last executing test programs:
2m44.159638046s ago: executing program 4 (id=1436):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SCSI_IOCTL_GET_PCI(r1, 0x5393, &(0x7f0000000000))
r2 = socket$inet_dccp(0x2, 0x6, 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x80, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',directio,nodevmap,euid>', @ANYRESDEC=0xee01, @ANYRESDEC=0x0, @ANYBLOB=',smackfshat=++,measure,'])
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000040)=[{}], 0x1, 0x40800)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(0xffffffffffffffff, 0x3ba0, &(0x7f0000000040)={0x48, 0x4})
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendto$inet6(r4, 0x0, 0x0, 0xbcaf, 0x0, 0x0)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
clock_gettime(0x2, &(0x7f0000000000))
2m42.291757016s ago: executing program 4 (id=1441):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_type(r1, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_type(r2, &(0x7f0000000280), 0x9)
r3 = openat$cgroup_procs(r1, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0)
write$cgroup_pid(r3, &(0x7f0000000c40), 0x12)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = syz_clone(0x1022000, 0x0, 0xfffffffffffffc76, 0x0, 0x0, 0x0)
r6 = openat$cgroup_ro(r4, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
write$cgroup_int(r6, &(0x7f0000000200)=0x1, 0x12)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r8 = openat$cgroup_procs(r7, &(0x7f0000000180)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r8, &(0x7f0000000080)=r5, 0x12)
sendmmsg$inet(r0, &(0x7f0000003b00)=[{{&(0x7f0000000040)={0x2, 0x0, @empty}, 0x10, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0)
2m41.482412727s ago: executing program 4 (id=1445):
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000080)="240000004e0025000307f4f9002304000a04f55f08000100020100020800038005000000", 0x24)
syz_usb_connect(0x8217f3b0f008cee7, 0x2d, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x12, 0xaa, 0xb6, 0x8, 0x1b3d, 0x169, 0x6919, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x7, 0x80, 0x0, [{{0x9, 0x4, 0x39, 0xfd, 0x1, 0x4f, 0xa0, 0xd, 0x8, [], [{{0x9, 0x5, 0x87, 0x3, 0x8, 0xf, 0xff, 0x7}}]}}]}}]}}, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x0, @any, 0xfffa}, 0xe)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
fcntl$setpipe(r2, 0x407, 0x7000000)
capset(&(0x7f00000004c0)={0x20080522}, &(0x7f0000000500))
pipe2$watch_queue(&(0x7f00000002c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80)
ioctl$IOC_WATCH_QUEUE_SET_SIZE(r3, 0x5760, 0x5e)
2m40.834342368s ago: executing program 4 (id=1449):
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x2, 0x2}}, @union]}}, 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r4, 0x40605346, &(0x7f00000000c0)={0x0, 0x0, {0x0, 0x1, 0x0, 0x0, 0x3}, 0x3})
r5 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r5, 0xc0045516, &(0x7f0000000000)=0xffb)
r6 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000200)={0x1000000d})
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000003680)=@filter={'filter\x00', 0x42, 0x4, 0x4a0, 0xffffffff, 0x210, 0x318, 0x318, 0xffffffff, 0xffffffff, 0x408, 0x408, 0x408, 0xffffffff, 0x5, 0x0, {[{{@ip={@multicast2, @private, 0x0, 0x0, 'wg1\x00', 'nr0\x00'}, 0x74000002, 0xe8, 0x210, 0x1ba, {0x46010000, 0x2c000000000000}, [@common=@unspec=@limit={{0x48}, {0x0, 0xdf6, 0x0, 0x0, 0x0, 0x9}}, @common=@addrtype={{0x30}}]}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:removable_device_t:s0\x00'}}}, {{@uncond, 0x287, 0xe0, 0x108, 0x0, {}, [@common=@unspec=@cpu={{0x28}}, @common=@unspec=@limit={{0x48}}]}, @REJECT={0x28}}, {{@uncond, 0x0, 0xb0, 0xf0, 0x0, {}, [@common=@unspec=@connlimit={{0x40}}]}, @common=@inet=@TCPOPTSTRIP={0x40}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x521)
2m39.793109256s ago: executing program 4 (id=1452):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000540)=0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
ioctl$TUNSETFILTEREBPF(r1, 0x800454e1, &(0x7f0000000140))
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = syz_open_dev$media(&(0x7f0000000380), 0x0, 0x0)
close(r2)
ioctl$MEDIA_IOC_ENUM_LINKS(r4, 0xc0287c02, &(0x7f0000000180)={0x80000000, &(0x7f0000000040), &(0x7f00000000c0)=[{}, {{}, {<r5=>0x80000000}}]})
ioctl$MEDIA_IOC_ENUM_LINKS(r4, 0xc0287c02, &(0x7f00000003c0)={r5, &(0x7f0000000280), &(0x7f00000004c0)})
r6 = syz_open_dev$media(&(0x7f0000000380), 0x0, 0x0)
bind$unix(r3, &(0x7f00000002c0)=@file={0x0, './file0\x00'}, 0x6e)
ioctl$MEDIA_IOC_ENUM_LINKS(r6, 0xc0287c02, &(0x7f0000000340)={0x80000000, 0x0, &(0x7f0000000200)=[{}, {{0x80000000, <r7=>0x0}, {<r8=>0x80000000, <r9=>0x0}}]})
r10 = socket$rds(0x15, 0x5, 0x0)
setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r10, 0x114, 0xa, &(0x7f0000000000)=ANY=[@ANYBLOB="80"], 0x4)
r11 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r11, 0x40086602, &(0x7f0000000040)=0x10)
ioctl$MEDIA_IOC_SETUP_LINK(r11, 0xc0347c03, &(0x7f00000001c0)={{r8, r7, 0x1, [0x0, 0xf7df]}, {r8, r9, 0x7, [0x6]}, 0x1, [0x8, 0x3df]})
ioctl$MEDIA_IOC_ENUM_LINKS(r4, 0xc0287c02, &(0x7f0000000480)={r8, 0x0, &(0x7f0000000400)=[{}, {{0x80000000, <r12=>0x0}, {<r13=>0x80000000, <r14=>0x0}}]})
ioctl$MEDIA_IOC_SETUP_LINK(r4, 0xc0347c03, &(0x7f00000001c0)={{r13, r12, 0x1, [0x0, 0xf7df]}, {r13, r14, 0x7, [0x6]}, 0x1, [0x8, 0x3df]})
2m36.723393192s ago: executing program 4 (id=1464):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
syz_open_dev$vim2m(0x0, 0x3, 0x2)
r1 = socket(0x1e, 0x4, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_tables_targets\x00')
writev(r2, &(0x7f0000000400)=[{&(0x7f0000000280)='3', 0x1}], 0x1)
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000d00)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = syz_open_procfs(0x0, 0x0)
writev(r4, &(0x7f0000000140)=[{&(0x7f0000000280)='0', 0x1}, {&(0x7f0000000080)="d2", 0x1}], 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0x17, 0x7, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x6}, [@ringbuf_query]}, &(0x7f0000000240)='syzkaller\x00', 0x6, 0x64, &(0x7f0000000300)=""/100, 0x41000, 0x4, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x8, &(0x7f0000000480)={0x6, 0x3}, 0x8, 0x10, &(0x7f00000004c0)={0x3, 0x7, 0xe, 0x5}, 0x10, 0x0, 0xffffffffffffffff, 0x3, &(0x7f0000000d80)=[0xffffffffffffffff, r2, r3, r4], &(0x7f0000000dc0)=[{0x5, 0x3, 0x6, 0x8}, {0x0, 0x3, 0xf, 0x7}, {0x5, 0x4, 0x3, 0xc}], 0x10, 0x10, @void, @value}, 0x94)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x0, 0x81, 0x1ff, 0x1, 0x1}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
recvmsg$unix(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000580)=""/210, 0xf6}], 0x1}, 0x61)
socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x7, 0x7fff0026}]})
r7 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r7, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r7, 0x0)
mount$9p_unix(&(0x7f0000000080)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f00000000c0)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=unix'])
close_range(r6, 0xffffffffffffffff, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f3, &(0x7f0000000940)={'syztnl0\x00', &(0x7f0000000140)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @remote}}}})
syz_emit_ethernet(0x36, &(0x7f0000000140)={@local, @multicast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0xffff}}}}}}, 0x0)
2m33.879601258s ago: executing program 1 (id=1478):
r0 = socket(0x10, 0x3, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
syz_emit_ethernet(0x7e, &(0x7f00000002c0)=ANY=[@ANYBLOB="0180c20000000000000000088100200086dd6000040000442f00fe800000000000000000000000000000fe8000000000000000000000000000aa042065580000000000000800000086dd890288be00000000100000000100000000000000080022eb0000000420f3fffe0200000000000000000000000800655800000000"], 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
readv(r4, &(0x7f00000038c0)=[{&(0x7f0000004980)=""/4096, 0x1000}], 0x1)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r5, 0x84, 0x81, &(0x7f0000000440)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
sendto$inet6(r5, &(0x7f0000000100)="b8", 0xffe0, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x0, 0x4}}, 0x9)
r6 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_BT_VOICE(r6, 0x112, 0xb, &(0x7f0000000640)=0x8, &(0x7f0000000680)=0x2)
2m33.599434334s ago: executing program 1 (id=1479):
r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000500), 0x101002, 0x0)
mount$tmpfs(0x0, &(0x7f0000000540)='./cgroup\x00', &(0x7f0000000040), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="6d706f6c3d7072656665f1b838727665"])
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
ioctl$FIONREAD(r1, 0x541b, &(0x7f0000002300))
write$binfmt_misc(r0, &(0x7f00000029c0)='\r', 0x1)
r2 = fsopen(&(0x7f00000011c0)='hfs\x00', 0x1)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_mptcp_buf(r3, 0x11c, 0x3, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB], 0x44}, 0x1, 0x0, 0x0, 0x4040}, 0x880)
ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x400452c8, &(0x7f0000000100))
mkdirat(0xffffffffffffffff, 0x0, 0xc)
ioctl$FS_IOC_GETFSLABEL(r6, 0x400452c9, &(0x7f0000000100))
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000ac0)='gid', &(0x7f0000000440)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\Eb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80Y\xc2\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\xf8\xc9@h\x01\xf5\xcb\x88\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9a\x84\'\xa3\xf1\xd9<\xb9k', 0x0)
sendmsg$802154_raw(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)="e9bed67a87ea6811ba020a98f3fcc18b31f77f2528", 0x15}, 0x1, 0x0, 0x0, 0x11}, 0x20040814)
2m29.843403193s ago: executing program 1 (id=1493):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000780)=@newsa={0x2b0, 0x10, 0x1, 0x0, 0x0, {{@in=@broadcast, @in6=@mcast1, 0x0, 0xfffd, 0x0, 0x20, 0x0, 0x0, 0x0, 0x84}, {@in6=@ipv4={'\x00', '\xff\xff', @multicast1}, 0x4d5, 0x6c}, @in6=@dev={0xfe, 0x80, '\x00', 0x1f}, {}, {0x8000, 0x0, 0x0, 0xfffffffffffffffe}, {0x0, 0xffffffff}, 0x70bd2b, 0x0, 0x2, 0x0, 0x0, 0x22}, [@algo_comp={0x48, 0x3, {{'lzs\x00'}}}, @tmpl={0x104, 0x5, [{{@in=@private=0xa010102, 0x4d4, 0xb9}, 0x2, @in=@multicast2, 0x0, 0x0, 0x2, 0x7, 0x4, 0x2, 0xfffff308}, {{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x4d3, 0xff}, 0xa, @in6=@empty, 0x3506, 0x3, 0x1, 0x9, 0x4, 0x8, 0xb}, {{@in=@broadcast, 0x4d3, 0x2b}, 0x0, @in=@broadcast, 0x3505, 0x2, 0x1, 0x4, 0x8, 0x6, 0x26}, {{@in6=@empty, 0x4d2, 0x32}, 0x2, @in6=@initdev={0xfe, 0x88, '\x00', 0x4, 0x0}, 0x3506, 0x0, 0x3, 0xff, 0x5, 0x40, 0x7fffffff}]}, @replay_esn_val={0x34, 0x17, {0x6, 0x70bd2c, 0x70bd2a, 0x70bd26, 0x70bd0d, 0xde, [0xbe6, 0x1, 0x3, 0x1, 0x4, 0xfffffffe]}}, @extra_flags={0x8, 0x18, 0x69fe}, @coaddr={0x14, 0xe, @in=@initdev={0xac, 0x1e, 0x7, 0x0}}, @encap={0x1c, 0x4, {0xffffffffffffffff, 0x4e22, 0x4e22, @in=@broadcast}}, @extra_flags={0x8, 0x18, 0xffffffff}]}, 0x2b0}}, 0x0)
2m29.499715132s ago: executing program 1 (id=1496):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
sendto$inet(r0, &(0x7f00000000c0), 0x0, 0x4000, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$SO_BINDTODEVICE_wg(r0, 0x1, 0x19, &(0x7f0000000580)='wg1\x00', 0x4)
r2 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bond0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x3c, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x3c}}, 0x0)
sendto$inet(r0, &(0x7f0000000100)='\\', 0x1, 0x0, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000300)="ab", 0x14078, 0x0, &(0x7f0000000380)={0x2, 0x4e22, @local}, 0x10)
2m28.557144418s ago: executing program 1 (id=1501):
syz_open_dev$sndpcmp(&(0x7f0000000000), 0x1000, 0x319200)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x24, r1, 0x1, 0x70bd2a, 0x2, {}, [@NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x3}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x20008880)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-aesni-avx2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r3 = accept4(r2, 0x0, 0x0, 0x800)
syz_emit_ethernet(0x5e, &(0x7f00000003c0)={@random="e33110495bfd", @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "cb653e", 0x28, 0x3a, 0xff, @dev, @local, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private1}}}}}}, 0x0)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, 0x0}], 0x1, 0x40800)
recvmsg$unix(r3, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f00000001c0)=""/7, 0x7}], 0x1}, 0x10020)
2m28.259678457s ago: executing program 1 (id=1503):
creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80000)
write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}})
chmod(&(0x7f0000000140)='./file0\x00', 0x0)
r3 = creat(&(0x7f0000000300)='./file0\x00', 0x0)
pwritev2(r3, &(0x7f0000000080)=[{&(0x7f0000000340)='L', 0xfdef}], 0x1, 0x4, 0x7, 0x4)
2m21.428319005s ago: executing program 32 (id=1464):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
syz_open_dev$vim2m(0x0, 0x3, 0x2)
r1 = socket(0x1e, 0x4, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_tables_targets\x00')
writev(r2, &(0x7f0000000400)=[{&(0x7f0000000280)='3', 0x1}], 0x1)
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000d00)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = syz_open_procfs(0x0, 0x0)
writev(r4, &(0x7f0000000140)=[{&(0x7f0000000280)='0', 0x1}, {&(0x7f0000000080)="d2", 0x1}], 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0x17, 0x7, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x6}, [@ringbuf_query]}, &(0x7f0000000240)='syzkaller\x00', 0x6, 0x64, &(0x7f0000000300)=""/100, 0x41000, 0x4, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x8, &(0x7f0000000480)={0x6, 0x3}, 0x8, 0x10, &(0x7f00000004c0)={0x3, 0x7, 0xe, 0x5}, 0x10, 0x0, 0xffffffffffffffff, 0x3, &(0x7f0000000d80)=[0xffffffffffffffff, r2, r3, r4], &(0x7f0000000dc0)=[{0x5, 0x3, 0x6, 0x8}, {0x0, 0x3, 0xf, 0x7}, {0x5, 0x4, 0x3, 0xc}], 0x10, 0x10, @void, @value}, 0x94)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x0, 0x81, 0x1ff, 0x1, 0x1}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
recvmsg$unix(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000580)=""/210, 0xf6}], 0x1}, 0x61)
socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x7, 0x7fff0026}]})
r7 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r7, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r7, 0x0)
mount$9p_unix(&(0x7f0000000080)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f00000000c0)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=unix'])
close_range(r6, 0xffffffffffffffff, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f3, &(0x7f0000000940)={'syztnl0\x00', &(0x7f0000000140)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @remote}}}})
syz_emit_ethernet(0x36, &(0x7f0000000140)={@local, @multicast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0xffff}}}}}}, 0x0)
2m13.144636234s ago: executing program 33 (id=1503):
creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80000)
write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[], [], 0x6b}})
chmod(&(0x7f0000000140)='./file0\x00', 0x0)
r3 = creat(&(0x7f0000000300)='./file0\x00', 0x0)
pwritev2(r3, &(0x7f0000000080)=[{&(0x7f0000000340)='L', 0xfdef}], 0x1, 0x4, 0x7, 0x4)
13.821609799s ago: executing program 3 (id=2013):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
sendmsg$unix(r0, &(0x7f0000000d80)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="140000000000000001000000"], 0x18}, 0x0)
13.541555622s ago: executing program 3 (id=2015):
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000940)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000900)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)=@newlink={0x50, 0x10, 0x437, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, r3, 0x54583}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x20, 0x2, 0x0, 0x1, [@IFLA_GENEVE_TOS={0x5, 0x4, 0x1}, @IFLA_GENEVE_REMOTE6={0x14, 0x7, @private2={0xfc, 0x2, '\x00', 0x1}}]}}}]}, 0x50}, 0x1, 0x0, 0x0, 0x11}, 0x0)
sendmmsg$inet(r0, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x20, 0x0, 0x8, {r3, @empty, @dev={0xac, 0x14, 0x14, 0x27}}}}], 0x20}}], 0x1, 0x80)
13.387077059s ago: executing program 3 (id=2017):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0xa1641000)
syz_open_procfs$pagemap(0x0, &(0x7f0000000040))
r0 = fsopen(&(0x7f0000000100)='ecryptfs\x00', 0x0)
r1 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000040), 0x101081, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="0600000004000000080000000100000080000000", @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="ffffffff0100000000000000000000000000000000000000000000006993b7cca8e6c7db8cf4f59cf5ab5789102cbcd6c517bf46d391716589125d8bb5c8690000000000005d9c1d3930742328e27cf3a46614d863dd272d3e1c812f29b6f335520383"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000000c0)={{0x1}, 0x0, 0x0}, 0x20)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001700)=ANY=[@ANYBLOB="01000000080000000400000023000000c1000000", @ANYRES32=r1, @ANYBLOB="00000000000000000000000000000000000000009ae4ea337bc93bcc8badd9b0cff75d84e89b3a4b19fde494663a61e5d3ac977ce29bfd90ec4bb3dd27207cadcbf06e9493", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000000100)={r2, &(0x7f00000000c0), 0x20000000}, 0x20)
r3 = syz_open_dev$vim2m(0x0, 0x0, 0x2)
socket$inet_tcp(0x2, 0x1, 0x0)
socket(0xa, 0x3, 0x3a)
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000003700), 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioctl$PAGEMAP_SCAN(r3, 0xc0606610, &(0x7f0000001680)={0x60, 0x1, &(0x7f0000b07000/0x4000)=nil, &(0x7f00001ea000/0x2000)=nil, 0x7, &(0x7f0000000580), 0x0, 0xfffffffffffffffd, 0x1, 0x1, 0x0, 0xd3})
ioctl$vim2m_VIDIOC_S_CTRL(r3, 0xc008561c, &(0x7f0000000300)={0xffff0000, 0x206})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x80600, 0x0)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
ioctl$KVM_SET_SIGNAL_MASK(r1, 0x4004ae8b, &(0x7f0000000200)=ANY=[@ANYBLOB="3c000000ced6409306ca0ccfb44481fa50ddd88296d65a0bff24809bdb1a426bfa2639536acdf3ce53b00086898cacc56c000000000000000002000000000000"])
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f00000003c0)={0x2, 0x3, 0x0, 'queue1\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r5, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x3}})
r6 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$SNDCTL_DSP_RESET(r6, 0x80044dff, 0x1000000000000)
close_range(r0, r1, 0x0)
10.104886379s ago: executing program 0 (id=2022):
creat(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fadvise64(0xffffffffffffffff, 0x9, 0x4, 0x2)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
r4 = socket$inet6(0xa, 0x6, 0x0)
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
listen(r4, 0x101)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x10d, 0x800000000d, 0x0, 0x0)
connect$inet(r5, &(0x7f0000e5c000)={0x2, 0x4e20, @dev}, 0x10)
accept4(r4, 0x0, 0x0, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
syz_80211_join_ibss(0x0, 0x0, 0x0, 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', 0x0, 0xf9fdffff, 0x0)
r6 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_ENUMAUDOUT(r6, 0xc0345642, &(0x7f0000000080)={0x1, "498bd9c6c6515f1f455fd0ffff000010cb20fa5e00"})
8.35344488s ago: executing program 0 (id=2027):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r3=>0x0})
sendto$packet(r2, &(0x7f0000000080)="18", 0x10, 0x0, &(0x7f00000000c0)={0x11, 0xe, r3, 0x1, 0x0, 0x6, @multicast}, 0x14)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0)
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r7, 0x100000)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000000000000bfa30000000000000703000020feffff720af0fff8ffffff71a4f0ff0000000035040000500000001d400200000000006504040000ff3f00b4030000000000001d440000000000007a0a00fe000000000f03000000000000b5000000000000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af2542ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b1100886475923906f88b53987ad0c33d39000d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d64364f56e24e6d2128c7e0ec82770c8204a1ddeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee7dfcb59b854e9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d3490dd97adab638cca595e487"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
