last executing test programs:

33.077907143s ago: executing program 4 (id=3113):
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0)
prlimit64(0x0, 0xc, &(0x7f0000000180)={0x8, 0x6}, &(0x7f0000000f80))
sendmsg$nl_route_sched(r2, 0x0, 0x880)
connect$inet(0xffffffffffffffff, &(0x7f0000001980)={0x2, 0x1, @loopback}, 0x10)
ioctl$SNDCTL_SEQ_GETOUTCOUNT(0xffffffffffffffff, 0x80045104, &(0x7f0000000080))
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r3, &(0x7f0000000340)={0x15, 0x110, 0xfa00, {0xffffffffffffffff, 0x0, 0x30, 0x30, 0x0, @in6={0x1b, 0x4000, 0x0, @loopback, 0xbff}, @ib={0x1b, 0x38e, 0x0, {}, 0x0, 0x3ffffffc, 0x8}}}, 0x118)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b70000001c000000bca30000000000002403000020feffff620af0fff8ffffff71a4f2ff000000001f03000000000000e5000500000000002604fdffff02000015010000033800001d13fcff000000007a0af0ff0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d2ff8a642ca50934b3fbe44b0abeba9df209566984a29dfc0466e439a94e177b3c4d5f6e92b8176b9d6ddeeeb196fa964217f88e1acc180aaa4"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xfffffffffffffd27}, 0x48)
sched_getparam(0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r4 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r4, &(0x7f0000002700)=""/102392, 0x18ff8)

28.909667359s ago: executing program 4 (id=3120):
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000240), 0x40000, 0x0)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000000)={r0}, 0x8)
ioctl$sock_inet_SIOCSARP(r1, 0x8955, &(0x7f0000000040)={{0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x306, @random="a8000fd87414"}, 0xc, {0x2, 0x4e22, @multicast1}, 'veth1_macvtap\x00'})
r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f00000004c0), 0x98c, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r3, 0xc008561c, &(0x7f0000000240)={0x5, 0x403})
syz_usb_control_io$hid(r2, &(0x7f00000002c0)={0x24, 0x0, 0x0, &(0x7f00000006c0)={0x0, 0x22, 0x2, {[@local=@item_012={0x2, 0x2, 0x7, "0504"}, @main=@item_4={0x3, 0x0, 0x9, "b833bb99"}, @global=@item_012={0x0, 0x1, 0xa, "1c00"}]}}, 0x0}, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0xc0686611, &(0x7f0000000180)={0x68, 0x0, 0x17, 0x2000, &(0x7f0000ffd000/0x2000)=nil})
r5 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
r6 = socket(0x400000010, 0x3, 0x0)
write(r6, &(0x7f0000000200)="fc0000001400073eac093a00090007000aab0800080000000400e293210001c000000000060000000100000009000000fa2c1eff8656aaa79bffff00000000002d00024000036c6c256f1a272fdf0d11512fd633d4400007f60eb8fa2e6b00000016fd368934d07302ade01720d7d5bbc91a3e2e80772c05f70c9ddef2fe082038f4f8b29d3ef3d92883170efdffffff3ae4f50504000000000040d815b2ccd243f295edbabc7c3f1a5f4e023dd16b176e83df150c3b8829a1ad0a4f", 0xbc)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$9p_virtio(0x0, 0x0, 0x0, 0x880040, &(0x7f0000000300)=ANY=[@ANYBLOB="7472616e733d76697274696f2c6e6f78617474722c756e616d653d5e2c6e6f657874656e642c64656275671d3078303030303030303030303030303030362c6163636573733d757365722c63616368653d6c6f6f", @ANYRES32, @ANYRES64=r6, @ANYRESHEX=r6, @ANYRES8=0x0])
mount(0x0, 0x0, &(0x7f0000000000)='cifs\x00', 0x0, &(0x7f00000001c0)='=\n\x9b\xa1Q\x83\xe9\n@\xf6\"2a\xd7\x1fch\x1a}#\xfa\xe4\n\xdc[\x03\x97\xcd\xf1\xa6b\x9a\x1f\xff\xff\xffIT\xe4\x8c&\xac\xe6:\xc5\xe8\xd9\"\x82\xd5\xeb\x90\xef1:\xba\xc3\xc3\xd3\xad\'\xc44\x17,,\x8dZz\x04\x17-#F\xc7<\xe6\xf5]%gC\x9e\xca\nS\xc3\xc8\x98\xd8\xc8\x9eZ\xa76\x9f\xc2=\xaa\xcet7\xb9\xbd\xd47\xe3\xc8@$8\v\x9f\xfd\xe1!\x11\x19Y\x06J\x8f\x80\xef9Tw8\x1b\xe2\xf3\x85\xd5}\xa5\xb7\xd5|')
ioctl$HIDIOCGUSAGE(r5, 0xc018480b, 0x0)
r7 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01)
r8 = syz_open_dev$usbfs(&(0x7f0000000100), 0x206, 0x20182)
ioctl$USBDEVFS_ALLOW_SUSPEND(r8, 0x5522)
ioctl$USBDEVFS_BULK(r8, 0x5523, 0x0)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r7, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d80672e65a6a0a72e19c2b60bd6276fd8bb6366e9d1ed9a60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d10d1f600"})
ioctl$USBDEVFS_ALLOW_SUSPEND(r7, 0x5522)
ioctl$USBDEVFS_SETINTERFACE(r7, 0x80045510, &(0x7f0000000000))
syz_usb_connect$printer(0x6, 0x36, &(0x7f0000000100)={{0x12, 0x1, 0x2c1, 0x0, 0x0, 0x0, 0x30, 0x3f0, 0x4, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x20, 0x8, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x7, 0x1, 0x1, 0x0, "", {{{0x9, 0x5, 0x1, 0x2, 0x3ff, 0x8, 0xfa, 0xfa}}, [{{0x9, 0x5, 0x82, 0x2, 0x200, 0x6, 0x7f, 0xff}}]}}}]}}]}}, &(0x7f0000000680)={0xa, &(0x7f0000000140)={0xa, 0x6, 0x300, 0x1, 0x6, 0x7, 0xff, 0x7}, 0x43, &(0x7f0000000480)={0x5, 0xf, 0x43, 0x5, [@ptm_cap={0x3}, @ssp_cap={0x1c, 0x10, 0xa, 0x1, 0x4, 0x2, 0x0, 0xfff7, [0xc030, 0xff30, 0xc030, 0x80bfff]}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x4, 0x80, 0xff, 0x5}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x8, 0xf, 0x9, 0xfff}, @wireless={0xb, 0x10, 0x1, 0x4, 0x20, 0x3, 0x81, 0x3, 0x6}]}, 0x2, [{0xd0, &(0x7f0000000580)=@string={0xd0, 0x3, "ab58bab24c49bb2cd3a938e42d97537c43cf86f44afca7c314308b9d1bcdd2fd8fe626760a17e3b436b6fbfbe75a8f71619068c932685185d39e7fe4d7517aaff8d90d888a66dbb47e40b74e62323ce3d840e77bef01a0cb8383b3ac69d35ea5d0c4405e8c6e384620a17316b9c577f4b5c69990b1bf657f2de8eeba18d8497953d49d465540c7f5b87d9c29faabf5d3edc9bcdf8c8b271734957be8cd38a1bc7b39c14bfa39c0d231abac306913bd330a6dab6d070caae0e6881813ed7302a08b9f21eb2f6488c0f67593df00a4"}}, {0x4, &(0x7f0000000500)=@lang_id={0x4, 0x3, 0x421}}]})
ioctl$HIDIOCINITREPORT(r5, 0x4805, 0x0)
landlock_add_rule$LANDLOCK_RULE_NET_PORT(r0, 0x2, 0x0, 0x0)
r9 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x4, 0x2e4e02)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000100)={{0x1, 0x1, 0x18, <r10=>r1}, './file0\x00'})
close_range(r9, r10, 0x2)

24.993792236s ago: executing program 4 (id=3128):
fsopen(&(0x7f0000000000)='devtmpfs\x00', 0x1)
prlimit64(0x0, 0xe, &(0x7f00000004c0)={0x7, 0x800000000000008a}, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x6)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r2, 0x4068aea3, &(0x7f0000000340)={0xa8, 0x0, 0x2})
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
ptrace$ARCH_SET_GS(0x1e, r3, &(0x7f00000000c0), 0x1001)
sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000020303000000000000000000000700000000000000b51adc1529f5546376e348d2c162cb4994fc54c6db9a9cff7f00006af8588d00fb7a93255f1b3ae79bd865f86b06f1e166825ed67294be19ea22fefbbd086a3478b2bb091795ae27d89461e08e1332c4073a9333434c98f1cf797c8ce547f834ae033dda6fb3d055bb7b857a0586c4709948dea8a2be1413e01ef281f15053e96fa6ae842c39963acb52aa9030e6a0a0c925f2d6a8e6bed8b0f1aba567c4bc4055e5b8b7ce46267bac5ad40d4ee158724118c9f4b48282bdff009ed512c3c046b62aa84ff196084469d3fa1fdb65f9aa37f97491e107d19af5d391e2c4813d8fff913cee1c9fe80ad65fdb1f9281c43022a90ca6c4"], 0x14}}, 0x0)
sendmsg$NFQNL_MSG_VERDICT(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="20000000010301"], 0x20}, 0x1, 0x0, 0x0, 0x84}, 0x0)
shmget$private(0x0, 0x4000, 0x800, &(0x7f0000007000/0x4000)=nil)
ioctl$DRM_IOCTL_GET_CAP(0xffffffffffffffff, 0xc010640c, &(0x7f0000000040)={0x1})
mount$tmpfs(0x0, &(0x7f0000000540)='./cgroup\x00', &(0x7f0000000580), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="67727071756f746122c85946fc295f696e6f64655f686172646c696d69743d67372c00"])
r4 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r4, &(0x7f0000000200)={0x2, 0x4e20, @loopback}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
syz_usb_connect$hid(0x0, 0x3f, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'vcan0\x00'})
r5 = socket(0x1, 0x803, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="7fff0000000000002800128009000100766c616e000000001800028006000100340200000c0002001f0000001e00000008000500", @ANYRES32=r6], 0x50}}, 0x0)
sendmsg$nl_route_sched(r5, 0x0, 0x8080)
socket$nl_route(0x10, 0x3, 0x0)

20.733182706s ago: executing program 4 (id=3137):
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000240), 0x40000, 0x0)
r1 = bpf$ITER_CREATE(0x21, &(0x7f0000000000)={r0}, 0x8)
ioctl$sock_inet_SIOCSARP(r1, 0x8955, &(0x7f0000000040)={{0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x306, @random="a8000fd87414"}, 0xc, {0x2, 0x4e22, @multicast1}, 'veth1_macvtap\x00'})
r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f00000004c0), 0x98c, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r3, 0xc008561c, &(0x7f0000000240)={0x5, 0x403})
syz_usb_control_io$hid(r2, &(0x7f00000002c0)={0x24, 0x0, 0x0, &(0x7f00000006c0)={0x0, 0x22, 0x2, {[@local=@item_012={0x2, 0x2, 0x7, "0504"}, @main=@item_4={0x3, 0x0, 0x9, "b833bb99"}, @global=@item_012={0x0, 0x1, 0xa, "1c00"}]}}, 0x0}, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0xc0686611, &(0x7f0000000180)={0x68, 0x0, 0x17, 0x2000, &(0x7f0000ffd000/0x2000)=nil})
r5 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
r6 = socket(0x400000010, 0x3, 0x0)
write(r6, &(0x7f0000000200)="fc0000001400073eac093a00090007000aab0800080000000400e293210001c000000000060000000100000009000000fa2c1eff8656aaa79bffff00000000002d00024000036c6c256f1a272fdf0d11512fd633d4400007f60eb8fa2e6b00000016fd368934d07302ade01720d7d5bbc91a3e2e80772c05f70c9ddef2fe082038f4f8b29d3ef3d92883170efdffffff3ae4f50504000000000040d815b2ccd243f295edbabc7c3f1a5f4e023dd16b176e83df150c3b8829a1ad0a4f", 0xbc)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$9p_virtio(0x0, 0x0, 0x0, 0x880040, &(0x7f0000000300)=ANY=[@ANYBLOB="7472616e733d76697274696f2c6e6f78617474722c756e616d653d5e2c6e6f657874656e642c64656275671d3078303030303030303030303030303030362c6163636573733d757365722c63616368653d6c6f6f", @ANYRES32, @ANYRES64=r6, @ANYRESHEX=r6, @ANYRES8=0x0])
mount(0x0, 0x0, &(0x7f0000000000)='cifs\x00', 0x0, &(0x7f00000001c0)='=\n\x9b\xa1Q\x83\xe9\n@\xf6\"2a\xd7\x1fch\x1a}#\xfa\xe4\n\xdc[\x03\x97\xcd\xf1\xa6b\x9a\x1f\xff\xff\xffIT\xe4\x8c&\xac\xe6:\xc5\xe8\xd9\"\x82\xd5\xeb\x90\xef1:\xba\xc3\xc3\xd3\xad\'\xc44\x17,,\x8dZz\x04\x17-#F\xc7<\xe6\xf5]%gC\x9e\xca\nS\xc3\xc8\x98\xd8\xc8\x9eZ\xa76\x9f\xc2=\xaa\xcet7\xb9\xbd\xd47\xe3\xc8@$8\v\x9f\xfd\xe1!\x11\x19Y\x06J\x8f\x80\xef9Tw8\x1b\xe2\xf3\x85\xd5}\xa5\xb7\xd5|')
ioctl$HIDIOCGUSAGE(r5, 0xc018480b, 0x0)
r7 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01)
r8 = syz_open_dev$usbfs(&(0x7f0000000100), 0x206, 0x20182)
ioctl$USBDEVFS_ALLOW_SUSPEND(r8, 0x5522)
ioctl$USBDEVFS_BULK(r8, 0x5523, 0x0)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r7, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d80672e65a6a0a72e19c2b60bd6276fd8bb6366e9d1ed9a60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d10d1f600"})
ioctl$USBDEVFS_ALLOW_SUSPEND(r7, 0x5522)
ioctl$USBDEVFS_SETINTERFACE(r7, 0x80045510, &(0x7f0000000000))
syz_usb_connect$printer(0x6, 0x36, &(0x7f0000000100)={{0x12, 0x1, 0x2c1, 0x0, 0x0, 0x0, 0x30, 0x3f0, 0x4, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x20, 0x8, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x7, 0x1, 0x1, 0x0, "", {{{0x9, 0x5, 0x1, 0x2, 0x3ff, 0x8, 0xfa, 0xfa}}, [{{0x9, 0x5, 0x82, 0x2, 0x200, 0x6, 0x7f, 0xff}}]}}}]}}]}}, &(0x7f0000000680)={0xa, &(0x7f0000000140)={0xa, 0x6, 0x300, 0x1, 0x6, 0x7, 0xff, 0x7}, 0x43, &(0x7f0000000480)={0x5, 0xf, 0x43, 0x5, [@ptm_cap={0x3}, @ssp_cap={0x1c, 0x10, 0xa, 0x1, 0x4, 0x2, 0x0, 0xfff7, [0xc030, 0xff30, 0xc030, 0x80bfff]}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x4, 0x80, 0xff, 0x5}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x8, 0xf, 0x9, 0xfff}, @wireless={0xb, 0x10, 0x1, 0x4, 0x20, 0x3, 0x81, 0x3, 0x6}]}, 0x2, [{0xd0, &(0x7f0000000580)=@string={0xd0, 0x3, "ab58bab24c49bb2cd3a938e42d97537c43cf86f44afca7c314308b9d1bcdd2fd8fe626760a17e3b436b6fbfbe75a8f71619068c932685185d39e7fe4d7517aaff8d90d888a66dbb47e40b74e62323ce3d840e77bef01a0cb8383b3ac69d35ea5d0c4405e8c6e384620a17316b9c577f4b5c69990b1bf657f2de8eeba18d8497953d49d465540c7f5b87d9c29faabf5d3edc9bcdf8c8b271734957be8cd38a1bc7b39c14bfa39c0d231abac306913bd330a6dab6d070caae0e6881813ed7302a08b9f21eb2f6488c0f67593df00a4"}}, {0x4, &(0x7f0000000500)=@lang_id={0x4, 0x3, 0x421}}]})
ioctl$HIDIOCINITREPORT(r5, 0x4805, 0x0)
landlock_add_rule$LANDLOCK_RULE_NET_PORT(r0, 0x2, 0x0, 0x0)
r9 = syz_open_dev$usbmon(&(0x7f00000000c0), 0x4, 0x2e4e02)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(r1, 0xc0189375, &(0x7f0000000100)={{0x1, 0x1, 0x18, <r10=>r1}, './file0\x00'})
close_range(r9, r10, 0x2)

13.786687433s ago: executing program 1 (id=3152):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/address_bits', 0x0, 0xcc)
lseek(r0, 0xfffffffffffffffd, 0x3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x18, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000020b30100000000000700000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
r2 = socket$kcm(0x15, 0x5, 0x0)
setsockopt$sock_attach_bpf(r2, 0x114, 0x3, 0x0, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x3a, 0x301, 0x70bd25, 0xfffffffc, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x448d3}, 0x20080081)
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
semget$private(0x0, 0x2, 0x2)
shmat(0x0, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={0x60, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x11, 0x1, 0x0, 0x1}, @IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xffff}]}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x60}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYRES8=r0, @ANYRESOCT], 0x74}, 0x1, 0x0, 0x0, 0x80c5}, 0x40)

13.327056963s ago: executing program 2 (id=3154):
socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000004c0)={0x7, 0x800000010000008c}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x549000, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x1d)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x14, 0x3a, 0x301, 0x70bd29, 0xfffffffc, {0x3}}, 0x14}, 0x1, 0x0, 0x0, 0x448d3}, 0x0)
inotify_init()
socket$unix(0x1, 0x1, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000008c0)=@newtaction={0x64, 0x30, 0x1, 0x0, 0x0, {}, [{0x50, 0x1, [@m_mpls={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{0x200000}}}]}, {0x4, 0x4}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
listen(r4, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$alg(0x26, 0x5, 0x0)

13.283244045s ago: executing program 4 (id=3155):
open(&(0x7f0000000000)='./file0\x00', 0x143042, 0xfe)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir, 0x3a}], [], 0x2f}) (fail_nth: 10)

12.798931398s ago: executing program 3 (id=3156):
fsopen(&(0x7f0000000000)='devtmpfs\x00', 0x1)
prlimit64(0x0, 0xe, &(0x7f00000004c0)={0x7, 0x800000000000008a}, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x6)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r2, 0x4068aea3, &(0x7f0000000340)={0xa8, 0x0, 0x2})
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
ptrace$ARCH_SET_GS(0x1e, r3, &(0x7f00000000c0), 0x1001)
sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000020303000000000000000000000700000000000000b51adc1529f5546376e348d2c162cb4994fc54c6db9a9cff7f00006af8588d00fb7a93255f1b3ae79bd865f86b06f1e166825ed67294be19ea22fefbbd086a3478b2bb091795ae27d89461e08e1332c4073a9333434c98f1cf797c8ce547f834ae033dda6fb3d055bb7b857a0586c4709948dea8a2be1413e01ef281f15053e96fa6ae842c39963acb52aa9030e6a0a0c925f2d6a8e6bed8b0f1aba567c4bc4055e5b8b7ce46267bac5ad40d4ee158724118c9f4b48282bdff009ed512c3c046b62aa84ff196084469d3fa1fdb65f9aa37f97491e107d19af5d391e2c4813d8fff913cee1c9fe80ad65fdb1f9281c43022a90ca6c4"], 0x14}}, 0x0)
sendmsg$NFQNL_MSG_VERDICT(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="20000000010301"], 0x20}, 0x1, 0x0, 0x0, 0x84}, 0x0)
shmget$private(0x0, 0x4000, 0x800, &(0x7f0000007000/0x4000)=nil)
ioctl$DRM_IOCTL_GET_CAP(0xffffffffffffffff, 0xc010640c, &(0x7f0000000040)={0x1})
mount$tmpfs(0x0, &(0x7f0000000540)='./cgroup\x00', &(0x7f0000000580), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="67727071756f746122c85946fc295f696e6f64655f686172646c696d69743d67372c00"])
r4 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r4, &(0x7f0000000200)={0x2, 0x4e20, @loopback}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
syz_usb_connect$hid(0x0, 0x3f, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'vcan0\x00'})
r5 = socket(0x1, 0x803, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080))
r7 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="7fff0000000000002800128009000100766c616e000000001800028006000100340200000c0002001f0000001e00000008000500", @ANYRES32=r6], 0x50}}, 0x0)

