last executing test programs:

19m18.808879055s ago: executing program 2 (id=571):
mount(&(0x7f0000000280)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000340)='./cgroup\x00', &(0x7f0000000000)='hugetlbfs\x00', 0x1a0c000, 0x0)

19m18.307430566s ago: executing program 2 (id=572):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010012000000001200000700000a20000000000a03000000000000000000070000000900010073797a300000000044000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000020080003400000000514000000110001"], 0x8c}}, 0x0)

19m17.572565246s ago: executing program 2 (id=574):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0xe}}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_DEL_MIF(r0, 0x29, 0xcb, &(0x7f0000000540), 0xc)
r1 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000000)=ANY=[@ANYBLOB="120110017a953210ac0504c777620102030109022d0001080540040904270102fffd01000921e700070122b30409050c0200020103400905df02"], 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000040), 0xffffffffffffffff)
syz_usb_control_io$hid(r1, &(0x7f0000000bc0)={0x24, 0x0, &(0x7f0000004800)=ANY=[@ANYBLOB="0003040000000403"], 0x0, 0x0}, 0x0)
syz_usb_control_io(r1, 0x0, &(0x7f0000000940)={0x84, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

19m12.389526409s ago: executing program 2 (id=589):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000280)=<r0=>0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102400, 0x19000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
setresgid(0xee00, 0xee01, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x34, r3, 0x1, 0x0, 0xe7030000, {{0x2}, {@val={0x8, 0x3, r5}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x9b4}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_CENTER_FREQ2={0x8}]]}, 0x34}, 0x1, 0x0, 0x0, 0x800}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, 0x0)
sendmsg$NL80211_CMD_STOP_NAN(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x1c, r3, 0x400, 0x70bd2b, 0x25dfdbff, {{}, {@val={0x8}, @void}}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x840)
setuid(0xee00)
shmget$private(0x0, 0x4000, 0x800, &(0x7f0000007000/0x4000)=nil)

19m11.828134136s ago: executing program 2 (id=593):
r0 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000040), 0x125800, 0x0)
mmap(&(0x7f00001c3000/0x2000)=nil, 0x2000, 0xf, 0x10, r0, 0xa5dc7000)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x4000081)
syz_init_net_socket$ax25(0x3, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$inet6(0xa, 0x805, 0x0)
getsockopt$bt_hci(r4, 0x84, 0x81, 0x0, &(0x7f00000010c0))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$nl_crypto(0xffffffffffffffff, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@getstat={0xe0, 0x15, 0x0, 0x70bd29, 0x0, {{'digest_null-generic\x00'}, '\x00', '\x00', 0x0, 0x2400}}, 0xe0}, 0x1, 0x0, 0x0, 0x20008800}, 0x0)
sendmsg$nl_crypto(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="f0000000120003"], 0xf0}}, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000080)=@GFS2_LARGE_FH_SIZE={0x20, 0x8, {{0xd, 0x9, 0x9, 0x80000}, {0x6b8, 0x2, 0x7, 0x80000000}}}, 0xc4400)

19m8.462095622s ago: executing program 2 (id=603):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000040)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
r3 = memfd_secret(0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xa, 0x11, r3, 0x0)
ftruncate(r3, 0x51a9497)
pipe(&(0x7f0000000000))
bpf$MAP_CREATE(0x0, 0x0, 0x50)
io_uring_setup(0xf08, &(0x7f000000c480)={0x0, 0xeb9e, 0x400, 0x20001, 0x3})
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r4, 0x3b85, &(0x7f00000000c0)={0x28, 0x7, r5, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r4, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, r5, 0x0, <r6=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r4, 0x3ba0, &(0x7f0000000100)={0x48, 0x7, r6, 0x0, 0x10001, 0x0, 0x6, 0x4e8d0, 0x107b9c})
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x0, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r7}, 0x10)
r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000240)={0x1c, 0x2d, 0x1, 0x0, 0x0, "", [@nested={0x4, 0x800}, @nested={0x7, 0x11, 0x0, 0x1, [@generic="2fe5af"]}]}, 0x1c}], 0x1, 0x0, 0x0, 0xe7030000}, 0x0)