getpid()
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r8 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r8, 0x4400ae8f, &(0x7f0000000140)=@x86={0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x5, 0x0, 0x0, 0xff, 0xff, 0x0, '\x00', 0x0, 0xfffffffffffffffe})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
openat$cuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mmap(&(0x7f000003b000/0xf000)=nil, 0xf000, 0x1000006, 0x38011, 0xffffffffffffffff, 0x0)
7.160705019s ago: executing program 2 (id=2031):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
memfd_create(&(0x7f0000000000)='/dev/kvm\x00', 0x3)
6.308627445s ago: executing program 3 (id=2033):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00'}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xb, &(0x7f0000000080)=0x1, 0x4)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$packet_rx_ring(r2, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
syz_emit_ethernet(0x3a, &(0x7f0000000380)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb810000000800450000280000000000059078ac1414000000000000000000", @ANYRES32=0x41424344, @ANYRESOCT], 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SEG6_CMD_SETHMAC(r6, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x14, r7, 0x1}, 0x14}}, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$batadv(&(0x7f0000000100), r1)
sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r8, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000300)={&(0x7f0000000180)={0x14, r9, 0x100, 0x70bd29, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0xc081}, 0x10)
r10 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)={0x34, r10, 0x1, 0x0, 0x0, {{}, {}, {0x18, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'team0\x00'}}}}}, 0x34}}, 0x0)
5.009463928s ago: executing program 3 (id=2035):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000020c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
r2 = socket(0x400000000010, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = dup(0xffffffffffffffff)
write$6lowpan_enable(r3, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
syz_open_procfs$userns(0x0, &(0x7f00000000c0))
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$unix(r5, &(0x7f00000002c0)=@abs={0x1, 0x0, 0x4e21}, 0x6e)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000180), 0x201, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r6 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$6lowpan_control(r6, &(0x7f0000000180)='connect aa:aa:aa:aa:aa:11 0', 0x1b)
ioctl$SIOCSIFMTU(r2, 0x8922, &(0x7f0000000180)={'veth1_vlan\x00', 0x8a})
write$FUSE_WRITE(r0, &(0x7f0000000080)={0x18, 0x0, r1, {0x7}}, 0x18)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x64)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
4.884099821s ago: executing program 5 (id=2036):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00'}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xb, &(0x7f0000000080)=0x1, 0x4)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$packet_rx_ring(r2, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
syz_emit_ethernet(0x3a, &(0x7f0000000380)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb810000000800450000280000000000059078ac1414000000000000000000", @ANYRES32=0x41424344, @ANYRESOCT], 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SEG6_CMD_SETHMAC(r6, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x2c, r7, 0x1, 0x0, 0x0, {}, [@SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x1}, @SEG6_ATTR_SECRET={0x8, 0x4, [0x0]}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$batadv(&(0x7f0000000100), r1)
sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r8, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000300)={&(0x7f0000000180)={0x14, r9, 0x100, 0x70bd29, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0xc081}, 0x10)
r10 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)={0x34, r10, 0x1, 0x0, 0x0, {{}, {}, {0x18, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'team0\x00'}}}}}, 0x34}}, 0x0)
4.663300595s ago: executing program 6 (id=2037):
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x2, 0x2}}, @union]}}, 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r5, 0x40605346, &(0x7f00000000c0)={0x0, 0x0, {0x0, 0x1, 0x0, 0x0, 0x3}, 0x3})
r6 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r6, 0xc0045516, &(0x7f0000000000)=0xffb)
r7 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r6, &(0x7f0000000200)={0x1000000d})
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000003680)=@filter={'filter\x00', 0x42, 0x4, 0x4a0, 0xffffffff, 0x210, 0x318, 0x318, 0xffffffff, 0xffffffff, 0x408, 0x408, 0x408, 0xffffffff, 0x5, 0x0, {[{{@ip={@multicast2, @private, 0x0, 0x0, 'wg1\x00', 'nr0\x00'}, 0x74000002, 0xe8, 0x210, 0x1ba, {0x46010000, 0x2c000000000000}, [@common=@unspec=@limit={{0x48}, {0x0, 0xdf6, 0x0, 0x0, 0x0, 0x9}}, @common=@addrtype={{0x30}}]}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:removable_device_t:s0\x00'}}}, {{@uncond, 0x287, 0xe0, 0x108, 0x0, {}, [@common=@unspec=@cpu={{0x28}}, @common=@unspec=@limit={{0x48}}]}, @REJECT={0x28}}, {{@uncond, 0x0, 0xb0, 0xf0, 0x0, {}, [@common=@unspec=@connlimit={{0x40}}]}, @common=@inet=@TCPOPTSTRIP={0x40}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x521)
4.379867359s ago: executing program 0 (id=2038):
r0 = syz_open_dev$video4linux(&(0x7f0000000080), 0x100000008, 0x0)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10)
r2 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r2, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x5}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1}, 0x10)
bind$tipc(r1, 0x0, 0x0)
write(r2, 0x0, 0x0)
dup2(r0, r1) (fail_nth: 6)
3.658078624s ago: executing program 6 (id=2039):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0xc, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
syz_io_uring_setup(0x6440, 0x0, &(0x7f0000000040), 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x5c831, 0xffffffffffffffff, 0x0)
r2 = syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f0000000000))
ioctl$PAGEMAP_SCAN(r2, 0xc0606610, &(0x7f0000000180)={0x60, 0x0, &(0x7f00001ab000/0x1000)=nil, &(0x7f0000a8c000/0xc000)=nil, 0x0, 0x0, 0x0, 0x5f, 0x0, 0x0, 0x0, 0x4d})
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$int_in(r3, 0x5421, &(0x7f0000000100)=0x8)
r4 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r4, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r4, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0, 0x2c}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x2c}], 0x1}}, @rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f00000004c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1}}], 0x90}, 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet6_IPV6_DSTOPTS(r5, 0x29, 0x3b, &(0x7f0000000300)=ANY=[@ANYBLOB="70d619e8fc90efd940d3262e438a03bcf3818550d4fd3f491c286272c6a6c0e75dde67b24b2ea9ec6dba268b5cf02ad86c4d7959c45010f2943026106f8a0c1cfdb725d58b205886627373392f1bbf038146ae2998a2e5870000abed86b1fbc366c4d0291e95b81a935fc9140c43c450764b4c4490b86c4cec59ae4dea6c8ddbc31b7f597789758e7695ea30c481b2189dae4c2519acd58c146f25541ff3f8d0a020c8ecbbb66980406025766a8f0292487ea9886716a668a7c2baca03b4b126ab9d27606a868f4747d6fe27ae197496c418df3f49fcf03f0f60a890987d5bd9f23e182c62e8a06deaf45949803dc9ee4307bb52e3a3ed770a9da7fd83a11b65ba117b34cb199c6e10dd01e30445c67159f1b270a39425a968121bae576d4e640dec8f193cd7eab0d90796"], 0x8)
sendmmsg$inet6(r5, &(0x7f0000000a00)=[{{&(0x7f0000000240)={0xa, 0x4e20, 0xc52, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x4}, 0x1c, &(0x7f0000000200)=[{&(0x7f00000004c0)="f3", 0x1}], 0x1}}], 0x1, 0x4000841)
listen(r5, 0x2000fff)
accept(r5, 0xfffffffffffffffd, &(0x7f0000000180))
r6 = syz_open_dev$vim2m(&(0x7f0000000000), 0x8bd, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r6, 0xc0405602, &(0x7f0000000040)={0x39, 0x1, 0x0, "d52b3d000000fa44166262631e8ac11e000000000000000000000000ebff00", 0x47504a4d})
3.498622261s ago: executing program 5 (id=2040):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x101080, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f005f00650f01ca0f01caf30fc7b20000f36d260f12e20f090f20c06635000000800f22c0eb61baf80c66b8e2e39b8f66efbafc0ced", 0x36}], 0x1, 0x40, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x11, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
3.047021001s ago: executing program 6 (id=2041):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f0000000400)=0xa4, 0x4)
syz_emit_ethernet(0x66, &(0x7f0000000440)={@multicast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "005d95", 0x30, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @dest_unreach={0x1, 0x1, 0x0, 0x0, '\x00', {0x0, 0x6, "00b295", 0x0, 0x3a, 0x0, @dev={0xfe, 0x80, '\x00', 0x1d}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}}}}}}, 0x0)
3.010835168s ago: executing program 2 (id=2042):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, 0x0, 0x0)
sendto$inet6(r1, &(0x7f0000000180)="1a", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000180)=@multiplanar_mmap={0x0, 0x2, 0x4, 0x0, 0x0, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'y)\x00'}, 0x0, 0x1, {0x0}, 0xea})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1401, 0x0)
ioctl$PTP_ENABLE_PPS(r3, 0x40043d04, 0x1)
3.008747124s ago: executing program 6 (id=2043):
socket$inet_mptcp(0x2, 0x1, 0x106)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x6, 0x0, &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x63, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000440), r0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
flistxattr(r2, &(0x7f00000024c0)=""/65, 0x41)
prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d5000/0x2000)=nil)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000001a40)=""/102392, 0x18ff8)
r4 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r4, 0x402, 0x8000003d)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYRES8, @ANYRES8], 0x4c}, 0x1, 0x0, 0x0, 0x42890}, 0x40000c0)
r5 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r5, &(0x7f00000005c0)={0x2, 0x0, @local}, 0x10)
setresgid(0xee00, 0x0, 0xee00)
setresgid(0xffffffffffffffff, 0x0, 0x0)
personality(0x6)
uname(&(0x7f0000000080)=""/185)
openat$uinput(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000540)={'bond0\x00', &(0x7f0000000040)=@ethtool_sfeatures={0x3b, 0x2, [{0x300, 0x1000000}, {}]}})
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000001040)={0x0, 0x0, &(0x7f0000001000)={&(0x7f0000000800)=ANY=[@ANYBLOB="d8010000", @ANYRES16=r1, @ANYBLOB="010000000000fbdbdf25010000000800050001000000060006004e220000140002007767320000000000000000000000000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb5427c010880"], 0x1d8}}, 0x34000010)
2.615537893s ago: executing program 0 (id=2044):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$packet(0x11, 0x3, 0x300)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$packet_rx_ring(r2, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
syz_emit_ethernet(0x3a, &(0x7f0000000380)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb810000000800450000280000000000059078ac1414000000000000000000", @ANYRES32=0x41424344, @ANYRESOCT], 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SEG6_CMD_SETHMAC(r6, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x34, r7, 0x1, 0x0, 0x0, {}, [@SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x1}, @SEG6_ATTR_SECRET={0x8, 0x4, [0x0]}, @SEG6_ATTR_ALGID={0x5}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x1}]}, 0x34}}, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$batadv(&(0x7f0000000100), r1)
sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r8, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000300)={&(0x7f0000000180)={0x14, r9, 0x100, 0x70bd29, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0xc081}, 0x10)
r10 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)={0x34, r10, 0x1, 0x0, 0x0, {{}, {}, {0x18, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'team0\x00'}}}}}, 0x34}}, 0x0)
2.549853699s ago: executing program 2 (id=2045):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
syz_open_dev$vim2m(0x0, 0x3, 0x2)
r1 = socket(0x1e, 0x4, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_tables_targets\x00')
writev(r2, &(0x7f0000000400)=[{&(0x7f0000000280)='3', 0x1}], 0x1)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000d00)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
syz_open_procfs(0x0, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x0, 0x81, 0x1ff, 0x1, 0x1}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
recvmsg$unix(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000580)=""/210, 0xf6}], 0x1}, 0x61)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x7, 0x7fff0026}]})
mount$9p_unix(&(0x7f0000000080)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f00000000c0)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000040), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=unix'])
close_range(r4, 0xffffffffffffffff, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f3, &(0x7f0000000940)={'syztnl0\x00', &(0x7f0000000140)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @remote}}}})
syz_emit_ethernet(0x36, &(0x7f0000000140)={@local, @multicast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0xffff}}}}}}, 0x0)
2.522976013s ago: executing program 5 (id=2046):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
tkill(0x0, 0x1)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0xc, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendmsg$DEVLINK_CMD_RATE_DEL(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40010}, 0x8000)
fsopen(&(0x7f0000000000)='pipefs\x00', 0x0)
2.046162721s ago: executing program 5 (id=2047):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r1 = creat(0x0, 0xecf86c37d530494c)
close(r1)
syz_clone3(&(0x7f0000001240)={0x200200000, 0x0, 0x0, 0x0, {0x3e}, 0x0, 0x0, 0x0, 0x0, 0x0, {r1}}, 0x58)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, 0x0, 0x0, 0x2, 0x0)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000140)=ANY=[@ANYBLOB="0600000004000000b03700005c00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000040000000000000000000000008000"/28], 0x48)
r5 = fsmount(0xffffffffffffffff, 0x1, 0x1)
fchdir(r5)
r6 = socket$inet_smc(0x2b, 0x1, 0x0)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001740)=ANY=[@ANYBLOB="1cc00000", @ANYRES16=r7, @ANYBLOB="010700000000fdffffff670000000800c30000000000"], 0x1c}}, 0x0)
shutdown(r6, 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x2)
ioctl$DRM_IOCTL_SYNCOBJ_DESTROY(r0, 0xc00864c0, &(0x7f0000000080))
2.010548318s ago: executing program 2 (id=2048):
syz_usb_connect$cdc_ncm(0x4, 0x6e, &(0x7f0000000340)=ANY=[], 0x0) (async)
syz_usb_connect$cdc_ncm(0x4, 0x6e, &(0x7f0000000340)=ANY=[], 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904010001faf40d00090582"], 0x0) (async)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904010001faf40d00090582"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x2) (async)
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x2)
write$char_usb(r0, &(0x7f0000001300)="92", 0x2) (async)
write$char_usb(r0, &(0x7f0000001300)="92", 0x2)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSETMODE(0xffffffffffffffff, 0x4b3a, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0) (async)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
landlock_create_ruleset(&(0x7f0000000180)={0x4742, 0x3, 0x2}, 0x18, 0x0) (async)
r6 = landlock_create_ruleset(&(0x7f0000000180)={0x4742, 0x3, 0x2}, 0x18, 0x0)
landlock_restrict_self(r6, 0x0) (async)
landlock_restrict_self(r6, 0x0)
r7 = fsmount(r5, 0x0, 0x74)
open(&(0x7f0000000040)='./bus\x00', 0x420c3, 0x105)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000070000000000e3ff0001009518ef0d85dd29a5e0a305af94b9a1b094d2e12e9b8c58390c0ae016c8459fdd9d309574c513fe7a0b2501eccab9672f5285512e316ca776a71dbc7235f80e1d41afe022e90bec3201d40ada142ab5af7bc3b9e4da7403e7c73f9d8cf7adb88c1601076eb4f61592826bfb01754b4f05a54529b818fc94094f1d40573a7d5c1e3083"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x46, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r7}, 0x18)
open(&(0x7f0000000000)='./bus\x00', 0x202880, 0x2)
ioctl$TCXONC(r1, 0x4b3a, 0x3) (async)
ioctl$TCXONC(r1, 0x4b3a, 0x3)
r8 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r8, 0xc004743e, &(0x7f0000000300)=0x2) (async)
ioctl$PPPIOCNEWUNIT(r8, 0xc004743e, &(0x7f0000000300)=0x2)
ioctl$PPPIOCSACTIVE(r8, 0x40047459, &(0x7f0000000080)={0xfffffffffffffe43, 0x0})
read(r8, 0x0, 0x2)
2.000738211s ago: executing program 6 (id=2049):
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x2, 0x2}}, @union]}}, 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r5, 0x40605346, &(0x7f00000000c0)={0x0, 0x0, {0x0, 0x1, 0x0, 0x0, 0x3}, 0x3})
r6 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r6, 0xc0045516, &(0x7f0000000000)=0xffb)
r7 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r6, &(0x7f0000000200)={0x1000000d})
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000003680)=@filter={'filter\x00', 0x42, 0x4, 0x4a0, 0xffffffff, 0x210, 0x318, 0x318, 0xffffffff, 0xffffffff, 0x408, 0x408, 0x408, 0xffffffff, 0x5, 0x0, {[{{@ip={@multicast2, @private, 0x0, 0x0, 'wg1\x00', 'nr0\x00'}, 0x74000002, 0xe8, 0x210, 0x1ba, {0x46010000, 0x2c000000000000}, [@common=@unspec=@limit={{0x48}, {0x0, 0xdf6, 0x0, 0x0, 0x0, 0x9}}, @common=@addrtype={{0x30}}]}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:removable_device_t:s0\x00'}}}, {{@uncond, 0x287, 0xe0, 0x108, 0x0, {}, [@common=@unspec=@cpu={{0x28}}, @common=@unspec=@limit={{0x48}}]}, @REJECT={0x28}}, {{@uncond, 0x0, 0xb0, 0xf0, 0x0, {}, [@common=@unspec=@connlimit={{0x40}}]}, @common=@inet=@TCPOPTSTRIP={0x40}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x521)
1.431524113s ago: executing program 2 (id=2050):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00'}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xb, &(0x7f0000000080)=0x1, 0x4)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$packet_rx_ring(r2, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
syz_emit_ethernet(0x3a, &(0x7f0000000380)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb810000000800450000280000000000059078ac1414000000000000000000", @ANYRES32=0x41424344, @ANYRESOCT], 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SEG6_CMD_SETHMAC(r6, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x2c, r7, 0x1, 0x0, 0x0, {}, [@SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x1}, @SEG6_ATTR_SECRET={0x8, 0x4, [0x0]}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x1}]}, 0x2c}}, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$batadv(&(0x7f0000000100), r1)
sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(r8, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000300)={&(0x7f0000000180)={0x14, r9, 0x100, 0x70bd29, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0xc081}, 0x10)
r10 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)={0x34, r10, 0x1, 0x0, 0x0, {{}, {}, {0x18, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'team0\x00'}}}}}, 0x34}}, 0x0)
871.383787ms ago: executing program 5 (id=2051):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-clmulni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c", 0x8)
accept4(r0, 0x0, 0x0, 0x0)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0)
r2 = dup(r1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$rds(0x15, 0x5, 0x0)
ioctl$MEDIA_IOC_REQUEST_ALLOC(r2, 0x80047c05, &(0x7f0000000180)=<r4=>0xffffffffffffffff)
ioctl$VIDIOC_QBUF(r2, 0xc058560f, &(0x7f0000000200)=@mmap={0x7, 0xc, 0x4, 0x8, 0x887, {}, {0x4, 0x8, 0x1b, 0x8e, 0x2, 0x10, "ebf44045"}, 0x800, 0x1, {}, 0x0, 0x0, r4})
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r6 = dup(r5)
sendfile(r6, r2, 0x0, 0x89ffc)
348.042215ms ago: executing program 6 (id=2052):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSETMODE(0xffffffffffffffff, 0x4b3a, 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000001780)={0x2020, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}, 0x2020)
