @local, {[], @echo_reply={0x81, 0x0, 0x0, 0x2, 0x4}}}}}}, 0x0)
socket$inet6_icmp(0xa, 0x2, 0x3a) (async)
syz_open_procfs(0x0, &(0x7f0000000080)='wchan\x00') (async)
preadv(r1, &(0x7f00000000c0)=[{&(0x7f0000000640)=""/4112, 0x1010}], 0x1, 0x4000, 0x0) (async)
bind$inet6(r0, &(0x7f0000000240)={0xa, 0x2, 0x1000, @empty}, 0x1c) (async)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e27, 0x8, @mcast2, 0x1009}, 0x1c) (async)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@broadcast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x1, 0x6, "fbddf0", 0x8, 0x3a, 0xff, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @local, {[], @echo_reply={0x81, 0x0, 0x0, 0x2, 0x4}}}}}}, 0x0) (async)

2.233003068s ago: executing program 1 (id=1952):
r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000080), 0x200c00, 0x0)
writev(r0, &(0x7f0000000400)=[{&(0x7f0000000280)="539cdb4b32e8913d9cb6db1989850406f73975299279ff6af9b223200538a7fc21ac96e25c453e2fd510a600d26118e017b4bddfa6166cb3d6b19e3240aff7ddeadf40fea224c78917914cfd7d899d357d0809918d99a81a2e2f84aa6109409005297476d4a070c966efa1ecee5abc7d3051bdc6c60226fae20e26faade118d18e1235307623994bd9cc66987e3e76a892e162363b879c54bcee92769332d92931c8d292ee25194563534f55cb814fabedf9", 0xb2}, {&(0x7f0000000340)="f4b985228fafe8ff", 0x8}, {&(0x7f0000000380)="34b458b12b48fe9415a80f735a00f8a5", 0x10}, {&(0x7f00000003c0)="2103691d96fe93462dd7d789be64b6bb2e62e13178ffca91b51f5cd8e83bb560c9ddc927b243921835b815", 0x2b}], 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x9}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, 0x0, 0x40814)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x20004000)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, 0x0, 0x90)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x7, 0x6, 0x801, 0x0, 0x0, {0xa, 0x0, 0x4}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000005}, 0x80)
socket$can_bcm(0x1d, 0x2, 0x2)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="640000000206030000000000000000000000000005000100070000000900020073797a3100000000140007800500150000000000080012400000000005000500020000000500040000000000160003"], 0x64}}, 0x0)
sendmsg(r7, &(0x7f0000000000)={0x0, 0x46, &(0x7f00000000c0), 0x1}, 0x40000)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="0c04000010000104000000000000000000480000", @ANYRES32=r6, @ANYBLOB="101000000000000008000d0005000000e4031680a40001800c00070000", @ANYRES32=r6, @ANYBLOB="b12abdabe1e14bd23994220910"], 0x40c}}, 0x0)
syz_io_uring_setup(0x4329, &(0x7f0000000180)={0x0, 0x776c, 0x110c9, 0x6, 0x160}, &(0x7f0000000100), &(0x7f0000000200), &(0x7f0000000000))
epoll_create(0x6)
close(r5)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000240)={{&(0x7f0000400000/0x1000)=nil, 0x20400000}, 0x1})
syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
syz_open_dev$MSR(&(0x7f0000000040), 0xfffffffffffffffb, 0x0)

1.763000926s ago: executing program 0 (id=1953):
symlinkat(&(0x7f0000000180)='.\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, 0x0, &(0x7f0000000080), 0x0, &(0x7f0000000300)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@volatile}, {@verity_off}]})
chdir(&(0x7f00000003c0)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file7\x00', 0x1ac)
renameat2(0xffffffffffffff9c, &(0x7f0000000780)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file7/file0\x00', 0x0)

1.761464526s ago: executing program 2 (id=1954):
r0 = socket$inet(0x2, 0x3, 0x6)
socket$inet_tcp(0x2, 0x1, 0x0)
mprotect(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x1000007)
syz_usb_connect(0x0, 0x36, &(0x7f00000004c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a8230800090400bc6435fb4d00090503034d00ff99090805", @ANYRES32], &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
r1 = syz_open_dev$loop(&(0x7f0000000440), 0xf, 0x183043)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f00000005c0)={r2, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x4, 0x1d, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09d0200fb0a010000000000f5ffff0200", "2809e8dbe10859892d0000b420a9c81f40f05f819e0117020000f20020000000e903001000", "90be8b1c5512406c7f00", [0x4, 0x5]}})
r3 = syz_open_dev$loop(&(0x7f0000000300), 0x4, 0x0)
ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f0000001280)={r1, 0x200, {0x2a12, 0x80010000, 0x0, 0x3, 0x20000000000006, 0x0, 0x0, 0x3, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7ca64c6a4b4e00d9683dda1af1ea80000000000000000000000deff1200100000000000000000000000000800", "2809a9000000038948224ad54afac11d875375bdb2420000b420a1a93c7540f4767f9e01177d3dd40600000061ac000000800800", "90be8b1c55f96400", [0x5, 0x4]}})
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$sock_inet_SIOCSARP(r0, 0x8953, &(0x7f0000000000)={{0x2, 0x1000, @local}, {0x7, @local}, 0x42, {0x2, 0x0, @private=0xa010102}, 'syz_tun\x00'})
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
bind$inet6(r4, &(0x7f0000000080)={0xa, 0x4e24, 0x2df, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7}, 0x1c)

1.748081106s ago: executing program 4 (id=1955):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
r2 = openat$selinux_policy(0xffffff9c, &(0x7f0000000300), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r2, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000b40)={0xffffffffffffffff, 0xfffff000}, 0xc)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r3 = dup3(r1, r0, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, 0x0)

1.713281113s ago: executing program 0 (id=1956):
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$kcm(0x29, 0x2, 0x0)
sendmmsg(r0, &(0x7f00000080c0)=[{{&(0x7f00000001c0)=@rxrpc=@in6={0x21, 0x2, 0x2, 0x1c, {0xa, 0x4e24, 0x6, @loopback, 0x815d}}, 0x80, &(0x7f0000000900)=[{&(0x7f0000000400)="c995239e884cb6d845b7d1ce9a2afacdde7f588458856479e3bd36949979b098fb56eab8d14b3ac414ec39459df23d59a2fbe4c836f46e6e64d19e9b6fd6ba578d6873fcb717429dd963bf6267eb2f21e49160db80c76274cfce4e0aac65a6160fce46f395025e603a86b003a7281ec69e52c3f8b2f7d01f8af610e47eae1561030f9d07ef0b7ba1ebec75e7e9825faf87e4f456489151c66fe2d285ef54d8c8d55b3d83e8e34b4db0", 0xa9}, {&(0x7f0000000540)="cd066d19b17b6b42550476", 0xb}, {0x0}], 0x3, &(0x7f0000000980)}}], 0x1, 0x4000045)
ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x89e0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/kcm\x00')
preadv(r2, 0x0, 0x0, 0x182, 0x0)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r3, 0xaf01, 0x0)
r4 = eventfd(0xfffffff9)
ioctl$VHOST_SET_LOG_FD(r3, 0x4004af07, &(0x7f0000000240)=r4)
ioctl$VHOST_SET_VRING_KICK(r3, 0x4008af20, &(0x7f0000000040)={0x1, r4})
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/246, 0x0, &(0x7f0000000480)=""/70, 0x100000})
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0x73, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_SET_VRING_ERR(r3, 0x4008af22, &(0x7f00000002c0)={0x1, r4})
ioctl$VHOST_VSOCK_SET_RUNNING(r3, 0x4004af61, &(0x7f0000000300)=0x1)

1.620929872s ago: executing program 0 (id=1957):
r0 = syz_open_dev$vim2m(&(0x7f0000000140), 0x80, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1, 0x1, 0x1}) (async)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x1, 0x1, 0x1})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xe1000, 0x280000b, 0x28011, r0, 0x0)
socket$packet(0x11, 0x3, 0x300) (async)
socket$packet(0x11, 0x3, 0x300)
socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000380)={'veth0_vlan\x00', <r4=>0x0})
shutdown(r2, 0x0)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_MCAST_LEAVE_GROUP(r5, 0x0, 0x2d, &(0x7f0000000240)={0x7ff, {{0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xb}}}}, 0x88)
ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={@private2, 0x0, r4}) (async)
ioctl$sock_inet6_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000000)={@private2, 0x0, r4})
socket$inet6_sctp(0xa, 0x1, 0x84) (async)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) (async)
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
getsockopt$bt_BT_CHANNEL_POLICY(r7, 0x112, 0x4, 0x0, &(0x7f0000000080))
setsockopt$inet6_mreq(r6, 0x29, 0x1b, &(0x7f0000000040)={@private2, r4}, 0x14)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB="280000001000010029bd7000fcdbdf2500000000", @ANYRES32=r4, @ANYBLOB="3a8d04005a1000000800040044"], 0x28}, 0x1, 0x0, 0x0, 0x40801}, 0x4000000)
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r9 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r9, 0x8924, &(0x7f00000000c0)={'ip6_vti0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}) (async)
ioctl$SIOCSIFHWADDR(r9, 0x8924, &(0x7f00000000c0)={'ip6_vti0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})
r10 = syz_open_dev$dri(&(0x7f0000000180), 0x78, 0x802)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r10, 0xc05064a7, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0})
close_range(r8, 0xffffffffffffffff, 0x0)

1.619274523s ago: executing program 4 (id=1958):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x38011, r0, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0xf)
r1 = syz_open_dev$video4linux(&(0x7f0000000000), 0x1, 0x0)
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$SCSI_IOCTL_GET_PCI(0xffffffffffffffff, 0x5393, 0x0)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[], 0x3c}}, 0xc010)
ioctl$VIDIOC_LOG_STATUS(r1, 0x5646, 0x0)
ioctl$VIDIOC_EXPBUF(r1, 0xc0405610, &(0x7f0000000040)={0xa, 0x5, 0x5785})
mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x9)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x8}, 0x3b)
ioctl$FE_GET_FRONTEND(r3, 0x80246f4d, &(0x7f0000000280))
ioctl$SG_SCSI_RESET(0xffffffffffffffff, 0x2284, 0x0)
r7 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
epoll_pwait2(r7, &(0x7f0000000080)=[{}, {}, {}], 0x3, &(0x7f00000000c0)={0x0, 0x3938700}, &(0x7f0000000100), 0x8)
sendfile(r0, r0, 0x0, 0x2000fb)

1.483112354s ago: executing program 0 (id=1959):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETFB(r0, 0xc01c64ad, &(0x7f0000000340))

1.464341504s ago: executing program 0 (id=1960):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB="070000ed8725960ea0251b6e2711a728f30000000000000000000000000000eb0000b4cd137e3361dc67980b3d6f42abf31ebc9e496c73c91ab8d0f4d59801f13ad0d426a4faa237b36ee496056bf1214138d4702bd9eeb3831cc050ad5960628bf0f1", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000050000000100"/28], 0x50)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000680)={'gre0\x00', &(0x7f0000000580)={'ip_vti0\x00', <r1=>0x0, 0x1, 0x7, 0x7, 0x6d97, {{0x34, 0x4, 0x2, 0x12, 0xd0, 0x67, 0x0, 0x0, 0x2f, 0x0, @dev={0xac, 0x14, 0x14, 0x11}, @empty, {[@noop, @lsrr={0x83, 0x17, 0xcf, [@multicast2, @private=0xa010101, @empty, @multicast1, @local]}, @ssrr={0x89, 0x7, 0xe0, [@loopback]}, @generic={0x86, 0xb, "d176f4200769308156"}, @lsrr={0x83, 0x7, 0xd4, [@broadcast]}, @timestamp_addr={0x44, 0x4c, 0xe3, 0x1, 0x5, [{@loopback, 0x80}, {@rand_addr=0x64010102, 0x6}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4}, {@remote, 0xfffffff4}, {@empty, 0x2}, {@empty, 0x8}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x2}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0xfffffff9}, {@multicast1, 0xfffffff1}]}, @cipso={0x86, 0x3d, 0x2, [{0x2, 0x10, "6e75e7bba4f059c7bd87555808e4"}, {0x0, 0x6, "7667e841"}, {0x2, 0x2}, {0x7, 0xe, "3f8b2f70899690c230711f41"}, {0x0, 0x11, "364970da6facf1c8ebaecf13f7ecf5"}]}, @end]}}}}})
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00')
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000005c0)=ANY=[@ANYBLOB="a0000000210001000000000005000000ff010000000000000000000000000001fc00000000000000000000000000000000000005000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000500011000a0101020000010001000000000000000000000000000000000010000000000000000000000000000000000000000000fe80000000000000000000000000003f3c00000005e7487b97f5c37c"], 0xa0}, 0x1, 0x0, 0x0, 0x20044041}, 0x0)
read$FUSE(r2, &(0x7f0000003040)={0x2020}, 0x207c)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0200000002000b00ff0f0000ff01000080000000", @ANYRES32=r0, @ANYBLOB="0200"/20, @ANYRES32=r1, @ANYRES32=r2, @ANYBLOB="0500000001000000010000000a00"/28], 0x50)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x4, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = inotify_init1(0x0)
inotify_add_watch(r7, &(0x7f0000000200)='.\x00', 0x400)
dup(r7)
r8 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r8, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r8, 0x0, 0xca, &(0x7f0000003d80)={0x1, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @rand_addr=0x64010101}, 0x10)
ioctl$vim2m_VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, &(0x7f0000000400)={0xf0f000, 0x1})
setsockopt$inet_mreq(r8, 0x0, 0x23, &(0x7f0000000000)={@dev={0xac, 0x14, 0x14, 0x2a}, @local}, 0x8)
syz_emit_ethernet(0x66, &(0x7f0000000340)=ANY=[@ANYBLOB], 0x0)
r9 = socket(0x10, 0x2, 0x0)
write(r9, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c)
recvmmsg(r9, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})

999.113285ms ago: executing program 3 (id=1961):
socket$inet6_sctp(0xa, 0x5, 0x84)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
syz_extract_tcp_res$synack(&(0x7f00000000c0), 0x1, 0x0)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$RTC_WKALM_RD(0xffffffffffffffff, 0x80287010, &(0x7f0000000000))
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, 0x0, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = socket$unix(0x1, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000000)={'vxcan0\x00', <r3=>0x0})
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r4, &(0x7f0000000200)={0x1d, r3}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c1)
syz_open_dev$media(&(0x7f0000000780), 0xe9d6, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x82, 0x0)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x9, 0x0, 0x80000001, 0x7fb, 0x8, 0x100200}, 0x0, &(0x7f0000000240)={0x1e, 0x3, 0xfffffffffffffffe, 0x0, 0x0, 0xa}, 0x0, 0x0)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x1, &(0x7f0000000340)=ANY=[@ANYBLOB="f5729e7331a1691ebdc72c31c5e8ee04d721209f5939aadb6cf21bfe7757cbeb10e6d55911d23c93ce0533e2725cc2ea3f5fce6235cd4bf95ea78159dbefc067358994f8143f2115a6f48a2fb16ed1fba60cfebe3967bbfce500", @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00'])
newfstatat(0xffffffffffffff9c, &(0x7f000000ef00)='./file0\x00', &(0x7f000000ef40), 0x4000)
sendmsg$can_bcm(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="01000000d7fe68ca7e4d5d5bdbe70000", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r3, @ANYRES64=r2, @ANYBLOB="3bf81bb9e9"], 0x20000600}, 0x1, 0x0, 0x0, 0x1000}, 0x80)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
socket$nl_route(0x10, 0x3, 0x0)

895.432772ms ago: executing program 1 (id=1962):
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x30403, 0x0)
r0 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x121602, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000003c0)=0x11)
syz_usb_connect(0x4, 0x2d, &(0x7f0000000140)=ANY=[@ANYRES16=r0], 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
fcntl$lock(r1, 0x410, &(0x7f0000000080)={0x0, 0x0, 0x4, 0x1fd})
r2 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000180), 0x2004890, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB="a8ca"])

634.989775ms ago: executing program 4 (id=1963):
mount$9p_fd(0x0, 0x0, &(0x7f00000002c0), 0x200480, 0x0)
r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "5d9bc136c963254c661fb620148b6f72ca6ae2a44829bfa79ec13499f8ec9077d85d879711d98bb1687ad36dfe5f14a7b0ce15c1e6be0e7ecabfdfde0dfa00b1"}, 0x48, 0xffffffffffffffff)
keyctl$setperm(0x5, r0, 0x2040403)
keyctl$KEYCTL_WATCH_KEY(0x6, r0, 0xffffffffffffffff, 0xaa)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
mount(&(0x7f0000000300)=@rnullb, &(0x7f0000000280)='./file0\x00', &(0x7f0000000040)='jffs2\x00', 0x2010009, &(0x7f00000001c0)='\x00\x00\x00\x10\x00\x00\x00')
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000040)={@local, 0x80100000, 0x1, 0x1, 0xa, 0x9, 0xfffe}, 0x20)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), r2)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYRES16=r3], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x700)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, 0x0, 0x80)
syz_emit_ethernet(0x4a, &(0x7f0000000340)=ANY=[@ANYBLOB="aae8ad385faaffffffffffff889445d8003c069078ac14bb00000000000000000000000000000000014776bc4cc64423eb30871c0b000300"/77], 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_inet_SIOCSIFPFLAGS(0xffffffffffffffff, 0x8934, &(0x7f0000000040)={'virt_wifi0\x00', 0x2})
ioctl(r4, 0x8b32, &(0x7f0000000040))
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000140)={0x6}, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANE(0xffffffffffffffff, 0xc02064b6, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x59, &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$DRM_IOCTL_MODE_CURSOR(r6, 0xc01c64a3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000600)=ANY=[@ANYBLOB="7000000010000100"/20, @ANYRES32, @ANYRES8=r2, @ANYRES32], 0x70}}, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="1c0000001a005f0214f9f407000904001f000000ff020002000000", 0x1b)
bind$netlink(0xffffffffffffffff, &(0x7f00000000c0)={0x10, 0x0, 0x25dfdbfe, 0x10}, 0xc)
getsockopt$IP_VS_SO_GET_TIMEOUT(0xffffffffffffffff, 0x0, 0x486, &(0x7f0000000680), &(0x7f00000006c0)=0xc)
ioctl$FE_GET_PROPERTY(0xffffffffffffffff, 0x80106f53, 0x0)
syz_genetlink_get_family_id$gtp(&(0x7f0000000200), 0xffffffffffffffff)
r7 = socket(0x2c, 0x80805, 0x2)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f0000001080)={0x0, 0x10, &(0x7f00000010c0)=[@in={0x2, 0x0, @multicast2}]}, &(0x7f0000000180)=0x10)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r1)