12.49361484s ago: executing program 4 (id=3157):
r0 = creat(&(0x7f00000001c0)='./file0\x00', 0x0)
close(r0)
socket$xdp(0x2c, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000020000000000000f9ffff0b85000000ae0000008500000007"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='sys_exit\x00', r1, 0x0, 0x6}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2f00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000006000000850000000700000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000400)={r2, 0x0, 0x0, 0x0, &(0x7f00000001c0), 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1ff}, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000002240)=""/102400, 0x19000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
mount(&(0x7f0000000100)=@md0, &(0x7f0000000040)='.\x00', &(0x7f0000000000)='virtiofs\x00', 0x5, 0x0)
ioctl$TIOCSETD(r4, 0x5423, 0x0)
stat(&(0x7f0000000940)='./file0\x00', &(0x7f0000000300))
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x40000, 0x0)
gettid()
getpid()
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f00000002c0)=0x11)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r6 = socket$inet6_sctp(0xa, 0x801, 0x84)
connect$inet6(r6, &(0x7f0000000100)={0xa, 0x0, 0x0, @private1, 0x7}, 0x1c)

11.945733108s ago: executing program 1 (id=3158):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet6(r0, &(0x7f0000000a00)=[{{&(0x7f0000000240)={0xa, 0x4e20, 0xc52, @local, 0x14}, 0x1c, 0x0}}], 0x1, 0x4000841)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000000)=0x13)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000240)=0x28)
ioctl$TCSETSW2(r1, 0x402c542c, &(0x7f00000000c0)={0xfffffff8, 0x8, 0xfffbfffd, 0x984, 0x77, "bea08812dd0909000400000000000000000200", 0x4, 0x202})
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000080)=0x3)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBENT(r2, 0x4b47, &(0x7f0000000200)={0x1, 0x75, 0x1})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=ANY=[@ANYRESOCT=r2], 0x88}, 0x1, 0x0, 0x0, 0xc000}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a64000000060a0b040000000000000000020000003800048034e11a800a00010071756f74610000002400028008000240000000ef0c00014000000000000000030c00044000000000000000080900010073797a30000000000900020073797a3200000000140000001100c80100"/140], 0x8c}}, 0x0)
r4 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/ipc\x00')
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="540000001000010400000000000000ffff000000", @ANYRES32=0x0, @ANYBLOB="0380000000000000240012800c0001006d6163766c616e00140002800800010008000000060002000100000008000500", @ANYRES32=r5], 0x54}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r6)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000140)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_SET_QOS_MAP(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x30, r7, 0xc11, 0x70bd2d, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_QOS_MAP={0x14, 0xc7, {[{0x2, 0x1}, {0x7a, 0x2}, {0x4, 0x2}, {0x8, 0x2}], "7ecd4163b8fccf09"}}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000}, 0x8000)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)
pread64(0xffffffffffffffff, &(0x7f0000000200)=""/174, 0xae, 0x3b11)
ioctl$NS_GET_USERNS(r4, 0xb701, 0x0)

10.933677079s ago: executing program 2 (id=3161):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
bind$802154_raw(0xffffffffffffffff, 0x0, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0xc)
execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1000)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x1e, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x10, '\x00', 0x0, 0x24}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000100)={0x6, &(0x7f00000000c0)=[{0x40, 0xb8, 0x10, 0xe}, {0x400, 0xc, 0x3, 0x3}, {0x3, 0xf, 0x0, 0x3960}, {0x7, 0xa0, 0x80, 0x6}, {0xc3, 0x2, 0x7, 0xea}, {0x4, 0x2, 0x0, 0x2}]})
mount$bind(0x0, &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mkdir(0x0, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000140)={0xa, 0x4e22, 0xab, @loopback, 0x10001}, 0x1c)
connect$inet6(r4, &(0x7f0000000100)={0xa, 0x4e22, 0x7, @loopback, 0x23}, 0x1c)
fcntl$setstatus(r4, 0x4, 0x42800)
r5 = dup(r4)
r6 = socket(0xa, 0x3, 0xff)
connect$inet6(r6, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @empty, 0x4000002}, 0x1c)
syz_emit_ethernet(0x6e, &(0x7f00000001c0)={@random="cfb14e407d33", @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2e}, @void, {@ipv6={0x86dd, @icmpv6={0x9, 0x6, 'z&-', 0x38, 0x3a, 0x1, @local, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x8001, {0x2, 0x6, "081331", 0x9, 0xff, 0x0, @loopback, @loopback, [@fragment={0x3b, 0x0, 0xe, 0x0, 0x0, 0x3, 0x65}]}}}}}}}, 0x0)
write$RDMA_USER_CM_CMD_LISTEN(r5, &(0x7f00000000c0)={0x7, 0xffffffffffffffa0, 0xfa00, {0xffffffffffffffff, 0x10c}}, 0xfffffd88)
rmdir(&(0x7f0000000380)='./file0/../file0\x00')

10.853980645s ago: executing program 1 (id=3162):
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000000206030000000000008000000000000805000100070000000900020073797a30000000001400078008001240001500000500150000100000050005000000000005000400000000000d000300686173683a6d6163"], 0x5c}}, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f00009e4000/0x2000)=nil, 0x2000, 0xb635773f06ebbeee, 0x100010, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
socket$inet_tcp(0x2, 0x1, 0x0)
syz_usb_connect(0x3, 0x3d, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000bdce4208110f80106afc0000000109022b00010000000009043700022ee5cd0009058010ff037f790209050e032000"], 0x0)
r3 = add_key$fscrypt_v1(&(0x7f0000000440), &(0x7f0000000480)={'fscrypt:', @auto=[0x39, 0x0, 0x0, 0x62, 0x86cc4097e8288a3a, 0x0, 0x0, 0x0, 0x34, 0x63, 0x0, 0x64, 0x0, 0x0, 0x0, 0x64]}, &(0x7f00000004c0)={0x0, "3e82554dc8ccfbc2e85ec82d4ee9df60f6ae16b1a5f2c848722ba3b132e4fde178c945bd950b0477e801fc8a1be9b4ebbe9c2289a6b0aa00"}, 0x48, 0xfffffffffffffffe)
pipe2$watch_queue(&(0x7f0000000000)={<r4=>0xffffffffffffffff}, 0x80)
socket$inet_udp(0x2, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
keyctl$KEYCTL_WATCH_KEY(0x20, r3, r4, 0x1d)
keyctl$KEYCTL_WATCH_KEY(0x20, r3, 0xffffffffffffffff, 0xfeffffffffffff)

9.979946416s ago: executing program 2 (id=3163):
fsopen(&(0x7f0000000000)='devtmpfs\x00', 0x1)
prlimit64(0x0, 0xe, &(0x7f00000004c0)={0x7, 0x800000000000008a}, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x6)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r2, 0x4068aea3, &(0x7f0000000340)={0xa8, 0x0, 0x2})
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
ptrace$ARCH_SET_GS(0x1e, r3, &(0x7f00000000c0), 0x1001)
sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000020303000000000000000000000700000000000000b51adc1529f5546376e348d2c162cb4994fc54c6db9a9cff7f00006af8588d00fb7a93255f1b3ae79bd865f86b06f1e166825ed67294be19ea22fefbbd086a3478b2bb091795ae27d89461e08e1332c4073a9333434c98f1cf797c8ce547f834ae033dda6fb3d055bb7b857a0586c4709948dea8a2be1413e01ef281f15053e96fa6ae842c39963acb52aa9030e6a0a0c925f2d6a8e6bed8b0f1aba567c4bc4055e5b8b7ce46267bac5ad40d4ee158724118c9f4b48282bdff009ed512c3c046b62aa84ff196084469d3fa1fdb65f9aa37f97491e107d19af5d391e2c4813d8fff913cee1c9fe80ad65fdb1f9281c43022a90ca6c4"], 0x14}}, 0x0)
sendmsg$NFQNL_MSG_VERDICT(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="20000000010301"], 0x20}, 0x1, 0x0, 0x0, 0x84}, 0x0)
shmget$private(0x0, 0x4000, 0x800, &(0x7f0000007000/0x4000)=nil)
ioctl$DRM_IOCTL_GET_CAP(0xffffffffffffffff, 0xc010640c, &(0x7f0000000040)={0x1})
mount$tmpfs(0x0, &(0x7f0000000540)='./cgroup\x00', &(0x7f0000000580), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="67727071756f746122c85946fc295f696e6f64655f686172646c696d69743d67372c00"])
r4 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r4, &(0x7f0000000200)={0x2, 0x4e20, @loopback}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
syz_usb_connect$hid(0x0, 0x3f, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'vcan0\x00'})
r5 = socket(0x1, 0x803, 0x0)
r6 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="7fff0000000000002800128009000100766c616e000000001800028006000100340200000c0002001f0000001e00000008000500", @ANYRES32], 0x50}}, 0x0)
sendmsg$nl_route_sched(r5, 0x0, 0x8080)
socket$nl_route(0x10, 0x3, 0x0)

9.565353226s ago: executing program 0 (id=3164):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
getpgrp(0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
io_uring_setup(0x1b7f, &(0x7f0000000040)={0x0, 0x635c, 0x1f480, 0x0, 0x399})

8.6945185s ago: executing program 0 (id=3165):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000002c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x24008800)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000ac0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x21}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x6c}, 0x1, 0x0, 0x0, 0x24000850}, 0x40)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
bind$inet(0xffffffffffffffff, 0x0, 0xa0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x24, &(0x7f0000000340)=0x9, 0x4)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', 0xffffffffffffffff, 0x0, 0xd76}, 0x18)
r2 = syz_open_procfs$pagemap(0x0, &(0x7f0000001080))
ioctl$PAGEMAP_SCAN(r2, 0xc0606610, &(0x7f0000000140)={0x60, 0x0, &(0x7f0000001000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x0, 0x0, 0x0, 0x100000c01, 0x38, 0x0, 0x42, 0x6e})

8.200935282s ago: executing program 3 (id=3166):
syz_usb_connect(0x3, 0x24, &(0x7f0000002040)=ANY=[@ANYBLOB="12010000fe76181004160780a6af011703010902120001000000000904"], 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip_vs\x00')
pread64(r1, &(0x7f0000000280)=""/86, 0x56, 0x4000000000000f3)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000600)={&(0x7f0000000380)="d5d5b114243ca2c4d7bc52e28dafa59393314fb64013f7f2fef197455d32b5253c3392786e156d1820245438dc095130f92ba97025d57454edb72a0607d85ee180fe62ecce3423f6cf3cd6b4c6b26034677e7df1adcfcd9c5b0cb85894549c830e3664199aabd369bf0022f0019c05dbde0ec5a9268de768a935ff507d951beba779c1a1a4c0271451ebf7f3599ed25448c05bd033c81fa902a4889cfa8a41ce605ff3245d6ceaf6fc70", &(0x7f0000000440)=""/249, &(0x7f0000000540)="29fe14edce64ae0be5fb0209a0fce82c0ba96b59db7ade5ae1ed4e65cb34eebeafa9cafcbbaf288da135a635dcb89ae95585b8ce050f95a847db3900689cdbff6d8be3a534e6eacdaca0b172a06554e6a6c2ee4feaf324535490e5c234da88aafdcd1c6e6df57e8256112dd076be7ea79e3452", &(0x7f00000005c0)="e383f04c79a0b7c99c64c7ab7e3740c025380ca9af8281c72553bc140dc6b0727b8e9a8341d53acd94c530d4ea482662271ec250", 0xb, r1}, 0x38)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
r4 = memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xcda\x9b\x11X\x0e\xa1\xcf\x1a\x98S7\xc9\x00'/47, 0x2)
ftruncate(r4, 0xffff)
fcntl$addseals(r4, 0x409, 0x7)
r5 = ioctl$UDMABUF_CREATE(r3, 0x40187542, &(0x7f0000000000)={r4, 0x0, 0x0, 0x8000})
ioctl$DMA_BUF_IOCTL_SYNC(r5, 0x40086200, &(0x7f00000001c0)=0x1)
syz_open_dev$sndctrl(&(0x7f0000000100), 0xfffffffffffffffd, 0x183003)

6.701606016s ago: executing program 1 (id=3167):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sched_switch\x00', r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f00009e4000/0x2000)=nil, 0x2000, 0xb635773f06ebbeee, 0x100010, r0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
socket$inet_tcp(0x2, 0x1, 0x0)
syz_usb_connect(0x3, 0x3d, &(0x7f0000000240)=ANY=[@ANYBLOB="12010000bdce4208110f80106afc0000000109022b00010000000009043700022ee5cd0009058010ff037f790209050e032000"], 0x0)
r4 = add_key$fscrypt_v1(&(0x7f0000000440), &(0x7f0000000480)={'fscrypt:', @auto=[0x39, 0x0, 0x0, 0x62, 0x86cc4097e8288a3a, 0x0, 0x0, 0x0, 0x34, 0x63, 0x0, 0x64, 0x0, 0x0, 0x0, 0x64]}, &(0x7f00000004c0)={0x0, "3e82554dc8ccfbc2e85ec82d4ee9df60f6ae16b1a5f2c848722ba3b132e4fde178c945bd950b0477e801fc8a1be9b4ebbe9c2289a6b0aa00"}, 0x48, 0xfffffffffffffffe)
pipe2$watch_queue(&(0x7f0000000000)={<r5=>0xffffffffffffffff}, 0x80)
socket$inet_udp(0x2, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
keyctl$KEYCTL_WATCH_KEY(0x20, r4, r5, 0x1d)
keyctl$KEYCTL_WATCH_KEY(0x20, r4, 0xffffffffffffffff, 0xfeffffffffffff)

6.513557211s ago: executing program 2 (id=3168):
socket$packet(0x11, 0x3, 0x300)
socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=@ipv4_newrule={0x34, 0x20, 0x1, 0x70bd26, 0x21dfdbfe, {0x2, 0x20, 0x14, 0xfb, 0x8, 0x0, 0x0, 0x1}, [@FRA_SRC={0x8, 0x2, @private=0xa010100}, @FRA_GENERIC_POLICY=@FRA_SUPPRESS_PREFIXLEN={0x8, 0xe, 0x3ff}, @FRA_GENERIC_POLICY=@FRA_SUPPRESS_PREFIXLEN={0x8, 0xe, 0x1}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000800}, 0x20000000)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000400)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000400)=@mangle={'mangle\x00', 0x64, 0x6, 0x788, 0x6b8, 0x558, 0x6b8, 0x410, 0x0, 0x6b8, 0x6b8, 0x6b8, 0x6b8, 0x6b8, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x7fffffff, 'syz0\x00', {0x8}}}}, {{@ipv6={@remote, @local, [], [], 'macvtap0\x00', 'ip6tnl0\x00', {}, {}, 0x11}, 0x0, 0x198, 0x1d8, 0x0, {}, [@inet=@rpfilter={{0x28}, {0xc}}, @common=@unspec=@conntrack3={{0xc8}, {{@ipv6=@remote, [], @ipv6=@private1, [0xffffffff, 0xff000000, 0xffffffff], @ipv6=@private2, [0x0, 0xffffffff, 0xffffffff, 0xffffffff], @ipv4=@multicast2, [0x0, 0x0, 0xff000000, 0xff], 0x0, 0x0, 0x42, 0x4e22, 0x4e24, 0x4e20, 0x4e24, 0x10, 0x23ccf3e9fd2b5143}, 0x0, 0x80, 0x0, 0x4e20, 0x4e24, 0x4e23}}]}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}}, {{@ipv6={@mcast2, @loopback, [], [], 'veth0_to_team\x00', 'syzkaller0\x00'}, 0x0, 0x100, 0x148, 0x0, {}, [@common=@unspec=@connmark={{0x30}}, @common=@inet=@socket1={{0x28}}]}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @ipv6=@private2, 0x0, 0xfe}}}, {{@uncond, 0x0, 0x120, 0x148, 0x0, {}, [@common=@frag={{0x30}}, @common=@hbh={{0x48}}]}, @inet=@DSCP={0x28}}, {{@uncond, 0x0, 0x118, 0x160, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@dst={{0x48}, {0x0, 0x0, 0x0, [0x0, 0xe]}}]}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv6=@dev, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x7e8)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x2040, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0xd, 0x0, &(0x7f0000000240)="e30080670000ec67838717bd86", 0x0, 0x406, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}, 0x50)
r4 = syz_open_dev$sg(&(0x7f0000000140), 0x6f5e, 0x0)
ioctl$FIBMAP(r4, 0x1, &(0x7f0000000040)=0x85)

6.41060744s ago: executing program 0 (id=3169):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/address_bits', 0x0, 0xcc)
lseek(r0, 0xfffffffffffffffd, 0x3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x18, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000020b30100000000000700000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
r2 = socket$kcm(0x15, 0x5, 0x0)
setsockopt$sock_attach_bpf(r2, 0x114, 0x3, 0x0, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x3a, 0x301, 0x70bd25, 0xfffffffc, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x448d3}, 0x20080081)
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
semget$private(0x0, 0x2, 0x2)
shmat(0x0, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={0x60, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x11, 0x1, 0x0, 0x1}, @IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xffff}]}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x60}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYRES8=r0, @ANYRESOCT], 0x74}, 0x1, 0x0, 0x0, 0x80c5}, 0x40)

5.82787253s ago: executing program 2 (id=3170):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = getpgrp(0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r2, 0x6, 0x19, &(0x7f00000000c0), 0x4)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x3)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0041, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$TUNSETVNETHDRSZ(r4, 0x400454d8, &(0x7f0000000140)=0x90)
write$tun(r4, &(0x7f0000000240)=ANY=[@ANYRES16=r0], 0xfdef)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r5 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r5, 0x1, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r6 = io_uring_setup(0x1b7f, &(0x7f0000000040)={0x0, 0x635c, 0x1f480, 0x0, 0x399})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
io_uring_enter(r6, 0x8ae, 0x6933, 0x17, 0x0, 0xeffd)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r0)

4.404396169s ago: executing program 0 (id=3171):
r0 = creat(&(0x7f00000001c0)='./file0\x00', 0x0)
close(r0)
socket$xdp(0x2c, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='sys_exit\x00', 0xffffffffffffffff, 0x0, 0x6}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2f00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000000600"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000400)={r1, 0x0, 0x0, 0x0, &(0x7f00000001c0), 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1ff}, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000140)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000002240)=""/102400, 0x19000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
mount(&(0x7f0000000100)=@md0, &(0x7f0000000040)='.\x00', &(0x7f0000000000)='virtiofs\x00', 0x5, 0x0)
ioctl$TIOCSETD(r3, 0x5423, 0x0)
stat(&(0x7f0000000940)='./file0\x00', &(0x7f0000000300))
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x40000, 0x0)
gettid()
getpid()
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000002c0)=0x11)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r5 = socket$inet6_sctp(0xa, 0x801, 0x84)
connect$inet6(r5, &(0x7f0000000100)={0xa, 0x0, 0x0, @private1, 0x7}, 0x1c)

3.637433738s ago: executing program 3 (id=3172):
socket$inet(0x2b, 0xa, 0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
write$FUSE_NOTIFY_RESEND(0xffffffffffffffff, &(0x7f0000000080)={0x14}, 0x14)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
sendmmsg(r5, &(0x7f0000000180), 0x400008a, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
r7 = syz_open_procfs(0x0, &(0x7f0000000400)='map_files\x00')
getdents64(r7, &(0x7f0000000080)=""/147, 0x93)

2.856683906s ago: executing program 1 (id=3173):
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
io_uring_setup(0x1b7f, &(0x7f0000000040)={0x0, 0x635c, 0x1f480, 0x0, 0x399})

1.755414604s ago: executing program 1 (id=3174):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_GET_EMULATED_CPUID(r0, 0xc008ae09, &(0x7f0000000500)={0x3, 0x0, [{0xd, 0x1, 0x1, 0x3, 0x6, 0x0, 0x3}, {0x0, 0x4, 0x5, 0x8, 0x7, 0x2, 0xffff}, {0x180000000, 0x10001, 0x4, 0xc, 0x3, 0x80000000, 0x9}]})

1.704057573s ago: executing program 3 (id=3175):
socket$can_raw(0x1d, 0x3, 0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000680)={'bridge0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5800000055003d07000000000001000007000000", @ANYRES32=r1, @ANYBLOB="20000280", @ANYRES32=r0, @ANYBLOB="0000000000000000000000000a0000000000000000000014200001"], 0x58}}, 0x0)
r2 = openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = syz_open_procfs(0x0, &(0x7f00000003c0)='net/raw\x00')
read$FUSE(r4, &(0x7f0000001e80)={0x2020}, 0x2062)
openat$nullb(0xffffffffffffff9c, &(0x7f00000000c0), 0x482142, 0x0)
setsockopt$inet_tcp_buf(0xffffffffffffffff, 0x6, 0x21, &(0x7f0000000080), 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
ioctl$VIDIOC_S_EXT_CTRLS(0xffffffffffffffff, 0xc0205648, &(0x7f0000000100)={0x97ffff, 0x1, 0x7, r4, 0x0, 0x0})
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r6 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x8)
bind$bt_hci(r5, &(0x7f0000000000)={0x1f, 0xffff, 0x3}, 0x6)
setsockopt$packet_fanout_data(r6, 0x107, 0x16, &(0x7f0000000100)={0x1, &(0x7f0000000280)=[{0xb0c1, 0x3, 0xe, 0x9}]}, 0x10)
write$binfmt_misc(r5, &(0x7f0000000100), 0x6)
recvfrom$llc(r4, &(0x7f0000000300)=""/56, 0x38, 0x40000003, 0x0, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000700))
setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, 0x0, 0x0)
socketpair(0x18, 0x5, 0x1, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[], 0x40}, 0x1, 0x0, 0x0, 0x811}, 0x0)
socket$inet6(0x10, 0x3, 0x0)