sched_setscheduler(r1, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0xa82, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$TIOCL_PASTESEL(r0, 0x541c, &(0x7f0000000180))
165.087562ms ago: executing program 0 (id=2053):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x4000)
setsockopt$netlink_NETLINK_PKTINFO(r0, 0x10e, 0x3, &(0x7f0000000100)=0xb99, 0x4)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2, 0x0, 0xfffe}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0x1a}]}}}]}]}], {0x14}}, 0x74}, 0x1, 0x0, 0x0, 0x24040800}, 0x48080)
r1 = syz_open_dev$usbmon(&(0x7f00000005c0), 0x0, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x12, r1, 0x0)
mremap(&(0x7f00000ad000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f00000ae000/0x1000)=nil)
130.889333ms ago: executing program 5 (id=2054):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f0000000400)=0xa4, 0x4)
syz_emit_ethernet(0x66, &(0x7f0000000440)={@multicast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "005d95", 0x30, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @dest_unreach={0x1, 0x1, 0x0, 0x0, '\x00', {0x0, 0x6, "00b295", 0x0, 0x3a, 0x0, @dev={0xfe, 0x80, '\x00', 0x1d}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}}}}}}, 0x0)
54.227638ms ago: executing program 2 (id=2055):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, 0x0, 0x0)
sendto$inet6(r1, &(0x7f0000000180)="1a", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000180)=@multiplanar_mmap={0x0, 0x2, 0x4, 0x0, 0x0, {0x77359400}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'y)\x00'}, 0x0, 0x1, {0x0}, 0xea})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1401, 0x0)
ioctl$PTP_ENABLE_PPS(r3, 0x40043d04, 0x1)
1.003314ms ago: executing program 0 (id=2056):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x101080, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000000)="0f005f00650f01ca0f01caf30fc7b20000f36d260f12e20f090f20c06635000000800f22c0eb61baf80c66b8e2e39b8f66efbafc0ced", 0x36}], 0x1, 0x40, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x11, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
0s ago: executing program 3 (id=2057):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f000000c300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a400000ffffffff0400000000000000000200000014000481100001800b0001006e756d67656e00000900010073797a300000000009000200733200000000140000001100010000000000000000000000000a"], 0x68}}, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
getpeername(r2, &(0x7f0000000140)=@rc, &(0x7f00000000c0)=0x80)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
r5 = syz_open_dev$loop(&(0x7f0000000780), 0x7, 0x0)
ioctl$BLKFRASET(r5, 0x1264, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001300)=@newtfilter={0xe84, 0x2c, 0xd27, 0x70bd25, 0x8000, {0x0, 0x0, 0x0, r4, {0x0, 0x7}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_fw={{0x7}, {0xe58, 0x2, [@TCA_FW_ACT={0xe54, 0x4, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{0x2, 0x1, 0x7, 0xf, 0x8}, 0x3, 0x40}, [{0x4f29, 0x1, 0xacc3, 0x9, 0x2, 0x2aaaa9c1}, {0x8, 0x2, 0x5, 0x8, 0x8000, 0x5}, {0x484c, 0x5, 0xe72, 0x10000, 0x140000, 0xec0}, {0x2, 0x5, 0x401, 0xa, 0x7, 0x3}, {0x0, 0x1, 0x3, 0x7, 0x7, 0xc}, {0x4, 0x6adc, 0x5a5, 0xe, 0xe, 0x9}, {0x9, 0x3, 0x2, 0x5, 0x4, 0x64}, {0x10000, 0xffffff7f, 0xfffffffa, 0x3, 0x8}, {0x7, 0x1, 0x9, 0x80, 0xb44, 0xfffffff9}, {0x6, 0xfffffff9, 0x7fffffff, 0x32a8, 0x2, 0x1}, {0x1000, 0x8000, 0x2df6, 0x8, 0x7, 0x3}, {0x7fffffff, 0x1, 0x800, 0x8, 0x2, 0x2}, {0xd28, 0xb1, 0x5, 0xe7, 0x1, 0x6}, {0x34, 0x9, 0x6, 0xa13, 0x0, 0x1}, {0xc8c863be, 0x7fff, 0x7, 0x8, 0x19c372c2, 0x3bfc7233}, {0x2, 0x0, 0x10000, 0x5, 0x1}, {0x6, 0x9, 0x1, 0x4, 0x921, 0x1000}, {0x6, 0x5ac5, 0x1c7, 0x304, 0x4, 0x2d04}, {0x4, 0x9, 0xffff, 0x4, 0x1, 0x233}, {0x401, 0xffffffa6, 0x2, 0x7fffffff, 0xd9b, 0xfffffff9}, {0x8, 0x4db, 0x0, 0xe872, 0x3, 0xff}, {0x1, 0x9, 0xaddf, 0x200, 0xfd3}, {0xd8, 0x10, 0x2, 0x7fffffff, 0x6, 0x4}, {0x3, 0x2, 0x3, 0x1, 0x8}, {0x0, 0x8, 0x80000001, 0x9, 0x0, 0x2}, {0x5, 0x8, 0x8, 0x3ffc, 0x0, 0xe6c}, {0x6, 0x400, 0xffffff9e, 0x2, 0x40, 0x5}, {0x4, 0x9, 0xd91, 0x1, 0x6, 0x1}, {0xc, 0xff, 0x3, 0x1, 0xb, 0xb}, {0x0, 0x0, 0x0, 0x81, 0x6100, 0x9}, {0x7a2, 0x8, 0x2338, 0x2, 0x5, 0xfffffff9}, {0x7, 0xfffffbff, 0x6, 0x7, 0x1, 0x9}, {0x7f, 0x1, 0x7, 0x9, 0x7, 0x5}, {0x1000, 0x1, 0xfffffff8, 0x9, 0x8, 0x200}, {0x3, 0x2, 0x3, 0x3, 0xb, 0x2}, {0x43b3, 0x883e, 0x1, 0x3, 0x401, 0x95b8}, {0x4, 0x343, 0x2, 0x400, 0xfffffffc, 0x80000001}, {0x8, 0xcf, 0x1, 0x0, 0x9f, 0x6}, {0x400, 0x10, 0xa7, 0xc, 0x8, 0x1000}, {0x101, 0x5, 0x8, 0xa7, 0x7, 0xc84}, {0x4, 0x1, 0x5, 0x5, 0x2, 0x2}, {0x3, 0x9, 0x5, 0xffff, 0x7, 0xd}, {0x8, 0x9, 0xffffff39, 0x3, 0x8, 0x440}, {0x9, 0xb, 0x9, 0x2, 0x8, 0xa6fa}, {0xffff, 0x8ed, 0x9, 0x4, 0x3, 0x100}, {0x860, 0xfffffffb, 0xc0, 0x2, 0x9, 0x42d0}, {0xfffffffa, 0x1, 0xee, 0x8000, 0x1000, 0x40004}, {0x4, 0x90d2, 0x20000, 0x0, 0x8001, 0x646}, {0x1, 0x8, 0x0, 0x7, 0x9, 0x7}, {0x7ff, 0x0, 0x2, 0x9, 0x13d5, 0x6}, {0x3, 0x0, 0x6, 0x347, 0x8000}, {0x7, 0x8, 0xb76a, 0x6, 0x2, 0x6}, {0x7ff, 0x200, 0x6e, 0xb2, 0x80a7, 0x8001}, {0xd, 0x8, 0x0, 0x1, 0x9, 0x1}, {0x3b, 0x4, 0x0, 0xe686, 0x9, 0x400000}, {0x2, 0x2, 0xf4, 0x7, 0x3, 0x1}, {0x80, 0x3, 0x6, 0x10001, 0x0, 0xffffffff}, {0xd93, 0xf5, 0x3, 0x1, 0x6, 0x2}, {0x2, 0x2, 0x3cd6, 0x4, 0x1, 0x9}, {0x3, 0x6, 0x0, 0x5, 0xa, 0xffffff0f}, {0x7fff, 0x4, 0x8, 0x0, 0x6, 0x179436fe}, {0xb8a6, 0x0, 0x3, 0x9, 0x0, 0x51}, {0xe296, 0x7fff, 0x3, 0x2, 0xfff, 0xd}, {0x1, 0x4, 0x4, 0x6, 0x10000, 0xbd}, {0x9, 0x7f, 0x5744bcb9, 0xc, 0x10001, 0x8}, {0x2, 0x8, 0x6, 0x4, 0x2, 0xfb35}, {0x80000001, 0xb9a6, 0x1, 0x80, 0x1, 0x3f04}, {0x2, 0xffffffc0, 0xffff, 0x9, 0x300000, 0xc}, {0x2, 0x2, 0x8, 0x6, 0x5, 0xe1c4}, {0x0, 0x19, 0x3, 0x0, 0xab6f, 0x9}, {0x80000001, 0x6, 0x760d, 0x80, 0x2, 0x8f7}, {0x471800, 0x3, 0x7, 0x1, 0x7, 0x6}, {0xa000000, 0x9, 0x8, 0x8000, 0xe0, 0x401}, {0xc, 0x7f, 0x4, 0x2, 0x1, 0x200}, {0xec55, 0x76, 0x6, 0x6c1f, 0x4, 0x8}, {0x7, 0x2, 0x3, 0xcb, 0x0, 0xe0}, {0x0, 0x3, 0x0, 0x2, 0x7, 0x3}, {0x8, 0x5, 0x9, 0x8, 0x3a4, 0x6}, {0xffc000, 0x10000, 0x1a4, 0x773, 0x2, 0xe2}, {0xe581, 0x8, 0x200, 0x9, 0xa9, 0x2}, {0x8, 0x7, 0x6, 0x4, 0x9, 0x88ff}, {0xa80, 0x6, 0x7fff, 0x2, 0xfffffff7, 0x2}, {0xa0, 0x81, 0x7, 0xfffffffe, 0x17, 0x8}, {0x3, 0x2d5, 0x7, 0x0, 0xfffffffc, 0x80000001}, {0xe, 0x7, 0x0, 0x9, 0xffff, 0x200}, {0x9, 0x7fffffff, 0x8, 0x9, 0x8, 0x5}, {0x7, 0x3, 0x5, 0x8, 0x1, 0xc246}, {0x3, 0x4, 0x1, 0xa, 0x1, 0x9}, {0x6, 0x0, 0x0, 0x7, 0x400000, 0xfffffffc}, {0x1, 0x3, 0x81, 0xff, 0x4, 0x4}, {0x3, 0x8a8, 0x8, 0x977, 0x8, 0xfffffffe}, {0x10001, 0x8, 0x2, 0x80000001, 0x9d, 0xfffffc00}, {0x0, 0x5, 0x3, 0x9, 0x7, 0x8000}, {0x2, 0x8, 0x8, 0x0, 0x8, 0x2}, {0x4, 0x7, 0x7, 0x9, 0x7, 0x1000}, {0xfffffffa, 0xffffffff, 0x5, 0x4, 0x3, 0xa}, {0x3, 0x66c, 0xfffff001, 0x4, 0x6, 0x5c}, {0x0, 0x9, 0x7, 0x480f, 0x6, 0x1000}, {0x7fffffff, 0x0, 0x7b, 0x7fff, 0x80000001, 0x401}, {0x6, 0xc2, 0x3, 0x800, 0x1, 0x5}, {0x6, 0x7b5, 0x2, 0x2, 0xfffffffc, 0x7bc9}, {0x750, 0x2, 0x41a2, 0x6, 0x5, 0x20}, {0xbc, 0x792c, 0xa4, 0x8, 0x8, 0x3}, {0x800, 0x27, 0x0, 0x2, 0x4, 0x1}, {0x2, 0x8, 0x401, 0x9, 0xe, 0xfffffff9}, {0x5, 0x4, 0x101, 0x1, 0x4, 0x8}, {0x3, 0xecd, 0x80, 0x9, 0x100, 0xdcc}, {0x2, 0xab2c, 0x80000000, 0x1a, 0x87, 0xf}, {0x6, 0x7ff, 0x81, 0x0, 0x1, 0x800}, {0x9, 0x6, 0x7fff, 0x200, 0x80000000, 0x7}, {0x10, 0x3, 0xdb, 0x400, 0x57, 0x1}, {0x8001, 0xffff, 0x3, 0x6, 0x2, 0x7}, {0x1, 0x10000, 0x1, 0x397a, 0xfffffffd, 0x7}, {0x80000001, 0x4, 0x5, 0x7ff, 0x35c, 0x800}, {0x0, 0x101, 0x8, 0x401, 0x2, 0x7}, {0x9, 0x0, 0x23, 0x4, 0xe}, {0x8, 0x56c, 0xffff9586, 0xd, 0x9, 0xb}, {0x80000001, 0x7, 0x0, 0x2, 0x4, 0xe}, {0x1, 0x5, 0x80000001, 0xf8, 0x6, 0x2}, {0xa8, 0x101, 0x0, 0x8854, 0x5, 0x5}, {0x823, 0x9, 0x0, 0x5, 0x4, 0x800}, {0x3, 0x9, 0x1, 0x2, 0x9, 0x4}, {0x8, 0x0, 0x2, 0x80, 0x100, 0x612}, {0xfffff801, 0x1, 0xb, 0x7, 0x2, 0x453}, {0x8, 0x0, 0x1, 0x5d0ea327, 0x0, 0x8}, {0x7, 0x7, 0x20003, 0x9, 0x8, 0x7}, {0x1, 0x5, 0x5, 0x1, 0x48, 0x1}, {0x3, 0x9, 0x93e8, 0x7, 0x9, 0x7fffffff}], [{0x1, 0x1}, {0x0, 0x1}, {0x3}, {0x2}, {0x5, 0x1}, {0x3}, {0x1}, {0x1}, {}, {}, {0x5}, {0x0, 0x1}, {0x4, 0x1}, {0x4, 0x1}, {0x3}, {0x4, 0x1}, {}, {0x1, 0x1}, {0x0, 0x1}, {0x0, 0x1}, {0x5, 0x1}, {0x3}, {0x4}, {0x1, 0x1}, {0x0, 0x1}, {0x1}, {0x3, 0x1}, {0x3}, {0x4}, {0x3, 0x1}, {0x2}, {0x4}, {0x2, 0x1}, {0x0, 0x1}, {0x1}, {0x4, 0x1}, {0x3, 0x1}, {}, {0x5}, {0x3}, {}, {0x4}, {0x3}, {0x4}, {0x4, 0x1}, {0x4}, {0x2, 0x1}, {0x5, 0x1}, {0x4, 0x1}, {0x3}, {0x5, 0x1}, {0x1}, {0x2, 0x1}, {0x5}, {0x5}, {}, {0x1, 0x1}, {0x4, 0x1}, {}, {0x1, 0x1}, {0x3, 0x1}, {0x1, 0x1}, {0x5}, {0x0, 0x1}, {}, {0x1, 0x1}, {0x5}, {0x0, 0x1}, {0x3}, {0x4}, {0x4, 0x1}, {0x5, 0x1}, {0x4, 0x1}, {}, {0x1, 0x1}, {0x0, 0x1}, {0x4, 0x1}, {0x0, 0x1}, {0x2}, {0x2, 0x1}, {0x6, 0x1}, {}, {0x5, 0x1}, {0x4, 0x1}, {0x1}, {0x5}, {0x6, 0x2}, {0x3, 0x1}, {0x5, 0x1}, {0x0, 0x1}, {0x5, 0x1}, {0x2, 0x1}, {0x3}, {0x1}, {0x3, 0x1}, {0xf}, {0x2}, {0x1, 0x1}, {0x0, 0x1}, {0x1, 0x1}, {0x1}, {0x1}, {0x4, 0x1}, {0x3}, {0x2}, {0x2}, {}, {0x5, 0x1}, {0x4}, {0x4, 0x1}, {0x2, 0x1}, {0x1, 0x1}, {}, {0x9, 0x1}, {0x5}, {0x2}, {0x1}, {0x0, 0x1}, {0x1}, {0x5, 0x1}, {}, {0x3, 0x9e6fab21fbfb7b49}, {0x3}, {}, {0x0, 0x1}, {0x2, 0x1}, {0x0, 0x1}, {0x3, 0x1}], 0x1}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}]}, 0xe84}, 0x1, 0x0, 0x0, 0x81}, 0x800)
socket$nl_route(0x10, 0x3, 0x0)
gettid()
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
socket$inet6(0xa, 0x2, 0x0)
r6 = open(&(0x7f0000000380)='./bus\x00', 0x40, 0x0)
r7 = creat(&(0x7f0000000200)='./bus\x00', 0x84)
r8 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
write$FUSE_NOTIFY_STORE(r7, &(0x7f0000000240)=ANY=[@ANYBLOB='+\x00\x00\x00', @ANYRES32=r6], 0x2b)
sendfile(r8, r6, 0x0, 0x4000000053d2)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x5, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0xc90)
socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x5, 0x0)
kernel console output (not intermixed with test programs):
0x81 has an invalid bInterval 0, changing to 7
[ 440.824947][ T58] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 440.835575][ T58] usb 4-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[ 440.844693][ T58] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 440.861952][ T58] usb 4-1: config 0 descriptor??
[ 440.947612][ T9991] Bluetooth: hci2: ACL packet for unknown connection handle 200
[ 441.193119][ T9991] Bluetooth: hci4: ACL packet for unknown connection handle 200
[ 441.315822][ T58] usbhid 4-1:0.0: can't add hid device: -32
[ 441.324248][ T58] usbhid 4-1:0.0: probe with driver usbhid failed with error -32
[ 441.333191][T11093] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 441.350387][T11093] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 441.439764][ T5872] usb 1-1: new full-speed USB device number 39 using dummy_hcd
[ 441.730387][T11125] 8021q: adding VLAN 0 to HW filter on device batadv2
[ 441.744046][T11125] bond0: (slave batadv2): Enslaving as an active interface with an up link
[ 442.537679][T11130] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1439'.
[ 442.557056][T11130] xt_hashlimit: size too large, truncated to 1048576
[ 442.603860][ T5872] usb 1-1: config 253 has an invalid descriptor of length 0, skipping remainder of the config
[ 442.707013][T11131] xt_HMARK: proto mask must be zero with L3 mode
[ 443.109318][ T5872] usb 1-1: too many endpoints for config 253 interface 0 altsetting 0: 255, using maximum allowed: 30
[ 443.120448][ T5872] usb 1-1: config 253 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[ 443.135139][ T5872] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 443.144839][ T5872] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 443.153354][ T5872] usb 1-1: SerialNumber: syz
[ 443.221979][ T5873] usb 4-1: USB disconnect, device number 32
[ 443.896900][ T5872] usb 1-1: bad CDC descriptors
[ 443.920630][ T5872] usb 1-1: USB disconnect, device number 39
[ 444.009399][ T24] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[ 444.064645][T11158] netlink: 'syz.4.1445': attribute type 3 has an invalid length.
[ 444.179464][ T24] usb 4-1: Using ep0 maxpacket: 16
[ 444.192396][ T24] usb 4-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15
[ 444.201849][ T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 444.211017][ T24] usb 4-1: Product: syz
[ 444.219608][ T24] usb 4-1: Manufacturer: syz
[ 444.229330][ T24] usb 4-1: SerialNumber: syz
[ 444.251093][ T24] usb 4-1: config 0 descriptor??
[ 444.268076][ T24] ssu100 4-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected
[ 444.606221][ T30] audit: type=1804 audit(1743992716.640:1136): pid=11164 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.0.1447" name="/newroot/282/file0" dev="tmpfs" ino=1478 res=1 errno=0
[ 445.040595][T11170] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[ 445.340463][ T24] ssu100 4-1:0.0: probe with driver ssu100 failed with error -71
[ 445.381010][ T24] usb 4-1: USB disconnect, device number 33
[ 445.761827][ T30] audit: type=1326 audit(1743992717.810:1137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11175 comm="syz.0.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd87b38d169 code=0x7ffc0000
[ 445.960135][ T30] audit: type=1326 audit(1743992717.810:1138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11175 comm="syz.0.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd87b38d169 code=0x7ffc0000
[ 446.589817][T11191] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 447.167118][ T30] audit: type=1326 audit(1743992717.810:1139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11175 comm="syz.0.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd87b38bad0 code=0x7ffc0000
[ 447.412521][ T30] audit: type=1326 audit(1743992717.810:1140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11175 comm="syz.0.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fd87b38e997 code=0x7ffc0000
[ 447.728965][T11201] dlm: plock device version mismatch: kernel (1.2.0), user (0.0.0)
[ 447.812488][ T30] audit: type=1326 audit(1743992717.810:1141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11175 comm="syz.0.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd87b38d169 code=0x7ffc0000
[ 447.845676][T11203] netlink: 'syz.0.1459': attribute type 3 has an invalid length.
[ 448.299960][ T30] audit: type=1326 audit(1743992717.810:1142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11175 comm="syz.0.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fd87b38e997 code=0x7ffc0000
[ 448.412903][ T30] audit: type=1326 audit(1743992717.810:1143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11175 comm="syz.0.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fd87b38bdca code=0x7ffc0000
[ 448.499251][ T30] audit: type=1326 audit(1743992717.810:1144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11175 comm="syz.0.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd87b38d169 code=0x7ffc0000
[ 448.635226][ T30] audit: type=1326 audit(1743992717.810:1145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11175 comm="syz.0.1451" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd87b38d169 code=0x7ffc0000
[ 448.785243][T11211] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[ 449.021757][ T9991] Bluetooth: hci1: ACL packet for unknown connection handle 200
[ 449.695886][T11218] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1465'.
[ 449.821436][T11218] 0�X���: left allmulticast mode
[ 449.829689][T11218] net_ratelimit: 11 callbacks suppressed
[ 449.829701][T11218] A link change request failed with some changes committed already. Interface �60�X��� may have been left with an inconsistent configuration, please check.
[ 450.888348][T11235] program syz.1.1471 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 451.111262][T11235] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 451.247723][T11242] netlink: 'syz.0.1474': attribute type 3 has an invalid length.
[ 451.502054][T11246] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[ 451.776008][ T9991] Bluetooth: hci2: ACL packet for unknown connection handle 200
[ 452.335674][ T30] kauditd_printk_skb: 13 callbacks suppressed
[ 452.335689][ T30] audit: type=1400 audit(1743992724.370:1159): avc: denied { read } for pid=11260 comm="syz.2.1480" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[ 452.377819][T11264] tmpfs: Bad value for 'mpol'
[ 452.426050][ T30] audit: type=1400 audit(1743992724.370:1160): avc: denied { write } for pid=11262 comm="syz.1.1479" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[ 452.600532][ T30] audit: type=1400 audit(1743992724.540:1161): avc: denied { shutdown } for pid=11267 comm="syz.0.1481" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 453.461807][T11284] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 455.539216][T11303] netlink: 'syz.2.1491': attribute type 3 has an invalid length.
[ 455.703042][ T9991] Bluetooth: hci1: ACL packet for unknown connection handle 200
[ 456.049726][T11316] 8021q: adding VLAN 0 to HW filter on device batadv3
[ 456.070870][T11316] bond0: (slave batadv3): Enslaving as an active interface with an up link
[ 456.899213][ T30] audit: type=1804 audit(1743992728.940:1162): pid=11333 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.0.1500" name="/newroot/296/file0" dev="tmpfs" ino=1553 res=1 errno=0
[ 457.830173][ T5838] Bluetooth: hci4: ACL packet for unknown connection handle 200
[ 458.440499][ T58] usb 3-1: new full-speed USB device number 30 using dummy_hcd
[ 458.539368][T10459] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[ 458.626624][ T58] usb 3-1: config 253 has an invalid descriptor of length 0, skipping remainder of the config
[ 458.636945][ T58] usb 3-1: too many endpoints for config 253 interface 0 altsetting 0: 255, using maximum allowed: 30
[ 458.650654][ T58] usb 3-1: config 253 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[ 458.670544][ T58] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 458.679711][ T58] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 458.694973][ T58] usb 3-1: SerialNumber: syz
[ 458.709529][T10459] usb 1-1: Using ep0 maxpacket: 32
[ 458.721771][T10459] usb 1-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[ 458.737467][T10459] usb 1-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[ 458.759337][T10459] usb 1-1: config 0 interface 0 has no altsetting 0
[ 458.766250][T10459] usb 1-1: New USB device found, idVendor=1b1c, idProduct=1b3e, bcdDevice= 0.00
[ 458.784274][T10459] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 458.801599][T10459] usb 1-1: config 0 descriptor??
[ 459.066357][ T58] usb 3-1: bad CDC descriptors
[ 459.075729][ T58] usb 3-1: USB disconnect, device number 30
[ 459.219243][T11357] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1510'.
[ 459.367582][ T30] audit: type=1400 audit(1743992731.410:1163): avc: denied { mount } for pid=11363 comm="syz.3.1511" name="/" dev="rpc_pipefs" ino=34854 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1
[ 459.471327][ T30] audit: type=1400 audit(1743992731.420:1164): avc: denied { map } for pid=11356 comm="syz.0.1510" path="socket:[34313]" dev="sockfs" ino=34313 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[ 460.004267][ T30] audit: type=1804 audit(1743992732.050:1165): pid=11372 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.2.1512" name="/newroot/308/file0" dev="tmpfs" ino=1641 res=1 errno=0
[ 460.588875][ T9991] Bluetooth: hci1: ACL packet for unknown connection handle 200
[ 460.776743][T11386] program syz.3.1518 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 460.822525][T11386] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 461.321877][T10459] usbhid 1-1:0.0: can't add hid device: -71
[ 461.327871][T10459] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[ 461.359981][T10459] usb 1-1: USB disconnect, device number 40
[ 462.154120][T11405] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[ 462.840396][T11414] program syz.0.1529 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 462.872025][T11414] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 463.295337][T11421] block device autoloading is deprecated and will be removed.