450.259435ms ago: executing program 0 (id=1964):
r0 = fsopen(&(0x7f00000000c0)='cgroup2\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
getsockopt(0xffffffffffffffff, 0x114, 0x2718, 0x0, &(0x7f00000000c0))
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000380)={0x0, @in6={{0xa, 0x4e22, 0x9, @initdev={0xfe, 0x88, '\x00', 0x3, 0x0}, 0x4}}, 0x8, 0x3, 0x7, 0x0, 0x3}, &(0x7f0000000440)=0x98)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
ioctl$SNDCTL_DSP_SETTRIGGER(r3, 0x40045010, &(0x7f0000000080)=0x7)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r5 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000300)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r5}})
setsockopt$sock_int(r4, 0x1, 0x9, &(0x7f0000000080)=0x114c, 0x4)
setsockopt$inet_int(r4, 0x0, 0x13, &(0x7f0000000000)=0xffffff7e, 0x4)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="4401000010000100feffffbf00010000ac1414aa00000000000000000000000000000000000000000000ffffac1414bb000103944e230005000000003a000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff020000000000000000000000000001000004d46c000000ac1414bb000000000000000000000000000000000000000009000000000000000600000000000000ffff0000000000001c250800000000000200000000000000f8ffffffffffffff000000e000000000060000000700000200000000000000001f00000000000000ff0100000000000002000000fcffffff000000002abd7000043500000a0001fd2000000000000000480003006465666c617465000000000000000000000000000000000000c078000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c0015005a073500030000007bf5541348007377ac1989240c1c5bdebfeb1a72f48ef05dcf88c6516f2d96f4164c4af4a9e25a004020645da4e2493c3c6fd4372f1a73dfa557dcd73d351f065faf233e4d05a25fbeec470ae364520e006aa3ef70a97b625571c415243343e29707ea1c9929d2cfbbbe5285330ab0b9471d9a8933b20929822a3c86ed237617c0f1ca3eef3a2ce95488721b9da844dfa06191f1afa4fda3b04e35b763801e8655294501221d74a25cc81d071a964d7e1ae6525f333d7e7aa22ac7e9221fc1ac2be8a1b359fd"], 0x144}, 0x1, 0x0, 0x0, 0x8801}, 0x10)
ioctl$NILFS_IOCTL_GET_CPSTAT(r7, 0x80186e83, &(0x7f0000000300))
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000001f80)={0x0, 0x0, 0x0}, 0x0)
r8 = fsmount(r0, 0x0, 0x0)
r9 = openat$cgroup_subtree(r8, &(0x7f0000000200), 0x2, 0x0)
write$cgroup_subtree(r9, &(0x7f0000000040)=ANY=[@ANYBLOB="f71261501010c791"], 0x8)
r10 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r10, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYRES16], 0x38}, 0x1, 0x0, 0x0, 0x8040040}, 0x810)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r10, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000015c0)=ANY=[@ANYBLOB="18000000041401002dbd7000fedbdf250800010000000000ba30b28e994c1a08786eb8", @ANYRESOCT], 0x18}, 0x1, 0x0, 0x0, 0x671ec167a4b72164}, 0x0)

393.566323ms ago: executing program 4 (id=1965):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b19, &(0x7f0000000000)={'wlan1\x00'})
r1 = timerfd_create(0x0, 0x0)
timerfd_settime(r1, 0x3, &(0x7f0000000440)={{0x0, 0x3938700}}, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ff4000/0xa000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f000068c000/0xc000)=nil, &(0x7f0000817000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r2 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="16"], 0x50)
io_uring_enter(r2, 0x2219, 0x7721, 0x16, 0x0, 0x0)
clock_adjtime(0x0, &(0x7f0000000000)={0x3ff, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x1000, 0x100000001, 0x2, 0x3, 0x0, 0x3})
r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000086a04270000000000000109022400010000000009040000010300000009210000000122450009058103"], 0x0)
syz_usb_control_io(r3, 0x0, 0x0)
socket(0x1a, 0x80000, 0x7)
r4 = syz_usb_connect$midi(0x1, 0x90, &(0x7f0000000100)={{0x12, 0x1, 0x79, 0x0, 0x0, 0x0, 0x10, 0x1235, 0x10, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x7e, 0x1, 0x1, 0xe, 0xe0, 0x8, "", {{{0x9, 0x4, 0x0, 0x0, 0x6, 0x1, 0x3, 0x20, 0x1, [@ms_header={0x7, 0x24, 0x1, 0xfffe, 0x7}], [{{0x9, 0x5, 0x9, 0x8, 0x20, 0x7, 0x6, 0x3, {0x4}}}, {{0x9, 0x5, 0xa, 0x2, 0x20, 0x8f, 0x8, 0x9, {0x6, 0x25, 0x1, 0x2, "0997"}}}, {{0x9, 0x5, 0x4, 0x0, 0x8, 0x0, 0xfd, 0x10, {0x14, 0x25, 0x1, 0x10, "c1fd58e0845a2c4b7b28f10d4f8408ab"}}}, {{0x9, 0x5, 0x2, 0x3, 0x10, 0x4a, 0x0, 0x1, {0x8, 0x25, 0x1, 0x4, "9a76f560"}}}, {{0x9, 0x5, 0xe, 0x3, 0x40, 0x7, 0x2, 0x2, {0x5, 0x25, 0x1, 0x1, ')'}}}, {{0x9, 0x5, 0xd, 0x4, 0x8, 0x0, 0x7, 0x64, {0x4}}}]}}}}}]}}, &(0x7f0000000440)={0xa, &(0x7f00000001c0)={0xa, 0x6, 0x310, 0x1, 0x6, 0xaa, 0x38, 0x2}, 0x19, &(0x7f0000000200)={0x5, 0xf, 0x19, 0x2, [@ss_cap={0xa, 0x10, 0x3, 0x0, 0x5, 0x7, 0x7, 0xbe1}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x2, 0x5, 0x8, 0x400}]}, 0x3, [{0x4, &(0x7f0000000240)=@lang_id={0x4, 0x3, 0x418}}, {0xa2, &(0x7f0000000280)=@string={0xa2, 0x3, "6dd6bd6f7542c3fecd25124e0edf351cde1f04f22e516f93ec0be4bf59b2b7f02817ee85fed50d2df94df7c73952b654a54b83b1e6f4db15b2dda233af4e04b660e89df4b3dcb4eef831a41afbdae0c6c705775a0724b0a422b5398a56caa3c801941aaaea2acdbf8979e006ef95cd525eb301a38642571ad55b09300b1a10c1503aa6d379000859d3e23818067bc6e055085ca53aba42aed0a686816cbfeb72"}}, {0xdd, &(0x7f0000000340)=@string={0xdd, 0x3, "ef125e759adc38f0e9e4cfdf745a7e09f1c74885d7f0f98e8ebc95714f0cc3f1836d051ba8be0bc31065a03a7ba2609b5e5cd524ca74e010dab04c7bfbe6211daced9ef7e5c7a72f17aa7c733296de570e9c38332fe6272f8273f1421ce58f61731cdb44ea51303d60cb09744fd1dfe297aab32a0cc206c4857ca75d8a1b7e36b5213469ac7a9ee616c043c562ded374a2e0f90af1c9aacfe182081f830e599ff7a07f34f9b5330bc5383242af8d5c5da55f7be983003a3b209f930775259becd9205019c8ed172ae3f2dcafbdfc8ff97adf4663da460a12c7eced"}}]})
syz_usb_control_io$lan78xx(r4, &(0x7f0000000580)={0x14, &(0x7f0000000480)={0x40, 0xf, 0x8e, {0x8e, 0x21, "85939731e28aa3319b036bebef705c9e40b4e96cd61f18bb2040fc77cc69fbb8955401b2863f85047337af8ec1d2f21e89654ffdc76d44672cce982ba1e638100f51e56da92d28a33a0a70e6990a65f7f7a2ff13829799f453d334ec3e67c24b224fa3b6a3d559d5b8e853ccc333269d7c4bb15de0792b76351f6999d5868d73ae164872a329a4096f781202"}}, &(0x7f0000000540)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x480a}}}, &(0x7f00000007c0)={0x34, &(0x7f00000005c0)={0x40, 0x8, 0x92, "207fd13ee55eb94e4553ad454ae9ec1088bc7a0f31a7318f48715e0fef2c469c51b30820d5ba7c21c72e6744d8a1689f196dfcd19f685e480f964e491b56bb71277918ca3d48b33d25acad70dc9ae204c7ac828dce870c3fb0d20d43647d4192f9596ac641fbc3e6430b8d13030cd040a4fb7a4774e6d182d5d5b6ff45cbb63862169abb0d1c7a42cdf5ab97c71a956b8fd2"}, &(0x7f0000000680)={0x0, 0xa, 0x1, 0x1}, &(0x7f00000006c0)={0x0, 0x8, 0x1, 0xfb}, &(0x7f0000000700)={0xc0, 0xa1, 0x4, 0x4445}, &(0x7f0000000740)={0x40, 0xa0, 0x4, 0x5}, &(0x7f0000000780)={0xc0, 0xa2, 0x2f, "3773b6e3cae57603010bdb5311ecac7a606e549ddcb95630673f7ad540f4d8b0480ee9d33fb615196f350da8d1389c"}})
syz_usb_control_io(r3, &(0x7f0000000040)={0x2c, &(0x7f00000000c0)=ANY=[@ANYRES64], 0x0, 0x0, 0x0, 0x0}, 0x0)

21.959683ms ago: executing program 1 (id=1966):
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000029000/0x18000)=nil, 0x0, 0x0, 0x7d, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$kcm(0x11, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000440)={'syzkaller0\x00', <r3=>0x0})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r4)
r5 = socket(0x400000000010, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffff9, {0x0, 0x0, 0x0, r6, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=@newtfilter={0x70, 0x2c, 0xf3f, 0x70fd2c, 0x25dfdbbd, {0x0, 0x0, 0x0, r6, {0xc, 0xc}, {}, {0x7, 0x300}}, [@filter_kind_options=@f_basic={{0xa}, {0x40, 0x2, [@TCA_BASIC_EMATCHES={0x3c, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x2}}, @TCA_EMATCH_TREE_LIST={0x30, 0x2, 0x0, 0x1, [@TCF_EM_META={0x18, 0x1, 0x0, 0x0, {{0x7, 0x4, 0x1}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x0, 0x86, 0x2}, {0x5, 0x7}}}]}}, @TCF_EM_CANID={0x14, 0x2, 0x0, 0x0, {{0x1, 0x7, 0x4}, {{0x3, 0x0, 0x1}, {0x4, 0x0, 0x1}}}}]}]}]}}]}, 0x70}, 0x1, 0x0, 0x0, 0x20041090}, 0x4880)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
sendmsg$kcm(r2, &(0x7f00000000c0)={&(0x7f0000000500)=@xdp={0x2c, 0x7, r3, 0x1006}, 0x80, &(0x7f0000000640)=[{0x0}], 0x1}, 0x20004014)

0s ago: executing program 3 (id=1967):
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$kcm(0x29, 0x2, 0x0)
sendmmsg(r0, &(0x7f00000080c0)=[{{&(0x7f00000001c0)=@rxrpc=@in6={0x21, 0x2, 0x2, 0x1c, {0xa, 0x4e24, 0x6, @loopback, 0x815d}}, 0x80, &(0x7f0000000900)=[{&(0x7f0000000400)="c995239e884cb6d845b7d1ce9a2afacdde7f588458856479e3bd36949979b098fb56eab8d14b3ac414ec39459df23d59a2fbe4c836f46e6e64d19e9b6fd6ba578d6873fcb717429dd963bf6267eb2f21e49160db80c76274cfce4e0aac65a6160fce46f395025e603a86b003a7281ec69e52c3f8b2f7d01f8af610e47eae1561030f9d07ef0b7ba1ebec75e7e9825faf87e4f456489151c66fe2d285ef54d8c8d55b3d83e8e34b4db0", 0xa9}, {&(0x7f0000000540)="cd066d19b17b6b42550476", 0xb}, {0x0}], 0x3, &(0x7f0000000980)}}], 0x1, 0x4000045)
ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x89e0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='net/kcm\x00')
preadv(r2, 0x0, 0x0, 0x182, 0x0)
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r3, 0xaf01, 0x0)
r4 = eventfd(0xfffffff9)
ioctl$VHOST_SET_LOG_FD(r3, 0x4004af07, &(0x7f0000000240)=r4)
ioctl$VHOST_SET_VRING_KICK(r3, 0x4008af20, &(0x7f0000000040)={0x1, r4})
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/246, &(0x7f00000000c0)=""/87, 0x0, 0x100000})
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0x73, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_SET_VRING_ERR(r3, 0x4008af22, &(0x7f00000002c0)={0x1, r4})
ioctl$VHOST_VSOCK_SET_RUNNING(r3, 0x4004af61, &(0x7f0000000300)=0x1)

kernel console output (not intermixed with test programs):