1.213973849s ago: executing program 0 (id=3176):
socket$key(0xf, 0x3, 0x2)
getpid()
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x26e1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
syz_emit_ethernet(0xe5, &(0x7f00000001c0)={@broadcast, @broadcast, @void, {@llc_tr={0x11, {@snap={0xa9, 0xaa, '.', "f4ddb3", 0x16, "6c469260b0c816320e1a9a369db2133d1d54181b78410ae1c85f6183b3a81c38cac236f23de69e075ccfd7f8b7c2a1accf971fd2858b1e6441440b23e0be23d0c96265d9d782b6812b79cd15bf6db1244cca9ed3b2f2b17ca4755a3d71fb1717227cbdad05a575f8354e492ee1bffc8cdf3aa6dfec5d3aa9ad87fab175f45a1f93bfff76f4b63583e0aa4b200a8e3104e79b7f9b71201de7f870d9338aca0ba12e88b3d0b7af3466b9720bee12c7f18581c474e6e455955809ed35ceaf156f1271c7c62b8e37830679eedb3cc18f2b"}}}}}, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000300)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x7, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x50)
getsockopt$sock_buf(r0, 0x1, 0x1a, 0x0, &(0x7f00000000c0))

1.137927052s ago: executing program 2 (id=3177):
fsopen(&(0x7f0000000000)='devtmpfs\x00', 0x1)
prlimit64(0x0, 0xe, &(0x7f00000004c0)={0x7, 0x800000000000008a}, 0x0)
sched_setscheduler(0x0, 0x0, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x6)
ioctl$KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2(r2, 0x4068aea3, &(0x7f0000000340)={0xa8, 0x0, 0x2})
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
ptrace$ARCH_SET_GS(0x1e, r3, &(0x7f00000000c0), 0x1001)
sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000020303000000000000000000000700000000000000b51adc1529f5546376e348d2c162cb4994fc54c6db9a9cff7f00006af8588d00fb7a93255f1b3ae79bd865f86b06f1e166825ed67294be19ea22fefbbd086a3478b2bb091795ae27d89461e08e1332c4073a9333434c98f1cf797c8ce547f834ae033dda6fb3d055bb7b857a0586c4709948dea8a2be1413e01ef281f15053e96fa6ae842c39963acb52aa9030e6a0a0c925f2d6a8e6bed8b0f1aba567c4bc4055e5b8b7ce46267bac5ad40d4ee158724118c9f4b48282bdff009ed512c3c046b62aa84ff196084469d3fa1fdb65f9aa37f97491e107d19af5d391e2c4813d8fff913cee1c9fe80ad65fdb1f9281c43022a90ca6c4"], 0x14}}, 0x0)
sendmsg$NFQNL_MSG_VERDICT(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="20000000010301"], 0x20}, 0x1, 0x0, 0x0, 0x84}, 0x0)
shmget$private(0x0, 0x4000, 0x800, &(0x7f0000007000/0x4000)=nil)
ioctl$DRM_IOCTL_GET_CAP(0xffffffffffffffff, 0xc010640c, &(0x7f0000000040)={0x1})
mount$tmpfs(0x0, &(0x7f0000000540)='./cgroup\x00', &(0x7f0000000580), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="67727071756f746122c85946fc295f696e6f64655f686172646c696d69743d67372c00"])
r4 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r4, &(0x7f0000000200)={0x2, 0x4e20, @loopback}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
syz_usb_connect$hid(0x0, 0x3f, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'vcan0\x00'})
r5 = socket(0x1, 0x803, 0x0)
r6 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="7fff0000000000002800128009000100766c616e000000001800028006000100340200000c0002001f0000001e00000008000500", @ANYRES32], 0x50}}, 0x0)
sendmsg$nl_route_sched(r5, 0x0, 0x8080)
socket$nl_route(0x10, 0x3, 0x0)

466.924318ms ago: executing program 3 (id=3178):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000002c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x24008800)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000ac0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x21}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x6c}, 0x1, 0x0, 0x0, 0x24000850}, 0x40)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
bind$inet(0xffffffffffffffff, 0x0, 0xa0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x24, &(0x7f0000000340)=0x9, 0x4)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', 0xffffffffffffffff, 0x0, 0xd76}, 0x18)
r2 = syz_open_procfs$pagemap(0x0, &(0x7f0000001080))
ioctl$PAGEMAP_SCAN(r2, 0xc0606610, &(0x7f0000000140)={0x60, 0x0, &(0x7f0000001000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x0, 0x0, 0x0, 0x100000c01, 0x38, 0x0, 0x42, 0x6e})

214.782067ms ago: executing program 0 (id=3179):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/address_bits', 0x0, 0xcc)
lseek(r0, 0xfffffffffffffffd, 0x3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x18, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000020b30100000000000700000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
r1 = socket$kcm(0x15, 0x5, 0x0)
setsockopt$sock_attach_bpf(r1, 0x114, 0x3, 0x0, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x3a, 0x301, 0x70bd25, 0xfffffffc, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x448d3}, 0x20080081)
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
semget$private(0x0, 0x2, 0x2)
shmat(0x0, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={0x60, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x11, 0x1, 0x0, 0x1}, @IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xffff}]}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x60}}, 0x0)

0s ago: executing program 3 (id=3180):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/address_bits', 0x0, 0xcc)
lseek(r0, 0xfffffffffffffffd, 0x3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x18, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000020b30100000000000700000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
r2 = socket$kcm(0x15, 0x5, 0x0)
setsockopt$sock_attach_bpf(r2, 0x114, 0x3, 0x0, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x3a, 0x301, 0x70bd25, 0xfffffffc, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x448d3}, 0x20080081)
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
shmat(0x0, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r8, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={0x60, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x11, 0x1, 0x0, 0x1}, @IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0xffff}]}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x60}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYRES8=r0, @ANYRESOCT], 0x74}, 0x1, 0x0, 0x0, 0x80c5}, 0x40)

kernel console output (not intermixed with test programs):