18m51.554181114s ago: executing program 32 (id=603):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000040)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
r3 = memfd_secret(0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xa, 0x11, r3, 0x0)
ftruncate(r3, 0x51a9497)
pipe(&(0x7f0000000000))
bpf$MAP_CREATE(0x0, 0x0, 0x50)
io_uring_setup(0xf08, &(0x7f000000c480)={0x0, 0xeb9e, 0x400, 0x20001, 0x3})
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r4, 0x3b85, &(0x7f00000000c0)={0x28, 0x7, r5, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r4, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, r5, 0x0, <r6=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r4, 0x3ba0, &(0x7f0000000100)={0x48, 0x7, r6, 0x0, 0x10001, 0x0, 0x6, 0x4e8d0, 0x107b9c})
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x0, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r7}, 0x10)
r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000240)={0x1c, 0x2d, 0x1, 0x0, 0x0, "", [@nested={0x4, 0x800}, @nested={0x7, 0x11, 0x0, 0x1, [@generic="2fe5af"]}]}, 0x1c}], 0x1, 0x0, 0x0, 0xe7030000}, 0x0)

18m41.701567812s ago: executing program 1 (id=658):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = timerfd_create(0x0, 0x0)
timerfd_settime(r2, 0x3, &(0x7f0000000000)={{0x77359400}, {0x0, 0x3938700}}, 0x0)
timerfd_gettime(r2, &(0x7f0000000640))
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)={{0x14}, [@NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFT_MSG_DELRULE={0x38, 0x8, 0xa, 0x3, 0x0, 0x0, {0x2, 0x0, 0x6}, [@NFTA_RULE_HANDLE={0xc}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0xa}}}, 0x8c}}, 0x0)
r3 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)={0x30, r3, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_MLSLVLLST={0x8, 0x8, 0x0, 0x1, [{0x4, 0x5}]}]}, 0x30}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc0004}]})
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xe, &(0x7f0000000080)=0x108, 0x4)
openat2(0xffffffffffffffff, 0x0, 0x0, 0x0)

18m41.517748027s ago: executing program 1 (id=659):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7fff}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000, @void, @value}, 0x94)
r1 = socket$netlink(0x10, 0x3, 0x4)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000040)={'vlan1\x00', &(0x7f0000000000)=@ethtool_rxfh={0x1}})
syz_open_dev$sg(0x0, 0x2, 0x4ce681)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000280)={0x0, r0}, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
ioctl$KDGKBSENT(0xffffffffffffffff, 0x5602, &(0x7f0000000000)={0x0, "96d3e9659db3f50cb3c4e683f4fae026a3b284dd56630882be4bc0f34042227a71f06b95d73e34c8ecf3325e43f75f16f13d8905d3bdce627dc6ae0b14840f4c8bebc40872293c61ddd293631a22c6d5c8c9b16b987f4326874ddc5e2610c5505cea115e51bf6feb3e93cf89b8f44394fa2ac7f6cf757a9416c7545c5e5caa34450f0397d179f2225b57f644ce8ad31b15547b9364daef8e784f2036a75c3c5cfd124cdd424a558ea90d054d36c0d1d0db92e5e7f668dadcbfaed92c7cf3204be0c4904d308feba3447d7f41a58bc2fd4682e306a592696e4de9427d87c008d3e172cf162cc35f00915fe9fc9ea84e28838940e4bb2fda4c55a34abdf6db63d547c91a17211a1ce43a2933f8227e8b6767ab70bc9223e62a2d3ad9b13f74e2000961e62eaea005088d6d74a19eb0c56ce314323143fcfe27e410e10bd21a2140783385bdb1a7d33038427e336829ccfb63c04e537ca51ddae5fdf29505fca04fc4b2a13d6dad7db2eace60e9589712719a49a2d2d44587465037851b1fe93a0ed46822294671098fd53e79fe428bf6ae3846299ab1d238ad07be6cc01b5fcaacfce829c209e67d5548a38b637f3b44905b8be24dfba30e1b6d074b43e53fcded14a4190a585949baa43fef6c70ce7b1612299d734c07feed23252886a1317358cf5ecaf0186d2dbdb3eab8a9c3c21d4828ef8a9dd89207f2884a57679fcd495a"})
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
shmget$private(0x0, 0x1000, 0x78000a42, &(0x7f0000ff2000/0x1000)=nil)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a300000000064000000030a01030000000000000000050000000900010073797a30000000000900030073797a300000000008000a40000000032800048008000240000000120800014000000000140003006e657464657673696d30000000000000080000000000000014000000110001"], 0xac}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000003800010325bd7000fadbdb2504"], 0x14}}, 0x4008000)