0x6d0
[  496.256386][T11197]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  496.256406][T11197]  vfs_read+0x1e4/0xb30
[  496.256429][T11197]  ? __pfx_vfs_read+0x10/0x10
[  496.256448][T11197]  ? __fget_files+0x215/0x3d0
[  496.256477][T11197]  ? __fget_files+0x21f/0x3d0
[  496.256506][T11197]  ksys_read+0x12a/0x250
[  496.256526][T11197]  ? __pfx_ksys_read+0x10/0x10
[  496.256544][T11197]  ? exit_to_user_mode_loop+0xe2/0x4f0
[  496.256570][T11197]  ? rcu_is_watching+0x12/0xc0
[  496.256600][T11197]  do_syscall_64+0x10b/0x860
[  496.256626][T11197]  ? clear_bhb_loop+0x40/0x90
[  496.256648][T11197]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  496.256666][T11197] RIP: 0033:0x7f8ea815d68e
[  496.256681][T11197] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  496.256697][T11197] RSP: 002b:00007f8ea8f93fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  496.256715][T11197] RAX: ffffffffffffffda RBX: 00007f8ea8f946c0 RCX: 00007f8ea815d68e
[  496.256727][T11197] RDX: 000000000000000f RSI: 00007f8ea8f940a0 RDI: 0000000000000008
[  496.256738][T11197] RBP: 00007f8ea8f94090 R08: 0000000000000000 R09: 0000000000000000
[  496.256749][T11197] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  496.256758][T11197] R13: 00007f8ea8416218 R14: 00007f8ea8416180 R15: 00007ffc4b57f3c8
[  496.256783][T11197]  </TASK>
[  496.900539][ T6353] usb 3-1: new full-speed USB device number 44 using dummy_hcd
[  497.029481][ T6344] usb 5-1: new high-speed USB device number 64 using dummy_hcd
[  497.250339][ T6353] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 254, using maximum allowed: 30
[  497.292858][ T6353] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  497.327513][ T6353] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 254
[  497.385408][ T6344] usb 5-1: config 220 has an invalid interface number: 76 but max is 2
[  497.406393][ T6353] usb 3-1: New USB device found, idVendor=046d, idProduct=c295, bcdDevice= 0.00
[  497.431701][ T6344] usb 5-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  497.448001][ T6353] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  497.471406][ T6344] usb 5-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  497.530550][ T6353] usb 3-1: config 0 descriptor??
[  497.546429][T11200] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  497.558520][ T6344] usb 5-1: config 220 has no interface number 2
[  497.586015][T11207] syzkaller0: entered promiscuous mode
[  497.591508][T11207] syzkaller0: entered allmulticast mode
[  497.655913][ T6344] usb 5-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  497.813568][ T6344] usb 5-1: config 220 interface 0 has no altsetting 0
[  497.860079][ T6344] usb 5-1: config 220 interface 76 has no altsetting 0
[  497.891937][ T6344] usb 5-1: config 220 interface 1 has no altsetting 0
[  497.950640][ T6344] usb 5-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  497.966921][ T6344] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  497.991490][ T6344] usb 5-1: Product: syz
[  498.006321][ T6344] usb 5-1: Manufacturer: syz
[  498.025783][ T6344] usb 5-1: SerialNumber: syz
[  498.055582][T11190] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  498.112878][T11190] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  499.288418][ T6353] usbhid 3-1:0.0: can't add hid device: -71
[  499.294595][ T6353] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  499.319935][ T6353] usb 3-1: USB disconnect, device number 44
[  499.537474][T11232] FAULT_INJECTION: forcing a failure.
[  499.537474][T11232] name failslab, interval 1, probability 0, space 0, times 0
[  499.551608][T11232] CPU: 0 UID: 0 PID: 11232 Comm: syz.0.1407 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  499.551637][T11232] Tainted: [L]=SOFTLOCKUP
[  499.551644][T11232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  499.551654][T11232] Call Trace:
[  499.551660][T11232]  <TASK>
[  499.551675][T11232]  dump_stack_lvl+0x100/0x190
[  499.551703][T11232]  should_fail_ex.cold+0x5/0xa
[  499.551728][T11232]  should_failslab+0xc2/0x120
[  499.551749][T11232]  __kmalloc_node_track_caller_noprof+0xe3/0x850
[  499.551768][T11232]  ? key_alloc+0xc6d/0x1310
[  499.551792][T11232]  ? kmem_cache_alloc_noprof+0x292/0x6e0
[  499.551822][T11232]  kmemdup_noprof+0x29/0x60
[  499.551840][T11232]  key_alloc+0xc6d/0x1310
[  499.551874][T11232]  ? __pfx_key_alloc+0x10/0x10
[  499.551897][T11232]  ? __asan_memcpy+0x3c/0x60
[  499.551934][T11232]  keyring_alloc+0x44/0xc0
[  499.551965][T11232]  keyctl_get_persistent+0x779/0x8b0
[  499.551996][T11232]  ? __pfx_keyctl_get_persistent+0x10/0x10
[  499.552023][T11232]  ? __fget_files+0x21f/0x3d0
[  499.552054][T11232]  ? ksys_write+0x1ac/0x250
[  499.552073][T11232]  ? __pfx_ksys_write+0x10/0x10
[  499.552090][T11232]  ? trace_irq_enable.constprop.0+0x31/0x160
[  499.552119][T11232]  __do_sys_keyctl+0x3b2/0x5a0
[  499.552142][T11232]  do_syscall_64+0x10b/0x860
[  499.552168][T11232]  ? clear_bhb_loop+0x40/0x90
[  499.552190][T11232]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  499.552207][T11232] RIP: 0033:0x7f793e99ce59
[  499.552221][T11232] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  499.552238][T11232] RSP: 002b:00007f793f88b028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[  499.552255][T11232] RAX: ffffffffffffffda RBX: 00007f793ec16180 RCX: 00007f793e99ce59
[  499.552266][T11232] RDX: 000000002e8fc635 RSI: 0000000000000000 RDI: 0000000000000016
[  499.552277][T11232] RBP: 00007f793f88b090 R08: 0000000000000000 R09: 0000000000000000
[  499.552287][T11232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  499.552297][T11232] R13: 00007f793ec16218 R14: 00007f793ec16180 R15: 00007ffcfefb6958
[  499.552322][T11232]  </TASK>
[  499.855028][   T30] kauditd_printk_skb: 62 callbacks suppressed
[  499.855064][   T30] audit: type=1400 audit(1796478732.264:2046): avc:  denied  { bind } for  pid=11228 comm="syz.3.1408" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  500.146599][ T6344] uvcvideo 5-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[  500.187887][ T6344] uvcvideo 5-1:220.0: No valid video chain found.
[  500.195022][ T6344] usb 5-1: selecting invalid altsetting 0
[  500.245311][ T6344] usb 5-1: selecting invalid altsetting 0
[  500.256191][ T6344] usbtest 5-1:220.1: probe with driver usbtest failed with error -22
[  500.289751][ T6344] usb 5-1: USB disconnect, device number 64
[  500.753340][ T6332] usb 3-1: new full-speed USB device number 45 using dummy_hcd
[  500.928674][ T6332] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  500.929394][ T6332] usb 3-1: config 0 has no interfaces?
[  500.930314][ T6332] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  500.930902][ T6332] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  501.200996][ T6332] usb 3-1: config 0 descriptor??
[  501.515465][T11242] netlink: 'syz.0.1413': attribute type 2 has an invalid length.
[  501.515522][T11242] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1413'.
[  502.589132][ T6330] usb 3-1: USB disconnect, device number 45
[  502.885585][ T1311] ieee802154 phy0 wpan0: encryption failed: -22
[  502.891932][ T1311] ieee802154 phy1 wpan1: encryption failed: -22
[  502.905000][ T6350] usb 5-1: new full-speed USB device number 65 using dummy_hcd
[  503.094423][ T6350] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  503.229767][ T6350] usb 5-1: config 0 has no interfaces?
[  503.298368][ T6350] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  503.418672][ T6350] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  503.639462][ T6350] usb 5-1: config 0 descriptor??
[  503.954011][ T6330] usb 2-1: new full-speed USB device number 56 using dummy_hcd
[  504.216217][ T6330] usb 2-1: config 0 has an invalid interface number: 8 but max is 0
[  504.240600][ T6330] usb 2-1: config 0 has no interface number 0
[  504.273353][ T6330] usb 2-1: config 0 interface 8 altsetting 0 has an endpoint descriptor with address 0x9F, changing to 0x8F
[  504.323317][ T6330] usb 2-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  504.415939][T11253] SELinux: security_context_str_to_sid (5���]�S9q#���) failed with errno=-22
[  504.461852][ T6344] usb 5-1: USB disconnect, device number 65
[  504.500571][T11253] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1417'.
[  504.588752][T11253] openvswitch: netlink: Missing key (keys=40, expected=80)
[  505.295117][ T6330] usb 2-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  505.306789][ T6330] usb 2-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  505.316082][ T6330] usb 2-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  505.324289][ T6330] usb 2-1: Product: syz
[  505.328795][ T6330] usb 2-1: SerialNumber: syz
[  505.350222][ T6330] usb 2-1: config 0 descriptor??
[  505.369752][ T6330] cm109 2-1:0.8: invalid payload size 0, expected 4
[  505.379098][ T6330] input: CM109 USB driver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.8/input/input14
[  505.599140][T11251] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1415'.
[  505.610132][T11251] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1415'.
[  506.000411][   T30] audit: type=1400 audit(1796478738.074:2047): avc:  denied  { setopt } for  pid=11270 comm="syz.4.1422" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  506.020623][    C0] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  506.029825][    C0] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  506.036967][    C0] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  506.044104][    C0] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  506.051295][    C0] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  506.058927][    C0] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  506.066142][    C0] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  506.073274][    C0] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  506.080375][    C0] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  506.087453][    C0] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  506.095068][ T6330] usb 2-1: USB disconnect, device number 56
[  506.101083][    C0] cm109 2-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  506.126359][ T6330] cm109 2-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  506.601677][ T6330] usb 5-1: new high-speed USB device number 66 using dummy_hcd
[  506.654559][T11285] syzkaller0: entered promiscuous mode
[  506.671015][T11285] syzkaller0: entered allmulticast mode
[  506.732757][T11287] binder: 11286:11287 ioctl 4018620d 0 returned -22
[  506.815698][ T6330] usb 5-1: New USB device found, idVendor=05d1, idProduct=2021, bcdDevice= 9.00
[  506.849791][ T6330] usb 5-1: New USB device strings: Mfr=0, Product=16, SerialNumber=0
[  506.910859][ T6330] usb 5-1: Product: syz
[  506.931991][T11290] batman_adv: batadv0: Adding interface: bridge_slave_0
[  506.965614][T11290] batman_adv: batadv0: The MTU of interface bridge_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  506.976122][ T6330] usb 5-1: config 0 descriptor??
[  507.041442][T11290] batman_adv: batadv0: Not using interface bridge_slave_0 (retrying later): interface not active
[  507.053458][ T5746] usb 3-1: new full-speed USB device number 46 using dummy_hcd
[  507.077788][ T6330] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected
[  507.089405][ T6330] usb 5-1: Detected FT232H
[  507.215825][ T5746] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 254, using maximum allowed: 30
[  507.250308][ T5746] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  507.350883][T11296] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1425'.
[  507.563594][ T6330] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  507.572415][T11293] SELinux: security_context_str_to_sid (5���]�S9q#���) failed with errno=-22
[  507.583399][ T5746] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 254
[  507.617889][ T5746] usb 3-1: New USB device found, idVendor=046d, idProduct=c295, bcdDevice= 0.00
[  507.646215][T11293] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1428'.
[  507.656146][T11293] openvswitch: netlink: Missing key (keys=40, expected=80)
[  507.664240][ T5746] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  507.694802][ T5746] usb 3-1: config 0 descriptor??
[  507.712049][T11288] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  507.894492][T11281] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  507.912066][ T6330] ftdi_sio 5-1:0.0: GPIO initialisation failed: -71
[  508.004563][ T6330] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  508.060343][ T6330] usb 5-1: USB disconnect, device number 66
[  508.090458][   T30] audit: type=1400 audit(1796478740.465:2048): avc:  denied  { write } for  pid=11299 comm="syz.0.1431" name="cgroup.subtree_control" dev="cgroup2" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  508.144726][ T6330] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  508.145036][ T6330] ftdi_sio 5-1:0.0: device disconnected
[  508.155700][T11275] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  508.155918][T11275] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  508.170969][   T30] audit: type=1400 audit(1796478740.465:2049): avc:  denied  { open } for  pid=11299 comm="syz.0.1431" path="<too_long>" dev="cgroup2" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  508.171024][   T30] audit: type=1400 audit(1796478740.465:2050): avc:  denied  { ioctl } for  pid=11299 comm="syz.0.1431" path="<too_long>" dev="cgroup2" ino=258 ioctlcmd=0x54d2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  508.941825][T11319] fuse: Unknown parameter '�r�s1�i��'
[  509.920501][T11320] syzkaller0: entered promiscuous mode
[  509.945345][T11320] syzkaller0: entered allmulticast mode
[  509.954367][ T5746] usbhid 3-1:0.0: can't add hid device: -71
[  509.960784][ T5746] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  510.007716][ T5746] usb 3-1: USB disconnect, device number 46
[  510.919437][T11339] binder: 11338:11339 ioctl 4018620d 0 returned -22
[  513.440396][T11355] overlayfs: failed to resolve './file1': -2
[  513.836367][ T6350] usb 5-1: new high-speed USB device number 67 using dummy_hcd
[  513.984746][T11362] fuse: Unknown parameter '�r�s1�i��'
[  514.141985][ T6350] usb 5-1: Using ep0 maxpacket: 8
[  514.178477][ T6350] usb 5-1: config index 0 descriptor too short (expected 5924, got 36)
[  514.715867][ T6350] usb 5-1: config 250 has an invalid interface number: 228 but max is -1
[  514.727962][ T6350] usb 5-1: config 250 has 1 interface, different from the descriptor's value: 0
[  514.747830][ T6350] usb 5-1: config 250 has no interface number 0
[  514.762156][ T6350] usb 5-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  514.788703][ T6350] usb 5-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  514.817464][ T6350] usb 5-1: config 250 interface 228 altsetting 255 has an endpoint descriptor with address 0xA2, changing to 0x82
[  514.840343][ T6350] usb 5-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 100
[  514.865794][ T6350] usb 5-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  514.883987][ T6350] usb 5-1: config 250 interface 228 has no altsetting 0
[  514.895240][ T6350] usb 5-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  514.906364][ T6350] usb 5-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  514.926646][ T6350] usb 5-1: Product: syz
[  514.931079][ T6350] usb 5-1: SerialNumber: syz
[  514.948691][ T6350] hub 5-1:250.228: bad descriptor, ignoring hub
[  514.967337][ T6350] hub 5-1:250.228: probe with driver hub failed with error -5
[  515.156422][ T6350] usblp 5-1:250.228: usblp0: USB Bidirectional printer dev 67 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  515.279986][ T6353] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[  515.440463][ T6353] usb 3-1: Using ep0 maxpacket: 32
[  515.449298][ T6353] usb 3-1: config index 0 descriptor too short (expected 35577, got 27)
[  515.458226][ T6353] usb 3-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  515.467072][ T6353] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 92
[  515.476097][ T6353] usb 3-1: config 1 has no interface number 0
[  515.482300][ T6353] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  515.493638][ T6353] usb 3-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  515.506835][ T6353] usb 3-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  515.515927][ T6353] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  515.530314][ T6353] snd_usb_pod 3-1:1.1: Line 6 Pocket POD found
[  515.730378][ T6353] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now attached
[  515.747235][ T6353] usb 3-1: USB disconnect, device number 47
[  515.754112][ T6353] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now disconnected
[  516.128518][T11347] usb 5-1: reset high-speed USB device number 67 using dummy_hcd
[  516.523460][    C0] usblp0: nonzero read bulk status received: -71
[  516.720953][ T6350] usb 5-1: USB disconnect, device number 67
[  517.067513][ T6350] usblp0: removed
[  517.506549][T11407] binder: BINDER_SET_CONTEXT_MGR already set
[  517.513151][T11407] binder: 11406:11407 ioctl 4018620d 200000004a80 returned -16
[  517.542075][T11408] fuse: Unknown parameter '�r�s1�i��'
[  518.010978][   T30] audit: type=1400 audit(1797527326.301:2051): avc:  denied  { getopt } for  pid=11419 comm="syz.0.1464" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  518.623561][ T5717] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[  518.860172][ T6350] usb 2-1: new full-speed USB device number 57 using dummy_hcd
[  518.912596][ T5717] usb 3-1: Using ep0 maxpacket: 32
[  518.985169][ T5717] usb 3-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64
[  519.031600][ T5717] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  519.071495][ T6350] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  519.132994][ T5717] usb 3-1: config 0 descriptor??
[  519.150366][ T6350] usb 2-1: config 0 has no interfaces?
[  519.212742][ T6350] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  519.335379][ T6350] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  519.447509][ T5717] as10x_usb: device has been detected
[  519.566761][ T5717] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle)
[  519.585812][ T6350] usb 2-1: config 0 descriptor??
[  519.594416][T11427] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  519.757986][T11427] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  520.004252][T11427] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1466'.
[  520.554745][ T5717] usb 3-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)...
[  520.614416][ T6350] usb 2-1: USB disconnect, device number 57
[  520.634854][   T30] audit: type=1400 audit(1797527328.858:2052): avc:  denied  { write } for  pid=11438 comm="syz.4.1469" name="file0" dev="tmpfs" ino=1574 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  520.760087][   T30] audit: type=1400 audit(1797527328.858:2053): avc:  denied  { open } for  pid=11438 comm="syz.4.1469" path="/294/file0" dev="tmpfs" ino=1574 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  520.827742][ T5717] as10x_usb: error during firmware upload part1
[  520.869442][ T5717] Registered device nBox DVB-T Dongle
[  520.965062][ T5717] usb 3-1: USB disconnect, device number 48
[  521.308378][T11447] binder: BINDER_SET_CONTEXT_MGR already set
[  521.446988][   T30] audit: type=1400 audit(1797527328.858:2054): avc:  denied  { ioctl } for  pid=11438 comm="syz.4.1469" path="/294/file0" dev="tmpfs" ino=1574 ioctlcmd=0x1273 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  521.453944][T11447] binder: 11445:11447 ioctl 4018620d 200000004a80 returned -16
[  521.723621][ T5717] Unregistered device nBox DVB-T Dongle
[  521.728177][   T30] audit: type=1400 audit(1797527329.930:2055): avc:  denied  { write } for  pid=11450 comm="syz.1.1472" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  521.735082][ T5717] as10x_usb: device has been disconnected
[  521.832713][T11452] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1472'.
[  521.899568][T11452] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1472'.
[  521.942683][T11457] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1474'.
[  521.946365][T11452] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1472'.
[  521.952115][T11457] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1474'.
[  522.234558][T11466] SELinux: security_context_str_to_sid (5���]�S9q#���) failed with errno=-22
[  522.260531][T11466] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1476'.
[  522.269455][T11466] openvswitch: netlink: Missing key (keys=40, expected=80)