ject_r:lvm_control_t tclass=chr_file permissive=1
[ 1181.948470][ T5900] sony 0003:054C:0268.0005: item fetching failed at offset 0/3
[ 1182.072382][ T5900] sony 0003:054C:0268.0005: parse failed
[ 1182.698855][ T5900] sony 0003:054C:0268.0005: probe with driver sony failed with error -22
[ 1183.558937][   T30] audit: type=1400 audit(1767644100.470:996): avc:  denied  { ioctl } for  pid=18569 comm="syz.4.2682" path="/dev/btrfs-control" dev="devtmpfs" ino=1316 ioctlcmd=0xaf00 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[ 1183.711848][   T30] audit: type=1400 audit(1767644100.680:997): avc:  denied  { read } for  pid=18576 comm="syz.2.2684" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[ 1183.751371][   T30] audit: type=1400 audit(1767644102.220:998): avc:  denied  { setopt } for  pid=18576 comm="syz.2.2684" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[ 1183.932079][ T5959] usb 1-1: new high-speed USB device number 71 using dummy_hcd
[ 1184.034799][ T5900] usb 2-1: USB disconnect, device number 63
[ 1184.101871][ T5959] usb 1-1: Using ep0 maxpacket: 32
[ 1184.109057][ T5959] usb 1-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[ 1184.128517][ T5959] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1184.149328][ T5959] usb 1-1: config 0 descriptor??
[ 1184.170257][ T5959] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[ 1184.365013][T18615] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[ 1184.384071][T18615] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[ 1184.473057][T18594] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null.
[ 1184.553342][T18594] overlayfs: missing 'lowerdir'
[ 1185.047219][ T5959] gspca_vc032x: reg_w err -71
[ 1185.053422][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1185.065384][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1185.076945][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1185.100812][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1185.114527][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1185.129335][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1185.147984][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1185.189552][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1185.224432][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1185.233676][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1185.241047][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1185.246805][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1185.264894][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1185.270248][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1185.278460][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1185.286922][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1185.296705][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1185.303547][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1185.308869][ T5959] gspca_vc032x: Unknown sensor...
[ 1185.316334][ T5959] vc032x 1-1:0.0: probe with driver vc032x failed with error -22
[ 1185.362940][ T5959] usb 1-1: USB disconnect, device number 71
[ 1186.199584][T18650] program syz.0.2693 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1186.355723][ T5959] usb 2-1: new high-speed USB device number 64 using dummy_hcd
[ 1186.526879][T18653] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2694'.
[ 1186.629388][T18655] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2695'.
[ 1187.111618][ T5959] usb 2-1: Using ep0 maxpacket: 8
[ 1187.127754][ T5959] usb 2-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[ 1187.157248][ T5959] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1187.181993][ T5959] usb 2-1: Product: syz
[ 1188.047282][ T5959] usb 2-1: Manufacturer: syz
[ 1188.052379][ T5959] usb 2-1: SerialNumber: syz
[ 1188.060371][ T5959] usb 2-1: config 0 descriptor??
[ 1188.168415][ T5959] gspca_main: se401-2.14.0 probing 047d:5003
[ 1188.822315][T18679] siw: device registration error -23
[ 1189.325082][T18680] virtio-fs: tag </dev/md0> not found
[ 1189.436632][T18680] can0: slcan on ttyS3.
[ 1189.988451][T18671] can0 (unregistered): slcan off ttyS3.
[ 1190.071196][T18703] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[ 1190.502035][   T30] audit: type=1400 audit(1767644108.710:999): avc:  denied  { setopt } for  pid=18687 comm="syz.2.2701" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[ 1190.551208][   T30] audit: type=1400 audit(1767644108.710:1000): avc:  denied  { bind } for  pid=18687 comm="syz.2.2701" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[ 1190.602993][ T5959] gspca_se401: read req failed req 0x06 error -19
[ 1190.732552][ T5959] usb 2-1: USB disconnect, device number 64
[ 1190.806024][T18716] siw: device registration error -23
[ 1191.860345][T18733] PID 18733 killed due to inadequate hugepage pool
[ 1191.871194][T18731] virtio-fs: tag </dev/md0> not found
[ 1191.921057][T18735] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2707'.
[ 1192.061548][   T30] audit: type=1326 audit(1767644110.680:1001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18737 comm="syz.3.2700" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94c2b8f749 code=0x7ffc0000
[ 1192.163001][   T30] audit: type=1326 audit(1767644110.710:1002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18737 comm="syz.3.2700" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94c2b8f749 code=0x7ffc0000
[ 1192.340232][   T30] audit: type=1326 audit(1767644110.710:1003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18737 comm="syz.3.2700" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f94c2b8f749 code=0x7ffc0000
[ 1192.379914][T18730] can0: slcan on ttyS3.
[ 1192.388357][   T30] audit: type=1326 audit(1767644110.710:1004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18737 comm="syz.3.2700" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94c2b8f749 code=0x7ffc0000
[ 1193.736569][   T30] audit: type=1326 audit(1767644110.710:1005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18737 comm="syz.3.2700" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94c2b8f749 code=0x7ffc0000
[ 1193.806381][   T30] audit: type=1326 audit(1767644110.780:1006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18737 comm="syz.3.2700" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f94c2b8f749 code=0x7ffc0000
[ 1193.875638][T18729] can0 (unregistered): slcan off ttyS3.
[ 1194.094642][   T30] audit: type=1326 audit(1767644110.780:1007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18737 comm="syz.3.2700" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94c2b8f749 code=0x7ffc0000
[ 1194.653202][   T30] audit: type=1326 audit(1767644110.780:1008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18737 comm="syz.3.2700" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94c2b8f749 code=0x7ffc0000
[ 1195.698469][T18801] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2719'.
[ 1196.048139][T18804] PID 18804 killed due to inadequate hugepage pool
[ 1196.108851][T18805] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2720'.
[ 1196.233006][T18812] syzkaller0: entered promiscuous mode
[ 1196.238528][T18812] syzkaller0: entered allmulticast mode
[ 1197.265759][T18827] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1197.855122][T18824] capability: warning: `syz.1.2724' uses deprecated v2 capabilities in a way that may be insecure
[ 1197.866663][T18824] overlayfs: missing 'workdir'
[ 1197.872702][    T9] usb 5-1: new high-speed USB device number 67 using dummy_hcd
[ 1198.121796][    T9] usb 5-1: Using ep0 maxpacket: 16
[ 1198.128539][    T9] usb 5-1: config 1 interface 0 has no altsetting 0
[ 1198.141175][    T9] usb 5-1: New USB device found, idVendor=05ac, idProduct=0230, bcdDevice= 0.40
[ 1198.157716][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1198.187196][    T9] usb 5-1: Product: 䀺
[ 1198.191541][    T9] usb 5-1: Manufacturer: 錷ଆ䑏뢂࠯巏ﰩ큐ଥ墨㓘娋洱夂Ⅿ䑒蕏猒爠寗蟄㕭딳Ỹꁾ됍ꁹ捣㵠麯꣌ۛ祴꤮폄Ꮷ굱ⰺ엎탮瀍ᝍ伿∝桜̳Ꮒወ撁崲앛ﯠᘥ돋䳭蓒⊸䱘뒐Ӟ䘑䶊弻荌⯵᝱뢼챛꡺㒽텆壢뎾鹋㰧蔬￥憬찋㤳鐖롘⎡㲔⽠㣯䢹톙暄赺珳緓腷륕댩㕀靬里
[ 1198.224091][    T9] usb 5-1: SerialNumber: 騍輒Ỏ呩悟‣ꑇ䎃턉폀㸪믕꽎쁯ﭢ췞彃顆뉮鴒蟊㨞껾밠壗䎭Ÿ䭏鎲ő盤궪홀판ﶥ戳覙ⴓ윴衔ኯ礰⇭틴ᐖ龐鱜렽橠洆喫亁
[ 1198.394279][T17960] udevd[17960]: inotify_add_watch(7, /dev/nbd1, 10) failed: No such file or directory
[ 1198.581782][ T5820] usb 4-1: new high-speed USB device number 65 using dummy_hcd
[ 1198.586363][    T9] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/input/input30
[ 1198.601506][ T5173] bcm5974 5-1:1.0: could not read from device
[ 1198.610575][ T5173] bcm5974 5-1:1.0: could not read from device
[ 1198.626673][ T5173] bcm5974 5-1:1.0: could not read from device
[ 1198.630931][    T9] usb 5-1: USB disconnect, device number 67
[ 1198.783315][ T5820] usb 4-1: New USB device found, idVendor=0c45, idProduct=8001, bcdDevice=90.0a
[ 1198.804719][ T5820] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1198.884629][ T5820] usb 4-1: config 0 descriptor??
[ 1198.909654][ T5820] gspca_main: sn9c2028-2.14.0 probing 0c45:8001
[ 1199.110699][ T5820] gspca_sn9c2028: read1 error -32
[ 1199.116293][ T5820] gspca_sn9c2028: read1 error -32
[ 1199.664377][ T5820] gspca_sn9c2028: read1 error -110
[ 1199.669580][ T5820] sn9c2028 4-1:0.0: probe with driver sn9c2028 failed with error -110
[ 1201.131803][ T8229] usb 1-1: new high-speed USB device number 72 using dummy_hcd
[ 1201.352029][ T8229] usb 1-1: Using ep0 maxpacket: 16
[ 1201.631377][ T8229] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[ 1201.673526][ T8229] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1201.698125][ T8229] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1201.717739][ T8229] usb 1-1: Product: syz
[ 1201.727583][ T8229] usb 1-1: Manufacturer: syz
[ 1201.738713][ T8229] usb 1-1: SerialNumber: syz
[ 1201.781109][ T8229] usb 1-1: config 0 descriptor??
[ 1201.798575][ T8229] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 1201.820480][ T8229] em28xx 1-1:0.0: DVB interface 0 found: bulk
[ 1201.892721][    T9] usb 4-1: USB disconnect, device number 65
[ 1202.546722][ T8229] em28xx 1-1:0.0: chip ID is em2765
[ 1202.818249][T17956] udevd[17956]: inotify_add_watch(7, /dev/nbd1, 10) failed: No such file or directory
[ 1203.163304][ T8229] em28xx 1-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[ 1203.173207][ T8229] em28xx 1-1:0.0: board has no eeprom
[ 1203.602025][   T30] kauditd_printk_skb: 51 callbacks suppressed
[ 1203.602057][   T30] audit: type=1400 audit(1767644122.200:1060): avc:  denied  { mounton } for  pid=18974 comm="syz.1.2748" path="/576/file0" dev="tmpfs" ino=3190 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 1203.936881][ T8229] em28xx 1-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[ 1203.960464][ T8229] em28xx 1-1:0.0: dvb set to bulk mode.
[ 1203.979263][ T5820] em28xx 1-1:0.0: Binding DVB extension
[ 1204.009278][ T8229] usb 1-1: USB disconnect, device number 72
[ 1204.016743][ T8229] em28xx 1-1:0.0: Disconnecting em28xx
[ 1204.202388][ T5820] em28xx 1-1:0.0: Registering input extension
[ 1204.219814][ T8229] em28xx 1-1:0.0: Closing input extension
[ 1204.256535][ T8229] em28xx 1-1:0.0: Freeing device
[ 1204.395284][ T5997] usb 4-1: new high-speed USB device number 66 using dummy_hcd
[ 1204.591799][ T5820] usb 5-1: new high-speed USB device number 68 using dummy_hcd
[ 1204.753353][ T5820] usb 5-1: Using ep0 maxpacket: 8
[ 1204.828970][ T5820] usb 5-1: config 0 has an invalid interface number: 55 but max is 0
[ 1204.960083][ T5820] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1205.046981][ T5997] usb 4-1: Using ep0 maxpacket: 32
[ 1205.047661][ T5820] usb 5-1: config 0 has no interface number 0
[ 1205.053702][ T5997] usb 4-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[ 1205.063239][ T5820] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1205.068800][ T5997] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1205.078894][ T5820] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0xE has an invalid bInterval 0, changing to 7
[ 1205.088055][ T5997] usb 4-1: config 0 descriptor??
[ 1205.099569][ T5820] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1205.112023][ T5820] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1205.115183][ T5997] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[ 1205.128036][ T5820] usb 5-1: config 0 descriptor??
[ 1205.142644][ T5820] ldusb 5-1:0.55: Interrupt in endpoint not found
[ 1205.608986][T18987] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null.
[ 1205.631592][T18987] overlayfs: missing 'lowerdir'
[ 1205.643417][ T5997] gspca_vc032x: reg_r err -110
[ 1205.648385][T19034] openvswitch: netlink: IPv4 tun info is not correct
[ 1205.657864][ T5997] gspca_vc032x: I2c Bus Busy Wait 00
[ 1205.671889][ T5997] gspca_vc032x: I2c Bus Busy Wait 00
[ 1205.678551][ T5997] gspca_vc032x: I2c Bus Busy Wait 00
[ 1205.688010][ T5997] gspca_vc032x: I2c Bus Busy Wait 00
[ 1205.699859][ T5997] gspca_vc032x: I2c Bus Busy Wait 00
[ 1205.726955][ T5997] gspca_vc032x: I2c Bus Busy Wait 00
[ 1205.783627][ T5997] gspca_vc032x: I2c Bus Busy Wait 00
[ 1205.798557][ T5997] gspca_vc032x: I2c Bus Busy Wait 00
[ 1205.830029][ T5997] gspca_vc032x: I2c Bus Busy Wait 00
[ 1205.930006][ T5997] gspca_vc032x: I2c Bus Busy Wait 00
[ 1205.949365][ T5997] gspca_vc032x: I2c Bus Busy Wait 00
[ 1205.960022][ T5997] gspca_vc032x: I2c Bus Busy Wait 00
[ 1205.966126][ T5997] gspca_vc032x: I2c Bus Busy Wait 00
[ 1205.972502][ T5997] gspca_vc032x: I2c Bus Busy Wait 00
[ 1205.978265][ T5997] gspca_vc032x: I2c Bus Busy Wait 00
[ 1205.985029][ T5997] gspca_vc032x: I2c Bus Busy Wait 00
[ 1205.990738][ T5997] gspca_vc032x: I2c Bus Busy Wait 00
[ 1206.005157][ T5997] gspca_vc032x: I2c Bus Busy Wait 00
[ 1206.010791][ T5997] gspca_vc032x: Unknown sensor...
[ 1206.111531][ T5997] vc032x 4-1:0.0: probe with driver vc032x failed with error -22
[ 1209.440419][ T6666] usb 5-1: USB disconnect, device number 68
[ 1212.949679][ T5820] usb 4-1: USB disconnect, device number 66
[ 1213.325254][T27045] virtio-fs: tag </dev/md0> not found
[ 1213.393419][T27045] can0: slcan on ttyS3.
[ 1214.363452][ T5997] usb 1-1: new high-speed USB device number 73 using dummy_hcd
[ 1214.372055][T27043] can0 (unregistered): slcan off ttyS3.
[ 1214.611797][ T5997] usb 1-1: Using ep0 maxpacket: 16
[ 1214.646290][ T5997] usb 1-1: config 0 has an invalid interface number: 98 but max is 0
[ 1214.661735][ T5997] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1214.753992][ T5997] usb 1-1: config 0 has no interface number 0
[ 1215.039058][T27075] netlink: 'syz.3.2766': attribute type 21 has an invalid length.
[ 1215.047244][T27075] netlink: 128 bytes leftover after parsing attributes in process `syz.3.2766'.
[ 1215.056338][T27075] netlink: 3 bytes leftover after parsing attributes in process `syz.3.2766'.
[ 1215.067901][T27075] netlink: 'syz.3.2766': attribute type 21 has an invalid length.
[ 1215.075761][T27075] netlink: 128 bytes leftover after parsing attributes in process `syz.3.2766'.
[ 1215.084853][T27075] netlink: 3 bytes leftover after parsing attributes in process `syz.3.2766'.
[ 1215.196419][ T5997] usb 1-1: config 0 interface 98 altsetting 2 bulk endpoint 0x8 has invalid maxpacket 16
[ 1215.229187][ T5997] usb 1-1: config 0 interface 98 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[ 1215.249540][ T5997] usb 1-1: config 0 interface 98 has no altsetting 0
[ 1215.265769][ T5997] usb 1-1: New USB device found, idVendor=0846, idProduct=1040, bcdDevice=d0.c9
[ 1215.305181][ T5997] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1215.596542][ T5997] usb 1-1: Product: syz
[ 1215.600880][ T5997] usb 1-1: Manufacturer: syz
[ 1215.618428][ T5997] usb 1-1: SerialNumber: syz
[ 1215.779363][ T5997] usb 1-1: config 0 descriptor??
[ 1215.857633][T27051] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1215.871381][T27051] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1216.104629][T27096] siw: device registration error -23
[ 1216.886948][ T5997] asix 1-1:0.98: probe with driver asix failed with error -71
[ 1216.922005][ T5997] usb 1-1: USB disconnect, device number 73
[ 1217.102255][ T5959] usb 5-1: new high-speed USB device number 69 using dummy_hcd
[ 1217.182718][T27119] openvswitch: netlink: Missing valid actions attribute.
[ 1217.189785][T27119] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1217.301852][ T5959] usb 5-1: Using ep0 maxpacket: 16
[ 1217.308347][ T5959] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[ 1217.331564][ T5959] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1217.354728][ T5959] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1217.370875][ T5959] usb 5-1: Product: syz
[ 1217.390552][ T5959] usb 5-1: Manufacturer: syz
[ 1217.404183][ T5959] usb 5-1: SerialNumber: syz
[ 1217.702851][ T5959] usb 5-1: config 0 descriptor??
[ 1217.720309][ T5959] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 1217.736152][ T5959] em28xx 5-1:0.0: DVB interface 0 found: bulk
[ 1218.343898][ T5959] em28xx 5-1:0.0: chip ID is em2765
[ 1218.948632][ T5959] em28xx 5-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[ 1218.981771][ T5959] em28xx 5-1:0.0: board has no eeprom
[ 1219.107290][T27155] FAULT_INJECTION: forcing a failure.
[ 1219.107290][T27155] name failslab, interval 1, probability 0, space 0, times 0
[ 1219.120350][T27155] CPU: 0 UID: 0 PID: 27155 Comm: syz.3.2774 Not tainted syzkaller #0 PREEMPT(full) 
[ 1219.120367][T27155] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1219.120374][T27155] Call Trace:
[ 1219.120379][T27155]  <TASK>
[ 1219.120384][T27155]  dump_stack_lvl+0x16c/0x1f0
[ 1219.120403][T27155]  should_fail_ex+0x512/0x640
[ 1219.120421][T27155]  ? fs_reclaim_acquire+0xae/0x150
[ 1219.120439][T27155]  should_failslab+0xc2/0x120
[ 1219.120455][T27155]  __kmalloc_noprof+0xeb/0x910
[ 1219.120476][T27155]  ? tomoyo_encode2+0x100/0x3e0
[ 1219.120494][T27155]  ? tomoyo_encode2+0x100/0x3e0
[ 1219.120508][T27155]  tomoyo_encode2+0x100/0x3e0
[ 1219.120525][T27155]  tomoyo_encode+0x29/0x50
[ 1219.120540][T27155]  tomoyo_path_perm+0x3a5/0x460
[ 1219.120554][T27155]  ? __pfx_tomoyo_path_perm+0x10/0x10
[ 1219.120569][T27155]  ? find_held_lock+0x2b/0x80
[ 1219.120589][T27155]  ? do_raw_spin_unlock+0x172/0x230
[ 1219.120618][T27155]  ? __pfx_current_check_access_path+0x10/0x10
[ 1219.120631][T27155]  ? simple_lookup+0x105/0x1d0
[ 1219.120647][T27155]  ? lookup_one_qstr_excl+0xb3/0x250
[ 1219.120661][T27155]  tomoyo_path_symlink+0x97/0xe0
[ 1219.120679][T27155]  ? __pfx_tomoyo_path_symlink+0x10/0x10
[ 1219.120700][T27155]  security_path_symlink+0x152/0x2e0
[ 1219.120715][T27155]  do_symlinkat+0x126/0x4b0
[ 1219.120733][T27155]  ? __pfx_do_symlinkat+0x10/0x10
[ 1219.120752][T27155]  ? getname_flags.part.0+0x1c5/0x550
[ 1219.120766][T27155]  __x64_sys_symlink+0x75/0x90
[ 1219.120783][T27155]  do_syscall_64+0xcd/0xf80
[ 1219.120800][T27155]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1219.120812][T27155] RIP: 0033:0x7f94c2b8f749
[ 1219.120822][T27155] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1219.120833][T27155] RSP: 002b:00007f94c0db4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058
[ 1219.120844][T27155] RAX: ffffffffffffffda RBX: 00007f94c2de6180 RCX: 00007f94c2b8f749
[ 1219.120851][T27155] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000200000000440
[ 1219.120858][T27155] RBP: 00007f94c0db4090 R08: 0000000000000000 R09: 0000000000000000
[ 1219.120865][T27155] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1219.120871][T27155] R13: 00007f94c2de6218 R14: 00007f94c2de6180 R15: 00007ffe04882148
[ 1219.120886][T27155]  </TASK>
[ 1219.401807][ T5959] em28xx 5-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[ 1219.409669][ T5959] em28xx 5-1:0.0: dvb set to bulk mode.
[ 1219.415250][ T5900] em28xx 5-1:0.0: Binding DVB extension
[ 1219.428608][ T5959] usb 5-1: USB disconnect, device number 69
[ 1219.435159][ T5959] em28xx 5-1:0.0: Disconnecting em28xx
[ 1219.738684][ T5900] em28xx 5-1:0.0: Registering input extension
[ 1219.755136][ T5959] em28xx 5-1:0.0: Closing input extension
[ 1219.793629][ T5959] em28xx 5-1:0.0: Freeing device
[ 1220.039171][T27186] program syz.0.2777 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1222.291899][T27207] siw: device registration error -23
[ 1224.411540][T27305] overlayfs: overlapping lowerdir path
[ 1224.879332][T27311] cgroup: release_agent respecified
[ 1225.125547][T27322] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2794'.
[ 1225.171795][ T5959] usb 5-1: new high-speed USB device number 70 using dummy_hcd
[ 1225.451782][ T5959] usb 5-1: device descriptor read/64, error -71
[ 1225.701813][ T5959] usb 5-1: new high-speed USB device number 71 using dummy_hcd
[ 1225.791798][ T5900] usb 1-1: new high-speed USB device number 74 using dummy_hcd
[ 1225.842237][ T5959] usb 5-1: device descriptor read/64, error -71
[ 1225.951796][ T5900] usb 1-1: Using ep0 maxpacket: 32
[ 1225.962831][ T5959] usb usb5-port1: attempt power cycle
[ 1225.962996][ T5900] usb 1-1: config 0 has an invalid interface number: 188 but max is 0
[ 1225.987891][ T5900] usb 1-1: config 0 has no interface number 0
[ 1226.001804][ T5900] usb 1-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[ 1226.023750][ T5900] usb 1-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[ 1226.042799][ T5900] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1226.052946][ T5900] usb 1-1: Product: syz
[ 1226.057120][ T5900] usb 1-1: Manufacturer: syz
[ 1226.082178][ T5900] usb 1-1: SerialNumber: syz
[ 1226.089014][ T5900] usb 1-1: config 0 descriptor??
[ 1226.099553][T27327] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[ 1226.311779][ T5959] usb 5-1: new high-speed USB device number 72 using dummy_hcd
[ 1226.344548][T27327] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[ 1226.352624][ T5959] usb 5-1: device descriptor read/8, error -71
[ 1226.591877][ T5959] usb 5-1: new high-speed USB device number 73 using dummy_hcd
[ 1226.673531][ T5959] usb 5-1: device descriptor read/8, error -71
[ 1226.782523][T27355] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2800'.
[ 1226.800333][ T5959] usb usb5-port1: unable to enumerate USB device
[ 1226.873629][T27355] tmpfs: Unknown parameter 'grpquota"�YF�)_inode_hardlimit'
[ 1227.318732][T27355] vlan0: entered promiscuous mode
[ 1227.336419][T27355] vlan0: entered allmulticast mode
[ 1227.352021][T27355] hsr_slave_1: entered allmulticast mode
[ 1228.021317][T27327] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1228.029946][T27327] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1228.040858][ T5900] asix 1-1:0.188 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 1228.051327][ T5900] asix 1-1:0.188: probe with driver asix failed with error -71
[ 1228.103117][ T5900] usb 1-1: USB disconnect, device number 74
[ 1229.309625][T27395] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2806'.
[ 1229.937654][T27419] program syz.2.2811 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1230.340168][   T48] usb 4-1: new high-speed USB device number 67 using dummy_hcd
[ 1230.542040][   T48] usb 4-1: Using ep0 maxpacket: 8
[ 1230.553543][   T48] usb 4-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[ 1230.642551][   T48] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1230.650580][   T48] usb 4-1: Product: syz
[ 1230.670235][   T48] usb 4-1: Manufacturer: syz
[ 1230.677910][   T48] usb 4-1: SerialNumber: syz
[ 1230.696318][   T48] usb 4-1: config 0 descriptor??
[ 1230.756456][   T48] gspca_main: se401-2.14.0 probing 047d:5003
[ 1231.355968][T27435] serio: Serial port ttyS3
[ 1232.012277][   T48] gspca_se401: write req failed req 0x57 val 0x00 error -110
[ 1232.033952][   T48] se401 4-1:0.0: probe with driver se401 failed with error -110
[ 1232.727810][T27456] program syz.4.2819 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1233.168174][   T48] usb 4-1: USB disconnect, device number 67
[ 1233.348548][T27466] netlink: 'syz.3.2820': attribute type 11 has an invalid length.
[ 1234.418083][ T5900] usb 2-1: new high-speed USB device number 65 using dummy_hcd
[ 1234.631840][ T5900] usb 2-1: Using ep0 maxpacket: 16
[ 1234.645221][ T5900] usb 2-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[ 1234.681821][ T5900] usb 2-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[ 1234.701159][ T5900] usb 2-1: Product: syz
[ 1234.725400][ T5900] usb 2-1: Manufacturer: syz
[ 1234.753711][ T5900] usb 2-1: SerialNumber: syz
[ 1234.787567][ T5900] usb 2-1: config 0 descriptor??
[ 1235.372441][T27382] udevd[27382]: inotify_add_watch(7, /dev/nbd1, 10) failed: No such file or directory
[ 1235.941921][T27512] virtio-fs: tag </dev/md0> not found
[ 1236.052021][T27512] can0: slcan on ttyS3.
[ 1236.465511][T27508] can0 (unregistered): slcan off ttyS3.
[ 1236.596467][T27529] siw: device registration error -23
[ 1236.963240][T27542] netlink: 76 bytes leftover after parsing attributes in process `syz.3.2830'.