[ 464.242359][ T30] audit: type=1804 audit(1743992736.290:1166): pid=11439 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.0.1537" name="/newroot/309/file0" dev="tmpfs" ino=1621 res=1 errno=0
[ 464.444007][ T5873] usb 3-1: new full-speed USB device number 31 using dummy_hcd
[ 464.460695][T11441] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[ 464.606922][ T5826] bond0: (slave syz_tun): Releasing backup interface
[ 464.614391][ T5873] usb 3-1: config 253 has an invalid descriptor of length 0, skipping remainder of the config
[ 464.619326][ T5826] bond0: (slave syz_tun): the permanent HWaddr of slave - aa:aa:aa:aa:aa:aa - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[ 464.635317][ T5873] usb 3-1: too many endpoints for config 253 interface 0 altsetting 0: 255, using maximum allowed: 30
[ 464.660297][T11448] program syz.3.1543 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 464.679967][ T5873] usb 3-1: config 253 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[ 464.693890][T11448] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 464.720972][ T5873] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 464.730674][ T5873] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 464.745356][ T5873] usb 3-1: SerialNumber: syz
[ 464.750736][ T5838] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 464.764436][ T5838] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 464.773853][ T5838] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 464.786628][ T5838] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 464.798017][ T5838] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 464.807878][ T6394] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 464.834819][ T30] audit: type=1400 audit(1743992736.880:1167): avc: denied { mounton } for pid=11449 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[ 464.926603][ T6394] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 464.994356][ T6394] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 465.074283][ T6394] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 465.188337][ T5873] usb 3-1: bad CDC descriptors
[ 465.224703][ T5873] usb 3-1: USB disconnect, device number 31
[ 465.282372][T11449] chnl_net:caif_netlink_parms(): no params data found
[ 466.294357][T11473] trusted_key: encrypted_key: insufficient parameters specified
[ 466.411657][ T6394] bond0 (unregistering): (slave batadv1): Releasing backup interface
[ 466.456657][ T6394] bond0 (unregistering): (slave batadv2): Releasing backup interface
[ 466.498265][ T6394] bond0 (unregistering): (slave batadv3): Releasing backup interface
[ 466.513961][ T6394] bond0 (unregistering): Released all slaves
[ 466.689981][ T6394] tipc: Disabling bearer <eth:team0>
[ 466.759859][T11482] FAULT_INJECTION: forcing a failure.
[ 466.759859][T11482] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 466.783390][T11482] CPU: 1 UID: 0 PID: 11482 Comm: syz.3.1551 Not tainted 6.14.0-syzkaller-13546-g16cd1c265776 #0 PREEMPT(full)
[ 466.783413][T11482] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 466.783422][T11482] Call Trace:
[ 466.783427][T11482] <TASK>
[ 466.783434][T11482] dump_stack_lvl+0x16c/0x1f0
[ 466.783460][T11482] should_fail_ex+0x512/0x640
[ 466.783482][T11482] strncpy_from_user+0x3b/0x2e0
[ 466.783501][T11482] getname_flags.part.0+0x8b/0x540
[ 466.783525][T11482] getname_flags+0x93/0xf0
[ 466.783550][T11482] user_path_at+0x24/0x60
[ 466.783566][T11482] __x64_sys_mount+0x1fc/0x310
[ 466.783585][T11482] ? __pfx___x64_sys_mount+0x10/0x10
[ 466.783602][T11482] ? rcu_is_watching+0x12/0xc0
[ 466.783629][T11482] do_syscall_64+0xcd/0x260
[ 466.783652][T11482] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 466.783667][T11482] RIP: 0033:0x7fe57bf8d169
[ 466.783680][T11482] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 466.783694][T11482] RSP: 002b:00007fe57cdba038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 466.783709][T11482] RAX: ffffffffffffffda RBX: 00007fe57c1a5fa0 RCX: 00007fe57bf8d169
[ 466.783719][T11482] RDX: 0000200000000b80 RSI: 00002000000003c0 RDI: 0000000000000000
[ 466.783729][T11482] RBP: 00007fe57cdba090 R08: 0000200000000580 R09: 0000000000000000
[ 466.783738][T11482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 466.783746][T11482] R13: 0000000000000000 R14: 00007fe57c1a5fa0 R15: 00007ffd931023f8
[ 466.783768][T11482] </TASK>
[ 466.787254][ T6394] tipc: Left network mode
[ 466.959405][ T5838] Bluetooth: hci3: command tx timeout
[ 466.992397][T11486] program syz.3.1553 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 467.010602][T11449] bridge0: port 1(bridge_slave_0) entered blocking state
[ 467.017723][T11449] bridge0: port 1(bridge_slave_0) entered disabled state
[ 467.040080][T11449] bridge_slave_0: entered allmulticast mode
[ 467.047303][T11449] bridge_slave_0: entered promiscuous mode
[ 467.067183][T11486] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 467.537769][T11449] bridge0: port 2(bridge_slave_1) entered blocking state
[ 467.553334][T11449] bridge0: port 2(bridge_slave_1) entered disabled state
[ 467.569464][T11449] bridge_slave_1: entered allmulticast mode
[ 467.595604][T11449] bridge_slave_1: entered promiscuous mode
[ 467.770430][T11449] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 468.131730][ T6394] hsr_slave_0: left promiscuous mode
[ 468.146355][ T6394] hsr_slave_1: left promiscuous mode
[ 468.181941][ T6394] veth1_macvtap: left promiscuous mode
[ 468.199867][ T6394] veth0_macvtap: left promiscuous mode
[ 468.205521][ T6394] veth1_vlan: left promiscuous mode
[ 468.269689][ T5876] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[ 468.349583][ T5875] usb 4-1: new full-speed USB device number 34 using dummy_hcd
[ 468.429917][ T5876] usb 1-1: Using ep0 maxpacket: 16
[ 468.436638][ T5876] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 468.449359][ T5876] usb 1-1: config 0 has no interfaces?
[ 468.459413][ T5876] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 468.493346][ T5876] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 468.519334][ T5876] usb 1-1: Product: syz
[ 468.521612][ T5875] usb 4-1: config 253 has an invalid descriptor of length 0, skipping remainder of the config
[ 468.526266][ T5876] usb 1-1: Manufacturer: syz
[ 468.544222][ T5875] usb 4-1: too many endpoints for config 253 interface 0 altsetting 0: 255, using maximum allowed: 30
[ 468.548660][ T5876] usb 1-1: SerialNumber: syz
[ 468.576227][ T5875] usb 4-1: config 253 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[ 468.579883][ T5876] usb 1-1: config 0 descriptor??
[ 468.614075][ T5875] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 468.623312][ T5875] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 468.636138][ T5875] usb 4-1: SerialNumber: syz
[ 468.742937][ T6394] team0 (unregistering): Port device vlan0 removed
[ 468.865277][T11506] fuse: Unknown parameter 'fd0x0000000000000004'
[ 468.873017][ T5876] usb 1-1: USB disconnect, device number 41
[ 469.012744][ T5838] Bluetooth: hci3: command tx timeout
[ 469.793999][T11449] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 469.808460][ T5875] usb 4-1: bad CDC descriptors
[ 469.828096][ T5875] usb 4-1: USB disconnect, device number 34
[ 469.852715][T11449] team0: Port device team_slave_0 added
[ 469.859457][T10459] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[ 469.870034][T11449] team0: Port device team_slave_1 added
[ 469.927572][T11449] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 469.938427][T11449] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 469.967620][T11449] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 470.002218][T11449] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 470.012688][T11449] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 470.040993][T11449] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 470.069349][T10459] usb 1-1: Using ep0 maxpacket: 16
[ 470.076227][T10459] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 33437, setting to 1024
[ 470.088877][T10459] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0xF has invalid maxpacket 1024
[ 470.100458][T10459] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 470.110482][T10459] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[ 470.165852][T10459] usb 1-1: New USB device found, idVendor=054c, idProduct=06c1, bcdDevice=c2.87
[ 470.170257][T11449] hsr_slave_0: entered promiscuous mode
[ 470.183813][T10459] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 470.197084][T11449] hsr_slave_1: entered promiscuous mode
[ 470.219570][T10459] usb 1-1: Product: syz
[ 470.234726][T10459] usb 1-1: Manufacturer: syz
[ 470.247259][T10459] usb 1-1: SerialNumber: syz
[ 470.262873][T10459] usb 1-1: config 0 descriptor??
[ 470.268492][T11517] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 470.280028][T10459] port100 1-1:0.0: NFC: Could not get supported command types
[ 470.317259][T11521] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1563'.
[ 470.327911][T11521] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1563'.
[ 470.476176][T11526] sch_fq: defrate 4 ignored.
[ 470.517482][T11449] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 470.558778][T11449] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 470.626038][T11449] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 470.697044][T11449] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 470.698289][T11517] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 470.741398][T11517] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 470.927983][T11449] 8021q: adding VLAN 0 to HW filter on device bond0
[ 470.935050][T11535] program syz.3.1568 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 470.943579][T11449] 8021q: adding VLAN 0 to HW filter on device team0
[ 470.971612][ T36] bridge0: port 1(bridge_slave_0) entered blocking state
[ 470.978737][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 471.002470][T11535] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 471.027951][ T67] bridge0: port 2(bridge_slave_1) entered blocking state
[ 471.035078][ T67] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 471.059803][ T5838] Bluetooth: hci3: command tx timeout
[ 471.565706][T11449] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 471.709368][ T5876] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[ 471.801232][ T30] audit: type=1400 audit(1743992743.850:1168): avc: denied { map } for pid=11552 comm="syz.3.1571" path="/dev/tty1" dev="devtmpfs" ino=20 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tty_device_t tclass=chr_file permissive=1
[ 471.874041][ T30] audit: type=1400 audit(1743992743.850:1169): avc: denied { execute } for pid=11552 comm="syz.3.1571" path="/dev/tty1" dev="devtmpfs" ino=20 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tty_device_t tclass=chr_file permissive=1
[ 471.938156][T11449] veth0_vlan: entered promiscuous mode
[ 471.975807][T11449] veth1_vlan: entered promiscuous mode
[ 471.982614][ T5876] usb 3-1: Using ep0 maxpacket: 16
[ 471.990748][ T5876] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 472.003948][ T5876] usb 3-1: config 0 has no interfaces?
[ 472.018422][ T5876] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 472.034818][T11449] veth0_macvtap: entered promiscuous mode
[ 472.090305][T11449] veth1_macvtap: entered promiscuous mode
[ 472.127587][ T5876] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 472.135846][ T5876] usb 3-1: Product: syz
[ 472.140108][ T5876] usb 3-1: Manufacturer: syz
[ 472.144700][ T5876] usb 3-1: SerialNumber: syz
[ 472.151531][ T5876] usb 3-1: config 0 descriptor??
[ 472.153258][T11449] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 472.173918][T11449] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 472.188853][T11449] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 472.205371][T11449] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 472.216954][T11449] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 472.234786][T11449] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 472.248220][T11449] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 472.275974][T11449] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 472.293625][T11449] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 472.305335][T11449] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 472.316158][T11449] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 472.326143][T11449] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 472.348168][T11449] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 472.362765][T11543] fuse: Unknown parameter 'fd0x0000000000000004'
[ 472.370501][T11449] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 472.385829][ T5876] usb 3-1: USB disconnect, device number 32
[ 472.392657][T11449] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 472.403363][T11449] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 472.416723][T11449] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 472.428390][T11449] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 472.532005][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 472.550309][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 472.582456][ T6396] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 472.609571][ T6396] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 472.611137][ T5874] usb 1-1: USB disconnect, device number 42
[ 472.631552][ T9991] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 472.644192][ T9991] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 472.651912][ T9991] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 472.654014][ T30] audit: type=1400 audit(1743992744.680:1170): avc: denied { mounton } for pid=11449 comm="syz-executor" path="/root/syzkaller.DhKQC6/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[ 472.698848][ T9991] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 472.704155][ T30] audit: type=1400 audit(1743992744.730:1171): avc: denied { mount } for pid=11449 comm="syz-executor" name="/" dev="gadgetfs" ino=6866 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[ 472.751772][ T9991] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 473.108060][ T30] audit: type=1400 audit(1743992745.150:1172): avc: denied { map } for pid=11565 comm="syz.2.1576" path="/proc/1119/net/route" dev="proc" ino=4026533135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[ 473.147162][ T5838] Bluetooth: hci3: command tx timeout
[ 473.371054][T11556] chnl_net:caif_netlink_parms(): no params data found
[ 473.399355][ T58] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[ 474.157165][ T58] usb 3-1: Using ep0 maxpacket: 32
[ 474.170725][T11575] 9pnet_fd: p9_fd_create_unix (11575): problem connecting socket: ��q�Y��3aK: -111
[ 474.172015][ T58] usb 3-1: config 1 interface 0 altsetting 6 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 474.192670][ T58] usb 3-1: config 1 interface 0 altsetting 6 bulk endpoint 0x3 has invalid maxpacket 8
[ 474.202421][ T58] usb 3-1: config 1 interface 0 has no altsetting 0
[ 474.218661][ T58] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 474.295051][ T58] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 474.308689][ T58] usb 3-1: Product: syz
[ 474.313090][ T58] usb 3-1: Manufacturer: syz
[ 474.318006][ T58] usb 3-1: SerialNumber: syz
[ 474.365871][T11566] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 474.723726][ T58] usb 3-1: bad CDC descriptors
[ 474.820436][ T5838] Bluetooth: hci5: command tx timeout
[ 474.827271][T11586] program syz.3.1580 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 474.846250][T11586] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 474.846802][T11556] bridge0: port 1(bridge_slave_0) entered blocking state
[ 474.873839][T11556] bridge0: port 1(bridge_slave_0) entered disabled state
[ 474.881118][T11556] bridge_slave_0: entered allmulticast mode
[ 474.888363][T11556] bridge_slave_0: entered promiscuous mode
[ 474.896320][T11556] bridge0: port 2(bridge_slave_1) entered blocking state
[ 474.904025][T11556] bridge0: port 2(bridge_slave_1) entered disabled state
[ 474.911321][T11556] bridge_slave_1: entered allmulticast mode
[ 474.918576][T11556] bridge_slave_1: entered promiscuous mode
[ 474.998518][T11556] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 475.020186][T11556] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 475.047640][T11556] team0: Port device team_slave_0 added
[ 475.056100][T11556] team0: Port device team_slave_1 added
[ 475.217087][T11595] netlink: 'syz.5.1581': attribute type 1 has an invalid length.
[ 475.225043][T11595] netlink: 244 bytes leftover after parsing attributes in process `syz.5.1581'.
[ 475.464646][T11556] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 475.472629][T11556] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 475.499129][T11556] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 475.510883][T11556] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 475.517889][T11556] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 475.544889][T11556] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 475.581978][T11556] hsr_slave_0: entered promiscuous mode
[ 475.588004][T11556] hsr_slave_1: entered promiscuous mode
[ 475.594417][T11556] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 475.602938][T11556] Cannot create hsr debugfs directory
[ 475.840077][T11556] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 475.857295][T11556] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 475.873874][T11601] sch_fq: defrate 4 ignored.
[ 475.886270][T11556] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 475.897889][T11556] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 476.249428][ T5874] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[ 476.277811][T11556] 8021q: adding VLAN 0 to HW filter on device bond0
[ 476.317088][T11556] 8021q: adding VLAN 0 to HW filter on device team0
[ 476.335717][ T3518] bridge0: port 1(bridge_slave_0) entered blocking state
[ 476.342859][ T3518] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 476.349643][ T58] usb 3-1: USB disconnect, device number 33
[ 476.376707][T10279] bridge0: port 2(bridge_slave_1) entered blocking state
[ 476.383858][T10279] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 476.413948][ T5874] usb 4-1: Using ep0 maxpacket: 16
[ 476.609669][T10459] usb 6-1: new full-speed USB device number 2 using dummy_hcd
[ 476.649342][ T5874] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 476.704821][ T5874] usb 4-1: config 0 has no interfaces?
[ 476.722349][ T5874] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 476.733128][ T5874] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 476.748166][ T5874] usb 4-1: Product: syz
[ 476.752461][ T5874] usb 4-1: Manufacturer: syz
[ 476.757057][ T5874] usb 4-1: SerialNumber: syz
[ 476.765844][ T5874] usb 4-1: config 0 descriptor??
[ 476.801042][T10459] usb 6-1: config 0 has an invalid descriptor of length 242, skipping remainder of the config
[ 476.819748][T10459] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 476.834594][T10459] usb 6-1: New USB device found, idVendor=1e6d, idProduct=200d, bcdDevice= 0.00
[ 476.845911][T10459] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 476.861989][T10459] usb 6-1: config 0 descriptor??
[ 476.894349][T11556] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 476.900922][ T5838] Bluetooth: hci5: command tx timeout
[ 476.967532][T11627] program syz.2.1591 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 476.977140][T11627] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 476.985211][T11604] fuse: Unknown parameter 'fd0x0000000000000004'
[ 476.996600][ T58] usb 4-1: USB disconnect, device number 35
[ 477.098173][T11556] veth0_vlan: entered promiscuous mode
[ 477.112280][T11556] veth1_vlan: entered promiscuous mode
[ 477.136037][T11556] veth0_macvtap: entered promiscuous mode
[ 477.151334][T11556] veth1_macvtap: entered promiscuous mode
[ 477.167950][T11556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 477.179129][T11556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 477.189145][T11556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 477.200310][T11556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 477.211495][T11556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 477.222937][T11556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 477.232774][T11556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 477.243243][T11556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 477.254512][T11556] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 477.268709][T11556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 477.283733][T10459] usb 6-1: string descriptor 0 read error: -71
[ 477.293818][T11556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 477.306422][T10459] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[ 477.316666][T11556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 477.328785][T10459] usb 6-1: USB disconnect, device number 2
[ 477.336315][T11556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 477.347438][T11556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 477.357977][T11556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 477.367790][T11556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 477.367804][T11556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 477.368914][T11556] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 477.404218][T11556] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 477.414217][T11556] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 477.423034][T11556] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 477.432634][T11556] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 477.485441][ T3518] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 477.493670][ T3518] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 477.535870][T10279] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 477.544641][T10279] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 478.063892][T11639] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1594'.
[ 478.250370][T11645] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11645 comm=syz.2.1594
[ 478.357753][ T30] audit: type=1400 audit(1743992750.400:1173): avc: denied { setopt } for pid=11641 comm="syz.0.1595" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[ 478.979487][ T5838] Bluetooth: hci5: command tx timeout
[ 479.153621][T11651] syzkaller1: entered promiscuous mode
[ 479.159331][T11651] syzkaller1: entered allmulticast mode
[ 479.969808][ T5874] usb 1-1: new high-speed USB device number 43 using dummy_hcd
[ 479.981279][T11675] program syz.2.1603 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 480.008850][T11677] 9pnet_fd: Insufficient options for proto=fd
[ 480.018359][T11675] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 480.121474][ T5874] usb 1-1: Using ep0 maxpacket: 16
[ 480.153463][ T5874] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 480.169559][ T30] audit: type=1400 audit(1743992752.220:1174): avc: denied { mount } for pid=11683 comm="syz.5.1607" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[ 480.199778][ T5874] usb 1-1: config 0 has no interfaces?
[ 480.215615][ T5874] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 480.239872][ T30] audit: type=1400 audit(1743992752.280:1175): avc: denied { mounton } for pid=11683 comm="syz.5.1607" path="/12/file0" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:devpts_t tclass=dir permissive=1
[ 480.263483][ T5874] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 480.271576][ T5874] usb 1-1: Product: syz
[ 480.277300][ T5874] usb 1-1: Manufacturer: syz
[ 480.282520][ T5874] usb 1-1: SerialNumber: syz
[ 480.291629][ T5874] usb 1-1: config 0 descriptor??
[ 480.315561][T11686] fuse: Unknown parameter 'appraise'
[ 480.322929][ T30] audit: type=1400 audit(1743992752.360:1176): avc: denied { mounton } for pid=11683 comm="syz.5.1607" path="/12/file0" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[ 480.860759][ T5838] Bluetooth: hci4: ACL packet for unknown connection handle 200
[ 480.864283][T11690] block nbd6: NBD_DISCONNECT
[ 480.868791][ T30] audit: type=1400 audit(1743992752.910:1177): avc: denied { append } for pid=11689 comm="syz.6.1608" name="nbd6" dev="devtmpfs" ino=685 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 480.879657][T11690] block nbd6: Send disconnect failed -107
[ 480.909193][ T30] audit: type=1400 audit(1743992752.910:1178): avc: denied { getopt } for pid=11689 comm="syz.6.1608" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 481.224487][ T30] audit: type=1400 audit(1743992753.210:1179): avc: denied { unmount } for pid=11449 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[ 481.224835][T11690] IPv6: addrconf: prefix option has invalid lifetime
[ 481.661620][T11689] block nbd6: Disconnected due to user request.
[ 481.661663][T11689] block nbd6: shutting down sockets
[ 481.969365][T11703] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1611'.
[ 481.978926][T11703] xt_hashlimit: size too large, truncated to 1048576
[ 482.031602][T11708] xt_HMARK: proto mask must be zero with L3 mode
[ 482.762923][ T5874] usb 1-1: USB disconnect, device number 43
[ 483.102227][T11725] 9pnet_fd: Insufficient options for proto=fd
[ 483.781125][T11731] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1618'.
[ 483.800558][T11731] xt_hashlimit: size too large, truncated to 1048576
[ 484.318550][T11740] xt_HMARK: proto mask must be zero with L3 mode
[ 484.867576][T11742] netlink: 'syz.5.1623': attribute type 4 has an invalid length.
[ 485.129759][T11759] FAULT_INJECTION: forcing a failure.