[  522.451568][T11467] SELinux: security_context_str_to_sid (5���]�S9q#���) failed with errno=-22
[  522.495729][T11467] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1475'.
[  522.522583][T11467] openvswitch: netlink: Missing key (keys=40, expected=80)
[  523.234024][T11481] fuse: Unknown parameter '�r�s1�i��'
[  526.276853][T11518] SELinux: security_context_str_to_sid (5���]�S9q#���) failed with errno=-22
[  526.299599][T11518] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1491'.
[  526.308583][T11518] openvswitch: netlink: Missing key (keys=40, expected=80)
[  526.315989][T11523] fuse: Unknown parameter '�r�s1�i��'
[  527.128449][   T30] audit: type=1326 audit(1797527335.220:2056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11524 comm="syz.4.1493" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8ea819ce59 code=0x0
[  527.226089][T11527] SELinux: security_context_str_to_sid (5���]�S9q#���) failed with errno=-22
[  527.355742][T11527] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1494'.
[  527.446275][T11527] openvswitch: netlink: Missing key (keys=40, expected=80)
[  527.808687][T11538] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1498'.
[  530.236306][T11573] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1510'.
[  530.375961][   T30] audit: type=1400 audit(1798051626.397:2057): avc:  denied  { setopt } for  pid=11574 comm="syz.2.1511" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  530.438746][T11558] syzkaller0: entered promiscuous mode
[  530.444249][T11558] syzkaller0: entered allmulticast mode
[  530.686112][T11581] syz_tun: entered allmulticast mode
[  531.272820][T11589] netlink: 204 bytes leftover after parsing attributes in process `syz.1.1514'.
[  531.330499][T11577] syz_tun: left allmulticast mode
[  531.606833][ T6332] usb 5-1: new high-speed USB device number 68 using dummy_hcd
[  531.802105][T11596] xt_hashlimit: size too large, truncated to 1048576
[  532.350046][T11606] comedi comedi0: Minor 2147483647 is invalid!
[  532.568663][ T6332] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  532.589650][ T6332] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  532.599173][ T6332] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  532.619579][ T6332] usb 5-1: config 0 descriptor??
[  532.654329][ T6332] pwc: Askey VC010 type 2 USB webcam detected.
[  532.934188][T11613] comedi comedi0: Minor 2147483647 is invalid!
[  533.037514][ T6332] pwc: recv_control_msg error -32 req 02 val 2b00
[  533.195296][ T6332] pwc: recv_control_msg error -32 req 02 val 2700
[  533.226513][ T6332] pwc: recv_control_msg error -71 req 02 val 2c00
[  533.234938][ T6332] pwc: recv_control_msg error -71 req 04 val 1000
[  533.250411][ T6332] pwc: recv_control_msg error -71 req 04 val 1300
[  533.268882][ T6332] pwc: recv_control_msg error -71 req 04 val 1400
[  533.282382][T11619] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1522'.
[  533.325417][ T6332] pwc: recv_control_msg error -71 req 02 val 2000
[  533.340829][T11624] syz.1.1522 (11624): drop_caches: 4
[  533.348200][ T6332] pwc: recv_control_msg error -71 req 02 val 2100
[  533.355741][ T6332] pwc: recv_control_msg error -71 req 04 val 1500
[  533.369934][T11619] netlink: 43 bytes leftover after parsing attributes in process `syz.1.1522'.
[  533.414683][ T6332] pwc: recv_control_msg error -71 req 02 val 2500
[  533.421434][T11619] netlink: 'syz.1.1522': attribute type 5 has an invalid length.
[  533.463790][T11619] netlink: 43 bytes leftover after parsing attributes in process `syz.1.1522'.
[  533.467047][ T6332] pwc: recv_control_msg error -71 req 02 val 2400
[  533.498407][T11622] tipc: Started in network mode
[  533.524023][T11622] tipc: Node identity 06f0b813ae7f, cluster identity 4711
[  533.534823][ T6332] pwc: recv_control_msg error -71 req 02 val 2600
[  533.555418][ T6332] pwc: recv_control_msg error -71 req 02 val 2900
[  533.562745][T11622] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  533.569772][ T6332] pwc: recv_control_msg error -71 req 02 val 2800
[  533.577229][ T6332] pwc: recv_control_msg error -71 req 04 val 1100
[  533.590502][T11630] syzkaller0: entered promiscuous mode
[  533.597219][T11630] syzkaller0: entered allmulticast mode
[  533.603328][ T6332] pwc: recv_control_msg error -71 req 04 val 1200
[  533.626782][ T6332] pwc: Registered as video103.
[  533.649609][ T6332] input: PWC snapshot button as /devices/platform/dummy_hcd.4/usb5/5-1/input/input15
[  533.705674][ T6332] usb 5-1: USB disconnect, device number 68
[  533.972372][T11620] tipc: Resetting bearer <eth:syzkaller0>
[  534.427697][T11620] tipc: Disabling bearer <eth:syzkaller0>
[  534.600570][T11655] fuse: Unknown parameter '�r�s1�i��'
[  534.862600][T11643] syzkaller0: entered promiscuous mode
[  534.868064][T11643] syzkaller0: entered allmulticast mode
[  535.396247][T11657] binder: BINDER_SET_CONTEXT_MGR already set
[  535.414742][T11657] binder: 11656:11657 ioctl 4018620d 200000004a80 returned -16
[  535.706358][T11669] overlayfs: failed to create directory ./file0/work (errno: 13); mounting read-only
[  535.758731][T11669] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off.
[  535.934127][T11669] overlayfs: failed to get uuid (317/file2, err=-13); falling back to uuid=null.
[  536.308019][T11685] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1542'.
[  536.534257][ T1108] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  536.556668][ T5717] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[  536.731183][ T5717] usb 3-1: Using ep0 maxpacket: 8
[  536.768929][T11696] fuse: Unknown parameter '�r�s1�i��'
[  537.538518][ T1108] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  537.554938][ T5717] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  537.566794][ T5717] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  537.576651][ T5717] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  537.589701][ T5717] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2c24, bcdDevice= 0.00
[  537.605467][ T4931] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  537.617218][ T4931] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  537.626056][ T5717] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  537.634179][ T4931] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  537.641895][ T4931] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  537.649476][ T4931] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  537.664006][ T5717] usb 3-1: config 0 descriptor??
[  537.889488][T11706] SELinux: security_context_str_to_sid (5���]�S9q#���) failed with errno=-22
[  538.050886][T11701] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1546'.
[  538.059838][T11701] openvswitch: netlink: Missing key (keys=40, expected=80)
[  538.258104][T11715] fuse: fd is not a fuse device
[  538.310798][ T1108] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  538.950766][ T1108] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  539.232416][ T6353] usb 5-1: new high-speed USB device number 69 using dummy_hcd
[  539.394815][ T6353] usb 5-1: config 0 has an invalid interface number: 140 but max is 0
[  539.437047][ T6353] usb 5-1: config 0 has no interface number 0
[  539.461864][ T6353] usb 5-1: config 0 interface 140 altsetting 32 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  539.486555][ T6353] usb 5-1: config 0 interface 140 altsetting 32 endpoint 0x81 has invalid wMaxPacketSize 0
[  539.507536][ T1108] bridge_slave_1: left allmulticast mode
[  539.520970][ T1108] bridge_slave_1: left promiscuous mode
[  539.528052][ T6353] usb 5-1: config 0 interface 140 altsetting 32 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  539.546425][ T1108] bridge0: port 2(bridge_slave_1) entered disabled state
[  539.603598][ T6353] usb 5-1: config 0 interface 140 has no altsetting 0
[  539.710609][ T6353] usb 5-1: New USB device found, idVendor=28bd, idProduct=0905, bcdDevice= 0.00
[  539.768392][ T6353] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  539.802907][ T1108] bridge_slave_0: left allmulticast mode
[  539.855572][ T1108] bridge_slave_0: left promiscuous mode
[  539.880502][   T50] Bluetooth: hci3: command tx timeout
[  539.975780][ T1108] bridge0: port 1(bridge_slave_0) entered disabled state
[  539.997227][ T5717] usbhid 3-1:0.0: can't add hid device: -71
[  540.041705][ T6353] usb 5-1: config 0 descriptor??
[  540.096158][ T5717] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  540.458686][ T5717] usb 3-1: USB disconnect, device number 49
[  540.622581][ T6353] uclogic 0003:28BD:0905.000E: interface is invalid, ignoring
[  540.859033][T11754] FAULT_INJECTION: forcing a failure.
[  540.859033][T11754] name failslab, interval 1, probability 0, space 0, times 0
[  540.871762][T11754] CPU: 1 UID: 0 PID: 11754 Comm: syz.2.1557 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  540.871789][T11754] Tainted: [L]=SOFTLOCKUP
[  540.871795][T11754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  540.871805][T11754] Call Trace:
[  540.871812][T11754]  <TASK>
[  540.871819][T11754]  dump_stack_lvl+0x100/0x190
[  540.871845][T11754]  should_fail_ex.cold+0x5/0xa
[  540.871869][T11754]  should_failslab+0xc2/0x120
[  540.871890][T11754]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  540.871918][T11754]  ? __alloc_skb+0x140/0x710
[  540.871941][T11754]  __alloc_skb+0x140/0x710
[  540.871957][T11754]  ? __alloc_skb+0x5b7/0x710
[  540.871974][T11754]  ? __pfx___alloc_skb+0x10/0x10
[  540.871999][T11754]  netlink_alloc_large_skb+0x69/0x150
[  540.872026][T11754]  netlink_sendmsg+0x680/0xda0
[  540.872056][T11754]  ? __pfx_netlink_sendmsg+0x10/0x10
[  540.872079][T11754]  ? __might_fault+0xc0/0x140
[  540.872113][T11754]  ____sys_sendmsg+0x9e1/0xb70
[  540.872136][T11754]  ? __pfx_netlink_sendmsg+0x10/0x10
[  540.872161][T11754]  ? __pfx_____sys_sendmsg+0x10/0x10
[  540.872183][T11754]  ? __lock_acquire+0x4a5/0x2630
[  540.872210][T11754]  ___sys_sendmsg+0x190/0x1e0
[  540.872237][T11754]  ? __pfx____sys_sendmsg+0x10/0x10
[  540.872262][T11754]  ? find_held_lock+0x2b/0x80
[  540.872305][T11754]  __sys_sendmsg+0x170/0x220
[  540.872325][T11754]  ? __pfx___sys_sendmsg+0x10/0x10
[  540.872344][T11754]  ? __pfx___schedule+0x10/0x10
[  540.872374][T11754]  ? exit_to_user_mode_loop+0xe2/0x4f0
[  540.872400][T11754]  ? rcu_is_watching+0x12/0xc0
[  540.872430][T11754]  do_syscall_64+0x10b/0x860
[  540.872455][T11754]  ? clear_bhb_loop+0x40/0x90
[  540.872476][T11754]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  540.872494][T11754] RIP: 0033:0x7f842a79ce59
[  540.872509][T11754] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  540.872526][T11754] RSP: 002b:00007f842b5d4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  540.872543][T11754] RAX: ffffffffffffffda RBX: 00007f842aa16180 RCX: 00007f842a79ce59
[  540.872554][T11754] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000009
[  540.872565][T11754] RBP: 00007f842b5d4090 R08: 0000000000000000 R09: 0000000000000000
[  540.872575][T11754] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  540.872585][T11754] R13: 00007f842aa16218 R14: 00007f842aa16180 R15: 00007fff0cbe63b8
[  540.872609][T11754]  </TASK>
[  541.458865][T11725] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  541.605033][T11725] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  541.700844][T11760] fuse: Unknown parameter '�r�s1�i��'
[  541.707465][ T5746] usb 5-1: USB disconnect, device number 69
[  541.748938][T11763] binder: BINDER_SET_CONTEXT_MGR already set
[  541.755117][T11763] binder: 11762:11763 ioctl 4018620d 200000004a80 returned -16
[  541.778344][ T1108] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  541.820349][ T1108] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  541.860450][ T1108] bond0 (unregistering): Released all slaves
[  541.884101][   T30] audit: type=1400 audit(1799100213.634:2058): avc:  denied  { write } for  pid=11735 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1776 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  542.121753][   T50] Bluetooth: hci3: command tx timeout
[  542.254184][T11766] batman_adv: batadv0: Adding interface: bridge_slave_0
[  542.254615][T11770] SELinux: security_context_str_to_sid (5���]�S9q#���) failed with errno=-22
[  542.261211][T11766] batman_adv: batadv0: The MTU of interface bridge_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  542.401649][T11766] batman_adv: batadv0: Not using interface bridge_slave_0 (retrying later): interface not active
[  542.413733][T11770] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1560'.
[  542.422834][T11770] openvswitch: netlink: Missing key (keys=40, expected=80)
[  542.519488][T11778] Bluetooth: MGMT ver 1.23
[  542.883161][   T30] audit: type=1400 audit(1799100214.615:2059): avc:  denied  { write } for  pid=11777 comm="rm" name="hook-state" dev="tmpfs" ino=1776 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  544.207718][   T50] Bluetooth: hci3: command tx timeout
[  544.708317][ T5274] 8021q: adding VLAN 0 to HW filter on device eth1
[  544.836500][T11801] syzkaller0: entered promiscuous mode
[  544.871378][T11801] syzkaller0: entered allmulticast mode
[  544.989225][T11820] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1572'.
[  545.042780][T11821] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1572'.
[  546.119826][T11829] fuse: Unknown parameter '�r�s1�i��'
[  546.323387][   T50] Bluetooth: hci3: command tx timeout
[  547.055545][T11834] SELinux: security_context_str_to_sid (5���]�S9q#���) failed with errno=-22
[  547.065973][T11834] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1575'.
[  547.074890][T11834] openvswitch: netlink: Missing key (keys=40, expected=80)
[  547.947528][   T30] audit: type=1400 audit(1799100219.588:2060): avc:  denied  { mounton } for  pid=11835 comm="syz.0.1576" path="/syzcgroup/cpu/syz0/cgroup.procs" dev="cgroup" ino=120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=file permissive=1
[  548.387535][ T5746] IPVS: starting estimator thread 0...
[  548.482745][ T1108] hsr_slave_0: left promiscuous mode
[  548.491290][ T1108] hsr_slave_1: left promiscuous mode
[  548.500364][T11849] IPVS: using max 43 ests per chain, 103200 per kthread
[  548.516088][ T1108] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  548.524368][   T30] audit: type=1326 audit(1799100220.151:2061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11840 comm="syz.2.1577" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f842a79ce59 code=0x0
[  548.561535][ T1108] batman_adv: batadv0: Removing interface: batadv_slave_0
[  548.571890][ T1108] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  548.583205][ T1108] batman_adv: batadv0: Removing interface: batadv_slave_1
[  548.779609][ T1108] veth1_macvtap: left promiscuous mode
[  548.788260][ T1108] veth0_macvtap: left promiscuous mode
[  548.800512][ T1108] veth1_vlan: left promiscuous mode
[  548.840295][ T1108] veth0_vlan: left promiscuous mode
[  549.169598][ T1108] team0 (unregistering): Port device team_slave_1 removed
[  549.182147][ T1108] team0 (unregistering): Port device team_slave_0 removed
[  549.317433][T11855] syzkaller0: entered promiscuous mode
[  549.323222][T11855] syzkaller0: entered allmulticast mode
[  549.938299][T11886] fuse: Unknown parameter '�r�s1�i��'
[  549.987632][   T30] audit: type=1400 audit(1799100221.613:2062): avc:  denied  { write } for  pid=11874 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1776 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  550.112236][   T30] audit: type=1400 audit(1799100221.741:2063): avc:  denied  { write } for  pid=11891 comm="rm" name="hook-state" dev="tmpfs" ino=1776 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  551.102585][   T30] audit: type=1400 audit(1799100222.641:2064): avc:  denied  { audit_write } for  pid=11894 comm="syz.2.1586" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  552.948940][ T6330] usb 3-1: new high-speed USB device number 50 using dummy_hcd
[  553.090344][ T6330] usb 3-1: device descriptor read/64, error -71
[  553.337446][ T6330] usb 3-1: new high-speed USB device number 51 using dummy_hcd
[  553.494336][ T6330] usb 3-1: device descriptor read/64, error -71
[  553.556228][T11698] bridge0: port 1(bridge_slave_0) entered blocking state
[  553.563380][T11698] bridge0: port 1(bridge_slave_0) entered disabled state
[  553.570619][T11698] bridge_slave_0: entered allmulticast mode
[  553.577385][T11698] bridge_slave_0: entered promiscuous mode
[  553.593160][ T5274] 8021q: adding VLAN 0 to HW filter on device eth2
[  553.605648][ T6330] usb usb3-port1: attempt power cycle
[  553.660879][T11698] bridge0: port 2(bridge_slave_1) entered blocking state
[  553.698203][T11698] bridge0: port 2(bridge_slave_1) entered disabled state
[  553.718202][T11698] bridge_slave_1: entered allmulticast mode
[  553.741662][T11698] bridge_slave_1: entered promiscuous mode
[  553.778879][T11698] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  553.790871][T11698] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  554.004416][ T6330] usb 3-1: new high-speed USB device number 52 using dummy_hcd
[  554.040904][ T6330] usb 3-1: device descriptor read/8, error -71
[  554.054454][T11698] team0: Port device team_slave_0 added
[  554.084775][T11698] team0: Port device team_slave_1 added
[  554.184139][T11698] batman_adv: batadv0: Adding interface: batadv_slave_0
[  554.294180][T11936] overlayfs: failed to clone upperpath
[  554.359133][T11698] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  554.402411][ T6330] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[  554.452866][T11698] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  554.477201][ T6330] usb 3-1: device descriptor read/8, error -71
[  554.478553][T11698] batman_adv: batadv0: Adding interface: batadv_slave_1
[  554.494970][T11698] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  554.526246][T11698] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  554.546606][T11944] fuse: Unknown parameter '�r�s1�i��'
[  554.614717][ T6330] usb usb3-port1: unable to enumerate USB device
[  554.647218][T11698] hsr_slave_0: entered promiscuous mode
[  554.677925][T11698] hsr_slave_1: entered promiscuous mode
[  554.688692][T11698] debugfs: 'hsr0' already exists in 'hsr'
[  554.695482][T11698] Cannot create hsr debugfs directory
[  554.938918][T11953] SELinux: security_context_str_to_sid (5���]�S9q#���) failed with errno=-22
[  554.958752][T11953] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1597'.
[  554.967892][T11953] openvswitch: netlink: Missing key (keys=40, expected=80)
[  555.417771][T11962] Bluetooth: MGMT ver 1.23
[  555.427297][   T30] audit: type=1400 audit(1799100226.999:2065): avc:  denied  { write } for  pid=11933 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1776 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  555.677303][   T30] audit: type=1400 audit(1799100227.247:2066): avc:  denied  { write } for  pid=11968 comm="rm" name="hook-state" dev="tmpfs" ino=1776 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  556.060740][T11982] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  556.177311][T11982] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  556.664115][T11698] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  556.689034][T11698] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  556.719903][T11698] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  556.809656][T11698] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  556.843362][T11698] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  556.878534][T11698] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  556.894790][T11698] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  556.924933][T11698] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  556.936913][   T30] audit: type=1400 audit(1799100228.497:2067): avc:  denied  { write } for  pid=11985 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1776 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  557.107724][T11698] 8021q: adding VLAN 0 to HW filter on device bond0
[  557.114691][   T30] audit: type=1400 audit(1799100228.666:2068): avc:  denied  { write } for  pid=12012 comm="rm" name="hook-state" dev="tmpfs" ino=1776 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  557.213582][T11698] 8021q: adding VLAN 0 to HW filter on device team0
[  557.705898][ T1108] bridge0: port 1(bridge_slave_0) entered blocking state
[  557.713004][ T1108] bridge0: port 1(bridge_slave_0) entered forwarding state
[  557.754878][T12017] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  557.757401][   T48] bridge0: port 2(bridge_slave_1) entered blocking state