[ 1237.142584][T27548] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2831'.
[ 1237.241445][ T6666] usb 2-1: USB disconnect, device number 65
[ 1237.788801][T27577] program syz.3.2833 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1238.244843][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1239.194860][T27382] udevd[27382]: inotify_add_watch(7, /dev/nbd1, 10) failed: No such file or directory
[ 1240.796017][T27621] could not allocate digest TFM handle cryptd(blake2b-160)
[ 1241.037701][T27635] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[ 1241.501812][   T48] usb 5-1: new high-speed USB device number 74 using dummy_hcd
[ 1241.672581][   T48] usb 5-1: Using ep0 maxpacket: 8
[ 1241.758007][   T48] usb 5-1: config 0 has an invalid interface number: 55 but max is 0
[ 1241.880229][   T48] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1242.138987][   T48] usb 5-1: config 0 has no interface number 0
[ 1242.152027][   T48] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1242.163330][   T48] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0xE has an invalid bInterval 0, changing to 7
[ 1242.174825][   T48] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1242.184432][   T48] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1242.195178][   T48] usb 5-1: config 0 descriptor??
[ 1242.771257][   T48] ldusb 5-1:0.55: Interrupt in endpoint not found
[ 1243.081644][T27659] program syz.2.2847 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1245.219028][T27672] workqueue: Failed to create a rescuer kthread for wq "nbd1-recv": -EINTR
[ 1245.219077][T27672] block (null): Could not allocate knbd recv work queue.
[ 1245.272638][T27672] nbd: failed to add new device
[ 1245.892031][ T5820] usb 5-1: USB disconnect, device number 74
[ 1246.182542][T27695] No source specified
[ 1246.195684][   T30] audit: type=1400 audit(1767644164.810:1061): avc:  denied  { getopt } for  pid=27692 comm="syz.4.2854" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 1246.915438][T27700] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[ 1247.593389][   T30] audit: type=1400 audit(1767644166.220:1062): avc:  denied  { bind } for  pid=27707 comm="syz.4.2857" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[ 1247.617871][T27708] serio: Serial port ttyS3
[ 1247.802046][   T48] usb 4-1: new high-speed USB device number 68 using dummy_hcd
[ 1248.571842][T27727] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2860'.
[ 1248.611927][ T5820] usb 5-1: new full-speed USB device number 75 using dummy_hcd
[ 1248.631889][   T48] usb 4-1: Using ep0 maxpacket: 16
[ 1248.642522][   T48] usb 4-1: config 128 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1248.654486][   T48] usb 4-1: config 128 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1248.665032][   T48] usb 4-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[ 1248.675019][   T48] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1248.762058][ T5820] usb 5-1: device descriptor read/64, error -71
[ 1249.704097][T27740] workqueue: Failed to create a rescuer kthread for wq "nbd1-recv": -EINTR
[ 1249.704173][T27740] block (null): Could not allocate knbd recv work queue.
[ 1249.736097][T27713] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1249.747625][T27713] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1249.841898][ T5820] usb 5-1: new full-speed USB device number 76 using dummy_hcd
[ 1250.157865][ T5820] usb 5-1: device descriptor read/64, error -71
[ 1250.654705][T27740] nbd: failed to add new device
[ 1250.813507][ T5820] usb usb5-port1: attempt power cycle
[ 1251.749869][   T48] usbhid 4-1:128.0: can't add hid device: -71
[ 1251.756643][   T48] usbhid 4-1:128.0: probe with driver usbhid failed with error -71
[ 1251.844835][   T48] usb 4-1: USB disconnect, device number 68
[ 1253.894709][T27805] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[ 1256.280575][   T30] audit: type=1326 audit(1767644174.900:1063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27817 comm="syz.0.2876" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f94fc78f749 code=0x0
[ 1257.788630][T27225] udevd[27225]: inotify_add_watch(7, /dev/nbd1, 10) failed: No such file or directory
[ 1258.676552][   T30] audit: type=1400 audit(1767644177.300:1064): avc:  denied  { read } for  pid=27840 comm="syz.3.2882" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[ 1259.290322][T27849] siw: device registration error -23
[ 1261.235043][T27874] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[ 1262.337046][   T30] audit: type=1400 audit(1767644180.960:1065): avc:  denied  { mount } for  pid=27879 comm="syz.0.2891" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[ 1262.361808][T27887] program syz.0.2891 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1263.073260][T27903] siw: device registration error -23
[ 1263.571842][ T5820] usb 4-1: new high-speed USB device number 69 using dummy_hcd
[ 1263.592969][   T48] usb 5-1: new high-speed USB device number 78 using dummy_hcd
[ 1263.731784][   T48] usb 5-1: device descriptor read/64, error -71
[ 1263.751000][ T5820] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1263.760882][ T5820] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[ 1263.776122][ T5820] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1263.785338][ T5820] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1263.794041][ T5820] usb 4-1: Product: syz
[ 1263.801056][ T5820] usb 4-1: Manufacturer: syz
[ 1263.806057][ T5820] usb 4-1: SerialNumber: syz
[ 1263.815953][ T5820] usb 4-1: config 0 descriptor??
[ 1263.837554][ T5820] usb 4-1: 0:0 : invalid sync pipe. bmAttributes 00, bLength 9, bSynchAddress 00
[ 1263.981764][   T48] usb 5-1: new high-speed USB device number 79 using dummy_hcd
[ 1264.152359][   T48] usb 5-1: device descriptor read/64, error -71
[ 1264.169542][ T5820] usb 4-1: USB disconnect, device number 69
[ 1264.258084][T27300] udevd[27300]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1264.285610][   T48] usb usb5-port1: attempt power cycle
[ 1264.702067][   T48] usb 5-1: new high-speed USB device number 80 using dummy_hcd
[ 1265.709869][   T48] usb 5-1: device descriptor read/8, error -71
[ 1268.044900][T27984] program syz.0.2903 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1269.441959][   T48] usb 1-1: new full-speed USB device number 75 using dummy_hcd
[ 1269.831203][   T48] usb 1-1: device descriptor read/64, error -71
[ 1270.016122][   T30] audit: type=1326 audit(1767644188.500:1066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28006 comm="syz.2.2910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd9d8f749 code=0x7ffc0000
[ 1270.503569][   T48] usb 1-1: new full-speed USB device number 76 using dummy_hcd
[ 1270.535320][   T30] audit: type=1326 audit(1767644188.500:1067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28006 comm="syz.2.2910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd9d8f749 code=0x7ffc0000
[ 1270.644753][   T48] usb 1-1: device descriptor read/64, error -71
[ 1270.659039][   T30] audit: type=1326 audit(1767644188.510:1068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28006 comm="syz.2.2910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9dd9d8f749 code=0x7ffc0000
[ 1270.802419][   T48] usb usb1-port1: attempt power cycle
[ 1270.836176][   T30] audit: type=1326 audit(1767644188.510:1069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28006 comm="syz.2.2910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd9d8f749 code=0x7ffc0000
[ 1271.305265][   T30] audit: type=1326 audit(1767644188.510:1070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28006 comm="syz.2.2910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd9d8f749 code=0x7ffc0000
[ 1271.387154][   T30] audit: type=1326 audit(1767644188.510:1071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28006 comm="syz.2.2910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f9dd9d8f749 code=0x7ffc0000
[ 1271.428983][   T30] audit: type=1326 audit(1767644188.510:1072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28006 comm="syz.2.2910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd9d8f749 code=0x7ffc0000
[ 1271.506612][   T30] audit: type=1326 audit(1767644188.510:1073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28006 comm="syz.2.2910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd9d8f749 code=0x7ffc0000
[ 1271.578303][   T48] usb 1-1: new full-speed USB device number 77 using dummy_hcd
[ 1271.612623][   T48] usb 1-1: device descriptor read/8, error -71
[ 1271.757129][   T30] audit: type=1326 audit(1767644188.510:1074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28006 comm="syz.2.2910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f9dd9d8f749 code=0x7ffc0000
[ 1271.822179][   T30] audit: type=1326 audit(1767644188.510:1075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28006 comm="syz.2.2910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dd9d8f749 code=0x7ffc0000
[ 1271.861784][   T48] usb 1-1: new full-speed USB device number 78 using dummy_hcd
[ 1271.972625][   T48] usb 1-1: device descriptor read/8, error -71
[ 1271.983958][ T5830] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1272.051824][ T5830] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1272.063705][ T5830] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1272.073219][ T5830] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1272.080584][ T5830] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1272.092148][   T48] usb usb1-port1: unable to enumerate USB device
[ 1273.516883][T28015] lo speed is unknown, defaulting to 1000
[ 1273.900741][T23471] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1274.164840][ T5830] Bluetooth: hci0: command tx timeout
[ 1274.484745][T23471] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1274.628670][T23471] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1274.781777][ T5959] usb 5-1: new high-speed USB device number 82 using dummy_hcd
[ 1274.806831][T23471] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1274.946067][ T5959] usb 5-1: config 8 interface 0 has no altsetting 0
[ 1274.993985][ T5959] usb 5-1: New USB device found, idVendor=15c2, idProduct=0038, bcdDevice=69.a3
[ 1275.021787][ T5900] usb 1-1: new high-speed USB device number 79 using dummy_hcd
[ 1275.036467][ T5959] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1275.078215][ T5959] usb 5-1: Product: syz
[ 1275.080686][T28015] chnl_net:caif_netlink_parms(): no params data found
[ 1275.107926][ T5959] usb 5-1: Manufacturer: syz
[ 1275.125293][ T5959] usb 5-1: SerialNumber: syz
[ 1275.182325][ T5900] usb 1-1: Using ep0 maxpacket: 8
[ 1275.194861][ T5900] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1275.207565][ T5900] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1275.231748][ T5900] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1275.242093][ T5900] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1275.315370][ T5900] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1275.331985][ T5900] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1275.341511][T23471] bridge_slave_1: left allmulticast mode
[ 1275.383755][T23471] bridge_slave_1: left promiscuous mode
[ 1275.395258][T23471] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1275.691855][ T5900] usb 1-1: usb_control_msg returned -32
[ 1275.693858][T23471] bridge_slave_0: left allmulticast mode
[ 1275.701959][ T5900] usbtmc 1-1:16.0: can't read capabilities
[ 1275.719070][T23471] bridge_slave_0: left promiscuous mode
[ 1275.737091][T23471] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1276.061918][T28235] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1276.106670][T28235] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1276.243299][ T5830] Bluetooth: hci0: command tx timeout
[ 1276.338466][ T5959] imon:imon_find_endpoints: no valid input (IR) endpoint found
[ 1276.374903][ T5959] imon 5-1:8.0: unable to initialize intf0, err -19
[ 1276.381534][ T5959] imon:imon_probe: failed to initialize context!
[ 1276.412384][ T5959] imon 5-1:8.0: unable to register, err -19
[ 1276.430642][ T5959] usb 5-1: USB disconnect, device number 82
[ 1276.484177][T23471] dvmrp6 (unregistering): left allmulticast mode
[ 1276.532888][T23471] bond1 (unregistering): (slave geneve2): Releasing active interface
[ 1276.542713][T23471] geneve2 (unregistering): left promiscuous mode
[ 1276.662066][ T5900] usb 4-1: new high-speed USB device number 70 using dummy_hcd
[ 1276.813812][ T5900] usb 4-1: config 0 has an invalid interface number: 11 but max is 0
[ 1276.822215][ T5900] usb 4-1: config 0 has no interface number 0
[ 1276.828371][ T5900] usb 4-1: config 0 interface 11 has no altsetting 0
[ 1276.841980][ T5900] usb 4-1: New USB device found, idVendor=06cd, idProduct=010f, bcdDevice=d5.1b
[ 1276.851385][ T5900] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1276.874790][ T5900] usb 4-1: config 0 descriptor??
[ 1276.887838][ T5900] keyspan 4-1:0.11: Keyspan 2 port adapter converter detected
[ 1276.895768][ T5900] keyspan 4-1:0.11: found no endpoint descriptor for endpoint 7
[ 1276.906717][ T5900] keyspan 4-1:0.11: found no endpoint descriptor for endpoint 81
[ 1276.922121][ T5900] keyspan 4-1:0.11: found no endpoint descriptor for endpoint 82
[ 1276.930110][ T5900] keyspan 4-1:0.11: found no endpoint descriptor for endpoint 1
[ 1276.938348][ T5900] keyspan 4-1:0.11: found no endpoint descriptor for endpoint 2
[ 1276.946661][ T5900] keyspan 4-1:0.11: found no endpoint descriptor for endpoint 85
[ 1276.954878][ T5900] keyspan 4-1:0.11: found no endpoint descriptor for endpoint 5
[ 1276.975983][ T5900] usb 4-1: Keyspan 2 port adapter converter now attached to ttyUSB0
[ 1277.001283][ T5900] keyspan 4-1:0.11: found no endpoint descriptor for endpoint 83
[ 1277.017195][ T5900] keyspan 4-1:0.11: found no endpoint descriptor for endpoint 84
[ 1277.027159][ T5900] keyspan 4-1:0.11: found no endpoint descriptor for endpoint 3
[ 1277.035170][ T5900] keyspan 4-1:0.11: found no endpoint descriptor for endpoint 4
[ 1277.043155][ T5900] keyspan 4-1:0.11: found no endpoint descriptor for endpoint 86
[ 1277.050939][ T5900] keyspan 4-1:0.11: found no endpoint descriptor for endpoint 6
[ 1277.072373][ T5900] usb 4-1: Keyspan 2 port adapter converter now attached to ttyUSB1
[ 1277.104981][ T5900] usb 4-1: USB disconnect, device number 70
[ 1277.126225][ T5900] keyspan_2 ttyUSB0: Keyspan 2 port adapter converter now disconnected from ttyUSB0
[ 1277.156454][ T5900] keyspan_2 ttyUSB1: Keyspan 2 port adapter converter now disconnected from ttyUSB1
[ 1277.172336][ T5900] keyspan 4-1:0.11: device disconnected
[ 1277.783528][T23471] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1277.796152][T23471] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1277.805923][T23471] bond0 (unregistering): Released all slaves
[ 1277.888494][T23471] bond1 (unregistering): Released all slaves
[ 1277.976979][T28256] netlink: 'syz.0.2921': attribute type 1 has an invalid length.
[ 1277.990124][T28266] netlink: 96 bytes leftover after parsing attributes in process `syz.4.2924'.
[ 1278.006888][T23471] tipc: Left network mode
[ 1278.013015][T28015] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1278.035718][T28015] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1278.043548][T28015] bridge_slave_0: entered allmulticast mode
[ 1278.053252][T28015] bridge_slave_0: entered promiscuous mode
[ 1278.062514][T28015] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1278.071374][T28015] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1278.081466][T28015] bridge_slave_1: entered allmulticast mode
[ 1278.091150][T28015] bridge_slave_1: entered promiscuous mode
[ 1278.106828][ T5900] usb 1-1: USB disconnect, device number 79
[ 1278.274975][T28015] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1278.299377][T28015] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1278.324751][ T5830] Bluetooth: hci0: command tx timeout
[ 1278.549997][T28372] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2927'.
[ 1278.927489][   T48] usb 5-1: new high-speed USB device number 83 using dummy_hcd
[ 1279.103322][   T48] usb 5-1: Using ep0 maxpacket: 8
[ 1279.110621][T28015] team0: Port device team_slave_0 added
[ 1279.119601][T28015] team0: Port device team_slave_1 added
[ 1279.158108][   T48] usb 5-1: config 0 has an invalid interface number: 55 but max is 0
[ 1279.196212][   T48] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1279.243148][   T48] usb 5-1: config 0 has no interface number 0
[ 1279.352308][   T48] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1279.372166][T28419] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1279.388108][   T48] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0xE has an invalid bInterval 0, changing to 7
[ 1279.417265][   T48] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1279.447024][   T48] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1279.493748][   T48] usb 5-1: config 0 descriptor??
[ 1279.514494][   T48] ldusb 5-1:0.55: Interrupt in endpoint not found
[ 1279.585904][T28015] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1279.639978][T28015] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1279.706520][T28015] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1279.752378][T28015] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1279.769701][T28015] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1279.891313][T28015] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1280.406202][ T5830] Bluetooth: hci0: command tx timeout
[ 1280.911373][   T30] kauditd_printk_skb: 63 callbacks suppressed
[ 1280.996428][   T30] audit: type=1400 audit(1767644199.530:1139): avc:  denied  { map } for  pid=28379 comm="syz.2.2928" path="socket:[66215]" dev="sockfs" ino=66215 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[ 1281.030145][T23471] hsr_slave_0: left promiscuous mode
[ 1281.064664][T23471] hsr_slave_1: left promiscuous mode
[ 1281.080703][T23471] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1281.173523][T23471] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1281.227948][T23471] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1281.349632][T28484] virtio-fs: tag </dev/md0> not found
[ 1281.624278][ T5900] usb 5-1: USB disconnect, device number 83
[ 1281.641718][T23471] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1281.745278][T23471] batman_adv: batadv0: Interface deactivated: virt_wifi0
[ 1281.813918][T23471] batman_adv: batadv0: Removing interface: virt_wifi0
[ 1281.854512][T23471] veth1_macvtap: left promiscuous mode
[ 1281.865356][T23471] veth0_macvtap: left promiscuous mode
[ 1281.871614][T23471] veth1_vlan: left promiscuous mode
[ 1281.878063][T23471] veth0_vlan: left promiscuous mode
[ 1282.950972][T28504] siw: device registration error -23
[ 1283.384796][T28505] siw: device registration error -23
[ 1284.235238][T28484] slcan: can't register candev
[ 1285.071794][ T5959] usb 4-1: new high-speed USB device number 71 using dummy_hcd
[ 1285.189447][T23471] team0 (unregistering): Port device team_slave_1 removed
[ 1285.221775][ T5959] usb 4-1: Using ep0 maxpacket: 32
[ 1285.228681][ T5959] usb 4-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[ 1285.241739][ T5959] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1285.250945][T23471] team0 (unregistering): Port device team_slave_0 removed
[ 1285.266069][ T5959] usb 4-1: config 0 descriptor??
[ 1285.284334][ T5959] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[ 1285.688342][T28528] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null.
[ 1285.706305][T28528] overlayfs: missing 'lowerdir'
[ 1285.724574][T28015] hsr_slave_0: entered promiscuous mode
[ 1285.730975][T28015] hsr_slave_1: entered promiscuous mode
[ 1285.738370][T28015] debugfs: 'hsr0' already exists in 'hsr'
[ 1285.744350][T28015] Cannot create hsr debugfs directory
[ 1285.821857][ T5900] usb 5-1: new high-speed USB device number 84 using dummy_hcd
[ 1285.978523][ T5900] usb 5-1: device descriptor read/64, error -71
[ 1286.044608][T28567] virtio-fs: tag </dev/md0> not found
[ 1286.381516][ T5959] gspca_vc032x: reg_w err -110
[ 1286.393480][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1286.399070][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1286.405402][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1286.410750][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1286.418165][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1286.427420][T28567] can0: slcan on ttyS3.
[ 1286.854010][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1286.859310][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1286.871094][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1286.876824][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1286.887392][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1286.892779][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1286.898074][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1286.921814][ T5900] usb 5-1: new high-speed USB device number 85 using dummy_hcd
[ 1286.929532][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1286.944375][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1286.956981][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1286.978621][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1286.996629][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1287.009232][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1287.029759][ T5959] gspca_vc032x: Unknown sensor...
[ 1287.055400][ T5959] vc032x 4-1:0.0: probe with driver vc032x failed with error -22
[ 1287.075188][ T5959] usb 4-1: USB disconnect, device number 71
[ 1287.082041][ T5900] usb 5-1: device descriptor read/64, error -71
[ 1287.094137][T28556] can0 (unregistered): slcan off ttyS3.
[ 1287.198167][ T5900] usb usb5-port1: attempt power cycle
[ 1287.643829][ T5900] usb 5-1: new high-speed USB device number 86 using dummy_hcd
[ 1287.683280][ T5900] usb 5-1: device descriptor read/8, error -71
[ 1287.952224][ T5900] usb 5-1: new high-speed USB device number 87 using dummy_hcd
[ 1287.972254][ T5900] usb 5-1: device descriptor read/8, error -71
[ 1288.216099][ T5900] usb usb5-port1: unable to enumerate USB device
[ 1288.651505][T28015] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1288.679960][T28015] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1288.907304][T28015] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1288.925978][T28015] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1289.013201][T28694] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2947'.
[ 1289.779044][   T30] audit: type=1326 audit(1767644208.360:1140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28692 comm="syz.3.2948" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f94c2b8f749 code=0x0
[ 1290.257711][T28694] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -4
[ 1290.267455][T28694] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -4
[ 1290.278432][T28694] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[ 1290.561176][T28015] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1290.605185][T28015] 8021q: adding VLAN 0 to HW filter on device team0
[ 1290.631193][ T4488] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1290.638371][ T4488] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1291.695834][T26695] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1291.702945][T26695] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1292.465627][T28741] binder_alloc: 28739: binder_alloc_buf, no vma
[ 1292.502007][ T5959] usb 5-1: new high-speed USB device number 88 using dummy_hcd
[ 1292.682095][ T5959] usb 5-1: Using ep0 maxpacket: 32
[ 1292.698689][ T5959] usb 5-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[ 1292.718005][T28015] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1292.728336][ T5959] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1292.750665][ T5959] usb 5-1: config 0 descriptor??
[ 1292.771141][ T5959] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[ 1292.835224][T28015] veth0_vlan: entered promiscuous mode
[ 1292.865874][T28015] veth1_vlan: entered promiscuous mode
[ 1293.311957][ T5959] gspca_vc032x: reg_r err -110
[ 1293.316828][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1293.325445][T28015] veth0_macvtap: entered promiscuous mode
[ 1293.331247][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1293.338027][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1293.343783][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1293.344110][T28015] veth1_macvtap: entered promiscuous mode