18m40.726936796s ago: executing program 1 (id=663):
r0 = syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="fbd5755fe796fb9a52b70c00220f0000bc0062634e032195ff7584839e3ce079"], 0x0}, 0x0)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x33, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000340)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast6-avx\x00'}, 0x58)
sendmsg$alg(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x48814}, 0x14000012)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="c0260000410007010000000007000000017c00000400fc80a72601"], 0x26c0}, 0x1, 0x0, 0x0, 0x4040003}, 0x4010)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$BLKPBSZGET(0xffffffffffffffff, 0x127b, &(0x7f0000000000))
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r3, 0x3)
syz_emit_ethernet(0x36, &(0x7f00000005c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c2000002080045000028fffe0000fd06907864010101ac1414aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5c040002907800f9"], 0x0)
read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)

18m37.171515544s ago: executing program 1 (id=670):
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000780)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r0}, 0x10)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000940), 0x2, 0x0)
write$RDMA_USER_CM_CMD_QUERY(r3, 0x0, 0x0)
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x3, 0x8, 0x2, 0xb}, 0x0, &(0x7f0000000280)={0x3ff, 0x0, 0x0, 0x400d, 0x0, 0x9, 0x466}, 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

18m36.114572019s ago: executing program 1 (id=673):
r0 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000180)='source', &(0x7f0000000500)='c::=/\x10\xcd\xb7@\x88\xedP9\xf5,\xc1\t\xb7b\x12A\x1d`\x16\xac!\xa7\x9c\x8f\xc98\xcb-\t\xcf-\xdd\xc4\xafK\x8d\xb1R8m\xc1[A\x99g\x9d\x8a\":\xc1I;\x03\xe2<\xdf;\xce\x93\xd3\xd2\x19\x964\xeb\x03\xbc\x7fo\xe8\x89\x01:\x8b-\xab[X\x10\x18\x8d\xbf\xe1H\x9a_\xe3*\xc6\xca\xae\xe0\xb9\x1e\xe1\xf4\x90\xe2\x12]\x01v\xbd\x0e\x0f J\x1d\xcb\xd9:\xa6U\f|\xce*\xa4\x8aJ$\xa5&\x1fu\x1b\x15v\xd0\xd8\x9fH54\xaa\xf2t.I\x96\x1c\t\xe42\x02\x85\xa0\xc2T\x02\x99\xfe\x1e\xb6\xf47u\xa7\x1c\xf5\"K\f\x03i\xba', 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
poll(&(0x7f0000b2c000)=[{r2, 0x300}], 0x2c, 0xffffffffffbffff8)
r3 = getpid()
prlimit64(0x0, 0xe, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001240)=ANY=[@ANYBLOB="0f000000040000000800000001"], 0x37)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0xe, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)=ANY=[@ANYRES32=r4, @ANYRES32=r5, @ANYRES32=r5], 0x20)
close(0x3)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x1a3089, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
symlink(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
setpgid(r6, 0x0)
setpgid(0x0, r6)
mount(0x0, &(0x7f0000000300)='./file1\x00', &(0x7f0000000080)='tmpfs\x00', 0x800, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
newfstatat(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, <r7=>0x0}, 0x1000)
sendmmsg$unix(r2, &(0x7f0000000480)=[{{&(0x7f0000000040)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000140)=[{&(0x7f00000001c0)="54d04f0eb2402886283993a876dfae7c0550b9258105ac6c00073e46b56504785f5378f06416e67d842614ff2f76038dc3dc6a58e80c60da6fc89240276cf43ab42596778d082cacf4b7ae5085d8a3524c26cc472b302a6d21009d0cfbbf792350f7864f2810a8d91a4b9c3097e0880058f667283f88593d8de5f35db2de5e4923a6d7229df352008cb84794825fefe97543baa2fdac7bcf4616117f3b960d886612d2794153a69cf0d320bda48e792e141586c83c81680ecfc339e4e6", 0xbd}, {&(0x7f00000002c0)="adf110cfc050ad844679d6b3bc61fea6bdf28695923011f042c3802f3d42575606c1302f4ce8d4f1cc6c835f8a3cd8972c2f2c6a360e6d12a7bd0b493a9b3440b69562e5b67c339443eb8574690731cb8f9169d68cd938f4a615deba4c755fc16f285a93d46e7782e491cbaae08349c4b8d294afbb87561bffe15159ecf082acee6db014af3d0ca31e31c59019cde6b347c4407357d14923810a7c293fb58b99ee46826603a5c5a7219db8b9d9856cca8780d530cd5e5669f3185865fe", 0xbd}, {&(0x7f00000000c0)="14480166430cb9d1c9a856cdfd0966ef3d5a1597603d540019ce58f2", 0x1c}], 0x3, &(0x7f0000000440)=[@rights={{0x14, 0x1, 0x1, [r1]}}, @cred={{0x1c, 0x1, 0x2, {r3, r7, 0xffffffffffffffff}}}], 0x38, 0x24000810}}], 0x1, 0x4000005)
close_range(r1, 0xffffffffffffffff, 0x0)