[  557.770024][   T48] bridge0: port 2(bridge_slave_1) entered forwarding state
[  557.947240][T12024] SELinux: security_context_str_to_sid (5���]�S9q#���) failed with errno=-22
[  557.968331][T12024] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1608'.
[  557.977579][T12024] openvswitch: netlink: Missing key (keys=40, expected=80)
[  559.088976][T12036] No such timeout policy "syz0"
[  559.954951][T12054] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  559.965707][T12054] bpf: Bad value for 'uid'
[  560.082864][T12056] batadv0��: renamed from syz_tun
[  560.110008][T12056] A link change request failed with some changes committed already. Interface batadv0�� may have been left with an inconsistent configuration, please check.
[  560.469369][ T6344] usb 5-1: new full-speed USB device number 70 using dummy_hcd
[  560.702724][ T6344] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  561.748524][ T6344] usb 5-1: config 0 has no interfaces?
[  561.754476][ T6344] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  561.763991][ T6344] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  561.774167][ T6344] usb 5-1: config 0 descriptor??
[  561.819458][   T30] audit: type=1400 audit(1799100233.355:2069): avc:  denied  { write } for  pid=12022 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1776 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  562.030147][ T6344] usb 5-1: USB disconnect, device number 70
[  562.066949][   T30] audit: type=1400 audit(1799100233.594:2070): avc:  denied  { write } for  pid=12083 comm="rm" name="hook-state" dev="tmpfs" ino=1776 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  562.265915][T11698] 8021q: adding VLAN 0 to HW filter on device batadv0
[  562.286868][T12095] SELinux: security_context_str_to_sid (5���]�S9q#���) failed with errno=-22
[  562.297439][T12095] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1623'.
[  562.306371][T12095] openvswitch: netlink: Missing key (keys=40, expected=80)
[  562.419160][T11698] veth0_vlan: entered promiscuous mode
[  562.472229][T11698] veth1_vlan: entered promiscuous mode
[  562.582490][T11698] veth0_macvtap: entered promiscuous mode
[  562.607649][T11698] veth1_macvtap: entered promiscuous mode
[  562.621910][   T30] audit: type=1400 audit(1799100234.150:2071): avc:  denied  { write } for  pid=12091 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1776 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  562.856750][T11698] batman_adv: batadv0: Interface activated: batadv_slave_0
[  563.341166][T11698] batman_adv: batadv0: Interface activated: batadv_slave_1
[  563.486437][   T30] audit: type=1400 audit(1799100235.016:2072): avc:  denied  { write } for  pid=12124 comm="rm" name="hook-state" dev="tmpfs" ino=1776 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  563.495716][   T48] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  563.605273][   T48] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  563.658266][T12119] infiniband syz1: set down
[  563.663010][T12119] infiniband syz1: added team_slave_0
[  563.673070][T12119] workqueue: Failed to create a rescuer kthread for wq "ib_mad1": -EINTR
[  563.677481][T12119] infiniband syz1: Couldn't open port 1
[  563.693289][T12119] smbdirect: ib_dev[syz1]: added: IB_CA max_fast_reg_page_list_len=512 device_cap_flags=0x1c001223c76 kernel_cap_flags=0x14 page_size_cap=0xfffff000
[  563.708400][T12119] smbdirect: ib_dev[syz1]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=32 max_cqe=32767 max_qp_wr=1048576 max_send_sge=32 max_recv_sge=32
[  563.725620][T12119] smbdirect: ib_dev[syz1]PORT[1]: iwarp=0 ib=0 roce=1 v1=0 v2=1 core_cap_flags=0x803005
[  563.764721][T12119] RDS/IB: syz1: added
[  563.769234][T12119] smc: adding ib device syz1 with port count 1
[  563.775758][T12119] smc:    ib device syz1 port 1 has no pnetid
[  563.850268][   T48] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  563.888170][   T48] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  565.286689][ T1311] ieee802154 phy0 wpan0: encryption failed: -22
[  565.294933][ T1311] ieee802154 phy1 wpan1: encryption failed: -22
[  565.919888][ T1101] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  565.983025][ T1101] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  566.024903][   T30] audit: type=1400 audit(1799100237.534:2073): avc:  denied  { write } for  pid=12138 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1776 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  566.182779][   T30] audit: type=1400 audit(1799100237.693:2074): avc:  denied  { write } for  pid=12157 comm="rm" name="hook-state" dev="tmpfs" ino=1776 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  566.498868][T12149] syzkaller0: entered promiscuous mode
[  566.504345][T12149] syzkaller0: entered allmulticast mode
[  566.561734][ T6180] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  566.588653][ T6180] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  566.638178][T12176] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12176 comm=syz.2.1634
[  566.683026][   T30] audit: type=1400 audit(1799100238.191:2075): avc:  denied  { accept } for  pid=12168 comm="syz.2.1634" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[  566.702262][T12173] SELinux: security_context_str_to_sid (5���]�S9q#���) failed with errno=-22
[  566.703088][T12173] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1635'.
[  566.703114][T12173] openvswitch: netlink: Missing key (keys=40, expected=80)
[  566.843574][   T30] audit: type=1400 audit(1799100238.350:2076): avc:  denied  { write } for  pid=12162 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1776 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  566.938803][   T30] audit: type=1400 audit(1799100238.440:2077): avc:  denied  { write } for  pid=12185 comm="rm" name="hook-state" dev="tmpfs" ino=1776 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  567.508251][T12188] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1636'.
[  567.518052][T12188] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  567.527343][T12188] Sensor B: =================  START STATUS  =================
[  567.534964][T12188] Sensor B: Test Pattern: 75% Colorbar
[  567.540546][T12188] Sensor B: Show Information: All
[  567.545615][T12188] Sensor B: Vertical Flip: false
[  567.550531][T12188] Sensor B: Horizontal Flip: false
[  567.555647][T12188] Sensor B: Brightness: 128
[  567.560137][T12188] Sensor B: Contrast: 128
[  567.564496][T12188] Sensor B: Hue: 0
[  567.568213][T12188] Sensor B: Saturation: 128
[  567.572712][T12188] Sensor B: Pixel Rate: 160000000
[  567.577782][T12188] Sensor B: Horizontal Blanking: 800
[  567.583142][T12188] Sensor B: Vertical Blanking: 3223
[  567.588356][T12188] Sensor B: ==================  END STATUS  ==================
[  570.061508][T12220] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1641'.
[  570.120659][   T30] audit: type=1400 audit(1799100241.607:2078): avc:  denied  { execute } for  pid=12221 comm="syz.0.1642" path="/dev/dri/card0" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  570.433944][ T5746] usb 3-1: new full-speed USB device number 54 using dummy_hcd
[  571.221723][   T30] audit: type=1400 audit(1799100242.714:2079): avc:  denied  { link } for  pid=12221 comm="syz.0.1642" name="#20" dev="tmpfs" ino=1634 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  571.232328][ T5746] usb 3-1: unable to get BOS descriptor or descriptor too short
[  571.261945][ T5746] usb 3-1: not running at top speed; connect to a high speed hub
[  571.272664][ T5746] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4
[  571.321946][ T5746] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid maxpacket 1024, setting to 1023
[  571.343315][ T5746] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 254, changing to 4
[  571.345207][   T30] audit: type=1400 audit(1799100242.833:2080): avc:  denied  { rename } for  pid=12221 comm="syz.0.1642" name="#21" dev="tmpfs" ino=1634 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  571.360704][ T5746] usb 3-1: string descriptor 0 read error: -22
[  571.383532][ T5746] usb 3-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice= 0.40
[  571.404058][ T5746] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  571.441245][ T5746] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  572.255446][T12282] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1643'.
[  572.389621][ T6353] IPVS: starting estimator thread 0...
[  572.420465][T12282] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1643'.
[  572.507035][T12282] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1643'.
[  572.554329][T12288] IPVS: using max 43 ests per chain, 103200 per kthread
[  572.617785][T12282] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1643'.
[  572.705322][ T5746] snd-usb-audio 3-1:1.0: probe with driver snd-usb-audio failed with error -2
[  572.776983][ T5746] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  572.817669][ T5746] snd-usb-audio 3-1:1.1: probe with driver snd-usb-audio failed with error -2
[  572.872847][ T5746] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  573.139453][ T5746] snd-usb-audio 3-1:1.2: probe with driver snd-usb-audio failed with error -2
[  573.200351][ T5746] usb 3-1: USB disconnect, device number 54
[  573.462155][T12321] SELinux: security_context_str_to_sid (5���]�S9q#���) failed with errno=-22
[  573.474403][T12321] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1654'.
[  573.483299][T12321] openvswitch: netlink: Missing key (keys=40, expected=80)
[  573.857420][T12327] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1651'.
[  573.959679][T12327] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  574.062751][T12323] syzkaller0: entered promiscuous mode
[  574.068308][T12323] syzkaller0: entered allmulticast mode
[  574.165722][ T5746] usb 5-1: new full-speed USB device number 71 using dummy_hcd
[  574.339597][ T5746] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 254, using maximum allowed: 30
[  574.400993][ T5746] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  574.455690][ T5746] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 254
[  574.527686][ T5746] usb 5-1: New USB device found, idVendor=046d, idProduct=c295, bcdDevice= 0.00
[  574.544791][ T5746] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  574.660143][ T5746] usb 5-1: config 0 descriptor??
[  574.880167][T12329] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  575.232966][T12346] netlink: 4388 bytes leftover after parsing attributes in process `syz.2.1659'.
[  575.242318][T12346] netlink: 4388 bytes leftover after parsing attributes in process `syz.2.1659'.
[  575.885780][T12312] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  575.921256][T12312] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  576.342623][ T5746] usbhid 5-1:0.0: can't add hid device: -71
[  576.368882][ T5746] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  576.406190][ T5746] usb 5-1: USB disconnect, device number 71
[  576.477665][   T30] audit: type=1400 audit(1799100247.948:2081): avc:  denied  { write } for  pid=12351 comm="syz.3.1662" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  576.637734][T12358] bridge_slave_0: left allmulticast mode
[  576.643545][T12358] bridge_slave_0: left promiscuous mode
[  576.649876][T12358] bridge0: port 1(bridge_slave_0) entered disabled state
[  576.664342][T12358] batman_adv: batadv0: Adding interface: bridge_slave_0
[  576.671367][T12358] batman_adv: batadv0: The MTU of interface bridge_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  576.705075][T12358] batman_adv: batadv0: Interface activated: bridge_slave_0
[  576.726043][T12358] SELinux: security_context_str_to_sid (5���]�S9q#���) failed with errno=-22
[  576.739708][T12358] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1665'.
[  576.748953][T12358] openvswitch: netlink: Missing key (keys=40, expected=80)
[  577.014407][T12370] netlink: 212348 bytes leftover after parsing attributes in process `syz.4.1669'.
[  577.500762][T12385] fuse: Unknown parameter '�r�s1�i��'
[  577.618512][   T30] audit: type=1326 audit(1799100249.096:2082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12384 comm="syz.3.1673" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f95dd39ce59 code=0x0
[  577.895377][ T6353] usb 5-1: new full-speed USB device number 72 using dummy_hcd
[  578.047944][ T6353] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 254, using maximum allowed: 30
[  578.065695][ T6353] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  578.085647][ T6353] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 254
[  578.105768][ T6353] usb 5-1: New USB device found, idVendor=046d, idProduct=c295, bcdDevice= 0.00
[  578.122995][ T6353] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  578.140382][ T6353] usb 5-1: config 0 descriptor??
[  578.150077][T12380] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  578.377978][T12378] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  578.408421][T12378] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  578.630608][T12402] SELinux: security_context_str_to_sid (5���]�S9q#���) failed with errno=-22
[  578.641360][T12402] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1677'.
[  578.650303][T12402] openvswitch: netlink: Missing key (keys=40, expected=80)
[  579.170121][ T6353] usbhid 5-1:0.0: can't add hid device: -71
[  579.177177][ T6353] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  579.199646][ T6353] usb 5-1: USB disconnect, device number 72
[  579.904086][   T30] audit: type=1400 audit(1799100251.370:2083): avc:  denied  { append } for  pid=12413 comm="syz.0.1681" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  580.487318][   T30] audit: type=1400 audit(1799100251.949:2084): avc:  denied  { ioctl } for  pid=12415 comm="syz.4.1682" path="socket:[35427]" dev="sockfs" ino=35427 ioctlcmd=0x89e3 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  580.565776][T12428] syzkaller0: entered promiscuous mode
[  580.593382][T12428] syzkaller0: entered allmulticast mode
[  580.780902][T12426] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1686'.
[  580.790941][T12426] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  580.856865][T12434] SELinux: security_context_str_to_sid (5���]�S9q#���) failed with errno=-22
[  580.868386][T12434] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1688'.
[  580.877299][T12434] openvswitch: netlink: Missing key (keys=40, expected=80)
[  580.948296][T12436] tmpfs: Bad value for 'mpol'
[  581.059923][T12439] comedi comedi0: Minor 2147483647 is invalid!
[  581.595379][T12443] tmpfs: Invalid gid '0x00000000ffffffff'
[  581.603835][T12444] tmpfs: Invalid gid '0x00000000ffffffff'
[  581.605334][   T30] audit: type=1400 audit(1799624541.060:2085): avc:  denied  { connect } for  pid=12445 comm="syz.3.1692" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  581.634680][   T30] audit: type=1326 audit(1799624541.089:2086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12445 comm="syz.3.1692" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95dd39ce59 code=0x7ffc0000
[  581.748471][   T30] audit: type=1326 audit(1799624541.089:2087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12445 comm="syz.3.1692" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95dd39ce59 code=0x7ffc0000
[  581.817462][   T30] audit: type=1326 audit(1799624541.089:2088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12445 comm="syz.3.1692" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f95dd39ce59 code=0x7ffc0000
[  581.877336][   T30] audit: type=1326 audit(1799624541.089:2089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12445 comm="syz.3.1692" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95dd39ce59 code=0x7ffc0000
[  581.906710][   T30] audit: type=1326 audit(1799624541.089:2090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12445 comm="syz.3.1692" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f95dd39ce59 code=0x7ffc0000
[  581.947659][   T30] audit: type=1326 audit(1799624541.089:2091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12445 comm="syz.3.1692" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95dd39ce59 code=0x7ffc0000
[  582.056517][   T30] audit: type=1326 audit(1799624541.118:2092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12445 comm="syz.3.1692" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f95dd39ce59 code=0x7ffc0000
[  582.084853][   T30] audit: type=1326 audit(1799624541.118:2093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12445 comm="syz.3.1692" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95dd39ce59 code=0x7ffc0000
[  582.118652][   T30] audit: type=1326 audit(1799624541.118:2094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12445 comm="syz.3.1692" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f95dd39ce59 code=0x7ffc0000
[  583.748653][T12479] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1700'.
[  583.757906][T12479] openvswitch: netlink: Missing key (keys=40, expected=80)
[  584.115671][T12469] syzkaller0: entered promiscuous mode
[  584.121193][T12469] syzkaller0: entered allmulticast mode
[  584.152511][T12487] netlink: 'syz.4.1702': attribute type 8 has an invalid length.
[  584.521833][ T6351] usb 2-1: new low-speed USB device number 58 using dummy_hcd
[  584.744314][ T6351] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  584.812880][ T6351] usb 2-1: config 0 has no interface number 0
[  584.884578][ T6351] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  584.990234][ T6351] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  585.099019][ T6351] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  585.170590][ T6351] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  585.245257][T12504] fuse: fd is not a fuse device
[  585.339738][ T6351] usb 2-1: config 0 descriptor??
[  585.392937][T12491] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  586.066478][ T6351] iowarrior 2-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  586.195022][ T6351] usb 2-1: USB disconnect, device number 58
[  586.500079][T12512] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1712'.
[  586.509311][T12512] openvswitch: netlink: Missing key (keys=40, expected=80)
[  586.655970][T12519] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1714'.
[  586.759246][ T6351] usb 2-1: new low-speed USB device number 59 using dummy_hcd
[  587.020652][ T6351] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  587.029693][ T6351] usb 2-1: config 0 has no interface number 0
[  587.603101][ T6351] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  587.615008][T12521] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1716'.
[  587.624016][T12521] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1716'.
[  587.636076][T12521] 8021q: adding VLAN 0 to HW filter on device batadv1
[  587.803025][ T5746] usb 5-1: new full-speed USB device number 73 using dummy_hcd
[  587.828773][ T6351] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  587.882582][ T6351] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  588.062985][ T6351] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  588.105666][ T6351] usb 2-1: config 0 descriptor??
[  588.128767][ T6351] usb 2-1: can't set config #0, error -71
[  588.153349][ T6351] usb 2-1: USB disconnect, device number 59
[  588.181582][ T5746] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 254, using maximum allowed: 30
[  588.211786][ T5746] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  588.224918][ T5746] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 254
[  588.238779][ T5746] usb 5-1: New USB device found, idVendor=046d, idProduct=c295, bcdDevice= 0.00
[  588.252595][ T5746] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  588.314750][ T5746] usb 5-1: config 0 descriptor??
[  588.329092][T12522] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  588.627100][T12528] syzkaller0: entered promiscuous mode
[  588.633018][T12528] syzkaller0: entered allmulticast mode
[  589.038271][   T30] kauditd_printk_skb: 52 callbacks suppressed
[  589.038289][   T30] audit: type=1400 audit(1799624548.305:2147): avc:  denied  { create } for  pid=12544 comm="syz.2.1721" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmpvc_socket permissive=1
[  589.251498][T12513] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  589.273071][T12513] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  589.284696][ T6351] usb 2-1: new high-speed USB device number 60 using dummy_hcd