[ 1293.349204][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1293.629540][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1293.639765][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1293.645867][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1293.655305][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1293.660589][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1293.666006][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1293.675877][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1293.681188][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1293.686964][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1293.722114][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1293.727406][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1293.754227][T28734] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null.
[ 1293.764909][T28015] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1293.772989][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1293.778260][ T5959] gspca_vc032x: I2c Bus Busy Wait 00
[ 1293.792674][T28734] overlayfs: missing 'lowerdir'
[ 1293.812705][T28015] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1293.830069][ T5959] gspca_vc032x: Unknown sensor...
[ 1293.843649][ T5959] vc032x 5-1:0.0: probe with driver vc032x failed with error -22
[ 1293.858401][T23105] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1293.902701][T23105] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1293.966749][T23105] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1294.072650][T23105] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1294.390523][T26695] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1294.499922][T26695] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1294.507652][ T8229] usb 4-1: new high-speed USB device number 72 using dummy_hcd
[ 1294.704241][   T30] audit: type=1800 audit(1767644213.200:1141): pid=28792 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.2.2959" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[ 1294.801786][ T8229] usb 4-1: Using ep0 maxpacket: 16
[ 1294.937928][ T8229] usb 4-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[ 1295.042103][ T8229] usb 4-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[ 1295.044787][T26695] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1295.050235][ T8229] usb 4-1: Product: syz
[ 1295.050253][ T8229] usb 4-1: Manufacturer: syz
[ 1295.050268][ T8229] usb 4-1: SerialNumber: syz
[ 1295.072706][T26695] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1295.568859][ T8229] usb 4-1: config 0 descriptor??
[ 1295.574941][   T30] audit: type=1400 audit(1767644214.200:1142): avc:  denied  { mounton } for  pid=28015 comm="syz-executor" path="/root/syzkaller.SEuTbI/syz-tmp" dev="sda1" ino=2047 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[ 1295.703266][   T30] audit: type=1400 audit(1767644214.200:1143): avc:  denied  { mounton } for  pid=28015 comm="syz-executor" path="/root/syzkaller.SEuTbI/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=66928 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[ 1295.760315][   T30] audit: type=1400 audit(1767644214.280:1144): avc:  denied  { mounton } for  pid=28015 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=2784 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[ 1295.793441][   T30] audit: type=1400 audit(1767644214.280:1145): avc:  denied  { mount } for  pid=28015 comm="syz-executor" name="/" dev="gadgetfs" ino=7034 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[ 1295.971484][T28813] virtio-fs: tag </dev/md0> not found
[ 1296.173309][ T5900] usb 5-1: USB disconnect, device number 88
[ 1296.400513][T28813] can0: slcan on ttyS3.
[ 1297.355028][T28877] siw: device registration error -23
[ 1298.333430][T28810] can0 (unregistered): slcan off ttyS3.
[ 1298.765056][T28869] lo speed is unknown, defaulting to 1000
[ 1299.452470][ T6666] usb 4-1: USB disconnect, device number 72
[ 1299.696508][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1300.979679][T28928] siw: device registration error -23
[ 1301.869840][ T5139] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1301.883514][ T5139] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1301.895675][ T5139] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1301.903449][ T5139] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1301.924426][ T5139] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1301.973031][ T8122] syz_tun (unregistering): left allmulticast mode
[ 1302.052124][ T6666] usb 1-1: new high-speed USB device number 80 using dummy_hcd
[ 1302.222077][ T6666] usb 1-1: Using ep0 maxpacket: 32
[ 1302.278511][T28977] lo speed is unknown, defaulting to 1000
[ 1302.300844][ T6666] usb 1-1: config 37 has an invalid interface number: 69 but max is 0
[ 1302.344115][ T6666] usb 1-1: config 37 has no interface number 0
[ 1302.403468][ T6666] usb 1-1: config 37 interface 69 altsetting 3 endpoint 0x2 has invalid maxpacket 512, setting to 64
[ 1302.534952][ T6666] usb 1-1: config 37 interface 69 altsetting 3 endpoint 0xF has invalid maxpacket 512, setting to 64
[ 1303.007635][ T6666] usb 1-1: config 37 interface 69 altsetting 3 endpoint 0x9 has invalid maxpacket 1024, setting to 64
[ 1303.032092][ T6666] usb 1-1: config 37 interface 69 altsetting 3 has a duplicate endpoint with address 0xF, skipping
[ 1303.044831][ T6666] usb 1-1: config 37 interface 69 has no altsetting 0
[ 1303.054348][ T6666] usb 1-1: New USB device found, idVendor=07cf, idProduct=6801, bcdDevice=2e.db
[ 1303.067846][ T6666] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1303.077655][ T6666] usb 1-1: Product: syz
[ 1303.084403][ T6666] usb 1-1: Manufacturer: syz
[ 1303.089687][ T6666] usb 1-1: SerialNumber: syz
[ 1304.351746][ T5830] Bluetooth: hci5: command tx timeout
[ 1304.543449][ T6666] usb 1-1: USB disconnect, device number 80
[ 1305.471808][T29047] virtio-fs: tag </dev/md0> not found
[ 1305.773503][T29040] can0: slcan on ttyS3.
[ 1306.403752][T29039] can0 (unregistered): slcan off ttyS3.
[ 1306.409485][T29082] siw: device registration error -23
[ 1306.411704][ T5830] Bluetooth: hci5: command tx timeout
[ 1307.062068][T28977] chnl_net:caif_netlink_parms(): no params data found
[ 1307.278709][T28977] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1307.864999][ T5959] usb 2-1: new high-speed USB device number 66 using dummy_hcd
[ 1307.891492][T28977] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1307.971979][T28977] bridge_slave_0: entered allmulticast mode
[ 1307.981584][T28977] bridge_slave_0: entered promiscuous mode
[ 1308.024609][T28977] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1308.032096][ T5959] usb 2-1: Using ep0 maxpacket: 8
[ 1308.053270][ T5959] usb 2-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[ 1308.062811][T28977] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1308.069940][T28977] bridge_slave_1: entered allmulticast mode
[ 1308.075923][ T5959] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1308.092092][ T5959] usb 2-1: Product: syz
[ 1308.096363][ T5959] usb 2-1: Manufacturer: syz
[ 1308.100968][ T5959] usb 2-1: SerialNumber: syz
[ 1308.107228][T28977] bridge_slave_1: entered promiscuous mode
[ 1308.179972][T29241] virtio-fs: tag </dev/md0> not found
[ 1308.380581][T29241] can0: slcan on ttyS3.
[ 1308.412322][ T5959] usb 2-1: config 0 descriptor??
[ 1308.423567][T29239] can0 (unregistered): slcan off ttyS3.
[ 1308.462862][ T5959] gspca_main: se401-2.14.0 probing 047d:5003
[ 1308.481851][ T5830] Bluetooth: hci5: command tx timeout
[ 1308.496461][T28977] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1308.554168][T28977] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1308.660372][T28977] team0: Port device team_slave_0 added
[ 1308.683085][T28977] team0: Port device team_slave_1 added
[ 1308.785899][T29297] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2986'.
[ 1309.012573][T28977] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1309.076438][T29329] serio: Serial port ttyS3
[ 1309.602978][T28977] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1309.658485][T29297] tmpfs: Unknown parameter 'grpquota"�YF�)_inode_hardlimit'
[ 1309.690330][ T5959] gspca_se401: write req failed req 0x57 val 0x00 error -110
[ 1309.713800][T28977] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1309.719932][ T5959] se401 2-1:0.0: probe with driver se401 failed with error -110
[ 1309.830123][T29297] vlan3: entered promiscuous mode
[ 1309.857979][T29297] vlan3: entered allmulticast mode
[ 1309.869590][T29297] hsr_slave_1: entered allmulticast mode
[ 1309.959190][T28977] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1309.983366][T28977] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1310.434981][T28977] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1310.588738][ T5830] Bluetooth: hci5: command tx timeout
[ 1310.650380][    T9] usb 2-1: USB disconnect, device number 66
[ 1310.854930][T28977] hsr_slave_0: entered promiscuous mode
[ 1310.864504][T28977] hsr_slave_1: entered promiscuous mode
[ 1310.872525][T28977] debugfs: 'hsr0' already exists in 'hsr'
[ 1310.898503][T28977] Cannot create hsr debugfs directory
[ 1311.766238][T28977] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1311.828593][T29443] program syz.2.2989 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1312.469878][T28977] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1312.789456][T28977] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1313.171215][T28977] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1313.999734][T28977] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1314.010008][T28977] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1314.021503][T28977] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1314.062825][T28977] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1314.182358][T28977] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1314.227314][T28977] 8021q: adding VLAN 0 to HW filter on device team0
[ 1314.256248][ T6028] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1314.263361][ T6028] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1314.297288][ T6028] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1314.304410][ T6028] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1314.421915][T29498] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2997'.
[ 1314.431178][T29498] Unknown options in mask b7f2
[ 1314.442853][   T30] audit: type=1400 audit(1767644233.070:1146): avc:  denied  { checkpoint_restore } for  pid=29493 comm="syz.0.2996" capability=40  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 1314.810545][T28977] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1314.911299][T28977] veth0_vlan: entered promiscuous mode
[ 1314.927759][T28977] veth1_vlan: entered promiscuous mode
[ 1314.991906][T29506] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3000'.
[ 1315.070009][T28977] veth0_macvtap: entered promiscuous mode
[ 1315.173140][T29506] tmpfs: Unknown parameter 'grpquota"�YF�)_inode_hardlimit'
[ 1315.258425][T28977] veth1_macvtap: entered promiscuous mode
[ 1315.288344][T28977] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1315.488697][T28977] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1315.510363][ T6028] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1315.520004][ T6028] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1315.546890][ T6028] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1315.719513][T29506] vlan0: entered promiscuous mode
[ 1315.770886][T29506] vlan0: entered allmulticast mode
[ 1315.776166][T29506] hsr_slave_1: entered allmulticast mode
[ 1315.859739][ T6028] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1315.881730][ T8229] usb 2-1: new high-speed USB device number 67 using dummy_hcd
[ 1315.997521][T11348] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1316.013697][T11348] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1316.081855][ T8229] usb 2-1: Using ep0 maxpacket: 32
[ 1316.100331][ T8229] usb 2-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[ 1316.130867][ T8229] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1316.171948][ T6028] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1316.200445][ T6028] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1316.211642][ T8229] usb 2-1: config 0 descriptor??
[ 1316.233024][ T8229] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[ 1316.303692][T29528] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2999'.
[ 1316.481492][T29539] netlink: 'syz.3.2969': attribute type 10 has an invalid length.
[ 1316.657577][T29539] netlink: 7064 bytes leftover after parsing attributes in process `syz.3.2969'.
[ 1316.711806][T29539] openvswitch: netlink: Flow key attr not present in new flow.
[ 1316.756085][T29545] virtio-fs: tag </dev/md0> not found
[ 1316.839794][ T8229] gspca_vc032x: reg_r err -110
[ 1316.867215][ T8229] gspca_vc032x: I2c Bus Busy Wait 00
[ 1316.898976][ T8229] gspca_vc032x: I2c Bus Busy Wait 00
[ 1317.053565][ T8229] gspca_vc032x: I2c Bus Busy Wait 00
[ 1317.058875][ T8229] gspca_vc032x: I2c Bus Busy Wait 00
[ 1317.067406][T29545] can0: slcan on ttyS3.
[ 1317.097848][T29510] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null.
[ 1317.151280][ T8229] gspca_vc032x: I2c Bus Busy Wait 00
[ 1317.172292][ T8229] gspca_vc032x: I2c Bus Busy Wait 00
[ 1317.194334][ T8229] gspca_vc032x: I2c Bus Busy Wait 00
[ 1317.221502][ T8229] gspca_vc032x: I2c Bus Busy Wait 00
[ 1317.238037][ T8229] gspca_vc032x: I2c Bus Busy Wait 00
[ 1317.275568][T29510] overlayfs: missing 'lowerdir'
[ 1317.316413][ T8229] gspca_vc032x: I2c Bus Busy Wait 00
[ 1317.510557][ T8229] gspca_vc032x: I2c Bus Busy Wait 00
[ 1317.516392][ T8229] gspca_vc032x: I2c Bus Busy Wait 00
[ 1317.526211][ T8229] gspca_vc032x: I2c Bus Busy Wait 00
[ 1317.531789][ T8229] gspca_vc032x: I2c Bus Busy Wait 00
[ 1317.537327][ T8229] gspca_vc032x: I2c Bus Busy Wait 00
[ 1317.544809][ T8229] gspca_vc032x: I2c Bus Busy Wait 00
[ 1317.550927][ T8229] gspca_vc032x: I2c Bus Busy Wait 00
[ 1317.564179][T29572] program syz.0.3004 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1317.939260][ T5139] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1317.951705][ T5139] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1317.965942][ T5139] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1317.973456][ T5139] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1317.981048][ T5139] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1317.993179][ T8229] gspca_vc032x: I2c Bus Busy Wait 00
[ 1317.998893][ T8229] gspca_vc032x: Unknown sensor...
[ 1318.005190][ T8229] vc032x 2-1:0.0: probe with driver vc032x failed with error -22
[ 1318.069427][T29540] can0 (unregistered): slcan off ttyS3.
[ 1318.369777][   T30] audit: type=1326 audit(1767644236.980:1147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29581 comm="syz.3.3005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f648d78f749 code=0x7ffc0000
[ 1318.423721][   T30] audit: type=1326 audit(1767644237.030:1148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29581 comm="syz.3.3005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f648d78f749 code=0x7ffc0000
[ 1318.463106][   T30] audit: type=1326 audit(1767644237.030:1149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29581 comm="syz.3.3005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f648d78f749 code=0x7ffc0000
[ 1318.609530][   T30] audit: type=1326 audit(1767644237.030:1150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29581 comm="syz.3.3005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f648d78f749 code=0x7ffc0000
[ 1318.636150][   T30] audit: type=1326 audit(1767644237.030:1151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29581 comm="syz.3.3005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f648d78f749 code=0x7ffc0000
[ 1319.148714][   T30] audit: type=1326 audit(1767644237.120:1152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29581 comm="syz.3.3005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f648d78f749 code=0x7ffc0000
[ 1319.204058][T11348] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1319.225426][   T30] audit: type=1326 audit(1767644237.120:1153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29581 comm="syz.3.3005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f648d78f749 code=0x7ffc0000
[ 1319.284373][   T30] audit: type=1326 audit(1767644237.120:1154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29581 comm="syz.3.3005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f648d78f749 code=0x7ffc0000
[ 1319.462765][   T30] audit: type=1326 audit(1767644237.140:1155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29581 comm="syz.3.3005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f648d78f749 code=0x7ffc0000
[ 1319.680021][   T30] audit: type=1326 audit(1767644237.140:1156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29581 comm="syz.3.3005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f648d78f749 code=0x7ffc0000
[ 1319.792583][T29562] lo speed is unknown, defaulting to 1000
[ 1319.880802][   T30] audit: type=1326 audit(1767644237.140:1157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29581 comm="syz.3.3005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f648d78f749 code=0x7ffc0000
[ 1320.149325][ T5139] Bluetooth: hci1: command tx timeout
[ 1320.276173][   T30] audit: type=1326 audit(1767644237.140:1158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29581 comm="syz.3.3005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f648d78f749 code=0x7ffc0000
[ 1320.362504][   T30] audit: type=1326 audit(1767644237.140:1159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29581 comm="syz.3.3005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f648d78f749 code=0x7ffc0000
[ 1320.420141][T11348] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1320.476839][   T30] audit: type=1326 audit(1767644237.140:1160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29581 comm="syz.3.3005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f648d78f749 code=0x7ffc0000
[ 1320.531191][   T30] audit: type=1326 audit(1767644237.140:1161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29581 comm="syz.3.3005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f648d78f749 code=0x7ffc0000
[ 1320.660976][   T30] audit: type=1326 audit(1767644237.140:1162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29581 comm="syz.3.3005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f648d78f749 code=0x7ffc0000
[ 1320.739706][T29621] Device name cannot be null; rc = [-22]
[ 1320.750278][T29621] netlink: 48 bytes leftover after parsing attributes in process `syz.3.3011'.
[ 1321.351792][   T30] audit: type=1326 audit(1767644237.140:1163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29581 comm="syz.3.3005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f648d78f749 code=0x7ffc0000
[ 1321.403573][   T30] audit: type=1326 audit(1767644237.220:1164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29581 comm="syz.3.3005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f648d78f749 code=0x7ffc0000
[ 1321.491631][T29518] usb 2-1: USB disconnect, device number 67
[ 1321.541081][T11348] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1321.768228][ T5978] usb 4-1: new high-speed USB device number 73 using dummy_hcd
[ 1322.111872][ T5978] usb 4-1: Using ep0 maxpacket: 8
[ 1322.127040][ T5978] usb 4-1: config 0 has an invalid interface number: 55 but max is 0
[ 1322.135800][ T5978] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1322.162024][ T5139] Bluetooth: hci1: command tx timeout
[ 1322.172325][ T5978] usb 4-1: config 0 has no interface number 0
[ 1322.178484][ T5978] usb 4-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1322.201830][ T5978] usb 4-1: config 0 interface 55 altsetting 0 endpoint 0xE has an invalid bInterval 0, changing to 7
[ 1322.213135][ T5978] usb 4-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1322.222208][ T5978] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1322.241497][ T5978] usb 4-1: config 0 descriptor??
[ 1322.268073][ T5978] ldusb 4-1:0.55: Interrupt in endpoint not found
[ 1322.332790][ T8229] usb 2-1: new high-speed USB device number 68 using dummy_hcd
[ 1322.344450][T11348] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1322.594344][ T8229] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1322.605314][ T8229] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1323.048521][ T8229] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1323.062358][ T8229] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1323.071409][ T8229] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1323.093424][ T8229] usb 2-1: config 0 descriptor??
[ 1323.476716][T29562] chnl_net:caif_netlink_parms(): no params data found
[ 1323.617778][T11348] bridge_slave_1: left allmulticast mode
[ 1323.631078][T11348] bridge_slave_1: left promiscuous mode
[ 1323.648704][T11348] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1323.676504][T11348] bridge_slave_0: left allmulticast mode
[ 1323.689514][T11348] bridge_slave_0: left promiscuous mode
[ 1323.705135][T11348] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1324.242394][ T5139] Bluetooth: hci1: command tx timeout
[ 1324.803293][ T8229] usbhid 2-1:0.0: can't add hid device: -71
[ 1324.812560][ T8229] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1324.845897][ T5822] usb 4-1: USB disconnect, device number 73
[ 1324.909038][ T8229] usb 2-1: USB disconnect, device number 68
[ 1326.301972][T29827] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3018'.
[ 1326.682634][ T5139] Bluetooth: hci1: command tx timeout
[ 1327.325621][T11348] dvmrp0 (unregistering): left allmulticast mode
[ 1328.016459][T11348] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1328.026856][T11348] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1328.036671][T11348] bond0 (unregistering): Released all slaves
[ 1328.063828][T29827] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -4
[ 1328.074268][T29827] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -4
[ 1328.085840][T29827] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[ 1328.613425][T29562] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1328.620637][T29562] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1328.629894][   T30] kauditd_printk_skb: 51 callbacks suppressed
[ 1328.629909][   T30] audit: type=1326 audit(1767644247.240:1216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29893 comm="syz.3.3025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f648d78f749 code=0x7ffc0000
[ 1328.792101][T29562] bridge_slave_0: entered allmulticast mode
[ 1328.799415][T29562] bridge_slave_0: entered promiscuous mode
[ 1328.818669][   T30] audit: type=1326 audit(1767644247.260:1217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29893 comm="syz.3.3025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f648d78f749 code=0x7ffc0000
[ 1329.610579][T29562] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1330.122463][T29562] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1330.131114][T29562] bridge_slave_1: entered allmulticast mode
[ 1330.152069][   T30] audit: type=1326 audit(1767644247.260:1218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29893 comm="syz.3.3025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f648d78f749 code=0x7ffc0000
[ 1330.183645][T29562] bridge_slave_1: entered promiscuous mode
[ 1330.222132][   T30] audit: type=1326 audit(1767644247.260:1219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29893 comm="syz.3.3025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f648d78f749 code=0x7ffc0000
[ 1330.286324][T29910] virtio-fs: tag </dev/md0> not found
[ 1330.337560][ T5900] usb 1-1: new high-speed USB device number 81 using dummy_hcd
[ 1330.409753][   T30] audit: type=1326 audit(1767644247.270:1220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29893 comm="syz.3.3025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f648d78f749 code=0x7ffc0000
[ 1330.525311][   T30] audit: type=1326 audit(1767644247.270:1221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29893 comm="syz.3.3025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f648d78f749 code=0x7ffc0000
[ 1331.331781][ T5900] usb 1-1: Using ep0 maxpacket: 8
[ 1331.338595][ T5900] usb 1-1: config 0 has an invalid interface number: 55 but max is 0
[ 1331.387996][   T30] audit: type=1326 audit(1767644247.270:1222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29893 comm="syz.3.3025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f648d78f749 code=0x7ffc0000
[ 1331.388009][ T5900] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1331.388033][ T5900] usb 1-1: config 0 has no interface number 0
[ 1331.430290][   T30] audit: type=1326 audit(1767644247.270:1223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29893 comm="syz.3.3025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f648d78f749 code=0x7ffc0000