[ 485.129759][T11759] name failslab, interval 1, probability 0, space 0, times 0
[ 485.170801][T11759] CPU: 1 UID: 0 PID: 11759 Comm: syz.0.1626 Not tainted 6.14.0-syzkaller-13546-g16cd1c265776 #0 PREEMPT(full)
[ 485.170826][T11759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 485.170836][T11759] Call Trace:
[ 485.170841][T11759] <TASK>
[ 485.170847][T11759] dump_stack_lvl+0x16c/0x1f0
[ 485.170872][T11759] should_fail_ex+0x512/0x640
[ 485.170890][T11759] ? fs_reclaim_acquire+0xae/0x150
[ 485.170916][T11759] ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 485.170939][T11759] should_failslab+0xc2/0x120
[ 485.170957][T11759] __kmalloc_noprof+0xd2/0x510
[ 485.170974][T11759] ? trace_kmalloc+0x2b/0xd0
[ 485.170992][T11759] ? __kmalloc_noprof+0x242/0x510
[ 485.171011][T11759] tomoyo_realpath_from_path+0xc2/0x6e0
[ 485.171036][T11759] ? tomoyo_fill_path_info+0x233/0x420
[ 485.171056][T11759] tomoyo_mount_acl+0x1ae/0x850
[ 485.171076][T11759] ? kernel_text_address+0x8d/0x100
[ 485.171095][T11759] ? __kernel_text_address+0xd/0x40
[ 485.171113][T11759] ? unwind_get_return_address+0x59/0xa0
[ 485.171134][T11759] ? arch_stack_walk+0xa6/0x100
[ 485.171156][T11759] ? __pfx_tomoyo_mount_acl+0x10/0x10
[ 485.171204][T11759] ? tomoyo_domain+0xbb/0x150
[ 485.171218][T11759] ? tomoyo_profile+0x47/0x60
[ 485.171236][T11759] tomoyo_mount_permission+0x16d/0x420
[ 485.171256][T11759] ? tomoyo_mount_permission+0x14f/0x420
[ 485.171279][T11759] ? __pfx_tomoyo_mount_permission+0x10/0x10
[ 485.171315][T11759] security_sb_mount+0x9b/0x260
[ 485.171337][T11759] path_mount+0x128/0x1f30
[ 485.171357][T11759] ? kmem_cache_free+0x2d4/0x4d0
[ 485.171371][T11759] ? __pfx_path_mount+0x10/0x10
[ 485.171392][T11759] ? putname+0x154/0x1a0
[ 485.171414][T11759] __x64_sys_mount+0x28d/0x310
[ 485.171433][T11759] ? __pfx___x64_sys_mount+0x10/0x10
[ 485.171450][T11759] ? rcu_is_watching+0x12/0xc0
[ 485.171477][T11759] do_syscall_64+0xcd/0x260
[ 485.171500][T11759] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 485.171516][T11759] RIP: 0033:0x7fd87b38d169
[ 485.171529][T11759] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 485.171543][T11759] RSP: 002b:00007fd87c241038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 485.171558][T11759] RAX: ffffffffffffffda RBX: 00007fd87b5a5fa0 RCX: 00007fd87b38d169
[ 485.171569][T11759] RDX: 0000200000000280 RSI: 0000200000000080 RDI: 0000000000000000
[ 485.171578][T11759] RBP: 00007fd87c241090 R08: 0000200000000200 R09: 0000000000000000
[ 485.171588][T11759] R10: 0000000000008200 R11: 0000000000000246 R12: 0000000000000001
[ 485.171597][T11759] R13: 0000000000000000 R14: 00007fd87b5a5fa0 R15: 00007ffc89d9dbf8
[ 485.171620][T11759] </TASK>
[ 485.171652][T11759] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 485.324945][T11764] netlink: 'syz.5.1623': attribute type 4 has an invalid length.
[ 486.445015][T11777] 9pnet_fd: Insufficient options for proto=fd
[ 487.351558][T11783] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1632'.
[ 487.368027][ T5838] Bluetooth: hci4: Malformed LE Event: 0x1d
[ 487.669705][T11617] usb 6-1: new full-speed USB device number 3 using dummy_hcd
[ 487.699376][ T5873] usb 1-1: new high-speed USB device number 44 using dummy_hcd
[ 487.855801][T11617] usb 6-1: config 253 has an invalid descriptor of length 0, skipping remainder of the config
[ 487.856163][ T5873] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 487.874426][T11617] usb 6-1: too many endpoints for config 253 interface 0 altsetting 0: 255, using maximum allowed: 30
[ 487.878260][ T5873] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[ 487.895053][T11617] usb 6-1: config 253 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[ 487.900364][ T5873] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 487.919615][T11617] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 487.924955][ T5873] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 487.946871][ T5873] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 487.955505][T11617] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 487.969443][T11617] usb 6-1: SerialNumber: syz
[ 487.978046][ T5873] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 487.993677][ T5873] usb 1-1: config 0 descriptor??
[ 488.003710][T11800] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[ 488.009617][T10459] usb 4-1: new full-speed USB device number 36 using dummy_hcd
[ 488.169593][T10459] usb 4-1: device descriptor read/64, error -71
[ 488.286613][ T5872] kernel read not supported for file /53/net/icmp6 (pid: 5872 comm: kworker/0:4)
[ 488.376142][T11617] usb 6-1: bad CDC descriptors
[ 488.410164][T10459] usb 4-1: new full-speed USB device number 37 using dummy_hcd
[ 488.419841][T11617] usb 6-1: USB disconnect, device number 3
[ 488.569746][T10459] usb 4-1: device descriptor read/64, error -71
[ 488.715697][ T5873] plantronics 0003:047F:FFFF.0008: reserved main item tag 0xd
[ 488.715900][T10459] usb usb4-port1: attempt power cycle
[ 488.728039][ T5873] plantronics 0003:047F:FFFF.0008: No inputs registered, leaving
[ 488.858146][ T30] audit: type=1326 audit(1743992760.900:1180): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11799 comm="syz.0.1637" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd87b38d169 code=0x0
[ 489.119512][T10459] usb 4-1: new full-speed USB device number 38 using dummy_hcd
[ 489.126347][ T5873] plantronics 0003:047F:FFFF.0008: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[ 489.171764][T10459] usb 4-1: device descriptor read/8, error -71
[ 489.467484][T11824] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1645'.
[ 489.480921][T11824] xt_hashlimit: size too large, truncated to 1048576
[ 489.573943][T11825] xt_HMARK: proto mask must be zero with L3 mode
[ 489.587220][T10459] usb 4-1: new full-speed USB device number 39 using dummy_hcd
[ 490.351698][T10459] usb 4-1: device descriptor read/8, error -71
[ 490.485724][T10459] usb usb4-port1: unable to enumerate USB device
[ 491.433979][ T5874] usb 1-1: USB disconnect, device number 44
[ 491.549450][T10459] usb 4-1: new high-speed USB device number 40 using dummy_hcd
[ 491.759485][T10459] usb 4-1: Using ep0 maxpacket: 16
[ 491.879393][T10459] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 492.249344][ T5875] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[ 492.315001][T10459] usb 4-1: config 0 has no interfaces?
[ 492.336700][T10459] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 492.633121][T10459] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 492.641191][T10459] usb 4-1: Product: syz
[ 492.645487][T10459] usb 4-1: Manufacturer: syz
[ 492.650144][T10459] usb 4-1: SerialNumber: syz
[ 492.657349][T10459] usb 4-1: config 0 descriptor??
[ 492.709330][ T5875] usb 3-1: Using ep0 maxpacket: 8
[ 492.744497][ T5875] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[ 492.776753][ T5875] usb 3-1: config 0 has no interface number 0
[ 492.794130][ T5875] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 492.920349][ T5875] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 492.952938][ T5875] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 492.965528][ T30] audit: type=1326 audit(1743992765.010:1181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11868 comm="syz.0.1657" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd87b38d169 code=0x0
[ 493.012402][ T5875] usb 3-1: config 0 descriptor??
[ 493.058067][ T5875] iowarrior 3-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[ 493.310107][ T5874] usb 1-1: new full-speed USB device number 45 using dummy_hcd
[ 493.461070][ T5874] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 493.471445][ T5874] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 493.481256][ T5874] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[ 493.491655][ T5874] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 493.499686][ T5874] usb 1-1: SerialNumber: syz
[ 494.320808][ T5873] usb 4-1: USB disconnect, device number 40
[ 495.266304][ T30] audit: type=1400 audit(1743992767.310:1182): avc: denied { setattr } for pid=11888 comm="syz.3.1664" name="[io_uring]" dev="anon_inodefs" ino=38523 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 495.622044][ T5873] usb 3-1: USB disconnect, device number 34
[ 496.036953][ T5874] usb 1-1: USB disconnect, device number 45
[ 496.412923][T11908] tipc: Started in network mode
[ 496.418101][T11908] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[ 496.426192][T11908] tipc: Enabled bearer <eth:team0>, priority 0
[ 497.034995][T11911] tmpfs: Bad value for 'mpol'
[ 497.135049][ T30] audit: type=1400 audit(1743992769.180:1183): avc: denied { map } for pid=11913 comm="syz.2.1673" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[ 497.449389][T11923] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[ 498.003288][ T5875] tipc: Node number set to 11578026
[ 498.822911][ T30] audit: type=1400 audit(1743992770.870:1184): avc: denied { connect } for pid=11944 comm="syz.3.1681" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 498.844905][T11945] x_tables: duplicate underflow at hook 2
[ 499.249413][ T58] usb 1-1: new high-speed USB device number 46 using dummy_hcd
[ 499.509341][ T58] usb 1-1: Using ep0 maxpacket: 8
[ 499.563233][ T58] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 499.592625][ T58] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 499.632596][ T5875] usb 3-1: new full-speed USB device number 35 using dummy_hcd
[ 499.646653][T11969] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1689'.
[ 499.752152][ T58] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 499.782435][ T58] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 499.808966][ T58] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 499.829154][ T58] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 499.940827][ T5875] usb 3-1: config 253 has an invalid descriptor of length 0, skipping remainder of the config
[ 499.951840][ T5875] usb 3-1: too many endpoints for config 253 interface 0 altsetting 0: 255, using maximum allowed: 30
[ 500.014150][ T5875] usb 3-1: config 253 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[ 500.068918][ T5875] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 500.078008][ T5875] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 500.086048][ T5875] usb 3-1: SerialNumber: syz
[ 500.096096][ T58] usb 1-1: GET_CAPABILITIES returned 0
[ 500.109417][ T58] usbtmc 1-1:16.0: can't read capabilities
[ 500.198228][T11978] dummy0: entered promiscuous mode
[ 500.203558][ T30] audit: type=1400 audit(1743992772.240:1185): avc: denied { create } for pid=11976 comm="syz.6.1692" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[ 500.299391][ T5874] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[ 500.366614][ T5875] usb 3-1: bad CDC descriptors
[ 500.388972][T11981] cgroup: Unknown subsys name '��@﬽��4�*o��ң�h��o�����U�'
[ 500.417692][ T30] audit: type=1400 audit(1743992772.240:1186): avc: denied { ioctl } for pid=11976 comm="syz.6.1692" path="socket:[38751]" dev="sockfs" ino=38751 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[ 500.496474][ T5875] usb 3-1: USB disconnect, device number 35
[ 501.058947][ T30] audit: type=1400 audit(1743992772.360:1187): avc: denied { execute } for pid=11952 comm="syz.0.1685" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[ 501.071032][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[ 501.094065][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[ 501.121861][ T30] audit: type=1400 audit(1743992773.170:1188): avc: denied { read } for pid=11982 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=1708 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 501.159020][ T30] audit: type=1400 audit(1743992773.200:1189): avc: denied { open } for pid=11982 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1708 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 501.187702][ T30] audit: type=1400 audit(1743992773.200:1190): avc: denied { getattr } for pid=11982 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1708 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 501.215465][ T5874] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 501.229474][ T5874] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 501.249452][ T5874] usb 6-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[ 501.250538][T10459] usb 1-1: USB disconnect, device number 46
[ 501.258517][ T5874] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 501.309095][ T5874] usb 6-1: config 0 descriptor??
[ 501.376953][T11986] x_tables: duplicate underflow at hook 1
[ 501.537761][ T5874] hid-led 0003:0FC5:B080.0009: item fetching failed at offset 0/3
[ 501.567170][ T5874] hid-led 0003:0FC5:B080.0009: probe with driver hid-led failed with error -22
[ 501.663759][ T30] audit: type=1400 audit(1743992773.690:1191): avc: denied { read } for pid=11985 comm="syz.6.1693" name="btrfs-control" dev="devtmpfs" ino=1311 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[ 502.007242][ T5874] usb 6-1: USB disconnect, device number 4
[ 502.417150][T12003] bond0: entered promiscuous mode
[ 502.437752][T12003] batadv0: entered promiscuous mode
[ 502.447362][T12003] 8021q: adding VLAN 0 to HW filter on device hsr1
[ 502.475989][ T30] audit: type=1400 audit(1743992774.520:1192): avc: denied { write } for pid=11979 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1707 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 502.547362][ T30] audit: type=1400 audit(1743992774.520:1193): avc: denied { add_name } for pid=11979 comm="dhcpcd-run-hook" name="resolv.conf.dummy0.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 502.848228][ T30] audit: type=1400 audit(1743992774.520:1194): avc: denied { create } for pid=11979 comm="dhcpcd-run-hook" name="resolv.conf.dummy0.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 502.949832][ T30] audit: type=1400 audit(1743992774.520:1195): avc: denied { write } for pid=11979 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf.dummy0.link" dev="tmpfs" ino=7057 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 503.130503][T12023] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1703'.
[ 504.509845][T12047] block device autoloading is deprecated and will be removed.
[ 506.460697][ T30] kauditd_printk_skb: 5 callbacks suppressed
[ 506.460716][ T30] audit: type=1400 audit(1743992778.510:1201): avc: denied { append } for pid=12085 comm="syz.3.1712" name="ptp0" dev="devtmpfs" ino=1265 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[ 507.989541][ T5874] usb 4-1: new high-speed USB device number 41 using dummy_hcd
[ 508.116497][T12077] netlink: 'syz.0.1710': attribute type 4 has an invalid length.
[ 508.265881][ T5874] usb 4-1: Using ep0 maxpacket: 8
[ 508.330357][ T5874] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[ 508.494147][ T5874] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 508.518808][ T5874] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 508.529416][ T5874] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 508.536647][T12107] netlink: 55631 bytes leftover after parsing attributes in process `syz.2.1719'.
[ 508.545960][ T5874] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 508.581492][ T5874] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 508.595497][ T5874] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 508.910266][ T5874] usb 4-1: GET_CAPABILITIES returned 0
[ 508.980578][ T5872] usb 3-1: new full-speed USB device number 36 using dummy_hcd
[ 509.075713][ T5874] usbtmc 4-1:16.0: can't read capabilities
[ 509.135690][ T5874] usb 4-1: USB disconnect, device number 41
[ 509.249431][ T5872] usb 3-1: config 253 has an invalid descriptor of length 0, skipping remainder of the config
[ 509.269443][ T5872] usb 3-1: too many endpoints for config 253 interface 0 altsetting 0: 255, using maximum allowed: 30
[ 509.284160][ T5872] usb 3-1: config 253 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[ 509.312831][ T5872] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 509.333058][ T5872] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 509.343142][ T5872] usb 3-1: SerialNumber: syz
[ 509.688742][ T5872] usb 3-1: bad CDC descriptors
[ 509.709914][ T5872] usb 3-1: USB disconnect, device number 36
[ 510.126911][T12131] input: syz0 as /devices/virtual/input/input45
[ 511.038859][T12150] 9pnet_virtio: no channels available for device 127.0.0.1
[ 511.759861][ T30] audit: type=1400 audit(1743992783.780:1202): avc: denied { connect } for pid=12154 comm="syz.0.1735" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[ 511.965822][ T30] audit: type=1400 audit(1743992783.800:1203): avc: denied { append } for pid=12154 comm="syz.0.1735" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[ 511.989681][ T30] audit: type=1400 audit(1743992783.800:1204): avc: denied { ioctl } for pid=12154 comm="syz.0.1735" path="/dev/autofs" dev="devtmpfs" ino=98 ioctlcmd=0x9374 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[ 512.479407][ T5876] usb 6-1: new full-speed USB device number 5 using dummy_hcd
[ 512.505229][T12166] 9pnet_fd: Insufficient options for proto=fd
[ 512.515295][ T30] audit: type=1400 audit(1743992784.550:1205): avc: denied { read } for pid=12164 comm="syz.2.1739" dev="sockfs" ino=40188 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[ 512.722409][ T5876] usb 6-1: too many endpoints for config 253 interface 0 altsetting 0: 255, using maximum allowed: 30
[ 512.734003][T12170] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1740'.
[ 512.744407][T12170] xt_hashlimit: size too large, truncated to 1048576
[ 513.551151][ T5876] usb 6-1: config 253 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 513.563643][ T5876] usb 6-1: config 253 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 255
[ 513.660602][ T5876] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 513.672734][ T5876] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 513.700741][ T5876] usb 6-1: SerialNumber: syz
[ 513.923644][T12162] mac80211_hwsim hwsim12 �3�@0�: renamed from wlan0 (while UP)
[ 514.250769][ T5876] rndis_host 6-1:253.0: RNDIS init failed, -71
[ 514.262520][ T5876] rndis_host 6-1:253.0: probe with driver rndis_host failed with error -71
[ 514.370800][T12189] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 514.728043][ T5876] usb 6-1: USB disconnect, device number 5
[ 517.089965][ T30] audit: type=1400 audit(1743992789.140:1206): avc: denied { listen } for pid=12220 comm="syz.5.1756" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 517.170960][T12222] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1755'.
[ 517.842459][ T30] audit: type=1400 audit(1743992789.890:1207): avc: denied { sqpoll } for pid=12223 comm="syz.2.1758" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[ 517.977303][T12232] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1757'.
[ 517.991223][T12232] xt_hashlimit: size too large, truncated to 1048576
[ 518.336078][T12221] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=512 sclass=netlink_route_socket pid=12221 comm=syz.5.1756
[ 518.653959][ T5838] Bluetooth: hci4: SCO packet for unknown connection handle 201
[ 519.828095][T12254] fuse: Unknown parameter '\d'
[ 520.482658][ T5838] Bluetooth: hci1: ACL packet for unknown connection handle 200
[ 522.719525][ T5872] usb 4-1: new high-speed USB device number 42 using dummy_hcd
[ 522.779320][ T30] audit: type=1400 audit(1743992794.820:1208): avc: denied { connect } for pid=12260 comm="syz.0.1767" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[ 522.825488][ T30] audit: type=1400 audit(1743992794.870:1209): avc: denied { listen } for pid=12260 comm="syz.0.1767" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[ 522.924956][T12289] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[ 522.995049][ T30] audit: type=1326 audit(1743992794.960:1210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12260 comm="syz.0.1767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd87b38d169 code=0x7ffc0000
[ 523.019887][ T30] audit: type=1326 audit(1743992794.960:1211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12260 comm="syz.0.1767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=313 compat=0 ip=0x7fd87b38d169 code=0x7ffc0000
[ 523.046644][ T5872] usb 4-1: Using ep0 maxpacket: 32
[ 523.051918][ T30] audit: type=1326 audit(1743992794.960:1212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12260 comm="syz.0.1767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd87b38d169 code=0x7ffc0000
[ 523.178612][ T5872] usb 4-1: config 0 has an invalid interface number: 12 but max is 0
[ 523.193020][ T5872] usb 4-1: config 0 has no interface number 0
[ 523.219696][ T30] audit: type=1326 audit(1743992794.960:1213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12260 comm="syz.0.1767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=288 compat=0 ip=0x7fd87b38d169 code=0x7ffc0000
[ 523.219701][ T5906] usb 1-1: new full-speed USB device number 47 using dummy_hcd
[ 523.409456][T12292] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 523.685709][ T5872] usb 4-1: config 0 interface 12 has no altsetting 0
[ 523.749213][ T30] audit: type=1326 audit(1743992794.960:1214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12260 comm="syz.0.1767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd87b38d169 code=0x7ffc0000
[ 523.772973][ T5872] usb 4-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[ 523.796873][ T5872] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 523.822029][ T5872] usb 4-1: Product: syz
[ 523.848741][ T5906] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 523.859834][ T5872] usb 4-1: Manufacturer: syz
[ 523.869413][ T5906] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 523.870458][ T30] audit: type=1326 audit(1743992794.960:1215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12260 comm="syz.0.1767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd87b38bad0 code=0x7ffc0000
[ 523.879411][ T5906] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[ 523.913641][ T5872] usb 4-1: SerialNumber: syz
[ 523.976670][ T30] audit: type=1326 audit(1743992794.960:1216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12260 comm="syz.0.1767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd87b38cd6b code=0x7ffc0000
[ 524.108647][ T5872] usb 4-1: config 0 descriptor??
[ 524.115886][ T30] audit: type=1326 audit(1743992794.960:1217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12260 comm="syz.0.1767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd87b38cd6b code=0x7ffc0000
[ 524.120408][T12296] program syz.0.1776 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 524.186680][T12296] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 524.439325][ T5906] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 524.476389][ T5906] usb 1-1: SerialNumber: syz
[ 524.494511][ T5906] usb 1-1: can't set config #1, error -71
[ 524.514469][ T5906] usb 1-1: USB disconnect, device number 47
[ 524.905603][ T5872] usb 4-1: can't set config #0, error -71
[ 524.914710][ T5872] usb 4-1: USB disconnect, device number 42
[ 525.051170][T12319] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1782'.
[ 525.083987][T12319] xt_hashlimit: size too large, truncated to 1048576
[ 526.373329][T12333] FAULT_INJECTION: forcing a failure.