[  589.448024][ T6351] usb 2-1: Using ep0 maxpacket: 16
[  589.655787][ T6351] usb 2-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[  589.677923][ T6351] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  589.718886][ T6351] usb 2-1: Product: syz
[  589.731132][ T6351] usb 2-1: Manufacturer: syz
[  589.739788][ T6351] usb 2-1: SerialNumber: syz
[  589.770465][ T6351] usb 2-1: config 0 descriptor??
[  589.815781][ T6351] visor 2-1:0.0: Sony Clie 3.5 converter detected
[  589.842202][T12562] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1725'.
[  590.057860][T12565] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1726'.
[  590.068686][T12565] openvswitch: netlink: Missing key (keys=40, expected=80)
[  590.278987][T12568] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1727'.
[  590.288032][T12568] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  590.297289][T12568] Sensor B: =================  START STATUS  =================
[  590.304928][T12568] Sensor B: Test Pattern: 75% Colorbar
[  590.310409][T12568] Sensor B: Show Information: All
[  590.315508][T12568] Sensor B: Vertical Flip: false
[  590.320477][T12568] Sensor B: Horizontal Flip: false
[  590.325608][T12568] Sensor B: Brightness: 128
[  590.330326][T12568] Sensor B: Contrast: 128
[  590.334675][T12568] Sensor B: Hue: 0
[  590.338493][T12568] Sensor B: Saturation: 128
[  590.343016][T12568] Sensor B: Pixel Rate: 160000000
[  590.348101][T12568] Sensor B: Horizontal Blanking: 800
[  590.353424][T12568] Sensor B: Vertical Blanking: 3223
[  590.358737][T12568] Sensor B: ==================  END STATUS  ==================
[  590.634442][ T6351] usb 2-1: clie_3_5_startup: get interface number bad return length: 0
[  590.653795][ T6351] visor 2-1:0.0: probe with driver visor failed with error -5
[  590.721465][ T5746] usbhid 5-1:0.0: can't add hid device: -71
[  590.738078][ T5746] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  590.755110][ T5746] usb 5-1: USB disconnect, device number 73
[  590.842338][T12578] comedi comedi0: Minor 2147483647 is invalid!
[  591.100762][ T6351] usb 2-1: USB disconnect, device number 60
[  592.457505][ T5746] usb 2-1: new full-speed USB device number 61 using dummy_hcd
[  593.257908][ T5746] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  593.298368][ T5746] usb 2-1: config 0 has no interfaces?
[  593.312262][ T5746] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  593.330923][ T5746] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  593.346988][T12592] syzkaller0: entered promiscuous mode
[  593.353604][T12592] syzkaller0: entered allmulticast mode
[  593.362783][ T5746] usb 2-1: config 0 descriptor??
[  593.427010][T12593] syzkaller0: entered promiscuous mode
[  593.432513][T12593] syzkaller0: entered allmulticast mode
[  593.531967][ T6344] usb 3-1: new high-speed USB device number 55 using dummy_hcd
[  593.676342][ T5746] usb 2-1: USB disconnect, device number 61
[  593.695186][ T6344] usb 3-1: Using ep0 maxpacket: 8
[  593.714058][ T6344] usb 3-1: config 7 has an invalid interface number: 106 but max is 0
[  593.722825][ T6344] usb 3-1: config 7 has no interface number 0
[  593.729696][ T6344] usb 3-1: config 7 interface 106 has no altsetting 0
[  593.820670][ T6344] usb 3-1: New USB device found, idVendor=06f8, idProduct=a302, bcdDevice=5c.86
[  593.830277][ T6344] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  593.838348][ T6344] usb 3-1: Product: syz
[  593.842721][ T6344] usb 3-1: Manufacturer: syz
[  593.849671][ T6344] usb 3-1: SerialNumber: syz
[  593.878221][T12619] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1740'.
[  593.887402][T12619] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  593.896933][T12619] Sensor B: =================  START STATUS  =================
[  593.904539][T12619] Sensor B: Test Pattern: 75% Colorbar
[  593.910019][T12619] Sensor B: Show Information: All
[  593.915091][T12619] Sensor B: Vertical Flip: false
[  593.920059][T12619] Sensor B: Horizontal Flip: false
[  593.925286][T12619] Sensor B: Brightness: 128
[  593.929850][T12619] Sensor B: Contrast: 128
[  593.934258][T12619] Sensor B: Hue: 0
[  593.938002][T12619] Sensor B: Saturation: 128
[  593.942564][T12619] Sensor B: Pixel Rate: 160000000
[  593.947618][T12619] Sensor B: Horizontal Blanking: 800
[  593.952999][T12619] Sensor B: Vertical Blanking: 3223
[  593.958246][T12619] Sensor B: ==================  END STATUS  ==================
[  596.358902][ T6344] usb 3-1: USB disconnect, device number 55
[  596.536708][T12643] overlayfs: failed to resolve './file0': -2
[  596.746221][   T30] audit: type=1400 audit(1800148843.845:2148): avc:  denied  { accept } for  pid=12646 comm="syz.2.1748" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  597.002326][T12651] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1748'.
[  598.256087][T12628] bond0: entered promiscuous mode
[  598.261433][T12628] bond_slave_0: entered promiscuous mode
[  598.267256][T12628] bond_slave_1: entered promiscuous mode
[  598.297088][T12628] batadv0: entered promiscuous mode
[  598.310864][T12628] debugfs: 'hsr0' already exists in 'hsr'
[  598.318736][T12628] Cannot create hsr debugfs directory
[  598.329882][T12628] 8021q: adding VLAN 0 to HW filter on device hsr0
[  598.680397][T12665] netlink: 'syz.1.1752': attribute type 6 has an invalid length.
[  598.704245][T12659] syzkaller0: entered promiscuous mode
[  598.709744][T12659] syzkaller0: entered allmulticast mode
[  598.730830][T12667] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1753'.
[  598.739829][T12667] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  598.749046][T12667] Sensor B: =================  START STATUS  =================
[  598.757173][T12667] Sensor B: Test Pattern: 75% Colorbar
[  598.762752][T12667] Sensor B: Show Information: All
[  598.767792][T12667] Sensor B: Vertical Flip: false
[  598.772773][T12667] Sensor B: Horizontal Flip: false
[  598.777880][T12667] Sensor B: Brightness: 128
[  598.782411][T12667] Sensor B: Contrast: 128
[  598.786729][T12667] Sensor B: Hue: 0
[  598.790426][T12667] Sensor B: Saturation: 128
[  598.795039][T12667] Sensor B: Pixel Rate: 160000000
[  598.800050][T12667] Sensor B: Horizontal Blanking: 800
[  598.805420][T12667] Sensor B: Vertical Blanking: 3223
[  598.810635][T12667] Sensor B: ==================  END STATUS  ==================
[  598.819344][T12665] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1752'.
[  598.833094][T12665] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1752'.
[  599.089104][ T6351] usb 2-1: new high-speed USB device number 62 using dummy_hcd
[  599.363895][ T6351] usb 2-1: Using ep0 maxpacket: 8
[  599.383219][ T6351] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  599.417239][ T6351] usb 2-1: New USB device found, idVendor=0763, idProduct=2030, bcdDevice= 0.40
[  599.455146][ T6351] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  599.485378][ T6351] usb 2-1: Product: syz
[  599.506666][T12678] overlayfs: failed to resolve './file0': -2
[  599.514884][ T6351] usb 2-1: Manufacturer: syz
[  599.535066][ T6351] usb 2-1: SerialNumber: syz
[  599.787708][   T30] audit: type=1326 audit(1800148846.808:2149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12662 comm="syz.1.1752" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe00379ce59 code=0x0
[  599.945794][ T5746] usb 5-1: new high-speed USB device number 74 using dummy_hcd
[  600.129342][ T5746] usb 5-1: Using ep0 maxpacket: 16
[  600.146179][ T5746] usb 5-1: config index 0 descriptor too short (expected 16456, got 72)
[  600.178205][ T5746] usb 5-1: config 0 has an invalid interface number: 125 but max is 1
[  600.214729][ T5746] usb 5-1: config 0 has an invalid interface number: 125 but max is 1
[  600.247879][ T5746] usb 5-1: config 0 has an invalid interface number: 125 but max is 1
[  600.264217][ T5746] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2
[  600.284397][   T30] audit: type=1400 audit(1800148847.298:2150): avc:  denied  { map } for  pid=12684 comm="syz.0.1759" path="socket:[37951]" dev="sockfs" ino=37951 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  600.367283][T12688] FAULT_INJECTION: forcing a failure.
[  600.367283][T12688] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  600.434546][T12688] CPU: 0 UID: 0 PID: 12688 Comm: syz.2.1760 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  600.434578][T12688] Tainted: [L]=SOFTLOCKUP
[  600.434585][T12688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  600.434595][T12688] Call Trace:
[  600.434601][T12688]  <TASK>
[  600.434608][T12688]  dump_stack_lvl+0x100/0x190
[  600.434635][T12688]  should_fail_ex.cold+0x5/0xa
[  600.434660][T12688]  _copy_from_user+0x2e/0xd0
[  600.434690][T12688]  copy_msghdr_from_user+0x9f/0x4f0
[  600.434718][T12688]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  600.434756][T12688]  ___sys_sendmsg+0x106/0x1e0
[  600.434783][T12688]  ? __pfx____sys_sendmsg+0x10/0x10
[  600.434838][T12688]  __sys_sendmsg+0x170/0x220
[  600.434860][T12688]  ? __pfx___sys_sendmsg+0x10/0x10
[  600.434888][T12688]  ? rcu_is_watching+0x12/0xc0
[  600.434920][T12688]  do_syscall_64+0x10b/0x860
[  600.434946][T12688]  ? clear_bhb_loop+0x40/0x90
[  600.434968][T12688]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  600.434986][T12688] RIP: 0033:0x7f842a79ce59
[  600.435001][T12688] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  600.435018][T12688] RSP: 002b:00007f842b616028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  600.435035][T12688] RAX: ffffffffffffffda RBX: 00007f842aa15fa0 RCX: 00007f842a79ce59
[  600.435045][T12688] RDX: 0000000020004080 RSI: 00002000000003c0 RDI: 0000000000000003
[  600.435054][T12688] RBP: 00007f842b616090 R08: 0000000000000000 R09: 0000000000000000
[  600.435062][T12688] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  600.435070][T12688] R13: 00007f842aa16038 R14: 00007f842aa15fa0 R15: 00007fff0cbe63b8
[  600.435091][T12688]  </TASK>
[  600.435207][ T5746] usb 5-1: config 0 has no interface number 0
[  600.834660][ T5746] usb 5-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[  600.845915][ T5746] usb 5-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[  600.933411][ T5746] usb 5-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[  600.944071][ T5746] usb 5-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  600.966327][ T5746] usb 5-1: config 0 interface 125 has no altsetting 0
[  600.973391][ T5746] usb 5-1: config 0 interface 125 has no altsetting 2
[  600.982849][ T5746] usb 5-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[  600.994668][ T5746] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  601.003225][ T5746] usb 5-1: Product: syz
[  601.013756][ T5746] usb 5-1: Manufacturer: syz
[  601.019186][ T5746] usb 5-1: SerialNumber: syz
[  601.072419][ T5746] usb 5-1: config 0 descriptor??
[  601.102381][ T5746] usb 5-1: selecting invalid altsetting 2
[  601.603819][ T6351] usb 2-1: Can't get UAC3 power state for id 10
[  601.624707][ T6351] usb 2-1: BAAD HEADSET c_chmask mismatch
[  601.638119][ T6351] snd-usb-audio 2-1:1.0: probe with driver snd-usb-audio failed with error -22
[  601.658641][ T6351] usb 2-1: cannot find UAC_HEADER
[  601.708529][ T6351] snd-usb-audio 2-1:1.2: probe with driver snd-usb-audio failed with error -22
[  601.726382][ T6351] usb 2-1: USB disconnect, device number 62
[  601.761019][ T8973] udevd[8973]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.2/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  601.926519][    C1] usb 5-1: async_complete: urb error -71
[  601.932266][    C1] usb 5-1: async_complete: urb error -71
[  601.937930][    C1] usb 5-1: async_complete: urb error -71
[  601.945478][ T5746] get_1284_register: usb error -71
[  602.067634][T12719] SELinux: security_context_str_to_sid (5���]�S9q#���) failed with errno=-22
[  602.111639][ T5746] usb 5-1: USB disconnect, device number 74
[  602.153620][T12719] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1770'.
[  602.164153][T12719] openvswitch: netlink: Missing key (keys=40, expected=80)
[  602.905995][ T6351] usb 2-1: new high-speed USB device number 63 using dummy_hcd
[  603.093939][ T6351] usb 2-1: Using ep0 maxpacket: 16
[  603.106570][ T6351] usb 2-1: config 239 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  603.116884][T12730] binder: BINDER_SET_CONTEXT_MGR already set
[  603.122855][ T6351] usb 2-1: config 239 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  603.124641][T12730] binder: 12729:12730 ioctl 4018620d 200000004a80 returned -16
[  603.147357][ T6351] usb 2-1: config 239 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  603.171397][ T6351] usb 2-1: config 239 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  603.181802][ T6351] usb 2-1: config 239 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  603.191826][ T6351] usb 2-1: config 239 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[  603.229176][T12716] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  603.256674][T12716] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  603.333093][T12736] comedi comedi0: no devices specified
[  603.347756][T12737] binder: transaction release 247 bad handle 1, ret = -22
[  603.361148][   T50] Bluetooth: hci1: unexpected event for opcode 0x0c47
[  603.421289][T12736] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[  603.621424][ T6353] usb 3-1: new full-speed USB device number 56 using dummy_hcd
[  603.691981][ T6350] usb 5-1: new high-speed USB device number 75 using dummy_hcd
[  603.701595][T12752] fuse: Unknown parameter '�r�s1�i��'
[  603.709845][ T6351] usb 2-1: string descriptor 0 read error: -71
[  603.716214][ T6351] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  603.726892][ T6351] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  603.739195][ T6351] usb 2-1: rejected 1 configuration due to insufficient available bus power
[  603.751069][ T6351] usb 2-1: no configuration chosen from 1 choice
[  603.759674][ T6351] usb 2-1: USB disconnect, device number 63
[  603.786270][ T6353] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  603.796871][ T6353] usb 3-1: config 0 has no interfaces?
[  603.802365][ T6353] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  603.811693][ T6353] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  603.824750][ T6353] usb 3-1: config 0 descriptor??
[  603.887960][ T6350] usb 5-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice= 0.40
[  603.897293][ T6350] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  603.905372][ T6350] usb 5-1: Product: syz
[  603.909561][ T6350] usb 5-1: Manufacturer: syz
[  603.914145][ T6350] usb 5-1: SerialNumber: syz
[  604.042508][ T5619] usb 3-1: USB disconnect, device number 56
[  604.535456][ T6330] usb 2-1: new high-speed USB device number 64 using dummy_hcd
[  605.220366][T12766] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 4, id = 0
[  605.226809][T12765] SELinux: security_context_str_to_sid (5���]�S9q#���) failed with errno=-22
[  605.454622][T12765] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1782'.
[  605.472553][T12765] openvswitch: netlink: Missing key (keys=40, expected=80)
[  605.648291][   T30] audit: type=1326 audit(1800148852.582:2151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12769 comm="syz.3.1783" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95dd39ce59 code=0x7ffc0000
[  605.691616][   T30] audit: type=1326 audit(1800148852.582:2152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12769 comm="syz.3.1783" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95dd39ce59 code=0x7ffc0000
[  605.732363][   T30] audit: type=1326 audit(1800148852.582:2153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12769 comm="syz.3.1783" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=26 compat=0 ip=0x7f95dd39ce59 code=0x7ffc0000
[  605.769966][ T6330] usb 2-1: unable to get BOS descriptor or descriptor too short
[  605.789866][ T6330] usb 2-1: unable to read config index 0 descriptor/start: -71
[  605.804481][ T6330] usb 2-1: can't read configurations, error -71
[  605.811878][T12772] IPVS: set_ctl: invalid protocol: 0 172.30.1.4:20001
[  605.831210][   T30] audit: type=1326 audit(1800148852.582:2154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12769 comm="syz.3.1783" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95dd39ce59 code=0x7ffc0000
[  605.900504][   T30] audit: type=1326 audit(1800148852.582:2155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12769 comm="syz.3.1783" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f95dd35d68e code=0x7ffc0000
[  605.932536][   T30] audit: type=1326 audit(1800148852.582:2156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12769 comm="syz.3.1783" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95dd39ce59 code=0x7ffc0000
[  605.960280][   T30] audit: type=1326 audit(1800148852.582:2157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12769 comm="syz.3.1783" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f95dd39ce59 code=0x7ffc0000
[  605.987110][   T30] audit: type=1326 audit(1800148852.582:2158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12769 comm="syz.3.1783" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95dd39ce59 code=0x7ffc0000
[  606.014778][   T30] audit: type=1400 audit(1800148852.752:2159): avc:  denied  { lock } for  pid=12771 comm="syz.3.1784" path="socket:[38075]" dev="sockfs" ino=38075 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  606.038412][   T30] audit: type=1400 audit(1800148852.802:2160): avc:  denied  { mount } for  pid=12771 comm="syz.3.1784" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  606.139813][ T6351] usb 3-1: new high-speed USB device number 57 using dummy_hcd
[  606.291079][ T6351] usb 3-1: Using ep0 maxpacket: 16
[  606.297617][ T6351] usb 3-1: config index 0 descriptor too short (expected 16456, got 72)
[  606.306423][ T6351] usb 3-1: config 0 has an invalid interface number: 125 but max is 1
[  606.314807][ T6351] usb 3-1: config 0 has an invalid interface number: 125 but max is 1
[  606.329782][ T6351] usb 3-1: config 0 has an invalid interface number: 125 but max is 1
[  606.345658][ T6351] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2
[  606.346299][ T6350] snd-usb-audio 5-1:1.0: probe with driver snd-usb-audio failed with error -22
[  606.364387][ T6351] usb 3-1: config 0 has no interface number 0
[  606.370813][ T6351] usb 3-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[  606.384415][ T6351] usb 3-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[  606.395330][ T6350] usb 5-1: USB disconnect, device number 75
[  606.406144][ T6351] usb 3-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[  606.416171][ T6351] usb 3-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  606.431170][ T6351] usb 3-1: config 0 interface 125 has no altsetting 0
[  606.438541][ T6351] usb 3-1: config 0 interface 125 has no altsetting 2
[  606.448326][ T6351] usb 3-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[  606.460699][ T6351] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  606.468729][ T6351] usb 3-1: Product: syz
[  606.473102][ T6351] usb 3-1: Manufacturer: syz
[  606.477784][ T6351] usb 3-1: SerialNumber: syz
[  606.491583][ T6351] usb 3-1: config 0 descriptor??
[  606.505301][ T6351] usb 3-1: selecting invalid altsetting 2
[  606.670077][ T6330] usb 2-1: new high-speed USB device number 65 using dummy_hcd
[  606.704176][T12783] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  606.712740][T12783] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  606.721443][T12783] netdevsim netdevsim4: Falling back to sysfs fallback for: .
[  607.185630][T12790] fuse: Unknown parameter '�r�s1�i��'
[  607.460660][   T50] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  607.472961][   T50] Bluetooth: hci1: Injecting HCI hardware error event
[  607.482630][ T4931] Bluetooth: hci1: hardware error 0x00
[  607.543005][ T6351] get_1284_register timeout
[  607.550776][    C0] usb 3-1: async_complete: urb error -104
[  607.556638][    C0] usb 3-1: async_complete: urb error -104
[  607.562450][    C0] usb 3-1: async_complete: urb error -104
[  607.618421][T12774] evm: overlay not supported
[  607.636325][ T6330] usb 2-1: unable to get BOS descriptor or descriptor too short
[  607.651925][ T6330] usb 2-1: unable to read config index 0 descriptor/start: -71
[  607.660094][ T6330] usb 2-1: can't read configurations, error -71
[  607.668028][ T6330] usb usb2-port1: attempt power cycle
[  607.678742][ T6351] usb 3-1: USB disconnect, device number 57