[ 1331.455954][   T30] audit: type=1326 audit(1767644247.270:1224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29893 comm="syz.3.3025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f648d78f749 code=0x7ffc0000
[ 1331.569852][ T5900] usb 1-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1331.578672][   T30] audit: type=1326 audit(1767644247.270:1225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=29893 comm="syz.3.3025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f648d78f749 code=0x7ffc0000
[ 1331.898658][T29910] can0: slcan on ttyS3.
[ 1331.923156][ T5900] usb 1-1: config 0 interface 55 altsetting 0 endpoint 0xE has an invalid bInterval 0, changing to 7
[ 1331.981323][T29562] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1331.990588][ T5900] usb 1-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1331.990620][ T5900] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1331.992711][ T5900] usb 1-1: config 0 descriptor??
[ 1332.067316][ T5900] usb 1-1: can't set config #0, error -71
[ 1332.124411][ T5900] usb 1-1: USB disconnect, device number 81
[ 1332.146287][T29967] FAULT_INJECTION: forcing a failure.
[ 1332.146287][T29967] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1332.168204][T29967] CPU: 0 UID: 0 PID: 29967 Comm: syz.0.3032 Not tainted syzkaller #0 PREEMPT(full) 
[ 1332.168234][T29967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1332.168246][T29967] Call Trace:
[ 1332.168252][T29967]  <TASK>
[ 1332.168260][T29967]  dump_stack_lvl+0x16c/0x1f0
[ 1332.168292][T29967]  should_fail_ex+0x512/0x640
[ 1332.168323][T29967]  _copy_from_user+0x2e/0xd0
[ 1332.168350][T29967]  binder_ioctl+0x5df/0x7360
[ 1332.168383][T29967]  ? tomoyo_path_number_perm+0x18d/0x580
[ 1332.168410][T29967]  ? __pfx_binder_ioctl+0x10/0x10
[ 1332.168435][T29967]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1332.168459][T29967]  ? do_vfs_ioctl+0x128/0x14f0
[ 1332.168482][T29967]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1332.168502][T29967]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[ 1332.168536][T29967]  ? hook_file_ioctl_common+0x144/0x410
[ 1332.168569][T29967]  ? selinux_file_ioctl+0x180/0x270
[ 1332.168590][T29967]  ? selinux_file_ioctl+0xb4/0x270
[ 1332.168613][T29967]  ? __pfx_binder_ioctl+0x10/0x10
[ 1332.168635][T29967]  __x64_sys_ioctl+0x18e/0x210
[ 1332.168663][T29967]  do_syscall_64+0xcd/0xf80
[ 1332.168686][T29967]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1332.168702][T29967] RIP: 0033:0x7f94fc78f749
[ 1332.168717][T29967] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1332.168733][T29967] RSP: 002b:00007f94fd5d3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1332.168750][T29967] RAX: ffffffffffffffda RBX: 00007f94fc9e5fa0 RCX: 00007f94fc78f749
[ 1332.168761][T29967] RDX: 0000200000000640 RSI: 00000000c0306201 RDI: 0000000000000003
[ 1332.168771][T29967] RBP: 00007f94fd5d3090 R08: 0000000000000000 R09: 0000000000000000
[ 1332.168782][T29967] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1332.168792][T29967] R13: 00007f94fc9e6038 R14: 00007f94fc9e5fa0 R15: 00007ffd726c5a68
[ 1332.168816][T29967]  </TASK>
[ 1332.168825][T29967] binder: 29965:29967 ioctl c0306201 200000000640 returned -14
[ 1332.388052][T29910] can0 (unregistered): slcan off ttyS3.
[ 1332.502490][T29562] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1333.223846][T30014] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1546 sclass=netlink_route_socket pid=30014 comm=syz.1.3036
[ 1333.255890][T29562] team0: Port device team_slave_0 added
[ 1333.272752][T29562] team0: Port device team_slave_1 added
[ 1333.561357][T29562] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1333.568946][T29562] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1333.786366][T29562] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1333.847511][T30025] tc_dump_action: action bad kind
[ 1333.922772][T29562] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1333.931138][T29562] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1333.961081][T29562] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1334.936312][T29562] hsr_slave_0: entered promiscuous mode
[ 1334.965452][T29562] hsr_slave_1: entered promiscuous mode
[ 1334.985951][T29562] debugfs: 'hsr0' already exists in 'hsr'
[ 1335.001111][T29562] Cannot create hsr debugfs directory
[ 1335.674491][T11348] hsr_slave_0: left promiscuous mode
[ 1335.690414][T11348] hsr_slave_1: left promiscuous mode
[ 1335.714449][T11348] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1335.741503][T11348] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1335.759097][T11348] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1335.776129][T11348] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1335.918939][T11348] veth1_macvtap: left promiscuous mode
[ 1335.943171][T11348] veth0_macvtap: left promiscuous mode
[ 1335.965079][T11348] veth1_vlan: left promiscuous mode
[ 1335.971832][ T5820] usb 1-1: new high-speed USB device number 82 using dummy_hcd
[ 1335.979707][T11348] veth0_vlan: left promiscuous mode
[ 1336.045511][T30127] overlayfs: failed to resolve './file0': -2
[ 1336.241786][ T5820] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1336.270320][ T5820] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1336.311713][ T5820] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1336.339183][ T5820] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1336.364592][T30113] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1336.373999][ T5820] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[ 1336.642751][T30118] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3041'.
[ 1336.813516][T30118] tmpfs: Unknown parameter 'grpquota"�YF�)_inode_hardlimit'
[ 1337.812559][ T4488] smc: removing ib device syz2
[ 1338.011951][T30137] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3044'.
[ 1338.083730][T30137] tmpfs: Unknown parameter 'grpquota"�YF�)_inode_hardlimit'
[ 1338.676066][    T9] usb 1-1: USB disconnect, device number 82
[ 1338.888041][T30178] virtio-fs: tag </dev/md0> not found
[ 1339.353905][T11348] team0 (unregistering): Port device team_slave_1 removed
[ 1339.405119][T11348] team0 (unregistering): Port device team_slave_0 removed
[ 1339.910894][T30137] vlan2: entered promiscuous mode
[ 1339.926660][T30137] vlan2: entered allmulticast mode
[ 1339.943182][T30137] hsr_slave_1: entered allmulticast mode
[ 1340.030651][T30178] can0: slcan on ttyS3.
[ 1340.243466][T30178] can0 (unregistered): slcan off ttyS3.
[ 1342.791255][T30282] siw: device registration error -23
[ 1344.065394][T11348] IPVS: stop unused estimator thread 0...
[ 1344.113603][T29562] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1344.188578][T30283] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3049'.
[ 1344.355166][T30292] tmpfs: Unknown parameter 'grpquota"�YF�)_inode_hardlimit'
[ 1344.379563][T29562] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1344.550317][T29562] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1344.591380][T29562] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1344.665835][T30335] overlayfs: failed to resolve './file1': -2
[ 1345.333416][T29562] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1345.351011][T29562] 8021q: adding VLAN 0 to HW filter on device team0
[ 1345.425004][ T1335] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1345.432232][ T1335] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1345.474776][T30340] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3058'.
[ 1345.536972][ T1335] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1345.544155][ T1335] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1346.753249][   T30] kauditd_printk_skb: 32 callbacks suppressed
[ 1346.753266][   T30] audit: type=1400 audit(1767644265.370:1258): avc:  denied  { bind } for  pid=30349 comm="syz.1.3062" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1346.795415][   T30] audit: type=1400 audit(1767644265.380:1259): avc:  denied  { name_bind } for  pid=30349 comm="syz.1.3062" src=28196 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1
[ 1346.826910][   T30] audit: type=1400 audit(1767644265.380:1260): avc:  denied  { node_bind } for  pid=30349 comm="syz.1.3062" src=28196 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[ 1347.982792][T29562] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1348.139580][T29562] veth0_vlan: entered promiscuous mode
[ 1348.183110][T29562] veth1_vlan: entered promiscuous mode
[ 1348.290206][T29562] veth0_macvtap: entered promiscuous mode
[ 1348.324853][T29562] veth1_macvtap: entered promiscuous mode
[ 1348.386865][T29562] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1348.422683][T29562] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1348.540042][T30383] virtio-fs: tag </dev/md0> not found
[ 1348.811097][T30350] Bluetooth: hci0: Opcode 0x0401 failed: -110
[ 1348.812116][ T5139] Bluetooth: hci0: command 0x0401 tx timeout
[ 1348.841226][T30383] can0: slcan on ttyS3.
[ 1348.849788][T23471] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1348.934071][T23471] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1348.949733][T30377] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3065'.
[ 1348.953320][T23471] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1348.999329][T23471] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1349.028237][T30377] tmpfs: Unknown parameter 'grpquota"�YF�)_inode_hardlimit'
[ 1349.067415][T30379] can0 (unregistered): slcan off ttyS3.
[ 1349.754179][ T7192] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1349.788370][ T7192] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1350.325052][T30422] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3068'.
[ 1350.405894][T24359] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1350.701096][T24359] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1351.048506][T30430] siw: device registration error -23
[ 1352.029479][   T30] audit: type=1326 audit(1767644270.650:1261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30434 comm="syz.2.3070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe86ab8f749 code=0x7ffc0000
[ 1352.198648][   T30] audit: type=1326 audit(1767644270.680:1262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30434 comm="syz.2.3070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe86ab8f749 code=0x7ffc0000
[ 1352.232452][   T30] audit: type=1326 audit(1767644270.680:1263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30434 comm="syz.2.3070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe86ab8f749 code=0x7ffc0000
[ 1352.732810][   T30] audit: type=1326 audit(1767644270.680:1264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30434 comm="syz.2.3070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe86ab8f749 code=0x7ffc0000
[ 1352.757539][   T30] audit: type=1326 audit(1767644270.680:1265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30434 comm="syz.2.3070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe86ab8f749 code=0x7ffc0000
[ 1353.018033][   T30] audit: type=1326 audit(1767644270.680:1266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30434 comm="syz.2.3070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fe86ab8f749 code=0x7ffc0000
[ 1353.536305][   T30] audit: type=1326 audit(1767644270.680:1267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30434 comm="syz.2.3070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe86ab8f749 code=0x7ffc0000
[ 1353.579839][ T5900] usb 2-1: new high-speed USB device number 69 using dummy_hcd
[ 1353.640999][   T30] audit: type=1326 audit(1767644270.680:1268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30434 comm="syz.2.3070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe86ab8f749 code=0x7ffc0000
[ 1353.693206][   T30] audit: type=1326 audit(1767644270.690:1269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30434 comm="syz.2.3070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fe86ab8f749 code=0x7ffc0000
[ 1353.731314][   T30] audit: type=1326 audit(1767644270.690:1270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30434 comm="syz.2.3070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe86ab8f749 code=0x7ffc0000
[ 1353.741768][ T5900] usb 2-1: Using ep0 maxpacket: 8
[ 1353.794194][ T5900] usb 2-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[ 1353.816730][ T5900] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1353.864553][ T5900] usb 2-1: Product: syz
[ 1353.881743][ T5900] usb 2-1: Manufacturer: syz
[ 1353.886347][ T5900] usb 2-1: SerialNumber: syz
[ 1353.974435][ T5900] usb 2-1: config 0 descriptor??
[ 1353.993258][ T5900] gspca_main: se401-2.14.0 probing 047d:5003
[ 1355.244822][T30476] serio: Serial port ttyS3
[ 1355.617579][ T5900] gspca_se401: write req failed req 0x57 val 0x00 error -110
[ 1355.652737][ T5900] se401 2-1:0.0: probe with driver se401 failed with error -110
[ 1355.811510][T30479] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3076'.
[ 1355.894477][T30489] overlayfs: failed to resolve './file1': -2
[ 1356.681019][ T5978] usb 2-1: USB disconnect, device number 69
[ 1356.733625][ T5830] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1356.830283][ T5830] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1356.979876][T30512] siw: device registration error -23
[ 1357.054129][T30513] siw: device registration error -23
[ 1357.963003][ T5830] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1357.994724][ T5830] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1358.003032][ T5830] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1358.057795][T30501] lo speed is unknown, defaulting to 1000
[ 1358.290809][T30559] netlink: 'syz.3.3083': attribute type 1 has an invalid length.
[ 1358.320683][ T5978] usb 5-1: new high-speed USB device number 89 using dummy_hcd
[ 1358.417208][T30529] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3081'.
[ 1358.511844][ T5978] usb 5-1: Using ep0 maxpacket: 32
[ 1358.630748][ T5978] usb 5-1: config 0 has an invalid interface number: 119 but max is 0
[ 1358.700582][ T5978] usb 5-1: config 0 has no interface number 0
[ 1358.861311][ T5978] usb 5-1: config 0 interface 119 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1358.877555][T30529] tmpfs: Unknown parameter 'grpquota"�YF�)_inode_hardlimit'
[ 1358.968750][ T5978] usb 5-1: config 0 interface 119 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83
[ 1359.035563][ T5978] usb 5-1: config 0 interface 119 altsetting 0 endpoint 0x83 has invalid maxpacket 33307, setting to 1024
[ 1359.149154][ T5978] usb 5-1: config 0 interface 119 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 1024
[ 1359.231723][ T5978] usb 5-1: config 0 interface 119 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[ 1359.320475][ T5978] usb 5-1: New USB device found, idVendor=05ac, idProduct=0292, bcdDevice=88.73
[ 1359.357314][ T5978] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1359.839682][ T5978] usb 5-1: Product: syz
[ 1359.847847][ T5978] usb 5-1: Manufacturer: syz
[ 1359.857886][ T5978] usb 5-1: SerialNumber: syz
[ 1359.872444][ T5978] usb 5-1: config 0 descriptor??
[ 1359.882372][T30523] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1359.906469][T30635] program syz.2.3084 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1359.928001][ T5978] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.119/input/input33
[ 1359.946774][ T5173] usb 5-1: BOGUS urb xfer, pipe 1 != type 3
[ 1359.981508][    C0] bcm5974 5-1:0.119: trackpad urb failed: -1
[ 1360.089462][T30501] chnl_net:caif_netlink_parms(): no params data found
[ 1360.099482][ T5830] Bluetooth: hci4: command tx timeout
[ 1360.325465][T30654] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1360.334621][T30654] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1360.751189][T30501] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1360.765332][T30501] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1360.776073][T30501] bridge_slave_0: entered allmulticast mode
[ 1360.790550][T30501] bridge_slave_0: entered promiscuous mode
[ 1360.808642][T30501] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1360.819370][T30501] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1360.830851][T30501] bridge_slave_1: entered allmulticast mode
[ 1360.845459][T30501] bridge_slave_1: entered promiscuous mode
[ 1360.998292][T30501] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1361.071095][T30501] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1361.131292][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1361.265161][T30759] siw: device registration error -23
[ 1361.658596][ T5978] usb 5-1: USB disconnect, device number 89
[ 1361.789107][T30501] team0: Port device team_slave_0 added
[ 1361.914561][T30501] team0: Port device team_slave_1 added
[ 1362.104662][T30501] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1362.125992][T30501] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1362.162026][ T5830] Bluetooth: hci4: command tx timeout
[ 1362.267096][T30501] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1362.372199][T30501] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1362.469924][T30501] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1362.575070][T30816] siw: device registration error -23
[ 1363.030150][T30501] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1363.788871][T30848] overlayfs: failed to resolve './file1': -2
[ 1363.914837][T30850] siw: device registration error -23
[ 1364.139345][T30501] hsr_slave_0: entered promiscuous mode
[ 1364.147362][T30501] hsr_slave_1: entered promiscuous mode
[ 1364.228297][T30501] debugfs: 'hsr0' already exists in 'hsr'
[ 1364.317189][ T5830] Bluetooth: hci4: command tx timeout
[ 1364.342118][T30501] Cannot create hsr debugfs directory
[ 1364.837714][ T5978] usb 5-1: new high-speed USB device number 90 using dummy_hcd
[ 1365.011898][ T5978] usb 5-1: Using ep0 maxpacket: 32
[ 1365.023251][ T5978] usb 5-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[ 1365.046811][ T5978] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1365.094258][ T5978] usb 5-1: config 0 descriptor??
[ 1365.237678][ T5978] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[ 1365.655514][T18382] bridge_slave_1: left allmulticast mode
[ 1365.661188][T18382] bridge_slave_1: left promiscuous mode
[ 1365.701949][T18382] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1365.735505][T18382] bridge_slave_0: left allmulticast mode
[ 1365.741178][T18382] bridge_slave_0: left promiscuous mode
[ 1365.757994][T30941] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null.
[ 1365.772136][ T5978] gspca_vc032x: reg_r err -110
[ 1365.776923][ T5978] gspca_vc032x: I2c Bus Busy Wait 00
[ 1365.791790][T30941] overlayfs: missing 'lowerdir'
[ 1365.801717][ T5978] gspca_vc032x: I2c Bus Busy Wait 00
[ 1365.802277][T18382] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1365.807653][ T5978] gspca_vc032x: I2c Bus Busy Wait 00
[ 1365.836753][ T5978] gspca_vc032x: I2c Bus Busy Wait 00
[ 1365.851922][ T5978] gspca_vc032x: I2c Bus Busy Wait 00
[ 1365.857336][ T5978] gspca_vc032x: I2c Bus Busy Wait 00
[ 1365.872093][ T5978] gspca_vc032x: I2c Bus Busy Wait 00
[ 1365.877483][ T5978] gspca_vc032x: I2c Bus Busy Wait 00
[ 1365.891945][ T5978] gspca_vc032x: I2c Bus Busy Wait 00
[ 1365.901903][ T5978] gspca_vc032x: I2c Bus Busy Wait 00
[ 1365.907215][ T5978] gspca_vc032x: I2c Bus Busy Wait 00
[ 1365.923020][ T5978] gspca_vc032x: I2c Bus Busy Wait 00
[ 1365.928334][ T5978] gspca_vc032x: I2c Bus Busy Wait 00
[ 1365.934074][ T5978] gspca_vc032x: I2c Bus Busy Wait 00
[ 1365.962345][ T5978] gspca_vc032x: I2c Bus Busy Wait 00
[ 1365.972194][ T5978] gspca_vc032x: I2c Bus Busy Wait 00
[ 1365.977502][ T5978] gspca_vc032x: I2c Bus Busy Wait 00
[ 1366.011844][ T5978] gspca_vc032x: I2c Bus Busy Wait 00
[ 1366.017453][ T5978] gspca_vc032x: Unknown sensor...
[ 1366.039229][T18382] bond0 (unregistering): (slave ip6gretap1): Releasing active interface
[ 1366.048070][ T5978] vc032x 5-1:0.0: probe with driver vc032x failed with error -22
[ 1366.422181][ T5830] Bluetooth: hci4: command tx timeout
[ 1366.922244][T30949] program syz.1.3095 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1367.110099][T18382] 
 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1367.124168][T18382] 
 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1367.144573][T18382] 
 (unregistering): (slave wlan1): Releasing backup interface
[ 1367.160135][T18382] 
 (unregistering): Released all slaves
[ 1367.349564][T18382] bond0 (unregistering): Released all slaves
[ 1367.520200][T18382] tipc: Left network mode
[ 1367.558591][ T5900] usb 5-1: USB disconnect, device number 90
[ 1368.177477][T30960] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3098'.
[ 1368.443797][T30960] tmpfs: Unknown parameter 'grpquota"�YF�)_inode_hardlimit'
[ 1369.090053][T30994] siw: device registration error -23
[ 1369.545928][T30997] siw: device registration error -23
[ 1371.041872][   T30] kauditd_printk_skb: 64 callbacks suppressed
[ 1371.041890][   T30] audit: type=1400 audit(1767644289.640:1335): avc:  denied  { setopt } for  pid=31023 comm="syz.3.3104" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[ 1371.193800][ T5820] usb 5-1: new high-speed USB device number 91 using dummy_hcd
[ 1371.265147][T29518] usb 2-1: new high-speed USB device number 70 using dummy_hcd
[ 1371.344356][T18382] hsr_slave_0: left promiscuous mode
[ 1371.350890][T18382] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1371.360020][T18382] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1371.420409][ T5820] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1371.433226][ T5820] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1371.494929][ T5820] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1371.513250][ T5820] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1371.526294][ T5820] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1371.534766][T29518] usb 2-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[ 1371.544315][T29518] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1371.555242][T29518] usb 2-1: Product: syz
[ 1371.562057][T29518] usb 2-1: Manufacturer: syz
[ 1371.566831][T29518] usb 2-1: SerialNumber: syz
[ 1371.587897][ T5820] usb 5-1: config 0 descriptor??
[ 1371.597645][T29518] usb 2-1: config 0 descriptor??
[ 1371.756428][T31023] delete_channel: no stack
[ 1371.831913][T29518] usb 2-1: USB disconnect, device number 70
[ 1372.069039][T18382] team0 (unregistering): Port device team_slave_1 removed
[ 1372.150756][T18382] team0 (unregistering): Port device team_slave_0 removed
[ 1372.785662][ T5820] usbhid 5-1:0.0: can't add hid device: -71
[ 1372.802133][ T5820] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1372.836232][ T5820] usb 5-1: USB disconnect, device number 91
[ 1374.401052][T31101] siw: device registration error -23
[ 1375.139356][T31106] siw: device registration error -23
[ 1375.498307][T30501] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1376.409553][T31118] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3114'.
[ 1376.472146][T31118] tmpfs: Unknown parameter 'grpquota"�YF�)_inode_hardlimit'
[ 1376.545475][T31131] lo speed is unknown, defaulting to 1000
[ 1376.551249][T31131] lo speed is unknown, defaulting to 1000
[ 1376.557389][T31131] lo speed is unknown, defaulting to 1000
[ 1376.568930][T31131] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[ 1376.678596][T30501] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1376.756207][T31131] lo speed is unknown, defaulting to 1000
[ 1376.762705][T31131] lo speed is unknown, defaulting to 1000
[ 1376.769118][T31131] lo speed is unknown, defaulting to 1000
[ 1376.775619][T31131] lo speed is unknown, defaulting to 1000
[ 1376.782066][T31131] lo speed is unknown, defaulting to 1000
[ 1376.788413][T31131] lo speed is unknown, defaulting to 1000
[ 1376.845191][T30501] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1376.894151][T30501] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1377.502059][T30501] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1377.541220][T30501] 8021q: adding VLAN 0 to HW filter on device team0
[ 1377.580608][T11348] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1377.587779][T11348] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1377.755504][T26480] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1377.762635][T26480] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1378.847325][T29518] usb 5-1: new high-speed USB device number 92 using dummy_hcd
[ 1379.033359][T29518] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1379.060050][T29518] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1379.087622][T29518] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1379.089812][T30501] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1379.152160][T29518] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1379.182196][T29518] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1379.205718][T29518] usb 5-1: config 0 descriptor??