[ 526.373329][T12333] name failslab, interval 1, probability 0, space 0, times 0
[ 526.386207][T12333] CPU: 0 UID: 0 PID: 12333 Comm: syz.0.1786 Not tainted 6.14.0-syzkaller-13546-g16cd1c265776 #0 PREEMPT(full)
[ 526.386222][T12333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 526.386228][T12333] Call Trace:
[ 526.386231][T12333] <TASK>
[ 526.386235][T12333] dump_stack_lvl+0x16c/0x1f0
[ 526.386252][T12333] should_fail_ex+0x512/0x640
[ 526.386263][T12333] ? __kmalloc_cache_noprof+0x57/0x3e0
[ 526.386280][T12333] should_failslab+0xc2/0x120
[ 526.386291][T12333] __kmalloc_cache_noprof+0x6a/0x3e0
[ 526.386323][T12333] ? rtnl_newlink+0x11b/0x2000
[ 526.386337][T12333] ? __pfx_rtnl_newlink+0x10/0x10
[ 526.386349][T12333] rtnl_newlink+0x11b/0x2000
[ 526.386365][T12333] ? __pfx_rtnl_newlink+0x10/0x10
[ 526.386376][T12333] ? find_held_lock+0x2b/0x80
[ 526.386389][T12333] ? avc_has_perm_noaudit+0x117/0x3b0
[ 526.386401][T12333] ? avc_has_perm_noaudit+0x149/0x3b0
[ 526.386414][T12333] ? __lock_acquire+0x5ca/0x1ba0
[ 526.386429][T12333] ? find_held_lock+0x2b/0x80
[ 526.386441][T12333] ? __pfx_rtnl_newlink+0x10/0x10
[ 526.386452][T12333] ? __pfx_rtnl_newlink+0x10/0x10
[ 526.386463][T12333] ? rtnetlink_rcv_msg+0x93a/0xe90
[ 526.386476][T12333] ? __pfx_rtnl_newlink+0x10/0x10
[ 526.386489][T12333] rtnetlink_rcv_msg+0x95b/0xe90
[ 526.386503][T12333] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 526.386521][T12333] netlink_rcv_skb+0x16a/0x440
[ 526.386535][T12333] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 526.386548][T12333] ? __pfx_netlink_rcv_skb+0x10/0x10
[ 526.386567][T12333] ? netlink_deliver_tap+0x1ae/0xd30
[ 526.386582][T12333] netlink_unicast+0x53a/0x7f0
[ 526.386597][T12333] ? __pfx_netlink_unicast+0x10/0x10
[ 526.386614][T12333] netlink_sendmsg+0x8d1/0xdd0
[ 526.386629][T12333] ? __pfx_netlink_sendmsg+0x10/0x10
[ 526.386646][T12333] ____sys_sendmsg+0xa95/0xc70
[ 526.386662][T12333] ? copy_msghdr_from_user+0x10a/0x160
[ 526.386673][T12333] ? __pfx_____sys_sendmsg+0x10/0x10
[ 526.386694][T12333] ___sys_sendmsg+0x134/0x1d0
[ 526.386706][T12333] ? __pfx____sys_sendmsg+0x10/0x10
[ 526.386732][T12333] __sys_sendmsg+0x16d/0x220
[ 526.386744][T12333] ? __pfx___sys_sendmsg+0x10/0x10
[ 526.386759][T12333] ? rcu_is_watching+0x12/0xc0
[ 526.386774][T12333] do_syscall_64+0xcd/0x260
[ 526.386789][T12333] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 526.386798][T12333] RIP: 0033:0x7fd87b38d169
[ 526.386807][T12333] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 526.386816][T12333] RSP: 002b:00007fd87c241038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 526.386826][T12333] RAX: ffffffffffffffda RBX: 00007fd87b5a5fa0 RCX: 00007fd87b38d169
[ 526.386832][T12333] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[ 526.386838][T12333] RBP: 00007fd87c241090 R08: 0000000000000000 R09: 0000000000000000
[ 526.386843][T12333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 526.386849][T12333] R13: 0000000000000000 R14: 00007fd87b5a5fa0 R15: 00007ffc89d9dbf8
[ 526.386860][T12333] </TASK>
[ 527.342469][T12341] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1788'.
[ 527.356415][T12341] xt_HMARK: proto mask must be zero with L3 mode
[ 528.458035][T12351] 9pnet_virtio: no channels available for device 127.0.0.1
[ 528.474151][ T5872] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[ 528.639380][ T5872] usb 3-1: Using ep0 maxpacket: 16
[ 528.657992][ T5872] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 33437, setting to 1024
[ 528.684124][ T5872] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0xF has invalid maxpacket 1024
[ 528.829535][ T5872] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 528.840535][ T5872] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[ 528.852334][ T5872] usb 3-1: New USB device found, idVendor=054c, idProduct=06c1, bcdDevice=c2.87
[ 528.863490][ T5872] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 528.877858][ T5872] usb 3-1: Product: syz
[ 528.884883][ T5872] usb 3-1: Manufacturer: syz
[ 528.891463][ T5872] usb 3-1: SerialNumber: syz
[ 528.929231][ T5872] usb 3-1: config 0 descriptor??
[ 528.977857][T12345] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 528.993894][ T5872] port100 3-1:0.0: NFC: Could not get supported command types
[ 530.223638][T12349] netlink: 'syz.0.1789': attribute type 4 has an invalid length.
[ 530.455064][T12361] program syz.5.1794 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 530.464532][T12361] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 530.780443][T12345] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 530.824294][T12345] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 532.216013][ T5875] usb 3-1: USB disconnect, device number 37
[ 532.569536][ T5875] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[ 532.754453][ T5875] usb 3-1: Using ep0 maxpacket: 32
[ 532.769435][ T5875] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 532.787648][ T5875] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 532.809053][ T5875] usb 3-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[ 532.818330][ T5875] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 532.846371][ T5875] usb 3-1: config 0 descriptor??
[ 534.012329][ T5875] usbhid 3-1:0.0: can't add hid device: -71
[ 534.018322][ T5875] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 534.368982][ T5875] usb 3-1: USB disconnect, device number 38
[ 534.709245][T12407] program syz.6.1808 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 534.739787][T12407] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 535.177112][T12421] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 536.919348][ T5875] usb 4-1: new full-speed USB device number 43 using dummy_hcd
[ 536.946331][T12435] netlink: 'syz.6.1819': attribute type 4 has an invalid length.
[ 536.975356][T12435] netlink: 'syz.6.1819': attribute type 4 has an invalid length.
[ 537.811140][ T5875] usb 4-1: too many endpoints for config 253 interface 0 altsetting 0: 255, using maximum allowed: 30
[ 537.822464][ T5875] usb 4-1: config 253 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 537.834460][ T5875] usb 4-1: config 253 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 255
[ 537.886020][ T5875] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 538.142747][ T5875] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 538.158993][ T5875] usb 4-1: SerialNumber: syz
[ 539.014129][T12459] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1824'.
[ 539.322410][ T5875] rndis_host 4-1:253.0: RNDIS init failed, -71
[ 539.328770][ T5875] rndis_host 4-1:253.0: probe with driver rndis_host failed with error -71
[ 539.531086][ T5875] usb 4-1: USB disconnect, device number 43
[ 540.064719][T12477] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 540.169169][T12478] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[ 540.743009][T12483] 9pnet_virtio: no channels available for device 127.0.0.1
[ 542.367058][T12489] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1831'.
[ 542.388937][T12489] xt_HMARK: proto mask must be zero with L3 mode
[ 543.694658][T12501] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1834'.
[ 544.120772][ T5838] Bluetooth: hci4: ACL packet for unknown connection handle 200
[ 544.377728][T12515] 9pnet_virtio: no channels available for device 127.0.0.1
[ 545.147791][ T30] kauditd_printk_skb: 19 callbacks suppressed
[ 545.147821][ T30] audit: type=1400 audit(1743992817.120:1237): avc: denied { setattr } for pid=12516 comm="syz.3.1840" path="/dev/ptyqb" dev="devtmpfs" ino=130 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[ 545.506026][ T30] audit: type=1400 audit(1743992817.270:1238): avc: denied { setopt } for pid=12516 comm="syz.3.1840" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[ 545.635067][T12530] 9pnet_virtio: no channels available for device 127.0.0.1
[ 547.011176][T12544] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 547.060849][ T5873] usb 1-1: new high-speed USB device number 48 using dummy_hcd
[ 547.081649][ T30] audit: type=1400 audit(1743992819.130:1239): avc: denied { watch } for pid=12543 comm="syz.2.1846" path="/390/file0" dev="tmpfs" ino=2079 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[ 547.107519][T12545] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 547.121977][T12544] netlink: 212404 bytes leftover after parsing attributes in process `syz.2.1846'.
[ 547.130530][ T30] audit: type=1400 audit(1743992819.130:1240): avc: denied { watch_sb watch_reads } for pid=12543 comm="syz.2.1846" path="/390/file0" dev="tmpfs" ino=2079 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[ 547.152423][T12545] iommufd_mock iommufd_mock2: Adding to iommu group 2
[ 547.269886][ T5873] usb 1-1: Using ep0 maxpacket: 16
[ 547.338061][ T5873] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 547.406365][ T5873] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[ 547.436329][ T5873] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 547.466818][ T5873] usb 1-1: Product: syz
[ 547.473096][ T5873] usb 1-1: Manufacturer: syz
[ 547.477690][ T5873] usb 1-1: SerialNumber: syz
[ 547.540848][ T5873] usb 1-1: config 0 descriptor??
[ 547.573004][ T5873] CoreChips 1-1:0.0: probe with driver CoreChips failed with error -22
[ 547.697154][T12559] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[ 547.737365][T12559] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[ 548.010443][ T30] audit: type=1400 audit(1743992819.880:1241): avc: denied { map } for pid=12554 comm="syz.2.1849" path="socket:[40733]" dev="sockfs" ino=40733 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[ 548.873564][ T5874] usb 1-1: USB disconnect, device number 48
[ 549.028538][T12566] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1852'.
[ 549.045591][T12566] xt_HMARK: proto mask must be zero with L3 mode
[ 549.959378][ T30] audit: type=1400 audit(1743992821.990:1242): avc: denied { bind } for pid=12567 comm="syz.0.1853" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 550.054254][ T30] audit: type=1400 audit(1743992821.990:1243): avc: denied { name_bind } for pid=12567 comm="syz.0.1853" src=20259 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1
[ 550.075398][ T30] audit: type=1400 audit(1743992821.990:1244): avc: denied { node_bind } for pid=12567 comm="syz.0.1853" saddr=fe80::16 src=20259 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[ 550.108606][T12571] tipc: Failed to remove unknown binding: 66,1,1/11578026:379347085/379347087
[ 550.163045][T12571] tipc: Failed to remove unknown binding: 66,1,1/11578026:379347085/379347087
[ 550.172253][T12571] tipc: Failed to remove unknown binding: 66,1,1/11578026:379347085/379347087
[ 550.423445][ T9991] Bluetooth: hci4: ACL packet for unknown connection handle 200
[ 551.239690][ T5873] usb 4-1: new full-speed USB device number 44 using dummy_hcd
[ 551.425059][ T5873] usb 4-1: config 253 has an invalid descriptor of length 0, skipping remainder of the config
[ 552.078670][ T5873] usb 4-1: too many endpoints for config 253 interface 0 altsetting 0: 255, using maximum allowed: 30
[ 552.132142][ T5873] usb 4-1: config 253 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[ 552.201002][T12594] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=22008 sclass=netlink_route_socket pid=12594 comm=syz.5.1854
[ 552.236030][ T5873] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 552.301181][ T5873] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 552.349612][ T5873] usb 4-1: SerialNumber: syz
[ 552.419517][ T5838] Bluetooth: hci6: Opcode 0x1003 failed: -110
[ 552.564865][T12602] FAULT_INJECTION: forcing a failure.
[ 552.564865][T12602] name failslab, interval 1, probability 0, space 0, times 0
[ 552.580184][T12602] CPU: 1 UID: 0 PID: 12602 Comm: syz.6.1864 Not tainted 6.14.0-syzkaller-13546-g16cd1c265776 #0 PREEMPT(full)
[ 552.580207][T12602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 552.580215][T12602] Call Trace:
[ 552.580220][T12602] <TASK>
[ 552.580227][T12602] dump_stack_lvl+0x16c/0x1f0
[ 552.580261][T12602] should_fail_ex+0x512/0x640
[ 552.580279][T12602] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[ 552.580299][T12602] should_failslab+0xc2/0x120
[ 552.580318][T12602] kmem_cache_alloc_node_noprof+0x71/0x3b0
[ 552.580333][T12602] ? __pfx_tcp_current_mss+0x10/0x10
[ 552.580348][T12602] ? __alloc_skb+0x2b2/0x380
[ 552.580370][T12602] __alloc_skb+0x2b2/0x380
[ 552.580387][T12602] ? __pfx___alloc_skb+0x10/0x10
[ 552.580408][T12602] ? find_held_lock+0x2b/0x80
[ 552.580431][T12602] tcp_stream_alloc_skb+0x34/0x570
[ 552.580457][T12602] tcp_sendmsg_locked+0xec1/0x3930
[ 552.580497][T12602] ? __pfx_tcp_sendmsg_locked+0x10/0x10
[ 552.580524][T12602] ? do_raw_spin_lock+0x12c/0x2b0
[ 552.580541][T12602] ? __pfx_do_raw_spin_lock+0x10/0x10
[ 552.580566][T12602] ? __local_bh_enable_ip+0xa4/0x120
[ 552.580590][T12602] tcp_sendmsg+0x2e/0x50
[ 552.580611][T12602] ? __pfx_tcp_sendmsg+0x10/0x10
[ 552.580632][T12602] inet_sendmsg+0xb9/0x140
[ 552.580658][T12602] __sys_sendto+0x431/0x510
[ 552.580675][T12602] ? __pfx___sys_sendto+0x10/0x10
[ 552.580713][T12602] ? ksys_write+0x1b9/0x240
[ 552.580728][T12602] ? __pfx_ksys_write+0x10/0x10
[ 552.580740][T12602] ? rcu_is_watching+0x12/0xc0
[ 552.580762][T12602] __x64_sys_sendto+0xe0/0x1c0
[ 552.580778][T12602] ? do_syscall_64+0x91/0x260
[ 552.580799][T12602] ? lockdep_hardirqs_on+0x7c/0x110
[ 552.580819][T12602] do_syscall_64+0xcd/0x260
[ 552.580841][T12602] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 552.580857][T12602] RIP: 0033:0x7f417658d169
[ 552.580870][T12602] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 552.580885][T12602] RSP: 002b:00007f417731f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 552.580900][T12602] RAX: ffffffffffffffda RBX: 00007f41767a5fa0 RCX: 00007f417658d169
[ 552.580910][T12602] RDX: 00000000000020c8 RSI: 00002000000012c0 RDI: 0000000000000003
[ 552.580920][T12602] RBP: 00007f417731f090 R08: 0000000000000000 R09: 0000000000000027
[ 552.580928][T12602] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000001
[ 552.580938][T12602] R13: 0000000000000000 R14: 00007f41767a5fa0 R15: 00007ffc1f3dc598
[ 552.580960][T12602] </TASK>
[ 552.595381][ T5873] usb 4-1: bad CDC descriptors
[ 552.621174][T12604] FAULT_INJECTION: forcing a failure.
[ 552.621174][T12604] name failslab, interval 1, probability 0, space 0, times 0
[ 552.655188][ T5873] usb 4-1: USB disconnect, device number 44
[ 552.864266][T12604] CPU: 0 UID: 0 PID: 12604 Comm: syz.2.1865 Not tainted 6.14.0-syzkaller-13546-g16cd1c265776 #0 PREEMPT(full)
[ 552.864289][T12604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 552.864299][T12604] Call Trace:
[ 552.864304][T12604] <TASK>
[ 552.864311][T12604] dump_stack_lvl+0x16c/0x1f0
[ 552.864339][T12604] should_fail_ex+0x512/0x640
[ 552.864357][T12604] ? __kmalloc_noprof+0xbf/0x510
[ 552.864376][T12604] ? drm_atomic_state_init+0x17b/0x320
[ 552.864393][T12604] should_failslab+0xc2/0x120
[ 552.864412][T12604] __kmalloc_noprof+0xd2/0x510
[ 552.864435][T12604] drm_atomic_state_init+0x17b/0x320
[ 552.864451][T12604] ? __kasan_kmalloc+0xaa/0xb0
[ 552.864468][T12604] drm_atomic_state_alloc+0xd3/0x120
[ 552.864486][T12604] drm_client_modeset_commit_atomic+0xcc/0x7e0
[ 552.864513][T12604] ? __pfx___might_resched+0x10/0x10
[ 552.864540][T12604] ? trace_contention_end+0xdd/0x130
[ 552.864555][T12604] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[ 552.864579][T12604] ? __mutex_lock+0x1ca/0xb90
[ 552.864626][T12604] drm_client_modeset_commit_locked+0x14d/0x580
[ 552.864655][T12604] drm_client_modeset_commit+0x4f/0x80
[ 552.864681][T12604] __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200
[ 552.864705][T12604] ? __pfx_drm_fbdev_client_restore+0x10/0x10
[ 552.864724][T12604] drm_fbdev_client_restore+0x2c/0x40
[ 552.864742][T12604] drm_client_dev_restore+0x1f3/0x2a0
[ 552.864769][T12604] drm_release+0x2c4/0x360
[ 552.864793][T12604] ? __pfx_drm_release+0x10/0x10
[ 552.864814][T12604] __fput+0x3ff/0xb70
[ 552.864841][T12604] fput_close_sync+0x15e/0x1e0
[ 552.864859][T12604] ? __pfx_fput_close_sync+0x10/0x10
[ 552.864882][T12604] __x64_sys_close+0x8b/0x120
[ 552.864900][T12604] do_syscall_64+0xcd/0x260
[ 552.864919][T12604] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 552.864933][T12604] RIP: 0033:0x7f39edd8d169
[ 552.864948][T12604] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 552.864961][T12604] RSP: 002b:00007f39eeb85038 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 552.864975][T12604] RAX: ffffffffffffffda RBX: 00007f39edfa5fa0 RCX: 00007f39edd8d169
[ 552.864983][T12604] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[ 552.864990][T12604] RBP: 00007f39eeb85090 R08: 0000000000000000 R09: 0000000000000000
[ 552.865003][T12604] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 552.865011][T12604] R13: 0000000000000000 R14: 00007f39edfa5fa0 R15: 00007ffd8d2e5218
[ 552.865036][T12604] </TASK>
[ 553.118342][ C0] vkms_vblank_simulate: vblank timer overrun
[ 554.302157][ T30] audit: type=1326 audit(1743992826.350:1245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12624 comm="syz.5.1871" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5b29b8d169 code=0x0
[ 554.325097][ C0] vkms_vblank_simulate: vblank timer overrun
[ 554.410410][T12630] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1873'.
[ 554.423872][T12630] xt_hashlimit: size too large, truncated to 1048576
[ 554.510609][T12631] xt_HMARK: proto mask must be zero with L3 mode
[ 555.222678][T12634] 9pnet_virtio: no channels available for device 127.0.0.1
[ 555.763400][T12642] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1874'.
[ 555.778836][T12642] xt_hashlimit: size too large, truncated to 1048576
[ 555.860536][T12643] xt_HMARK: proto mask must be zero with L3 mode
[ 556.632375][T12645] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[ 556.638914][T12645] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[ 556.682376][T12645] vhci_hcd vhci_hcd.0: Device attached
[ 556.859370][ T5873] vhci_hcd: vhci_device speed not set
[ 556.976500][ T5873] usb 39-1: new full-speed USB device number 2 using vhci_hcd
[ 557.075220][T12660] FAULT_INJECTION: forcing a failure.
[ 557.075220][T12660] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 557.088612][T12660] CPU: 1 UID: 0 PID: 12660 Comm: syz.2.1877 Not tainted 6.14.0-syzkaller-13546-g16cd1c265776 #0 PREEMPT(full)
[ 557.088634][T12660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 557.088644][T12660] Call Trace:
[ 557.088649][T12660] <TASK>
[ 557.088656][T12660] dump_stack_lvl+0x16c/0x1f0
[ 557.088681][T12660] should_fail_ex+0x512/0x640
[ 557.088703][T12660] _copy_from_user+0x2e/0xd0
[ 557.088723][T12660] get_user_ifreq+0xf1/0x250
[ 557.088746][T12660] sock_do_ioctl+0x16b/0x280
[ 557.088770][T12660] ? __pfx_sock_do_ioctl+0x10/0x10
[ 557.088798][T12660] ? ioctl_has_perm.constprop.0.isra.0+0x2f4/0x450
[ 557.088824][T12660] ? ioctl_has_perm.constprop.0.isra.0+0x2fe/0x450
[ 557.088850][T12660] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[ 557.088879][T12660] sock_ioctl+0x227/0x6b0
[ 557.088903][T12660] ? __pfx_sock_ioctl+0x10/0x10
[ 557.088925][T12660] ? hook_file_ioctl_common+0x145/0x410
[ 557.088954][T12660] ? selinux_file_ioctl+0x180/0x270
[ 557.088977][T12660] ? selinux_file_ioctl+0xb4/0x270
[ 557.089001][T12660] ? __pfx_sock_ioctl+0x10/0x10
[ 557.089026][T12660] __x64_sys_ioctl+0x190/0x200
[ 557.089051][T12660] do_syscall_64+0xcd/0x260
[ 557.089074][T12660] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 557.089090][T12660] RIP: 0033:0x7f39edd8d169
[ 557.089103][T12660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 557.089118][T12660] RSP: 002b:00007f39eeb43038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 557.089134][T12660] RAX: ffffffffffffffda RBX: 00007f39edfa6160 RCX: 00007f39edd8d169
[ 557.089144][T12660] RDX: 0000200000000080 RSI: 0000000000008933 RDI: 0000000000000007
[ 557.089154][T12660] RBP: 00007f39eeb43090 R08: 0000000000000000 R09: 0000000000000000
[ 557.089163][T12660] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 557.089172][T12660] R13: 0000000000000000 R14: 00007f39edfa6160 R15: 00007ffd8d2e5218
[ 557.089194][T12660] </TASK>
[ 557.287332][T10459] usb 4-1: new high-speed USB device number 45 using dummy_hcd
[ 557.509402][T10459] usb 4-1: Using ep0 maxpacket: 8
[ 557.986679][T10459] usb 4-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 558.002723][T10459] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x93, changing to 0x83
[ 558.014854][T10459] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 558.025877][T10459] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[ 558.065501][T10459] usb 4-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice=66.3e
[ 558.136629][T10459] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 558.194627][T10459] usb 4-1: Product: syz
[ 558.218751][T10459] usb 4-1: Manufacturer: syz
[ 560.231275][T10459] usb 4-1: SerialNumber: syz
[ 560.259086][T10459] usb 4-1: config 0 descriptor??