[  607.700495][ T6350] usb 5-1: new high-speed USB device number 76 using dummy_hcd
[  607.867329][ T6350] usb 5-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  607.886036][ T6350] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  607.906583][ T6350] usb 5-1: Product: syz
[  607.917140][ T6350] usb 5-1: Manufacturer: syz
[  607.928557][ T6350] usb 5-1: SerialNumber: syz
[  608.299898][T12812] netlink: 316 bytes leftover after parsing attributes in process `syz.3.1800'.
[  608.310554][T12812] fuse: fd is not a fuse device
[  608.369220][ T6350] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPIPE
[  608.373783][T12815] binder: 12814:12815 ioctl 4018620d 0 returned -22
[  608.415065][ T6350] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE
[  608.558083][T12818] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1802'.
[  608.567110][T12818] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  608.576350][T12818] Sensor B: =================  START STATUS  =================
[  608.583966][T12818] Sensor B: Test Pattern: 75% Colorbar
[  608.589432][T12818] Sensor B: Show Information: All
[  608.594493][T12818] Sensor B: Vertical Flip: false
[  608.599460][T12818] Sensor B: Horizontal Flip: false
[  608.604605][T12818] Sensor B: Brightness: 128
[  608.609101][T12818] Sensor B: Contrast: 128
[  608.613665][T12818] Sensor B: Hue: 0
[  608.617395][T12818] Sensor B: Saturation: 128
[  608.621930][T12818] Sensor B: Pixel Rate: 160000000
[  608.626959][T12818] Sensor B: Horizontal Blanking: 800
[  608.632373][T12818] Sensor B: Vertical Blanking: 3223
[  608.637591][T12818] Sensor B: ==================  END STATUS  ==================
[  609.318515][T12832] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1806'.
[  609.534413][T12841] tmpfs: Too small a size for current use
[  609.543416][ T4931] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  609.713966][T12846] syzkaller0: entered promiscuous mode
[  609.723080][T12846] syzkaller0: entered allmulticast mode
[  609.880162][ T6350] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPIPE
[  610.022846][ T5746] usb 3-1: new high-speed USB device number 58 using dummy_hcd
[  610.127364][ T6350] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001004. ret = -EPROTO
[  610.151917][ T6350] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x0000011c. ret = -EPROTO
[  610.174564][ T6350] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  610.201884][ T5746] usb 3-1: Using ep0 maxpacket: 32
[  610.210750][ T5746] usb 3-1: config index 0 descriptor too short (expected 35577, got 27)
[  610.212246][ T6350] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  610.232401][ T5746] usb 3-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  610.241367][ T5746] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 92
[  610.250605][ T5746] usb 3-1: config 1 has no interface number 0
[  610.256843][ T5746] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  610.268603][ T5746] usb 3-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  610.280583][ T6350] lan78xx 5-1:1.0: probe with driver lan78xx failed with error -71
[  610.300562][ T6350] usb 5-1: USB disconnect, device number 76
[  610.329662][ T5746] usb 3-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  610.371865][ T5746] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  610.412745][ T5746] snd_usb_pod 3-1:1.1: Line 6 Pocket POD found
[  610.612273][ T5746] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now attached
[  610.942512][T12859] sctp: [Deprecated]: syz.0.1816 (pid 12859) Use of struct sctp_assoc_value in delayed_ack socket option.
[  610.942512][T12859] Use struct sctp_sack_info instead
[  611.627595][ T6344] snd_usb_pod 3-1:1.1: line6_send_raw_message_async_part: usb_submit_urb failed (-22)
[  611.909656][T12863] SELinux: security_context_str_to_sid (5���]�S9q#���) failed with errno=-22
[  611.923887][T12863] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1817'.
[  611.932910][T12863] openvswitch: netlink: Missing key (keys=40, expected=80)
[  612.802121][ T5746] usb 3-1: USB disconnect, device number 58
[  612.809020][ T5746] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now disconnected
[  612.977785][T12852] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1814'.
[  612.995593][T12852] bridge0: port 2(bridge_slave_1) entered disabled state
[  613.002949][T12855] netlink: 168 bytes leftover after parsing attributes in process `syz.4.1815'.
[  613.098865][T12869] Sensor B: =================  START STATUS  =================
[  613.106530][T12869] Sensor B: Test Pattern: 75% Colorbar
[  613.112098][T12869] Sensor B: Show Information: All
[  613.117272][T12869] Sensor B: Vertical Flip: false
[  613.122300][T12869] Sensor B: Horizontal Flip: false
[  613.127536][T12869] Sensor B: Brightness: 128
[  613.132133][T12869] Sensor B: Contrast: 128
[  613.136556][T12869] Sensor B: Hue: 0
[  613.140371][T12869] Sensor B: Saturation: 128
[  613.145442][T12869] Sensor B: Pixel Rate: 160000000
[  613.150705][T12869] Sensor B: Horizontal Blanking: 800
[  613.156180][T12869] Sensor B: Vertical Blanking: 3223
[  613.161460][T12869] Sensor B: ==================  END STATUS  ==================
[  613.983156][T12885] binder: 12884:12885 ioctl c0306201 0 returned -14
[  614.216614][T12897] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1829'.
[  614.265138][   T30] kauditd_printk_skb: 1 callbacks suppressed
[  614.265152][   T30] audit: type=1326 audit(1800148861.198:2162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12903 comm="syz.0.1832" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f793e99ce59 code=0x50000
[  614.299029][T12902] syzkaller0: entered promiscuous mode
[  614.319117][   T30] audit: type=1326 audit(1800148861.248:2163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12903 comm="syz.0.1832" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f793e99ce59 code=0x50000
[  614.326907][T12902] syzkaller0: entered allmulticast mode
[  614.352001][   T30] audit: type=1326 audit(1800148861.248:2164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12903 comm="syz.0.1832" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f793e99ce59 code=0x50000
[  614.404089][   T30] audit: type=1326 audit(1800148861.248:2165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12903 comm="syz.0.1832" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f793e99ce59 code=0x50000
[  614.436806][   T30] audit: type=1326 audit(1800148861.248:2166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12903 comm="syz.0.1832" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f793e99ce59 code=0x50000
[  614.513620][   T30] audit: type=1326 audit(1800148861.248:2167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12903 comm="syz.0.1832" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f793e99ce59 code=0x50000
[  614.550291][   T30] audit: type=1326 audit(1800148861.248:2168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12903 comm="syz.0.1832" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f793e99ce59 code=0x50000
[  614.587671][   T30] audit: type=1326 audit(1800148861.248:2169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12903 comm="syz.0.1832" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f793e99ce59 code=0x50000
[  614.623772][   T30] audit: type=1326 audit(1800148861.248:2170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12903 comm="syz.0.1832" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f793e99ce59 code=0x50000
[  614.667577][   T30] audit: type=1326 audit(1800148861.248:2171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12903 comm="syz.0.1832" exe="/root/ci-upstream-kasan-gce-selinux-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f793e99ce59 code=0x50000
[  614.994316][ T5619] usb 5-1: new full-speed USB device number 77 using dummy_hcd
[  615.156916][ T5619] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  615.167257][ T5619] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2
[  615.176759][ T5619] usb 5-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  615.214118][ T5619] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  615.267029][ T5619] usb 5-1: config 0 descriptor??
[  615.362657][ T5619] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  615.395628][ T5619] dvb-usb: bulk message failed: -22 (3/0)
[  615.425102][ T5619] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  615.441608][ T5619] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  615.450488][ T5619] usb 5-1: media controller created
[  615.542640][ T5619] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  615.605167][ T5619] dvb-usb: bulk message failed: -22 (6/0)
[  615.691855][ T5619] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  615.738227][ T5619] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input19
[  615.795252][ T5619] dvb-usb: schedule remote query interval to 150 msecs.
[  615.811060][ T5619] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  615.968660][ T5619] dvb-usb: bulk message failed: -22 (1/0)
[  615.984461][ T5619] dvb-usb: error while querying for an remote control event.
[  616.158241][ T5619] dvb-usb: bulk message failed: -22 (1/0)
[  616.168593][ T5619] dvb-usb: error while querying for an remote control event.
[  616.345795][ T5619] dvb-usb: bulk message failed: -22 (1/0)
[  616.351675][ T5619] dvb-usb: error while querying for an remote control event.
[  616.519991][ T5746] dvb-usb: bulk message failed: -22 (1/0)
[  616.526249][ T5746] dvb-usb: error while querying for an remote control event.
[  616.686666][ T5746] dvb-usb: bulk message failed: -22 (1/0)
[  616.692595][ T5746] dvb-usb: error while querying for an remote control event.
[  616.859696][ T5619] dvb-usb: bulk message failed: -22 (1/0)
[  616.867291][ T5619] dvb-usb: error while querying for an remote control event.
[  617.042062][ T5619] dvb-usb: bulk message failed: -22 (1/0)
[  617.048230][ T5619] dvb-usb: error while querying for an remote control event.
[  617.220367][ T5619] dvb-usb: bulk message failed: -22 (1/0)
[  617.227310][ T5619] dvb-usb: error while querying for an remote control event.
[  617.390947][ T5619] dvb-usb: bulk message failed: -22 (1/0)
[  617.396884][ T5619] dvb-usb: error while querying for an remote control event.
[  617.521352][ T6351] usb 5-1: USB disconnect, device number 77
[  617.631988][ T6351] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  618.734933][T12964] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1845'.
[  618.789632][T12965] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1845'.
[  619.650497][   T30] kauditd_printk_skb: 89 callbacks suppressed
[  619.650512][   T30] audit: type=1400 audit(1800148866.585:2261): avc:  denied  { map } for  pid=12972 comm="syz.0.1847" path="socket:[38947]" dev="sockfs" ino=38947 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  619.680608][   T30] audit: type=1400 audit(1800148866.615:2262): avc:  denied  { accept } for  pid=12972 comm="syz.0.1847" path="socket:[38947]" dev="sockfs" ino=38947 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  620.286864][T12987] binder: 12986:12987 ioctl c0306201 0 returned -14
[  620.359807][T12991] SELinux: security_context_str_to_sid (5���]�S9q#���) failed with errno=-22
[  620.379814][T12991] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1852'.
[  620.388800][T12991] openvswitch: netlink: Missing key (keys=40, expected=80)
[  620.611529][T12999] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1854'.
[  620.628884][T12999] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1854'.
[  621.139379][ T5746] usb 5-1: new full-speed USB device number 78 using dummy_hcd
[  621.599373][ T5746] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 254, using maximum allowed: 30
[  621.643252][ T5746] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  621.678633][ T5746] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 254
[  621.699072][ T5746] usb 5-1: New USB device found, idVendor=046d, idProduct=c295, bcdDevice= 0.00
[  621.709600][ T5746] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  621.748558][ T5746] usb 5-1: config 0 descriptor??
[  621.759105][T13006] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  621.857015][T13019] syzkaller0: entered promiscuous mode
[  621.864687][T13019] syzkaller0: entered allmulticast mode
[  621.945829][ T6350] usb 3-1: new high-speed USB device number 59 using dummy_hcd
[  622.110205][ T6350] usb 3-1: Using ep0 maxpacket: 16
[  622.129397][ T6350] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 129, using maximum allowed: 30
[  622.154579][ T6350] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  622.186898][ T6350] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  622.227103][ T6350] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 129
[  622.263890][ T6350] usb 3-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00
[  622.293082][T12990] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  622.309602][ T6350] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  622.351491][ T6350] usb 3-1: config 0 descriptor??
[  622.358521][T12990] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  622.828359][ T6350] input: HID 0458:5013 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0458:5013.000F/input/input20
[  622.978439][ T6350] input: HID 0458:5013 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0458:5013.000F/input/input21
[  623.085735][ T6350] kye 0003:0458:5013.000F: input,hiddev0,hidraw0: USB HID vff.fa Device [HID 0458:5013] on usb-dummy_hcd.2-1/input0
[  624.302599][ T6344] usb 3-1: reset high-speed USB device number 59 using dummy_hcd
[  624.509783][ T6344] usb 3-1: device descriptor read/64, error -32
[  624.852345][ T6344] usb 3-1: reset high-speed USB device number 59 using dummy_hcd
[  625.311085][T13038] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1864'.
[  625.596708][ T5746] usbhid 5-1:0.0: can't add hid device: -71
[  625.621746][ T5746] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  625.658904][ T5746] usb 5-1: USB disconnect, device number 78
[  625.789810][ T5619] usb 3-1: USB disconnect, device number 59
[  625.951533][ T6345] usb 2-1: new high-speed USB device number 67 using dummy_hcd
[  626.195296][   T30] audit: type=1400 audit(1801197448.981:2263): avc:  denied  { listen } for  pid=13048 comm="syz.4.1869" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  626.319344][T13068] fuse: Unknown parameter '�r�s1�i��'
[  626.550031][ T6345] usb 2-1: unable to get BOS descriptor or descriptor too short
[  626.664642][ T6345] usb 2-1: unable to read config index 0 descriptor/start: -71
[  626.672694][ T6345] usb 2-1: can't read configurations, error -71
[  626.735480][T13055] FAULT_INJECTION: forcing a failure.
[  626.735480][T13055] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  626.768215][T13055] CPU: 0 UID: 0 PID: 13055 Comm: syz.0.1871 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  626.768246][T13055] Tainted: [L]=SOFTLOCKUP
[  626.768253][T13055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  626.768263][T13055] Call Trace:
[  626.768269][T13055]  <TASK>
[  626.768276][T13055]  dump_stack_lvl+0x100/0x190
[  626.768304][T13055]  should_fail_ex.cold+0x5/0xa
[  626.768329][T13055]  _copy_from_user+0x2e/0xd0
[  626.768359][T13055]  copy_msghdr_from_user+0x9f/0x4f0
[  626.768388][T13055]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  626.768419][T13055]  ? __lock_acquire+0x4a5/0x2630
[  626.768448][T13055]  ___sys_recvmsg+0xdd/0x1a0
[  626.768474][T13055]  ? __pfx____sys_recvmsg+0x10/0x10
[  626.768521][T13055]  __sys_recvmsg+0x16d/0x220
[  626.768542][T13055]  ? __pfx___sys_recvmsg+0x10/0x10
[  626.768570][T13055]  ? arch_syscall_is_vdso_sigreturn+0xb6/0x200
[  626.768600][T13055]  ? syscall_user_dispatch+0x76/0x130
[  626.768630][T13055]  do_syscall_64+0x10b/0x860
[  626.768656][T13055]  ? clear_bhb_loop+0x40/0x90
[  626.768681][T13055]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  626.768699][T13055] RIP: 0033:0x7f793e99ce59
[  626.768714][T13055] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  626.768731][T13055] RSP: 002b:00007f793f8cd028 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  626.768748][T13055] RAX: ffffffffffffffda RBX: 00007f793ec15fa0 RCX: 00007f793e99ce59
[  626.768759][T13055] RDX: 0000000000010040 RSI: 0000200000000300 RDI: 0000000000000006
[  626.768769][T13055] RBP: 00007f793f8cd090 R08: 0000000000000000 R09: 0000000000000000
[  626.768779][T13055] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  626.768789][T13055] R13: 00007f793ec16038 R14: 00007f793ec15fa0 R15: 00007ffcfefb6958
[  626.768813][T13055]  </TASK>
[  627.077025][T13077] binder: BINDER_SET_CONTEXT_MGR already set
[  627.083139][T13077] binder: 13076:13077 ioctl 4018620d 200000004a80 returned -16
[  627.203464][T13079] syzkaller0: entered promiscuous mode
[  627.211115][T13079] syzkaller0: entered allmulticast mode
[  627.402914][ T1311] ieee802154 phy0 wpan0: encryption failed: -22
[  627.413519][ T1311] ieee802154 phy1 wpan1: encryption failed: -22
[  629.936059][T13084] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1879'.
[  630.433303][ T6351] usb 2-1: new high-speed USB device number 69 using dummy_hcd
[  630.558807][T13122] syzkaller0: entered promiscuous mode
[  630.572637][T13122] syzkaller0: entered allmulticast mode
[  630.626261][ T6351] usb 2-1: Using ep0 maxpacket: 32
[  630.644501][ T6351] usb 2-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64
[  630.661082][ T6351] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  630.693907][ T6351] usb 2-1: config 0 descriptor??
[  630.730128][ T6351] as10x_usb: device has been detected
[  630.748940][ T6351] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle)
[  630.812127][ T6351] usb 2-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)...
[  630.914606][T13118] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  630.946286][T13118] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  630.956803][ T6351] as10x_usb: error during firmware upload part1
[  630.989385][ T6351] Registered device nBox DVB-T Dongle
[  631.774515][T13147] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1895'.
[  631.834170][ T5619] usb 2-1: USB disconnect, device number 69
[  632.446777][ T5619] Unregistered device nBox DVB-T Dongle
[  632.618035][ T5619] as10x_usb: device has been disconnected
[  632.742027][T13162] netlink: 'syz.2.1898': attribute type 12 has an invalid length.
[  632.978569][ T5619] usb 2-1: new high-speed USB device number 70 using dummy_hcd
[  634.256698][T13178] SELinux: security_context_str_to_sid (5���]�S9q#���) failed with errno=-22
[  634.268367][T13178] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1902'.
[  634.277304][T13178] openvswitch: netlink: Missing key (keys=40, expected=80)
[  634.385389][ T5619] usb 2-1: Using ep0 maxpacket: 8
[  634.689639][T13185] netlink: 'syz.3.1904': attribute type 11 has an invalid length.
[  635.107533][ T5619] usb 2-1: config 0 interface 0 altsetting 6 endpoint 0x81 has an invalid bInterval 64, changing to 10
[  635.154382][T13189] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1906'.
[  635.176908][ T5619] usb 2-1: config 0 interface 0 altsetting 6 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  635.241906][ T5619] usb 2-1: config 0 interface 0 has no altsetting 0
[  635.253151][ T5619] usb 2-1: New USB device found, idVendor=172f, idProduct=0501, bcdDevice= 0.00
[  635.264371][ T6350] usb 5-1: new full-speed USB device number 79 using dummy_hcd
[  635.294049][ T5619] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  635.338616][ T5619] usb 2-1: config 0 descriptor??
[  635.431848][ T6350] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 254, using maximum allowed: 30
[  635.443035][ T6350] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  635.458000][ T6350] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 254
[  635.536608][ T5619] usbhid 2-1:0.0: can't add hid device: -71
[  635.551949][ T6350] usb 5-1: New USB device found, idVendor=046d, idProduct=c295, bcdDevice= 0.00
[  635.597151][ T5619] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  635.625543][ T6350] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  635.644512][ T5619] usb 2-1: USB disconnect, device number 70
[  635.772892][ T6350] usb 5-1: config 0 descriptor??
[  635.798610][T13176] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[  636.464391][T13172] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  636.626059][T13172] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  636.982123][   T30] audit: type=1400 audit(1801197459.472:2264): avc:  denied  { connect } for  pid=13209 comm="syz.0.1911" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  637.189625][T13219] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1913'.