18m35.252754443s ago: executing program 1 (id=675):
r0 = socket(0xa, 0x3, 0x3a)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
r1 = syz_open_dev$video4linux(&(0x7f0000001380), 0x7, 0x3)
ioctl$VIDIOC_ENUM_DV_TIMINGS(r1, 0xc0945662, &(0x7f0000001480)={0x4, 0x0, '\x00', {0x0, @reserved}})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_io_uring_setup(0x7b, &(0x7f0000000540)={0x0, 0x3bce, 0x10100, 0x0, 0x313}, &(0x7f00000005c0)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x40, 0x0, r4, 0x0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f00000002c0)=""/183, 0xb7}], 0x1}, 0x0, 0x40000103})
syz_io_uring_submit(r2, 0x0, &(0x7f0000000240)=@IORING_OP_SPLICE={0x1e, 0x21, 0x0, @fd=r0, 0x26ff, {0x0, r0}, 0x9, 0x3, 0x0, {0x0, 0x0, r0}})
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x1c, 0x2d, 0x9, 0x70bd2a, 0x0, {0x6}, [@typed={0x8, 0xa, 0x0, 0x0, @fd=r6}]}, 0x1c}}, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0x6, 0xc, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000b3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
r7 = socket(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000080)=ANY=[@ANYBLOB="540000001400b59500000000000000000a000000", @ANYRES32=r8, @ANYBLOB="140001000040000000000000000000000000000014000200fe8000000000000000000000000000aa140006"], 0x54}, 0x1, 0x0, 0x0, 0x800}, 0x80)
sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
sendmmsg(r7, &(0x7f0000000000), 0x4000000000001f2, 0x0)

18m20.01646443s ago: executing program 33 (id=675):
r0 = socket(0xa, 0x3, 0x3a)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
r1 = syz_open_dev$video4linux(&(0x7f0000001380), 0x7, 0x3)
ioctl$VIDIOC_ENUM_DV_TIMINGS(r1, 0xc0945662, &(0x7f0000001480)={0x4, 0x0, '\x00', {0x0, @reserved}})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_io_uring_setup(0x7b, &(0x7f0000000540)={0x0, 0x3bce, 0x10100, 0x0, 0x313}, &(0x7f00000005c0)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
syz_io_uring_submit(r2, r3, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x40, 0x0, r4, 0x0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f00000002c0)=""/183, 0xb7}], 0x1}, 0x0, 0x40000103})
syz_io_uring_submit(r2, 0x0, &(0x7f0000000240)=@IORING_OP_SPLICE={0x1e, 0x21, 0x0, @fd=r0, 0x26ff, {0x0, r0}, 0x9, 0x3, 0x0, {0x0, 0x0, r0}})
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x1c, 0x2d, 0x9, 0x70bd2a, 0x0, {0x6}, [@typed={0x8, 0xa, 0x0, 0x0, @fd=r6}]}, 0x1c}}, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0x6, 0xc, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000b3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
r7 = socket(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000080)=ANY=[@ANYBLOB="540000001400b59500000000000000000a000000", @ANYRES32=r8, @ANYBLOB="140001000040000000000000000000000000000014000200fe8000000000000000000000000000aa140006"], 0x54}, 0x1, 0x0, 0x0, 0x800}, 0x80)
sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
sendmmsg(r7, &(0x7f0000000000), 0x4000000000001f2, 0x0)