[ 560.291145][T12646] vhci_hcd: connection reset by peer
[ 560.318998][T10459] usb 4-1: can't set config #0, error -71
[ 560.333445][ T67] vhci_hcd: stop threads
[ 560.337690][ T67] vhci_hcd: release socket
[ 560.364817][T10459] usb 4-1: USB disconnect, device number 45
[ 560.385003][ T67] vhci_hcd: disconnect device
[ 560.703281][T12686] sg_write: process 185 (syz.6.1886) changed security contexts after opening file descriptor, this is not allowed.
[ 561.380202][ T5876] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[ 561.489344][T10459] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[ 561.699906][ T5876] usb 3-1: Using ep0 maxpacket: 16
[ 561.706998][ T5876] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 561.710768][T10459] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 561.717357][ T5876] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 561.768503][T10459] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 561.796894][T10459] usb 6-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[ 561.800477][ T5876] usb 3-1: config 0 interface 0 altsetting 0 has a duplicate endpoint with address 0x2, skipping
[ 561.816146][T10459] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 561.838490][T12704] 9pnet_virtio: no channels available for device 127.0.0.1
[ 561.857682][T10459] usb 6-1: config 0 descriptor??
[ 561.929357][ T5874] usb 4-1: new high-speed USB device number 46 using dummy_hcd
[ 562.037291][ T5876] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 562.053965][ T5876] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 562.068974][ T5876] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 562.079534][ T5876] usb 3-1: Manufacturer: syz
[ 562.095278][ T5876] usb 3-1: config 0 descriptor??
[ 562.100373][ T5873] vhci_hcd: vhci_device speed not set
[ 562.183791][ T5874] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 562.209376][ T5874] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 562.435011][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[ 562.445525][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[ 562.578147][T12690] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 562.701923][T12690] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 563.037644][T10459] hid-led 0003:27B8:01ED.000A: probe with driver hid-led failed with error -71
[ 563.086958][ T5874] usb 4-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00
[ 563.096149][ T5874] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 563.111891][ T5874] usb 4-1: config 0 descriptor??
[ 563.125437][T10459] usb 6-1: USB disconnect, device number 6
[ 563.181002][T12716] program syz.5.1893 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 563.247198][T12716] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 563.292771][T12722] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1894'.
[ 563.360930][T12722] bond0: (slave syz_tun): Releasing backup interface
[ 563.391273][ T5873] usb 3-1: USB disconnect, device number 39
[ 563.545476][ T5874] sony 0003:054C:024B.000B: unexpected long global item
[ 563.554947][ T5874] sony 0003:054C:024B.000B: parse failed
[ 563.689484][ T5874] sony 0003:054C:024B.000B: probe with driver sony failed with error -22
[ 563.895058][T12702] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12702 comm=syz.3.1891
[ 563.920478][ T5874] usb 4-1: USB disconnect, device number 46
[ 563.962516][T12734] gtp0: entered promiscuous mode
[ 564.122737][T12741] FAULT_INJECTION: forcing a failure.
[ 564.122737][T12741] name failslab, interval 1, probability 0, space 0, times 0
[ 564.139433][T12741] CPU: 1 UID: 0 PID: 12741 Comm: syz.5.1902 Not tainted 6.14.0-syzkaller-13546-g16cd1c265776 #0 PREEMPT(full)
[ 564.139456][T12741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 564.139465][T12741] Call Trace:
[ 564.139470][T12741] <TASK>
[ 564.139476][T12741] dump_stack_lvl+0x16c/0x1f0
[ 564.139502][T12741] should_fail_ex+0x512/0x640
[ 564.139519][T12741] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[ 564.139538][T12741] should_failslab+0xc2/0x120
[ 564.139556][T12741] kmem_cache_alloc_node_noprof+0x71/0x3b0
[ 564.139573][T12741] ? __alloc_skb+0x2b2/0x380
[ 564.139595][T12741] __alloc_skb+0x2b2/0x380
[ 564.139612][T12741] ? __pfx___alloc_skb+0x10/0x10
[ 564.139628][T12741] ? __pfx_ipmr_rtm_getroute+0x10/0x10
[ 564.139657][T12741] netlink_ack+0x15d/0xb80
[ 564.139687][T12741] netlink_rcv_skb+0x347/0x440
[ 564.139708][T12741] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 564.139731][T12741] ? __pfx_netlink_rcv_skb+0x10/0x10
[ 564.139765][T12741] ? netlink_deliver_tap+0x1ae/0xd30
[ 564.139790][T12741] netlink_unicast+0x53a/0x7f0
[ 564.139814][T12741] ? __pfx_netlink_unicast+0x10/0x10
[ 564.139843][T12741] netlink_sendmsg+0x8d1/0xdd0
[ 564.139867][T12741] ? __pfx_netlink_sendmsg+0x10/0x10
[ 564.139898][T12741] ____sys_sendmsg+0xa95/0xc70
[ 564.139921][T12741] ? copy_msghdr_from_user+0x10a/0x160
[ 564.139938][T12741] ? __pfx_____sys_sendmsg+0x10/0x10
[ 564.139971][T12741] ___sys_sendmsg+0x134/0x1d0
[ 564.139991][T12741] ? __pfx____sys_sendmsg+0x10/0x10
[ 564.140039][T12741] __sys_sendmsg+0x16d/0x220
[ 564.140058][T12741] ? __pfx___sys_sendmsg+0x10/0x10
[ 564.140083][T12741] ? rcu_is_watching+0x12/0xc0
[ 564.140115][T12741] do_syscall_64+0xcd/0x260
[ 564.140139][T12741] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 564.140155][T12741] RIP: 0033:0x7f5b29b8d169
[ 564.140167][T12741] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 564.140182][T12741] RSP: 002b:00007f5b2aab7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 564.140198][T12741] RAX: ffffffffffffffda RBX: 00007f5b29da5fa0 RCX: 00007f5b29b8d169
[ 564.140208][T12741] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[ 564.140218][T12741] RBP: 00007f5b2aab7090 R08: 0000000000000000 R09: 0000000000000000
[ 564.140227][T12741] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 564.140235][T12741] R13: 0000000000000000 R14: 00007f5b29da5fa0 R15: 00007ffcf3398348
[ 564.140256][T12741] </TASK>
[ 564.249336][ T5873] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[ 564.297141][T12744] 8021q: adding VLAN 0 to HW filter on device batadv1
[ 564.378879][T12739] netlink: 'syz.0.1901': attribute type 4 has an invalid length.
[ 564.385945][T12744] bond0: (slave batadv1): Enslaving as an active interface with an up link
[ 564.463804][T12739] netlink: 'syz.0.1901': attribute type 4 has an invalid length.
[ 564.521009][ T5873] usb 3-1: config 0 interface 0 has no altsetting 0
[ 564.950455][T12751] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1905'.
[ 565.346320][ T5873] usb 3-1: New USB device found, idVendor=046d, idProduct=c298, bcdDevice= 0.00
[ 565.357076][ T5873] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 565.370861][ T5873] usb 3-1: config 0 descriptor??
[ 565.425055][T12753] netlink: 'syz.3.1906': attribute type 12 has an invalid length.
[ 565.452902][T12753] netlink: 'syz.3.1906': attribute type 28 has an invalid length.
[ 565.534794][T12753] netlink: 148 bytes leftover after parsing attributes in process `syz.3.1906'.
[ 565.989327][ T5873] logitech 0003:046D:C298.000C: unknown main item tag 0x0
[ 566.127325][ T5873] logitech 0003:046D:C298.000C: unknown main item tag 0x0
[ 566.136243][ T5873] logitech 0003:046D:C298.000C: unknown main item tag 0x0
[ 566.170868][ T5873] logitech 0003:046D:C298.000C: hidraw0: USB HID v0.0b Device [HID 046d:c298] on usb-dummy_hcd.2-1/input0
[ 566.185473][ T5873] logitech 0003:046D:C298.000C: no inputs found
[ 566.204155][T12736] xt_limit: Overflow, try lower: 167772/2147483648
[ 566.237599][ T5873] usb 3-1: USB disconnect, device number 40
[ 566.609478][ T5874] usb 4-1: new high-speed USB device number 47 using dummy_hcd
[ 566.763339][ T5874] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 566.783948][ T5874] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 566.798216][ T5874] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 566.812745][ T5874] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 566.825646][ T5874] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 566.834965][ T5874] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 566.842991][ T5874] usb 4-1: Product: syz
[ 566.847263][ T5874] usb 4-1: Manufacturer: syz
[ 566.856320][ T5874] cdc_wdm 4-1:1.0: skipping garbage
[ 566.869173][ T5874] cdc_wdm 4-1:1.0: skipping garbage
[ 566.876506][ T5874] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[ 566.889435][ T5874] cdc_wdm 4-1:1.0: Unknown control protocol
[ 566.994819][ T30] audit: type=1400 audit(1743992839.040:1246): avc: denied { map } for pid=12776 comm="syz.0.1915" path="socket:[41975]" dev="sockfs" ino=41975 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 567.017943][ C1] vkms_vblank_simulate: vblank timer overrun
[ 567.105264][ T5874] usb 4-1: USB disconnect, device number 47
[ 567.114124][ T30] audit: type=1400 audit(1743992839.040:1247): avc: denied { read accept } for pid=12776 comm="syz.0.1915" path="socket:[41975]" dev="sockfs" ino=41975 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 567.137914][ C1] vkms_vblank_simulate: vblank timer overrun
[ 567.309063][ T5838] Bluetooth: hci4: ACL packet for unknown connection handle 200
[ 567.950569][T12790] xt_hashlimit: size too large, truncated to 1048576
[ 568.147597][T12791] xt_HMARK: proto mask must be zero with L3 mode
[ 569.593606][ T30] audit: type=1326 audit(1743992841.630:1248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12803 comm="syz.5.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b29b8d169 code=0x7ffc0000
[ 569.617078][ C1] vkms_vblank_simulate: vblank timer overrun
[ 569.753016][ T30] audit: type=1326 audit(1743992841.630:1249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12803 comm="syz.5.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f5b29b8d169 code=0x7ffc0000
[ 569.874047][ T30] audit: type=1326 audit(1743992841.630:1250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12803 comm="syz.5.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b29b8d169 code=0x7ffc0000
[ 569.942389][T12813] trusted_key: syz.6.1923 sent an empty control message without MSG_MORE.
[ 570.263485][ T30] audit: type=1326 audit(1743992841.630:1251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12803 comm="syz.5.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f5b29b8d169 code=0x7ffc0000
[ 570.286937][ C1] vkms_vblank_simulate: vblank timer overrun
[ 570.313840][T12815] program syz.3.1924 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 570.315545][ T30] audit: type=1326 audit(1743992841.670:1252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12803 comm="syz.5.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5b29b29359 code=0x7ffc0000
[ 570.333261][T12815] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 570.353571][ T30] audit: type=1326 audit(1743992841.670:1253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12803 comm="syz.5.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5b29b29359 code=0x7ffc0000
[ 570.389187][ T30] audit: type=1326 audit(1743992841.670:1254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12803 comm="syz.5.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5b29b29359 code=0x7ffc0000
[ 570.438779][ T30] audit: type=1326 audit(1743992841.670:1255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12803 comm="syz.5.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5b29b29359 code=0x7ffc0000
[ 572.026218][ T30] kauditd_printk_skb: 501 callbacks suppressed
[ 572.026234][ T30] audit: type=1326 audit(1743992844.020:1757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12803 comm="syz.5.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5b29b29359 code=0x7ffc0000
[ 572.099001][ T30] audit: type=1326 audit(1743992844.070:1758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12803 comm="syz.5.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5b29b29359 code=0x7ffc0000
[ 572.129713][ T5875] usb 4-1: new high-speed USB device number 48 using dummy_hcd
[ 572.616322][ T5875] usb 4-1: config 0 has no interfaces?
[ 573.033340][ T30] audit: type=1326 audit(1743992844.070:1759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12803 comm="syz.5.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5b29b29359 code=0x7ffc0000
[ 573.058338][ T30] audit: type=1326 audit(1743992844.070:1760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12803 comm="syz.5.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5b29b29359 code=0x7ffc0000
[ 573.082267][ T30] audit: type=1326 audit(1743992844.070:1761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12803 comm="syz.5.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5b29b29359 code=0x7ffc0000
[ 573.082637][ T5875] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[ 573.105610][ C1] vkms_vblank_simulate: vblank timer overrun
[ 573.105702][ T30] audit: type=1326 audit(1743992844.070:1762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12803 comm="syz.5.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5b29b29359 code=0x7ffc0000
[ 573.105739][ T30] audit: type=1326 audit(1743992844.070:1763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12803 comm="syz.5.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5b29b29359 code=0x7ffc0000
[ 573.105778][ T30] audit: type=1326 audit(1743992844.070:1764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12803 comm="syz.5.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5b29b29359 code=0x7ffc0000
[ 573.105810][ T30] audit: type=1326 audit(1743992844.070:1765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12803 comm="syz.5.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5b29b29359 code=0x7ffc0000
[ 573.220256][ T30] audit: type=1326 audit(1743992844.070:1766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12803 comm="syz.5.1921" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5b29b29359 code=0x7ffc0000
[ 573.349678][ T5875] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 573.359014][ T5875] usb 4-1: Product: syz
[ 573.363835][ T5875] usb 4-1: Manufacturer: syz
[ 573.368442][ T5875] usb 4-1: SerialNumber: syz
[ 573.375169][ T5875] usb 4-1: config 0 descriptor??
[ 576.214888][T12884] program syz.2.1945 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 576.320457][ T5951] usb 4-1: USB disconnect, device number 48
[ 576.331823][T12884] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 576.545924][T12899] xt_hashlimit: size too large, truncated to 1048576
[ 576.657307][T12902] xt_HMARK: proto mask must be zero with L3 mode
[ 577.969343][ T5906] usb 1-1: new full-speed USB device number 49 using dummy_hcd
[ 578.099536][ T5906] usb 1-1: device descriptor read/64, error -71
[ 578.372198][ T5906] usb 1-1: new full-speed USB device number 50 using dummy_hcd
[ 578.569929][ T5906] usb 1-1: device descriptor read/64, error -71
[ 578.747053][ T5906] usb usb1-port1: attempt power cycle
[ 579.109483][ T5906] usb 1-1: new full-speed USB device number 51 using dummy_hcd
[ 579.224088][ T5906] usb 1-1: device descriptor read/8, error -71
[ 579.509411][ T5906] usb 1-1: new full-speed USB device number 52 using dummy_hcd
[ 579.838023][ T5906] usb 1-1: device descriptor read/8, error -71
[ 579.871445][T12930] program syz.5.1960 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 579.902375][T12930] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 579.969067][ T5906] usb usb1-port1: unable to enumerate USB device
[ 580.209297][ T5873] usb 4-1: new high-speed USB device number 49 using dummy_hcd
[ 580.219425][ T5951] usb 3-1: new full-speed USB device number 41 using dummy_hcd
[ 580.279400][ T5906] usb 1-1: new high-speed USB device number 53 using dummy_hcd
[ 580.386001][ T5951] usb 3-1: too many endpoints for config 253 interface 0 altsetting 0: 255, using maximum allowed: 30
[ 580.449583][ T5951] usb 3-1: config 253 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 580.481844][ T5951] usb 3-1: config 253 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 255
[ 580.522175][ T5873] usb 4-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[ 580.530139][ T5906] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 580.553432][ T5873] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 580.567322][ T5951] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 580.578320][ T5906] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 580.587406][ T5951] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 580.595151][ T5873] usb 4-1: config 0 descriptor??
[ 580.604874][ T5906] usb 1-1: config 0 descriptor??
[ 580.615283][ T5906] cp210x 1-1:0.0: cp210x converter detected
[ 580.622815][ T5951] usb 3-1: SerialNumber: syz
[ 580.860567][T12937] 9pnet_fd: Insufficient options for proto=fd
[ 581.020015][ T5906] cp210x 1-1:0.0: failed to get vendor val 0x000e size 3: -32
[ 581.170615][ T5951] rndis_host 3-1:253.0: RNDIS init failed, -71
[ 581.189520][ T5951] rndis_host 3-1:253.0: probe with driver rndis_host failed with error -71
[ 581.244092][ T5951] usb 3-1: USB disconnect, device number 41
[ 581.263866][ T5906] usb 1-1: cp210x converter now attached to ttyUSB0
[ 581.340796][ T6019] Bluetooth: (null): Invalid header checksum
[ 581.362409][ T6019] Bluetooth: (null): Invalid header checksum
[ 581.430726][ T3518] Bluetooth: (null): Invalid header checksum
[ 581.457640][ T30] kauditd_printk_skb: 59 callbacks suppressed
[ 581.457652][ T30] audit: type=1400 audit(1743992853.500:1826): avc: denied { read write } for pid=12931 comm="syz.0.1962" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 581.485118][ C1] vkms_vblank_simulate: vblank timer overrun
[ 581.491475][T10459] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[ 581.514437][T12968] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 581.534502][T12968] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 581.543881][ T3518] Bluetooth: (null): Invalid header checksum
[ 581.567410][ T30] audit: type=1400 audit(1743992853.550:1827): avc: denied { open } for pid=12931 comm="syz.0.1962" path="/398/file0" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 581.608991][T12950] usb 1-1: USB disconnect, device number 53
[ 581.630308][T12950] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 581.649610][ T3518] Bluetooth: (null): Invalid header checksum
[ 581.659616][T10459] usb 6-1: device descriptor read/64, error -71
[ 581.673414][T12950] cp210x 1-1:0.0: device disconnected
[ 581.761116][ T6019] Bluetooth: (null): Invalid header checksum
[ 581.817870][ T5873] usb 4-1: Cannot set autoneg
[ 581.875950][ T6019] Bluetooth: (null): Invalid header checksum
[ 581.910965][T10459] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[ 581.919696][ T5873] MOSCHIP usb-ethernet driver 4-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[ 581.933553][ T5873] usb 4-1: USB disconnect, device number 49
[ 582.127059][ T3518] Bluetooth: (null): Invalid header checksum
[ 582.141087][ T3518] Bluetooth: (null): Invalid header checksum
[ 582.159353][T10459] usb 6-1: device descriptor read/64, error -71
[ 582.201181][ T3518] Bluetooth: (null): Invalid header checksum
[ 582.239679][T12950] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[ 582.280091][T10459] usb usb6-port1: attempt power cycle
[ 582.302947][T12985] sctp: [Deprecated]: syz.6.1977 (pid 12985) Use of int in maxseg socket option.
[ 582.302947][T12985] Use struct sctp_assoc_value instead
[ 582.424635][ T30] audit: type=1400 audit(1743992854.370:1828): avc: denied { map } for pid=12981 comm="syz.6.1977" path="/dev/dri/card0" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[ 582.497530][ T6019] Bluetooth: (null): Invalid header checksum
[ 582.550975][ T30] audit: type=1400 audit(1743992854.370:1829): avc: denied { execute } for pid=12981 comm="syz.6.1977" path="/dev/dri/card0" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[ 582.551146][ T6019] Bluetooth: (null): Invalid header checksum
[ 582.551223][ T6019] Bluetooth: (null): Invalid header checksum
[ 582.628485][T12950] usb 3-1: Using ep0 maxpacket: 16
[ 582.643540][T12950] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 33437, setting to 1024
[ 582.643568][T12950] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0xF has invalid maxpacket 1024
[ 582.643590][T12950] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 582.643610][T12950] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[ 582.648366][T12950] usb 3-1: New USB device found, idVendor=054c, idProduct=06c1, bcdDevice=c2.87
[ 582.648390][T12950] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 582.648479][T12950] usb 3-1: Product: syz
[ 582.648496][T12950] usb 3-1: Manufacturer: syz
[ 582.648509][T12950] usb 3-1: SerialNumber: syz
[ 582.653242][T12950] usb 3-1: config 0 descriptor??
[ 582.654129][ T6019] Bluetooth: (null): Invalid header checksum
[ 582.658468][T12974] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 582.664931][T12950] port100 3-1:0.0: NFC: Could not get supported command types
[ 582.775998][ T3518] Bluetooth: (null): Invalid header checksum
[ 582.785754][T10459] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[ 582.812347][T10459] usb 6-1: device descriptor read/8, error -71
[ 582.959838][ T3518] Bluetooth: (null): Invalid header checksum
[ 583.020265][ T3518] Bluetooth: (null): Invalid header checksum
[ 583.089325][T10459] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[ 583.110123][ T1318] Bluetooth: (null): Invalid header checksum
[ 583.111465][T10459] usb 6-1: device descriptor read/8, error -71
[ 583.133860][T12974] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 583.134037][T12974] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 583.221588][T10459] usb usb6-port1: unable to enumerate USB device
[ 583.225411][ T1318] Bluetooth: (null): Invalid header checksum
[ 583.410513][ T1318] Bluetooth: (null): Invalid header checksum
[ 583.440329][ T6179] Bluetooth: (null): Invalid header checksum
[ 584.043949][ T30] audit: type=1400 audit(1743992856.040:1830): avc: denied { read } for pid=13001 comm="syz.3.1982" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[ 585.649453][ T5906] usb 3-1: USB disconnect, device number 42
[ 585.723647][T13019] FAULT_INJECTION: forcing a failure.