[  637.199718][T13219] openvswitch: netlink: Missing key (keys=40, expected=80)
[  637.294533][T13221] fuse: fd is not a fuse device
[  637.332385][   T30] audit: type=1400 audit(1801197459.916:2265): avc:  denied  { read } for  pid=13220 comm="syz.3.1915" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  637.375347][ T6350] usbhid 5-1:0.0: can't add hid device: -71
[  637.392507][ T6350] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  637.417383][ T6350] usb 5-1: USB disconnect, device number 79
[  637.627565][   T30] audit: type=1400 audit(1801197460.212:2266): avc:  denied  { mounton } for  pid=13222 comm="syz.0.1914" path="/358/file0" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=file permissive=1
[  637.850643][ T6330] usb 2-1: new high-speed USB device number 71 using dummy_hcd
[  637.914054][T13244] syzkaller0: entered promiscuous mode
[  637.919636][T13244] syzkaller0: entered allmulticast mode
[  638.012528][ T6330] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  638.045417][ T6330] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  638.069409][ T6330] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  638.096331][ T6330] usb 2-1: config 0 descriptor??
[  638.105173][ T6330] pwc: Askey VC010 type 2 USB webcam detected.
[  638.313883][T13234] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  638.323101][T13234] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  638.344239][T13234] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1919'.
[  638.542646][T13252] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1925'.
[  638.551579][T13252] openvswitch: netlink: Missing key (keys=40, expected=80)
[  638.592080][ T6330] pwc: recv_control_msg error -32 req 02 val 2b00
[  638.612369][ T6330] pwc: recv_control_msg error -32 req 02 val 2700
[  638.624000][ T6330] pwc: recv_control_msg error -32 req 02 val 2c00
[  638.649591][ T6330] pwc: recv_control_msg error -32 req 04 val 1000
[  638.670508][ T6330] pwc: recv_control_msg error -32 req 04 val 1300
[  638.677583][ T6330] pwc: recv_control_msg error -32 req 04 val 1400
[  638.688626][ T6330] pwc: recv_control_msg error -32 req 02 val 2000
[  638.699153][ T6330] pwc: recv_control_msg error -32 req 02 val 2100
[  638.702812][   T30] audit: type=1400 audit(1801197461.269:2267): avc:  denied  { ioctl } for  pid=13232 comm="syz.1.1919" path="socket:[40073]" dev="sockfs" ino=40073 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  638.742527][ T6330] pwc: recv_control_msg error -71 req 04 val 1500
[  638.794359][ T6330] pwc: recv_control_msg error -71 req 02 val 2500
[  638.813688][ T6330] pwc: recv_control_msg error -71 req 02 val 2400
[  638.820559][ T6330] pwc: recv_control_msg error -71 req 02 val 2600
[  638.840157][ T6330] pwc: recv_control_msg error -71 req 02 val 2900
[  638.858839][ T6330] pwc: recv_control_msg error -71 req 02 val 2800
[  638.865900][ T6330] pwc: recv_control_msg error -71 req 04 val 1100
[  638.884743][ T6330] pwc: recv_control_msg error -71 req 04 val 1200
[  638.899295][ T6330] pwc: Registered as video103.
[  638.917250][ T6330] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input22
[  638.964043][ T6330] usb 2-1: USB disconnect, device number 71
[  639.428162][ T4931] Bluetooth: hci3: Malformed Event: 0x02
[  642.963007][T13266] syz_tun: entered allmulticast mode
[  643.058945][T13266] dvmrp8: entered allmulticast mode
[  643.073919][T13268] binder: 13267:13268 ioctl c0306201 0 returned -14
[  643.252458][T13278] comedi comedi0: Minor 2147483647 is invalid!
[  643.565076][   T30] audit: type=1400 audit(1801721754.080:2268): avc:  denied  { ioctl } for  pid=13283 comm="syz.4.1935" path="socket:[40140]" dev="sockfs" ino=40140 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  643.620381][T13270] syzkaller0: entered promiscuous mode
[  643.626010][T13270] syzkaller0: entered allmulticast mode
[  643.741553][T13262] syz_tun: left allmulticast mode
[  643.879782][ T5619] usb 3-1: new high-speed USB device number 60 using dummy_hcd
[  644.226484][T13292] SELinux: security_context_str_to_sid (5���]�S9q#���) failed with errno=-22
[  644.275175][ T5619] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  644.289647][ T5619] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[  644.300657][ T5619] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  644.324424][ T5619] usb 3-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94
[  644.335577][ T5619] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  644.358804][ T5619] usb 3-1: config 0 descriptor??
[  644.377665][T13295] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  644.441076][T13288] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1936'.
[  644.452028][T13295] xt_CONNSECMARK: invalid mode: 66
[  644.470555][T13288] openvswitch: netlink: Missing key (keys=40, expected=80)
[  644.766251][T13304] trusted_key: encrypted key: instantiation of keys using provided decrypted data is disabled since CONFIG_USER_DECRYPTED_DATA is set to false
[  645.244173][T13303] syzkaller0: entered promiscuous mode
[  645.249779][T13303] syzkaller0: entered allmulticast mode
[  645.428484][T13314] binder: 13313:13314 ioctl c0306201 0 returned -14
[  645.797364][ T6330] usb 2-1: new high-speed USB device number 72 using dummy_hcd
[  645.962009][ T6330] usb 2-1: Using ep0 maxpacket: 16
[  645.976364][ T6330] usb 2-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  645.993567][ T6330] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  646.010008][ T6330] usb 2-1: Product: syz
[  646.019093][ T6330] usb 2-1: Manufacturer: syz
[  646.028604][ T6330] usb 2-1: SerialNumber: syz
[  646.041830][ T6330] usb 2-1: config 0 descriptor??
[  646.376204][ T6330] usb 2-1: USB disconnect, device number 72
[  646.662285][ T6350] usb 3-1: USB disconnect, device number 60
[  647.167426][   T30] audit: type=1400 audit(1801721757.575:2269): avc:  denied  { watch watch_reads } for  pid=13343 comm="syz.1.1950" path="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=dir permissive=1
[  647.257131][ T5619] usb 3-1: new high-speed USB device number 61 using dummy_hcd
[  647.441995][ T5619] usb 3-1: Using ep0 maxpacket: 16
[  647.518709][ T5619] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 129, using maximum allowed: 30
[  647.559277][ T5619] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  647.598443][ T5619] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  647.625418][ T5619] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 129
[  647.665030][ T5619] usb 3-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00
[  647.696537][ T5619] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  647.761359][ T5619] usb 3-1: config 0 descriptor??
[  648.452318][ T5619] usbhid 3-1:0.0: can't add hid device: -71
[  648.459643][ T5619] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  648.478695][ T5619] usb 3-1: USB disconnect, device number 61
[  649.004969][T13353] netlink: 148 bytes leftover after parsing attributes in process `syz.1.1952'.
[  649.014270][T13353] A link change request failed with some changes committed already. Interface ip6tnl0 may have been left with an inconsistent configuration, please check.
[  649.187373][T13362] binder: 13361:13362 ioctl c0306201 0 returned -14
[  649.409518][ T6330] usb 3-1: new high-speed USB device number 62 using dummy_hcd
[  649.478148][T13376] Sensor B: =================  START STATUS  =================
[  649.486064][T13376] Sensor B: Test Pattern: 75% Colorbar
[  649.491788][T13376] Sensor B: Show Information: All
[  649.496967][T13376] Sensor B: Vertical Flip: false
[  649.502357][T13376] Sensor B: Horizontal Flip: false
[  649.507559][T13376] Sensor B: Brightness: 128
[  649.512214][T13376] Sensor B: Contrast: 128
[  649.516653][T13376] Sensor B: Hue: 0
[  649.520456][T13376] Sensor B: Saturation: 128
[  649.525054][T13376] Sensor B: Pixel Rate: 160000000
[  649.530168][T13376] Sensor B: Horizontal Blanking: 800
[  649.535865][T13376] Sensor B: Vertical Blanking: 3223
[  649.541123][T13376] Sensor B: ==================  END STATUS  ==================
[  649.937642][T13381] 9p: Bad value for 'wfdno'
[  649.982184][ T6330] usb 3-1: Using ep0 maxpacket: 8
[  649.988423][ T6330] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[  649.997313][ T6330] usb 3-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  650.008754][T13383] fuse: Unknown parameter '�r�s1�i��'
[  650.015271][ T6330] usb 3-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  650.028294][ T6330] usb 3-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  650.094099][T13384] syz_tun: entered allmulticast mode
[  650.218073][ T6330] usb 3-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  650.235117][ T6330] usb 3-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  650.247518][ T6330] usb 3-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  650.261353][T13374] syz_tun: left allmulticast mode
[  650.268416][ T6330] usb 3-1: config 168 interface 0 has no altsetting 0
[  650.293156][ T6330] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[  650.301175][ T6330] usb 3-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  650.306561][T13386] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1963'.
[  650.313171][ T6330] usb 3-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  650.335727][ T6330] usb 3-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  650.347805][ T6330] usb 3-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  650.359308][ T6330] usb 3-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  650.371149][ T6330] usb 3-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  650.386342][ T6330] usb 3-1: config 168 interface 0 has no altsetting 0
[  650.395668][ T6330] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[  650.403374][ T6330] usb 3-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  650.414918][ T6330] usb 3-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  650.427036][ T6330] usb 3-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  650.439284][ T6330] usb 3-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  650.451373][ T6330] usb 3-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  650.473262][ T6330] usb 3-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  650.492218][ T6330] usb 3-1: config 168 interface 0 has no altsetting 0
[  650.505230][ T6330] usb 3-1: string descriptor 0 read error: -22
[  650.513438][ T6330] usb 3-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  650.523866][ T6330] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  650.705374][T13391] 9p: Bad value for 'rfdno'
[  650.806828][ T6330] adutux 3-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  650.814330][ T6350] usb 5-1: new high-speed USB device number 80 using dummy_hcd
[  650.894429][T13390] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1964'.
[  650.920629][T13390] smc: removing ib device syz1
[  650.936934][T13390] smbdirect: ib_dev[syz1] removed
[  651.422999][T13390] ------------[ cut here ]------------
[  651.428521][T13390] !xa_empty(&pool->xa)
[  651.428531][T13390] WARNING: drivers/infiniband/sw/rxe/rxe_pool.c:116 at rxe_pool_cleanup+0x46/0x60, CPU#1: syz.0.1964/13390
[  651.444163][T13390] Modules linked in:
[  651.448722][T13390] CPU: 1 UID: 0 PID: 13390 Comm: syz.0.1964 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  651.459697][T13390] Tainted: [L]=SOFTLOCKUP
[  651.465666][T13390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  651.476088][T13390] RIP: 0010:rxe_pool_cleanup+0x46/0x60
[  651.481590][T13390] Code: ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 29 48 83 bb 80 00 00 00 00 75 0b e8 76 2b 4f f9 5b c3 cc cc cc cc e8 6b 2b 4f f9 90 <0f> 0b 90 e8 62 2b 4f f9 5b c3 cc cc cc cc e8 b7 f1 bc f9 eb d0 0f
[  651.501218][T13390] RSP: 0018:ffffc90004c9f160 EFLAGS: 00010246
[  651.507498][T13390] RAX: 0000000000080000 RBX: ffff88806d489398 RCX: ffffc90005cc9000
[  651.515502][T13390] RDX: 0000000000080000 RSI: ffffffff88b98675 RDI: ffff88806d489418
[  651.523472][T13390] RBP: ffffffff88b7e260 R08: 0000000000000005 R09: 0000000000000001
[  651.532913][T13390] R10: 0000000000000002 R11: 0000000000000000 R12: ffff88806d488698
[  651.541084][T13390] R13: ffff88806d487fe0 R14: ffff88806d487fe0 R15: ffff88806d4890f8
[  651.549075][T13390] FS:  00007f793f8cd6c0(0000) GS:ffff88812446a000(0000) knlGS:0000000000000000
[  651.558195][T13390] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  651.564974][T13390] CR2: 0000200000000380 CR3: 000000003bded000 CR4: 00000000003526f0
[  651.572927][T13390] Call Trace:
[  651.576205][T13390]  <TASK>
[  651.579113][T13390]  rxe_dealloc+0x25/0xc0
[  651.583357][T13390]  ib_dealloc_device+0x49/0x230
[  651.588183][T13390]  __ib_unregister_device+0x396/0x480
[  651.593749][T13390]  ib_unregister_device_and_put+0x5a/0x80
[  651.599446][T13390]  nldev_dellink+0x308/0x430
[  651.604052][T13390]  ? __pfx_nldev_dellink+0x10/0x10
[  651.609179][T13390]  ? rcu_is_watching+0x12/0xc0
[  651.613951][T13390]  ? cap_capable+0x10b/0x440
[  651.618517][T13390]  ? bpf_lsm_capable+0x9/0x10
[  651.623382][T13390]  ? security_capable+0x80/0x260
[  651.628328][T13390]  ? ns_capable+0xd2/0xf0
[  651.632655][T13390]  ? __pfx_nldev_dellink+0x10/0x10
[  651.637818][T13390]  rdma_nl_rcv_msg+0x392/0x6f0
[  651.642572][T13390]  ? __pfx_rdma_nl_rcv_msg+0x10/0x10
[  651.647920][T13390]  ? __lock_acquire+0x4a5/0x2630
[  651.652853][T13390]  rdma_nl_rcv_skb.constprop.0.isra.0+0x2cb/0x410
[  651.659639][T13390]  ? __pfx_rdma_nl_rcv_skb.constprop.0.isra.0+0x10/0x10
[  651.666591][T13390]  ? netlink_deliver_tap+0x1ae/0xcc0
[  651.671861][T13390]  netlink_unicast+0x585/0x850
[  651.676712][T13390]  ? __pfx_netlink_unicast+0x10/0x10
[  651.681991][T13390]  netlink_sendmsg+0x8b0/0xda0
[  651.686950][T13390]  ? __pfx_netlink_sendmsg+0x10/0x10
[  651.692238][T13390]  ? __might_fault+0xc0/0x140
[  651.696927][T13390]  ____sys_sendmsg+0x9e1/0xb70
[  651.701683][T13390]  ? __pfx_netlink_sendmsg+0x10/0x10
[  651.707016][T13390]  ? __pfx_____sys_sendmsg+0x10/0x10
[  651.712297][T13390]  ? __pfx_futex_wake_mark+0x10/0x10
[  651.717807][T13390]  ___sys_sendmsg+0x190/0x1e0
[  651.722486][T13390]  ? __pfx____sys_sendmsg+0x10/0x10
[  651.727703][T13390]  __sys_sendmsg+0x170/0x220
[  651.732274][T13390]  ? __pfx___sys_sendmsg+0x10/0x10
[  651.737379][T13390]  ? __x64_sys_futex+0x34f/0x4d0
[  651.742303][T13390]  ? rcu_is_watching+0x12/0xc0
[  651.747280][T13390]  do_syscall_64+0x10b/0x860
[  651.751852][T13390]  ? clear_bhb_loop+0x40/0x90
[  651.756700][T13390]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  651.762593][T13390] RIP: 0033:0x7f793e99ce59
[  651.767027][T13390] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  651.786833][T13390] RSP: 002b:00007f793f8cd028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  651.795249][T13390] RAX: ffffffffffffffda RBX: 00007f793ec15fa0 RCX: 00007f793e99ce59
[  651.803219][T13390] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 000000000000000b
[  651.811169][T13390] RBP: 00007f793ea32d6f R08: 0000000000000000 R09: 0000000000000000
[  651.819331][T13390] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  651.827313][T13390] R13: 00007f793ec16038 R14: 00007f793ec15fa0 R15: 00007ffcfefb6958
[  651.835311][T13390]  </TASK>
[  651.838310][T13390] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  651.845579][T13390] CPU: 1 UID: 0 PID: 13390 Comm: syz.0.1964 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  651.856495][T13390] Tainted: [L]=SOFTLOCKUP
[  651.860800][T13390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  651.870847][T13390] Call Trace:
[  651.874106][T13390]  <TASK>
[  651.877014][T13390]  dump_stack_lvl+0x100/0x190
[  651.881684][T13390]  vpanic+0x552/0x970
[  651.885640][T13390]  ? __pfx_vpanic+0x10/0x10
[  651.890134][T13390]  panic+0xd1/0xe0
[  651.893830][T13390]  ? __pfx_panic+0x10/0x10
[  651.898226][T13390]  check_panic_on_warn.cold+0x19/0x34
[  651.903587][T13390]  ? rxe_pool_cleanup+0x46/0x60
[  651.908426][T13390]  __warn.cold+0x191/0x328
[  651.912816][T13390]  __report_bug+0x296/0x3d0
[  651.917302][T13390]  ? rxe_pool_cleanup+0x46/0x60
[  651.922142][T13390]  ? __pfx___report_bug+0x10/0x10
[  651.927159][T13390]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  651.932953][T13390]  ? flush_workqueue_prep_pwqs+0x2e9/0x510
[  651.938748][T13390]  ? __flush_workqueue+0x426/0x1200
[  651.943929][T13390]  ? __mutex_unlock_slowpath+0x15d/0x8a0
[  651.949576][T13390]  ? rxe_pool_cleanup+0x46/0x60
[  651.954418][T13390]  report_bug+0xb2/0x220
[  651.958652][T13390]  ? rxe_pool_cleanup+0x46/0x60
[  651.963543][T13390]  handle_bug+0x16a/0x2a0
[  651.967878][T13390]  exc_invalid_op+0x17/0x50
[  651.972381][T13390]  asm_exc_invalid_op+0x1a/0x20
[  651.977212][T13390] RIP: 0010:rxe_pool_cleanup+0x46/0x60
[  651.982670][T13390] Code: ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 29 48 83 bb 80 00 00 00 00 75 0b e8 76 2b 4f f9 5b c3 cc cc cc cc e8 6b 2b 4f f9 90 <0f> 0b 90 e8 62 2b 4f f9 5b c3 cc cc cc cc e8 b7 f1 bc f9 eb d0 0f
[  652.002254][T13390] RSP: 0018:ffffc90004c9f160 EFLAGS: 00010246
[  652.008309][T13390] RAX: 0000000000080000 RBX: ffff88806d489398 RCX: ffffc90005cc9000
[  652.016255][T13390] RDX: 0000000000080000 RSI: ffffffff88b98675 RDI: ffff88806d489418
[  652.024211][T13390] RBP: ffffffff88b7e260 R08: 0000000000000005 R09: 0000000000000001
[  652.032155][T13390] R10: 0000000000000002 R11: 0000000000000000 R12: ffff88806d488698
[  652.040097][T13390] R13: ffff88806d487fe0 R14: ffff88806d487fe0 R15: ffff88806d4890f8
[  652.048045][T13390]  ? __pfx_rxe_dealloc+0x10/0x10
[  652.052968][T13390]  ? rxe_pool_cleanup+0x45/0x60
[  652.057796][T13390]  rxe_dealloc+0x25/0xc0
[  652.062012][T13390]  ib_dealloc_device+0x49/0x230
[  652.066838][T13390]  __ib_unregister_device+0x396/0x480
[  652.072189][T13390]  ib_unregister_device_and_put+0x5a/0x80
[  652.077884][T13390]  nldev_dellink+0x308/0x430
[  652.082449][T13390]  ? __pfx_nldev_dellink+0x10/0x10
[  652.087567][T13390]  ? rcu_is_watching+0x12/0xc0
[  652.092322][T13390]  ? cap_capable+0x10b/0x440
[  652.096887][T13390]  ? bpf_lsm_capable+0x9/0x10
[  652.101549][T13390]  ? security_capable+0x80/0x260
[  652.106473][T13390]  ? ns_capable+0xd2/0xf0
[  652.110779][T13390]  ? __pfx_nldev_dellink+0x10/0x10
[  652.115875][T13390]  rdma_nl_rcv_msg+0x392/0x6f0
[  652.120614][T13390]  ? __pfx_rdma_nl_rcv_msg+0x10/0x10
[  652.125872][T13390]  ? __lock_acquire+0x4a5/0x2630
[  652.130788][T13390]  rdma_nl_rcv_skb.constprop.0.isra.0+0x2cb/0x410
[  652.137193][T13390]  ? __pfx_rdma_nl_rcv_skb.constprop.0.isra.0+0x10/0x10
[  652.144125][T13390]  ? netlink_deliver_tap+0x1ae/0xcc0
[  652.149402][T13390]  netlink_unicast+0x585/0x850
[  652.154159][T13390]  ? __pfx_netlink_unicast+0x10/0x10
[  652.159426][T13390]  netlink_sendmsg+0x8b0/0xda0
[  652.164168][T13390]  ? __pfx_netlink_sendmsg+0x10/0x10
[  652.169451][T13390]  ? __might_fault+0xc0/0x140
[  652.174127][T13390]  ____sys_sendmsg+0x9e1/0xb70
[  652.178877][T13390]  ? __pfx_netlink_sendmsg+0x10/0x10
[  652.184148][T13390]  ? __pfx_____sys_sendmsg+0x10/0x10
[  652.189444][T13390]  ? __pfx_futex_wake_mark+0x10/0x10
[  652.194731][T13390]  ___sys_sendmsg+0x190/0x1e0
[  652.199413][T13390]  ? __pfx____sys_sendmsg+0x10/0x10
[  652.204614][T13390]  __sys_sendmsg+0x170/0x220
[  652.209195][T13390]  ? __pfx___sys_sendmsg+0x10/0x10
[  652.214293][T13390]  ? __x64_sys_futex+0x34f/0x4d0
[  652.219214][T13390]  ? rcu_is_watching+0x12/0xc0
[  652.223960][T13390]  do_syscall_64+0x10b/0x860
[  652.228541][T13390]  ? clear_bhb_loop+0x40/0x90
[  652.233196][T13390]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  652.239063][T13390] RIP: 0033:0x7f793e99ce59
[  652.243452][T13390] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  652.263043][T13390] RSP: 002b:00007f793f8cd028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  652.271432][T13390] RAX: ffffffffffffffda RBX: 00007f793ec15fa0 RCX: 00007f793e99ce59
[  652.279380][T13390] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 000000000000000b
[  652.287327][T13390] RBP: 00007f793ea32d6f R08: 0000000000000000 R09: 0000000000000000
[  652.295272][T13390] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  652.303218][T13390] R13: 00007f793ec16038 R14: 00007f793ec15fa0 R15: 00007ffcfefb6958
[  652.311170][T13390]  </TASK>
[  652.314455][T13390] Kernel Offset: disabled
[  652.318758][T13390] Rebooting in 86400 seconds..