[ 1379.378002][T30501] veth0_vlan: entered promiscuous mode
[ 1379.470039][T31179] siw: device registration error -23
[ 1379.855582][T30501] veth1_vlan: entered promiscuous mode
[ 1380.112756][   T30] audit: type=1800 audit(1767644298.710:1336): pid=31181 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.1.3122" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[ 1380.511412][T30501] veth0_macvtap: entered promiscuous mode
[ 1380.555047][T30501] veth1_macvtap: entered promiscuous mode
[ 1380.819302][T31184] virtio-fs: tag </dev/md0> not found
[ 1380.930046][T30501] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1380.975040][T30501] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1381.080269][   T30] audit: type=1400 audit(1767644299.700:1337): avc:  denied  { read write } for  pid=31189 comm="syz.3.3119" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[ 1381.106319][T31191] FAULT_INJECTION: forcing a failure.
[ 1381.106319][T31191] name failslab, interval 1, probability 0, space 0, times 0
[ 1381.128112][T31184] can0: slcan on ttyS3.
[ 1381.131827][T31191] CPU: 0 UID: 0 PID: 31191 Comm: syz.3.3119 Not tainted syzkaller #0 PREEMPT(full) 
[ 1381.131852][T31191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1381.131863][T31191] Call Trace:
[ 1381.131869][T31191]  <TASK>
[ 1381.131877][T31191]  dump_stack_lvl+0x16c/0x1f0
[ 1381.131903][T31191]  should_fail_ex+0x512/0x640
[ 1381.131927][T31191]  ? fs_reclaim_acquire+0xae/0x150
[ 1381.131952][T31191]  should_failslab+0xc2/0x120
[ 1381.131976][T31191]  __kmalloc_noprof+0xeb/0x910
[ 1381.132002][T31191]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1381.132028][T31191]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1381.132050][T31191]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 1381.132073][T31191]  ? tomoyo_profile+0x47/0x60
[ 1381.132099][T31191]  tomoyo_path_number_perm+0x245/0x580
[ 1381.132117][T31191]  ? tomoyo_path_number_perm+0x237/0x580
[ 1381.132137][T31191]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1381.132158][T31191]  ? find_held_lock+0x2b/0x80
[ 1381.132201][T31191]  ? find_held_lock+0x2b/0x80
[ 1381.132223][T31191]  ? hook_file_ioctl_common+0x144/0x410
[ 1381.132254][T31191]  ? __fget_files+0x20e/0x3c0
[ 1381.132280][T31191]  security_file_ioctl+0x9b/0x240
[ 1381.132304][T31191]  __x64_sys_ioctl+0xb7/0x210
[ 1381.132327][T31191]  do_syscall_64+0xcd/0xf80
[ 1381.132352][T31191]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1381.132370][T31191] RIP: 0033:0x7f648d78f749
[ 1381.132384][T31191] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1381.132402][T31191] RSP: 002b:00007f648e5f2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1381.132428][T31191] RAX: ffffffffffffffda RBX: 00007f648d9e5fa0 RCX: 00007f648d78f749
[ 1381.132439][T31191] RDX: 0000200000000200 RSI: 00000000c018937e RDI: 0000000000000004
[ 1381.132450][T31191] RBP: 00007f648e5f2090 R08: 0000000000000000 R09: 0000000000000000
[ 1381.132460][T31191] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1381.132470][T31191] R13: 00007f648d9e6038 R14: 00007f648d9e5fa0 R15: 00007ffe18662048
[ 1381.132494][T31191]  </TASK>
[ 1381.132546][T31191] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1381.356003][   T30] audit: type=1400 audit(1767644299.730:1338): avc:  denied  { open } for  pid=31189 comm="syz.3.3119" path="/dev/autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[ 1381.384941][T23105] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1381.449999][T23105] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1381.477578][   T30] audit: type=1400 audit(1767644299.760:1339): avc:  denied  { ioctl } for  pid=31189 comm="syz.3.3119" path="/dev/autofs" dev="devtmpfs" ino=98 ioctlcmd=0x937e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[ 1381.640829][T23105] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1381.652255][T31182] can0 (unregistered): slcan off ttyS3.
[ 1381.660830][T23105] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1382.356757][T29518] usbhid 5-1:0.0: can't add hid device: -71
[ 1382.373028][T29518] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1382.413249][T29518] usb 5-1: USB disconnect, device number 92
[ 1382.481277][T21476] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1382.507590][T21476] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1382.826706][T18382] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1382.871753][T18382] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1382.900544][T31242] siw: device registration error -23
[ 1383.074941][T31234] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3128'.
[ 1383.158593][T31234] tmpfs: Unknown parameter 'grpquota"�YF�)_inode_hardlimit'
[ 1386.423137][T31285] geneve2: entered promiscuous mode
[ 1386.524580][T31289] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3135'.
[ 1386.554590][T31296] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3134'.
[ 1386.643373][T31285] 8021q: VLANs not supported on ip6gre0
[ 1389.403060][T31328] virtio-fs: tag </dev/md0> not found
[ 1389.515190][T31328] can0: slcan on ttyS3.
[ 1389.822381][T31325] can0 (unregistered): slcan off ttyS3.
[ 1390.017077][T31346] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3146'.
[ 1390.051798][ T5820] usb 5-1: new high-speed USB device number 93 using dummy_hcd
[ 1390.204803][ T5820] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1390.241906][ T5820] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1390.271726][   T30] audit: type=1326 audit(1767644308.890:1340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31354 comm="syz.3.3148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f648d78f749 code=0x7ffc0000
[ 1390.274551][ T5820] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1390.973070][ T5820] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1390.974741][   T30] audit: type=1326 audit(1767644308.930:1341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31354 comm="syz.3.3148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f648d78f749 code=0x7ffc0000
[ 1391.010364][   T30] audit: type=1326 audit(1767644308.930:1342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31354 comm="syz.3.3148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f648d78f749 code=0x7ffc0000
[ 1391.111822][   T30] audit: type=1326 audit(1767644308.930:1343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31354 comm="syz.3.3148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f648d78f749 code=0x7ffc0000
[ 1391.160747][T31358] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3147'.
[ 1391.166881][   T30] audit: type=1326 audit(1767644308.930:1344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31354 comm="syz.3.3148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f648d78f749 code=0x7ffc0000
[ 1391.193140][ T5820] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1391.195211][ T5820] usb 5-1: config 0 descriptor??
[ 1391.269575][T31358] tmpfs: Unknown parameter 'grpquota"�YF�)_inode_hardlimit'
[ 1391.310063][   T30] audit: type=1326 audit(1767644308.930:1345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31354 comm="syz.3.3148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f648d78f749 code=0x7ffc0000
[ 1391.401775][   T30] audit: type=1326 audit(1767644308.930:1346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31354 comm="syz.3.3148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f648d78f749 code=0x7ffc0000
[ 1392.092739][   T30] audit: type=1326 audit(1767644308.930:1347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31354 comm="syz.3.3148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f648d78f749 code=0x7ffc0000
[ 1392.172553][T31374] siw: device registration error -23
[ 1393.450279][   T30] audit: type=1326 audit(1767644308.930:1348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31354 comm="syz.3.3148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f648d78f749 code=0x7ffc0000
[ 1393.584958][   T30] audit: type=1326 audit(1767644308.930:1349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31354 comm="syz.3.3148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f648d78f749 code=0x7ffc0000
[ 1394.050607][ T5820] usbhid 5-1:0.0: can't add hid device: -71
[ 1394.074322][ T5820] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1394.203015][ T5820] usb 5-1: USB disconnect, device number 93
[ 1394.239012][T31397] FAULT_INJECTION: forcing a failure.
[ 1394.239012][T31397] name failslab, interval 1, probability 0, space 0, times 0
[ 1394.255535][T31397] CPU: 1 UID: 0 PID: 31397 Comm: syz.4.3155 Not tainted syzkaller #0 PREEMPT(full) 
[ 1394.255561][T31397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1394.255571][T31397] Call Trace:
[ 1394.255577][T31397]  <TASK>
[ 1394.255584][T31397]  dump_stack_lvl+0x16c/0x1f0
[ 1394.255612][T31397]  should_fail_ex+0x512/0x640
[ 1394.255638][T31397]  ? fs_reclaim_acquire+0xae/0x150
[ 1394.255666][T31397]  should_failslab+0xc2/0x120
[ 1394.255691][T31397]  __kmalloc_noprof+0xeb/0x910
[ 1394.255718][T31397]  ? __get_fs_type+0x12c/0x170
[ 1394.255735][T31397]  ? tomoyo_encode2+0x100/0x3e0
[ 1394.255762][T31397]  ? tomoyo_encode2+0x100/0x3e0
[ 1394.255784][T31397]  tomoyo_encode2+0x100/0x3e0
[ 1394.255810][T31397]  tomoyo_encode+0x29/0x50
[ 1394.255834][T31397]  tomoyo_mount_acl+0x314/0x850
[ 1394.255854][T31397]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1394.255875][T31397]  ? kernel_text_address+0x8d/0x100
[ 1394.255898][T31397]  ? __pfx_tomoyo_mount_acl+0x10/0x10
[ 1394.255919][T31397]  ? arch_stack_walk+0xa6/0x100
[ 1394.255969][T31397]  ? tomoyo_domain+0xba/0x150
[ 1394.255996][T31397]  ? tomoyo_profile+0x47/0x60
[ 1394.256026][T31397]  tomoyo_mount_permission+0x16d/0x420
[ 1394.256048][T31397]  ? tomoyo_mount_permission+0x14f/0x420
[ 1394.256072][T31397]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[ 1394.256111][T31397]  security_sb_mount+0x9b/0x260
[ 1394.256134][T31397]  path_mount+0x158/0x23a0
[ 1394.256151][T31397]  ? rcu_is_watching+0x12/0xc0
[ 1394.256172][T31397]  ? __pfx_path_mount+0x10/0x10
[ 1394.256188][T31397]  ? kmem_cache_free+0x2d8/0x770
[ 1394.256207][T31397]  ? putname+0xf5/0x1a0
[ 1394.256238][T31397]  ? putname+0xf5/0x1a0
[ 1394.256261][T31397]  ? putname+0xf5/0x1a0
[ 1394.256291][T31397]  ? __x64_sys_mount+0x293/0x310
[ 1394.256306][T31397]  __x64_sys_mount+0x293/0x310
[ 1394.256324][T31397]  ? __pfx___x64_sys_mount+0x10/0x10
[ 1394.256357][T31397]  do_syscall_64+0xcd/0xf80
[ 1394.256382][T31397]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1394.256400][T31397] RIP: 0033:0x7f50d3f8f749
[ 1394.256416][T31397] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1394.256434][T31397] RSP: 002b:00007f50d4ef9038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1394.256453][T31397] RAX: ffffffffffffffda RBX: 00007f50d41e5fa0 RCX: 00007f50d3f8f749
[ 1394.256466][T31397] RDX: 0000200000000180 RSI: 0000200000000140 RDI: 0000000000000000
[ 1394.256478][T31397] RBP: 00007f50d4ef9090 R08: 00002000000001c0 R09: 0000000000000000
[ 1394.256489][T31397] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1394.256501][T31397] R13: 00007f50d41e6038 R14: 00007f50d41e5fa0 R15: 00007ffddd51ba78
[ 1394.256524][T31397]  </TASK>
[ 1395.086479][T31413] virtio-fs: tag </dev/md0> not found
[ 1395.160271][T31413] can0: slcan on ttyS3.
[ 1395.483244][T31410] can0 (unregistered): slcan off ttyS3.
[ 1395.870741][T31424] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3153'.
[ 1396.032110][T31432] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3158'.
[ 1396.048734][T31407] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3156'.
[ 1396.247996][T31407] tmpfs: Unknown parameter 'grpquota"�YF�)_inode_hardlimit'
[ 1397.456136][T31373] usb 2-1: new high-speed USB device number 71 using dummy_hcd
[ 1398.624953][T31450] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1398.634235][T31373] usb 2-1: Using ep0 maxpacket: 8
[ 1398.639415][T31450] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1398.648188][T31450] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1398.656369][T31450] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1398.665104][T31450] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1398.710189][T31373] usb 2-1: config 0 has an invalid interface number: 55 but max is 0
[ 1398.720118][ T4020] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1398.733375][T31373] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1398.749093][T31373] usb 2-1: config 0 has no interface number 0
[ 1398.756526][T31373] usb 2-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1398.771813][T31373] usb 2-1: config 0 interface 55 altsetting 0 endpoint 0xE has an invalid bInterval 0, changing to 7
[ 1398.808402][T31373] usb 2-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1398.821196][T31373] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1398.851558][T31373] usb 2-1: config 0 descriptor??
[ 1398.861127][T31373] ldusb 2-1:0.55: Interrupt in endpoint not found
[ 1398.923398][T31476] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3163'.
[ 1398.984683][T31476] tmpfs: Unknown parameter 'grpquota"�YF�)_inode_hardlimit'
[ 1399.012684][ T4020] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1399.133345][T31450] Bluetooth: hci0: command 0x0401 tx timeout
[ 1399.184940][T31468] lo speed is unknown, defaulting to 1000
[ 1399.697299][ T4020] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1399.803448][ T4020] bridge0: port 3(netdevsim0) entered disabled state
[ 1399.840433][ T4020] netdevsim netdevsim4 netdevsim0 (unregistering): left allmulticast mode
[ 1400.302915][ T4020] netdevsim netdevsim4 netdevsim0 (unregistering): left promiscuous mode
[ 1400.313923][ T4020] bridge0: port 3(netdevsim0) entered disabled state
[ 1400.341025][ T4020] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1400.592092][ T5997] usb 4-1: new high-speed USB device number 74 using dummy_hcd
[ 1400.674608][T29809] usb 2-1: USB disconnect, device number 71
[ 1400.722463][ T5830] Bluetooth: hci2: command tx timeout
[ 1400.832554][ T5997] usb 4-1: Using ep0 maxpacket: 16
[ 1400.848905][ T5997] usb 4-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[ 1400.869042][ T5997] usb 4-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[ 1400.881100][T31468] chnl_net:caif_netlink_parms(): no params data found
[ 1400.891715][ T5997] usb 4-1: Product: syz
[ 1400.896452][ T5997] usb 4-1: Manufacturer: syz
[ 1400.906480][ T4020] bridge_slave_1: left allmulticast mode
[ 1400.912063][ T5997] usb 4-1: SerialNumber: syz
[ 1400.922338][ T4020] bridge_slave_1: left promiscuous mode
[ 1400.923642][ T5997] usb 4-1: config 0 descriptor??
[ 1400.941888][ T4020] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1400.985217][ T4020] bridge_slave_0: left allmulticast mode
[ 1401.008315][ T4020] bridge_slave_0: left promiscuous mode
[ 1401.022237][ T4020] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1401.118243][T29809] usb 2-1: new high-speed USB device number 72 using dummy_hcd
[ 1401.343543][T31634] program syz.2.3168 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1401.541726][T29809] usb 2-1: Using ep0 maxpacket: 8
[ 1401.549300][T29809] usb 2-1: config 0 has an invalid interface number: 55 but max is 0
[ 1401.575203][T29809] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1401.592297][T29809] usb 2-1: config 0 has no interface number 0
[ 1401.608343][T29809] usb 2-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1401.629441][T29809] usb 2-1: config 0 interface 55 altsetting 0 endpoint 0xE has an invalid bInterval 0, changing to 7
[ 1401.654393][T29809] usb 2-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1401.669662][T29809] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1401.702872][T29809] usb 2-1: config 0 descriptor??
[ 1401.726531][T29809] ldusb 2-1:0.55: Interrupt in endpoint not found
[ 1402.944139][ T5830] Bluetooth: hci2: command tx timeout
[ 1403.184378][T31658] virtio-fs: tag </dev/md0> not found
[ 1403.545976][ T5820] usb 4-1: USB disconnect, device number 74
[ 1404.036775][ T5820] usb 2-1: USB disconnect, device number 72
[ 1405.597341][ T5830] Bluetooth: hci2: command tx timeout
[ 1405.932608][ T4020] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1405.994891][ T4020] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1406.052006][ T4020] bond0 (unregistering): Released all slaves
[ 1406.062011][T31658] slcan: can't register candev
[ 1407.315347][T31468] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1407.357420][T31468] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1407.741848][ T5830] Bluetooth: hci2: command tx timeout
[ 1407.796396][T31468] bridge_slave_0: entered allmulticast mode
[ 1407.833510][T31468] bridge_slave_0: entered promiscuous mode
[ 1407.848036][T31468] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1407.869495][ T4020] ------------[ cut here ]------------
[ 1407.875287][ T4020] Have pending ack frames!
[ 1407.879711][ T4020] WARNING: net/mac80211/main.c:1712 at ieee80211_free_ack_frame+0x14/0x30, CPU#1: kworker/u8:13/4020
[ 1407.890910][ T4020] Modules linked in:
[ 1407.895735][ T4020] CPU: 1 UID: 0 PID: 4020 Comm: kworker/u8:13 Not tainted syzkaller #0 PREEMPT(full) 
[ 1407.905611][ T4020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1407.916671][ T4020] Workqueue: netns cleanup_net
[ 1407.921474][ T4020] RIP: 0010:ieee80211_free_ack_frame+0x14/0x30
[ 1407.928404][ T4020] Code: ff ff 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 53 48 89 f3 e8 c3 38 dc f6 48 8d 3d 8c 93 b5 05 <67> 48 0f b9 3a ba 02 00 00 00 48 89 de 31 ff e8 28 fe 5d fe 31 c0
[ 1407.948733][ T4020] RSP: 0018:ffffc9000d7a7820 EFLAGS: 00010293
[ 1407.955312][ T4020] RAX: 0000000000000000 RBX: ffff888029729000 RCX: ffffffff8b6d8d03
[ 1407.963745][ T4020] RDX: ffff888034090000 RSI: ffffffff8ae2afed RDI: ffffffff90984380
[ 1407.972667][ T4020] RBP: ffff88805219de70 R08: 0000000000000007 R09: 000000007fffffff
[ 1407.980657][ T4020] R10: 0000000000000001 R11: 0000000000002ba1 R12: dffffc0000000000
[ 1407.989519][ T4020] R13: ffffffff8ae2afe0 R14: 0000000080000000 R15: 0000000000000000
[ 1407.997569][ T4020] FS:  0000000000000000(0000) GS:ffff8881249f5000(0000) knlGS:0000000000000000
[ 1408.007016][ T4020] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1408.013740][ T4020] CR2: 00007f9b16401368 CR3: 00000000790cd000 CR4: 00000000003526f0
[ 1408.021776][ T4020] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1408.029727][ T4020] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[ 1408.037689][ T4020] Call Trace:
[ 1408.040943][ T4020]  <TASK>
[ 1408.043879][ T4020]  idr_for_each+0x143/0x270
[ 1408.048484][ T4020]  ? __pfx_idr_for_each+0x10/0x10
[ 1408.053695][ T4020]  ? kfree+0x2f8/0x6e0
[ 1408.057777][ T4020]  ieee80211_free_hw+0x59/0x1d0
[ 1408.062327][   T30] kauditd_printk_skb: 57 callbacks suppressed
[ 1408.062340][   T30] audit: type=1400 audit(1767644326.680:1407): avc:  denied  { write } for  pid=5801 comm="syz-executor" path="pipe:[4636]" dev="pipefs" ino=4636 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[ 1408.062692][ T4020]  hwsim_exit_net+0x7d9/0x1590
[ 1408.097180][ T4020]  ? __pfx_hwsim_exit_net+0x10/0x10
[ 1408.102938][ T4020]  ? ip_vs_sync_net_cleanup+0x72/0xb0
[ 1408.108316][ T4020]  ? __ip_vs_dev_cleanup_batch+0xb1/0x290
[ 1408.114507][ T4020]  ? __pfx_hwsim_exit_net+0x10/0x10
[ 1408.119731][ T4020]  ops_undo_list+0x2ee/0xab0
[ 1408.124360][ T4020]  ? __pfx_ops_undo_list+0x10/0x10
[ 1408.129484][ T4020]  ? cleanup_net+0x347/0x830
[ 1408.134188][ T4020]  ? idr_destroy+0x62/0x2e0
[ 1408.138703][ T4020]  cleanup_net+0x41b/0x830
[ 1408.143157][ T4020]  ? __pfx_cleanup_net+0x10/0x10
[ 1408.148102][ T4020]  process_one_work+0x9ba/0x1b20
[ 1408.153269][ T4020]  ? __pfx_process_one_work+0x10/0x10
[ 1408.158652][ T4020]  ? assign_work+0x1a0/0x250
[ 1408.163541][ T4020]  worker_thread+0x6c8/0xf10
[ 1408.168154][ T4020]  ? __kthread_parkme+0x19e/0x250
[ 1408.173705][ T4020]  ? __pfx_worker_thread+0x10/0x10
[ 1408.178818][ T4020]  kthread+0x3c5/0x780
[ 1408.183320][ T4020]  ? __pfx_kthread+0x10/0x10
[ 1408.187910][ T4020]  ? rcu_is_watching+0x12/0xc0
[ 1408.192739][ T4020]  ? __pfx_kthread+0x10/0x10
[ 1408.197326][ T4020]  ret_from_fork+0x983/0xb10
[ 1408.201933][ T4020]  ? __pfx_ret_from_fork+0x10/0x10
[ 1408.207041][ T4020]  ? __switch_to+0x7af/0x10d0
[ 1408.211754][ T4020]  ? __pfx_kthread+0x10/0x10
[ 1408.216344][ T4020]  ret_from_fork_asm+0x1a/0x30
[ 1408.221126][ T4020]  </TASK>
[ 1408.224162][ T4020] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1408.231430][ T4020] CPU: 1 UID: 0 PID: 4020 Comm: kworker/u8:13 Not tainted syzkaller #0 PREEMPT(full) 
[ 1408.240965][ T4020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1408.251010][ T4020] Workqueue: netns cleanup_net
[ 1408.255779][ T4020] Call Trace:
[ 1408.259048][ T4020]  <TASK>
[ 1408.261973][ T4020]  dump_stack_lvl+0x3d/0x1f0
[ 1408.266565][ T4020]  vpanic+0x640/0x6f0
[ 1408.270553][ T4020]  ? ieee80211_free_ack_frame+0x14/0x30
[ 1408.276106][ T4020]  panic+0xca/0xd0
[ 1408.279837][ T4020]  ? __pfx_panic+0x10/0x10
[ 1408.284268][ T4020]  ? check_panic_on_warn+0x1f/0xb0
[ 1408.289387][ T4020]  check_panic_on_warn+0xab/0xb0
[ 1408.294313][ T4020]  __warn+0x108/0x3c0
[ 1408.298279][ T4020]  __report_bug+0x2a0/0x520
[ 1408.302766][ T4020]  ? ieee80211_free_ack_frame+0x14/0x30
[ 1408.308302][ T4020]  ? __pfx___report_bug+0x10/0x10
[ 1408.313308][ T4020]  ? kfree+0x2f8/0x6e0
[ 1408.317354][ T4020]  ? kfree_const+0x55/0x60
[ 1408.321757][ T4020]  ? kobject_put+0x213/0x6f0
[ 1408.326361][ T4020]  ? ieee80211_free_ack_frame+0xd/0x30
[ 1408.331827][ T4020]  ? idr_for_each+0x113/0x270
[ 1408.336514][ T4020]  report_bug_entry+0xe1/0x290
[ 1408.341266][ T4020]  ? ieee80211_free_ack_frame+0x14/0x30
[ 1408.346803][ T4020]  handle_bug+0x18a/0x260
[ 1408.351122][ T4020]  exc_invalid_op+0x17/0x50
[ 1408.355611][ T4020]  asm_exc_invalid_op+0x1a/0x20
[ 1408.360449][ T4020] RIP: 0010:ieee80211_free_ack_frame+0x14/0x30
[ 1408.366589][ T4020] Code: ff ff 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 53 48 89 f3 e8 c3 38 dc f6 48 8d 3d 8c 93 b5 05 <67> 48 0f b9 3a ba 02 00 00 00 48 89 de 31 ff e8 28 fe 5d fe 31 c0
[ 1408.386185][ T4020] RSP: 0018:ffffc9000d7a7820 EFLAGS: 00010293
[ 1408.392240][ T4020] RAX: 0000000000000000 RBX: ffff888029729000 RCX: ffffffff8b6d8d03
[ 1408.400192][ T4020] RDX: ffff888034090000 RSI: ffffffff8ae2afed RDI: ffffffff90984380
[ 1408.408142][ T4020] RBP: ffff88805219de70 R08: 0000000000000007 R09: 000000007fffffff
[ 1408.416091][ T4020] R10: 0000000000000001 R11: 0000000000002ba1 R12: dffffc0000000000
[ 1408.424043][ T4020] R13: ffffffff8ae2afe0 R14: 0000000080000000 R15: 0000000000000000
[ 1408.431998][ T4020]  ? __pfx_ieee80211_free_ack_frame+0x10/0x10
[ 1408.438060][ T4020]  ? idr_for_each+0x113/0x270
[ 1408.442720][ T4020]  ? ieee80211_free_ack_frame+0xd/0x30
[ 1408.448171][ T4020]  idr_for_each+0x143/0x270
[ 1408.452661][ T4020]  ? __pfx_idr_for_each+0x10/0x10
[ 1408.457667][ T4020]  ? kfree+0x2f8/0x6e0
[ 1408.461731][ T4020]  ieee80211_free_hw+0x59/0x1d0
[ 1408.466599][ T4020]  hwsim_exit_net+0x7d9/0x1590
[ 1408.471376][ T4020]  ? __pfx_hwsim_exit_net+0x10/0x10
[ 1408.476567][ T4020]  ? ip_vs_sync_net_cleanup+0x72/0xb0
[ 1408.481929][ T4020]  ? __ip_vs_dev_cleanup_batch+0xb1/0x290
[ 1408.487651][ T4020]  ? __pfx_hwsim_exit_net+0x10/0x10
[ 1408.492850][ T4020]  ops_undo_list+0x2ee/0xab0
[ 1408.497447][ T4020]  ? __pfx_ops_undo_list+0x10/0x10
[ 1408.502558][ T4020]  ? cleanup_net+0x347/0x830
[ 1408.507141][ T4020]  ? idr_destroy+0x62/0x2e0
[ 1408.511631][ T4020]  cleanup_net+0x41b/0x830
[ 1408.516031][ T4020]  ? __pfx_cleanup_net+0x10/0x10
[ 1408.520956][ T4020]  process_one_work+0x9ba/0x1b20
[ 1408.525889][ T4020]  ? __pfx_process_one_work+0x10/0x10
[ 1408.531254][ T4020]  ? assign_work+0x1a0/0x250
[ 1408.535831][ T4020]  worker_thread+0x6c8/0xf10
[ 1408.540413][ T4020]  ? __kthread_parkme+0x19e/0x250
[ 1408.545421][ T4020]  ? __pfx_worker_thread+0x10/0x10
[ 1408.550520][ T4020]  kthread+0x3c5/0x780
[ 1408.554572][ T4020]  ? __pfx_kthread+0x10/0x10
[ 1408.559146][ T4020]  ? rcu_is_watching+0x12/0xc0
[ 1408.563888][ T4020]  ? __pfx_kthread+0x10/0x10
[ 1408.568464][ T4020]  ret_from_fork+0x983/0xb10
[ 1408.573037][ T4020]  ? __pfx_ret_from_fork+0x10/0x10
[ 1408.578133][ T4020]  ? __switch_to+0x7af/0x10d0
[ 1408.582797][ T4020]  ? __pfx_kthread+0x10/0x10
[ 1408.587382][ T4020]  ret_from_fork_asm+0x1a/0x30
[ 1408.592151][ T4020]  </TASK>
[ 1408.595429][ T4020] Kernel Offset: disabled
[ 1408.599732][ T4020] Rebooting in 86400 seconds..