[ 585.723647][T13019] name failslab, interval 1, probability 0, space 0, times 0
[ 585.723673][T13019] CPU: 0 UID: 0 PID: 13019 Comm: syz.5.1986 Not tainted 6.14.0-syzkaller-13546-g16cd1c265776 #0 PREEMPT(full)
[ 585.723692][T13019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 585.723702][T13019] Call Trace:
[ 585.723707][T13019] <TASK>
[ 585.723713][T13019] dump_stack_lvl+0x16c/0x1f0
[ 585.723740][T13019] should_fail_ex+0x512/0x640
[ 585.723757][T13019] ? __kmalloc_cache_noprof+0x57/0x3e0
[ 585.723784][T13019] should_failslab+0xc2/0x120
[ 585.723803][T13019] __kmalloc_cache_noprof+0x6a/0x3e0
[ 585.723827][T13019] ? rtnl_newlink+0x11b/0x2000
[ 585.723849][T13019] ? __pfx_rtnl_newlink+0x10/0x10
[ 585.723874][T13019] rtnl_newlink+0x11b/0x2000
[ 585.723901][T13019] ? __pfx_rtnl_newlink+0x10/0x10
[ 585.723919][T13019] ? find_held_lock+0x2b/0x80
[ 585.723940][T13019] ? avc_has_perm_noaudit+0x117/0x3b0
[ 585.723961][T13019] ? avc_has_perm_noaudit+0x149/0x3b0
[ 585.723983][T13019] ? __lock_acquire+0x5ca/0x1ba0
[ 585.724010][T13019] ? find_held_lock+0x2b/0x80
[ 585.724029][T13019] ? __pfx_rtnl_newlink+0x10/0x10
[ 585.724047][T13019] ? __pfx_rtnl_newlink+0x10/0x10
[ 585.724065][T13019] ? rtnetlink_rcv_msg+0x93a/0xe90
[ 585.724086][T13019] ? __pfx_rtnl_newlink+0x10/0x10
[ 585.724106][T13019] rtnetlink_rcv_msg+0x95b/0xe90
[ 585.724128][T13019] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 585.724160][T13019] netlink_rcv_skb+0x16a/0x440
[ 585.724182][T13019] ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 585.724204][T13019] ? __pfx_netlink_rcv_skb+0x10/0x10
[ 585.724238][T13019] ? netlink_deliver_tap+0x1ae/0xd30
[ 585.724264][T13019] netlink_unicast+0x53a/0x7f0
[ 585.724288][T13019] ? __pfx_netlink_unicast+0x10/0x10
[ 585.724316][T13019] netlink_sendmsg+0x8d1/0xdd0
[ 585.724341][T13019] ? __pfx_netlink_sendmsg+0x10/0x10
[ 585.724371][T13019] ____sys_sendmsg+0xa95/0xc70
[ 585.724395][T13019] ? copy_msghdr_from_user+0x10a/0x160
[ 585.724415][T13019] ? __pfx_____sys_sendmsg+0x10/0x10
[ 585.724449][T13019] ___sys_sendmsg+0x134/0x1d0
[ 585.724469][T13019] ? __pfx____sys_sendmsg+0x10/0x10
[ 585.724516][T13019] __sys_sendmsg+0x16d/0x220
[ 585.724536][T13019] ? __pfx___sys_sendmsg+0x10/0x10
[ 585.724562][T13019] ? rcu_is_watching+0x12/0xc0
[ 585.724588][T13019] do_syscall_64+0xcd/0x260
[ 585.724612][T13019] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 585.724627][T13019] RIP: 0033:0x7f5b29b8d169
[ 585.724639][T13019] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 585.724653][T13019] RSP: 002b:00007f5b2aab7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 585.724668][T13019] RAX: ffffffffffffffda RBX: 00007f5b29da5fa0 RCX: 00007f5b29b8d169
[ 585.724679][T13019] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[ 585.724688][T13019] RBP: 00007f5b2aab7090 R08: 0000000000000000 R09: 0000000000000000
[ 585.724696][T13019] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 585.724705][T13019] R13: 0000000000000000 R14: 00007f5b29da5fa0 R15: 00007ffcf3398348
[ 585.724727][T13019] </TASK>
[ 586.027443][ T30] audit: type=1326 audit(1743992858.070:1831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13028 comm="syz.3.1989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe57bf8d169 code=0x7ffc0000
[ 586.036725][ T30] audit: type=1326 audit(1743992858.080:1832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13028 comm="syz.3.1989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe57bf8d169 code=0x7ffc0000
[ 586.036941][ T30] audit: type=1326 audit(1743992858.080:1833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13028 comm="syz.3.1989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=38 compat=0 ip=0x7fe57bf8d169 code=0x7ffc0000
[ 586.037104][ T30] audit: type=1326 audit(1743992858.080:1834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13028 comm="syz.3.1989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe57bf8d169 code=0x7ffc0000
[ 586.037259][ T30] audit: type=1326 audit(1743992858.080:1835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13028 comm="syz.3.1989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe57bf8d169 code=0x7ffc0000
[ 587.416562][T13044] 8021q: adding VLAN 0 to HW filter on device batadv2
[ 587.480364][T13044] bond0: (slave batadv2): Enslaving as an active interface with an up link
[ 587.615582][T13047] delete_channel: no stack
[ 587.637092][ T30] kauditd_printk_skb: 42 callbacks suppressed
[ 587.637102][ T30] audit: type=1400 audit(1743992859.680:1878): avc: denied { ioctl } for pid=13046 comm="syz.3.1994" path="socket:[43760]" dev="sockfs" ino=43760 ioctlcmd=0xae60 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[ 587.869497][ T30] audit: type=1400 audit(1743992859.900:1879): avc: denied { ioctl } for pid=13048 comm="syz.5.1995" path="socket:[43769]" dev="sockfs" ino=43769 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[ 588.155780][T13053] overlayfs: failed to resolve './file0': -2
[ 588.378170][T13058] netlink: 'syz.0.1998': attribute type 4 has an invalid length.
[ 588.420370][T13058] netlink: 'syz.0.1998': attribute type 4 has an invalid length.
[ 588.729331][ T5951] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[ 589.377506][ T30] audit: type=1400 audit(1743992861.360:1880): avc: denied { execmem } for pid=13081 comm="syz.3.2006" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 589.630336][ T5838] Bluetooth: hci1: ACL packet for unknown connection handle 200
[ 589.711713][ T5951] usb 3-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad
[ 589.761426][ T5951] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 589.959143][ T5951] usb 3-1: config 0 descriptor??
[ 589.986501][ T5951] gspca_main: spca508-2.14.0 probing 8086:0110
[ 590.099394][ T5838] Bluetooth: hci3: command 0x0406 tx timeout
[ 590.316847][ T5951] gspca_spca508: reg_read err -32
[ 590.455404][ T5951] gspca_spca508: reg_read err -32
[ 590.990126][ T5951] gspca_spca508: reg_read err -32
[ 591.884968][ T5951] gspca_spca508: reg_read err -71
[ 591.903721][ T5951] gspca_spca508: reg_read err -71
[ 591.909626][ T5951] gspca_spca508: reg write: error -71
[ 591.915055][ T5951] spca508 3-1:0.0: probe with driver spca508 failed with error -71
[ 591.961187][ T5951] usb 3-1: USB disconnect, device number 43
[ 592.006431][T13114] geneve2: entered promiscuous mode
[ 592.018491][T13115] 9pnet_virtio: no channels available for device 127.0.0.1
[ 592.469439][ T5951] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[ 593.401293][ T5951] usb 3-1: config 0 has an invalid interface number: 69 but max is 0
[ 593.409566][ T5951] usb 3-1: config 0 has no interface number 0
[ 593.415897][ T5951] usb 3-1: config 0 interface 69 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 1023
[ 593.425937][ T5951] usb 3-1: config 0 interface 69 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 593.890256][ T9991] Bluetooth: hci3: ACL packet for unknown connection handle 200
[ 593.937363][ T5951] usb 3-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca
[ 593.948825][ T5951] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 593.956943][ T5951] usb 3-1: Product: syz
[ 593.961300][ T5951] usb 3-1: Manufacturer: syz
[ 593.965963][ T5951] usb 3-1: SerialNumber: syz
[ 593.982751][ T5951] usb 3-1: config 0 descriptor??
[ 593.989122][T13120] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 594.000670][ T5951] cyberjack 3-1:0.69: Reiner SCT Cyberjack USB card reader converter detected
[ 594.024559][ T5951] usb 3-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0
[ 594.637214][T13135] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 594.996326][T13119] use of bytesused == 0 is deprecated and will be removed in the future,
[ 595.041895][T13119] use the actual size instead.
[ 595.231829][ T9991] Bluetooth: hci5: command 0x0406 tx timeout
[ 595.285656][ T5873] usb 3-1: USB disconnect, device number 44
[ 595.347840][ T5873] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0
[ 595.388862][ T5873] cyberjack 3-1:0.69: device disconnected
[ 597.192856][ T30] audit: type=1400 audit(1743992869.240:1881): avc: denied { create } for pid=13153 comm="syz.6.2026" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 597.220942][ T5838] Bluetooth: hci5: unexpected event for opcode 0x2036
[ 598.884518][ T5838] Bluetooth: hci5: ACL packet for unknown connection handle 200
[ 599.839422][T13182] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 601.196067][T13199] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[ 601.912578][T13201] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 601.928952][T13196] overlayfs: statfs failed on './file0'
[ 601.941576][T13204] tipc: Failed to remove unknown binding: 66,1,1/11578026:1846060201/1846060203
[ 602.341574][T13204] tipc: Failed to remove unknown binding: 66,1,1/11578026:1846060201/1846060203
[ 602.375861][T13204] tipc: Failed to remove unknown binding: 66,1,1/11578026:1846060201/1846060203
[ 602.979404][ T9991] Bluetooth: hci5: command 0x0406 tx timeout
[ 603.363407][T13228] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 603.859816][T13233] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 603.868328][T13233] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 604.092471][T13241] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[ 604.823605][T13245] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[ 605.388862][ T30] audit: type=1400 audit(1743992877.430:1882): avc: denied { setopt } for pid=13250 comm="syz.0.2053" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 605.487614][ T30] audit: type=1400 audit(1743992877.460:1883): avc: denied { map } for pid=13250 comm="syz.0.2053" path="/dev/usbmon0" dev="devtmpfs" ino=716 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[ 606.005941][ T31] INFO: task kworker/u8:1:13 blocked for more than 143 seconds.
[ 606.274078][ T31] Not tainted 6.14.0-syzkaller-13546-g16cd1c265776 #0
[ 606.372107][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 606.381286][ T31] task:kworker/u8:1 state:D stack:23512 pid:13 tgid:13 ppid:2 task_flags:0x4208060 flags:0x00004000
[ 606.393371][ T31] Workqueue: events_unbound netfs_write_collection_worker
[ 606.400544][ T31] Call Trace:
[ 606.403817][ T31] <TASK>
[ 606.409341][ T31] __schedule+0x116f/0x5de0
[ 606.413862][ T31] ? add_lock_to_list+0x9d/0x130
[ 606.418819][ T31] ? __pfx___schedule+0x10/0x10
[ 606.424997][ T31] ? find_held_lock+0x2b/0x80
[ 606.429746][ T31] ? schedule+0x2d7/0x3a0
[ 606.435548][ T31] schedule+0xe7/0x3a0
[ 606.439648][ T31] bit_wait+0x15/0xe0
[ 606.443635][ T31] __wait_on_bit+0x62/0x180
[ 606.448137][ T31] ? __pfx_bit_wait+0x10/0x10
[ 606.452856][ T31] out_of_line_wait_on_bit+0xd9/0x110
[ 606.458301][ T31] ? __pfx_out_of_line_wait_on_bit+0x10/0x10
[ 606.464322][ T31] ? __pfx_wake_bit_function+0x10/0x10
[ 606.469883][ T31] ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 606.476051][ T31] netfs_retry_writes+0x300/0x1a50
[ 606.481209][ T31] ? ret_from_fork_asm+0x1a/0x30
[ 606.486160][ T31] ? stack_trace_save+0x8e/0xc0
[ 606.491059][ T31] ? __pfx_stack_trace_save+0x10/0x10
[ 606.496435][ T31] ? __pfx_netfs_retry_writes+0x10/0x10
[ 606.502277][ T31] ? check_path.constprop.0+0x24/0x50
[ 606.515561][ T31] ? save_trace+0x1ad/0x380
[ 606.525389][ T31] netfs_write_collection_worker+0x23fd/0x3830
[ 606.538223][ T31] process_one_work+0x9cc/0x1b70
[ 606.554540][ T30] audit: type=1400 audit(1743992878.600:1884): avc: denied { relabelfrom } for pid=13261 comm="syz.3.2057" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[ 606.562592][ T31] ? __pfx_process_one_work+0x10/0x10
[ 606.591570][ T31] ? assign_work+0x1a0/0x250
[ 606.596268][ T31] worker_thread+0x6c8/0xf10
[ 606.603855][ T30] audit: type=1400 audit(1743992878.600:1885): avc: denied { relabelto } for pid=13261 comm="syz.3.2057" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[ 606.606246][ T31] ? __pfx_worker_thread+0x10/0x10
[ 606.637784][ T31] kthread+0x3c2/0x780
[ 606.641975][ T31] ? __pfx_kthread+0x10/0x10
[ 606.646616][ T31] ? __pfx_kthread+0x10/0x10
[ 606.657997][ T31] ? __pfx_kthread+0x10/0x10
[ 606.662868][ T31] ? __pfx_kthread+0x10/0x10
[ 606.667515][ T31] ? rcu_is_watching+0x12/0xc0
[ 606.679468][ T31] ? __pfx_kthread+0x10/0x10
[ 606.684275][ T31] ret_from_fork+0x45/0x80
[ 606.688766][ T31] ? __pfx_kthread+0x10/0x10
[ 606.718534][ T31] ret_from_fork_asm+0x1a/0x30
[ 606.723412][ T31] </TASK>
[ 606.726617][ T31]
[ 606.726617][ T31] Showing all locks held in the system:
[ 606.748802][ T31] 2 locks held by kworker/u8:1/13:
[ 606.764139][ T31] #0: ffff88801b481148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[ 606.777660][ T31] #1: ffffc90000127d18 ((work_completion)(&rreq->work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[ 606.789319][ T31] 1 lock held by khungtaskd/31:
[ 606.794207][ T31] #0: ffffffff8e3c1580 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0
[ 606.804205][ T31] 3 locks held by kworker/u8:4/67:
[ 606.809382][ T31] #0: ffff88801b481148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[ 606.822278][ T31] #1: ffffc900015a7d18 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[ 606.832776][ T31] #2: ffffffff9012bd68 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0x51/0xc0
[ 606.848401][ T31] 2 locks held by getty/5581:
[ 606.853234][ T31] #0: ffff8880324d70a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[ 606.871156][ T31] #1: ffffc9000332e2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0
[ 606.887025][ T31] 3 locks held by kworker/u8:11/6394:
[ 606.893918][ T31] #0: ffff88801c2f3948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[ 606.910198][ T31] #1: ffffc9000fbc7d18 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[ 606.920398][ T31] #2: ffffffff90115ed0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xc9/0xb30
[ 606.931803][ T31] 2 locks held by syz.1.1503/11339:
[ 606.936989][ T31] #0: ffff888031fc6420 (sb_writers#21){.+.+}-{0:0}, at: do_pwritev+0x1af/0x270
[ 606.946988][ T31] #1: ffff88805afe27e8 (&sb->s_type->i_mutex_key#25){++++}-{4:4}, at: netfs_start_io_direct+0x116/0x260
[ 606.958258][ T31] 1 lock held by syz.0.2056/13259:
[ 606.963422][ T31] #0: ffffffff8e3cc980 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x48/0x6e0
[ 606.973358][ T31] 2 locks held by syz.3.2057/13261:
[ 606.978535][ T31] #0: ffffffff9012bd68 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x230
[ 606.987590][ T31] #1: ffffffff8e3ccab8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x280/0x3c0
[ 606.997642][ T31]
[ 607.000029][ T31] =============================================
[ 607.000029][ T31]
[ 607.008426][ T31] NMI backtrace for cpu 1
[ 607.008438][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.14.0-syzkaller-13546-g16cd1c265776 #0 PREEMPT(full)
[ 607.008456][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 607.008466][ T31] Call Trace:
[ 607.008471][ T31] <TASK>
[ 607.008477][ T31] dump_stack_lvl+0x116/0x1f0
[ 607.008501][ T31] nmi_cpu_backtrace+0x27b/0x390
[ 607.008516][ T31] ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 607.008537][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 607.008555][ T31] nmi_trigger_cpumask_backtrace+0x29c/0x300
[ 607.008574][ T31] watchdog+0xf70/0x12c0
[ 607.008595][ T31] ? __pfx_watchdog+0x10/0x10
[ 607.008615][ T31] ? lockdep_hardirqs_on+0x7c/0x110
[ 607.008636][ T31] ? __kthread_parkme+0x19e/0x250
[ 607.008662][ T31] ? __pfx_watchdog+0x10/0x10
[ 607.008677][ T31] kthread+0x3c2/0x780
[ 607.008694][ T31] ? __pfx_kthread+0x10/0x10
[ 607.008708][ T31] ? __pfx_kthread+0x10/0x10
[ 607.008723][ T31] ? __pfx_kthread+0x10/0x10
[ 607.008738][ T31] ? __pfx_kthread+0x10/0x10
[ 607.008753][ T31] ? rcu_is_watching+0x12/0xc0
[ 607.008773][ T31] ? __pfx_kthread+0x10/0x10
[ 607.008790][ T31] ret_from_fork+0x45/0x80
[ 607.008806][ T31] ? __pfx_kthread+0x10/0x10
[ 607.008821][ T31] ret_from_fork_asm+0x1a/0x30
[ 607.008857][ T31] </TASK>
[ 607.008863][ T31] Sending NMI from CPU 1 to CPUs 0:
[ 607.146344][ C0] NMI backtrace for cpu 0
[ 607.146361][ C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.14.0-syzkaller-13546-g16cd1c265776 #0 PREEMPT(full)
[ 607.146377][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 607.146385][ C0] RIP: 0010:pv_native_safe_halt+0xf/0x20
[ 607.146404][ C0] Code: 95 5d 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d d3 bc 17 00 fb f4 <c3> cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
[ 607.146416][ C0] RSP: 0018:ffffffff8e007e10 EFLAGS: 000002c6
[ 607.146427][ C0] RAX: 000000000235d1f3 RBX: 0000000000000000 RCX: ffffffff8b723439
[ 607.146436][ C0] RDX: 0000000000000000 RSI: ffffffff8dbeeb46 RDI: ffffffff8bf46580
[ 607.146444][ C0] RBP: fffffbfff1c12ee8 R08: 0000000000000001 R09: ffffed10170865bd
[ 607.146452][ C0] R10: ffff8880b8432deb R11: 0000000000000000 R12: 0000000000000000
[ 607.146459][ C0] R13: ffffffff8e097740 R14: ffffffff90865310 R15: 0000000000000000
[ 607.146468][ C0] FS: 0000000000000000(0000) GS:ffff8881249b3000(0000) knlGS:0000000000000000
[ 607.146481][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 607.146489][ C0] CR2: 00007fd87b579178 CR3: 000000007be20000 CR4: 00000000003526f0
[ 607.146497][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 607.146504][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 607.146511][ C0] Call Trace:
[ 607.146516][ C0] <TASK>
[ 607.146520][ C0] default_idle+0x13/0x20
[ 607.146538][ C0] default_idle_call+0x6d/0xb0
[ 607.146554][ C0] do_idle+0x391/0x510
[ 607.146570][ C0] ? __pfx_do_idle+0x10/0x10
[ 607.146586][ C0] ? trace_sched_exit_tp+0x31/0x130
[ 607.146605][ C0] cpu_startup_entry+0x4f/0x60
[ 607.146620][ C0] rest_init+0x16b/0x2b0
[ 607.146630][ C0] ? acpi_subsystem_init+0x133/0x180
[ 607.146645][ C0] ? __pfx_x86_late_time_init+0x10/0x10
[ 607.146663][ C0] start_kernel+0x3e9/0x4d0
[ 607.146680][ C0] x86_64_start_reservations+0x18/0x30
[ 607.146695][ C0] x86_64_start_kernel+0xb0/0xc0
[ 607.146711][ C0] common_startup_64+0x13e/0x148
[ 607.146731][ C0] </TASK>
[ 607.147380][ T31] Kernel panic - not syncing: hung_task: blocked tasks
[ 607.361244][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.14.0-syzkaller-13546-g16cd1c265776 #0 PREEMPT(full)
[ 607.372686][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 607.382723][ T31] Call Trace:
[ 607.385985][ T31] <TASK>
[ 607.388915][ T31] dump_stack_lvl+0x3d/0x1f0
[ 607.393499][ T31] panic+0x71c/0x800
[ 607.397372][ T31] ? __pfx_panic+0x10/0x10
[ 607.401780][ T31] ? preempt_schedule_thunk+0x16/0x30
[ 607.407132][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 607.413097][ T31] ? preempt_schedule_thunk+0x16/0x30
[ 607.418462][ T31] ? watchdog+0xdda/0x12c0
[ 607.422857][ T31] ? watchdog+0xdcd/0x12c0
[ 607.427255][ T31] watchdog+0xdeb/0x12c0
[ 607.431482][ T31] ? __pfx_watchdog+0x10/0x10
[ 607.436135][ T31] ? lockdep_hardirqs_on+0x7c/0x110
[ 607.441315][ T31] ? __kthread_parkme+0x19e/0x250
[ 607.446326][ T31] ? __pfx_watchdog+0x10/0x10
[ 607.450982][ T31] kthread+0x3c2/0x780
[ 607.455033][ T31] ? __pfx_kthread+0x10/0x10
[ 607.459609][ T31] ? __pfx_kthread+0x10/0x10
[ 607.464206][ T31] ? __pfx_kthread+0x10/0x10
[ 607.468773][ T31] ? __pfx_kthread+0x10/0x10
[ 607.473356][ T31] ? rcu_is_watching+0x12/0xc0
[ 607.478104][ T31] ? __pfx_kthread+0x10/0x10
[ 607.482672][ T31] ret_from_fork+0x45/0x80
[ 607.487069][ T31] ? __pfx_kthread+0x10/0x10
[ 607.491638][ T31] ret_from_fork_asm+0x1a/0x30
[ 607.496394][ T31] </TASK>
[ 607.499575][ T31] Kernel Offset: disabled
[ 607.503874][ T31] Rebooting in 86400 seconds..