7.778207567s ago: executing program 6 (id=4215):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0xf, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9, 0x11e41e7a, 0x5, 0xfffffffc, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0xffffffffffffff2f, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0x21}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000180)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000002c0)=@newqdisc={0x38, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r5, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xfff2}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x44080)
r6 = openat$binfmt_format(0xffffffffffffff9c, &(0x7f0000001580)='/proc/sys/fs/binfmt_misc/syz0\x00', 0x2, 0x0)
read(r6, 0x0, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f00000003c0)={'batadv_slave_1\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=@delchain={0x24, 0x5f, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0x5, 0x2}, {0x1, 0xe}}}, 0x24}}, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
getsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
getpid()

7.720796217s ago: executing program 4 (id=4216):
r0 = syz_open_dev$usbfs(&(0x7f0000000140), 0x77, 0x1501)
ioctl$USBDEVFS_SETINTERFACE(r0, 0x80085504, 0x0)

7.706237858s ago: executing program 4 (id=4217):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'pim6reg1\x00', 0x1})
close(r0)

7.01926659s ago: executing program 4 (id=4219):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x20000845, 0x0, 0x0)
getpeername$inet6(r1, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007000000", @ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000000780)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf200000000000002600020007ffffffbd0310000000000095002000000000006916000000000000bf6700000000000004070000b964b01a4607feff00200000540700000ee60000bf150000000000001d5700000000000065070000d23700002c030000000000001f75000000000000bf54000000000000070000000400f9ffad430100000000007c000000000000000500000000000000950000000000000032ed3c5be95e5db67754bb12dc8c4ed68ecf264e0f84f9f17d3c30e3c7bdd2d17f2f175455000078af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd390700000500000000f18c30907d7bee45a0100000fe9de56c9d05000000c6c60bef0d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cac3f1d5af65727546e7c955ccefa1f6ab689ffffff7f63ede202fa4e0a2127b8b83c71a51445dc8dfd13ff15f852a39e5b2ab7bcb8f512036a5ba6d04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916fcecc8158f0200000000c8fb735fd552bdc268694aeb0743e326c819b6cf5c8ac86f8a297dff0445a13d0045fb3cda30a673a6037ed8c85f21ec2c081bdce431e56723888fb126a19bc1172b84b3ebe174aba210d739a018f9bbec63222d20cecac4d03723f1c921b5bbf7949632cacfdd32b3a6aa57f1ad2e99e0e67a993716dbf580469f0f53acbb400001e3738270b315d362ed834f2af97787f696649a462e7e090000000000000045eac1f2014f720e83b7838e3eede14308d582685e1becd6f35154bcb4000000000000000000000000000000bc3af2b170ad3e2b26539cebca8f4ddc211bc3ccf0bd9d42ca019dd5d022cf74686e9fbe2562979eaed840a7afaab43176e65ec1118d46d1e827f3472f4445d353887a5ad103649afa1769080584f800031e03a651bb04000000ab04871bc47287cd31cc43ea0ffb567b4040c1458d0320ce7d0000413a0000000000000000005f37983f84e98a523d80bd56a57fa82b82f639601ae899a559944cb9a62a29ab028acfc138cea0f6a5480a55d624a0c544ba0dc828c22fe30000aa391598000000437d57fcf8295f63a70837f5cd4e5e77964522dc7ca3aa3476b7f2d851d27fd4de6eabb43e0799dc8d9fb7dc6c523ffbd74a6a40e4acb1ac872ade9d1f2ab779b8dbe843aeeda0426c767c00327b8c95b2bb6ddb55117669d9598c0f3598073f3a921c76beceff7e4fbf909a2cabf5b8ea5011db9020823b83abe54346c7af0a99fa077ffe7000feb9e44023a1749eb1d0d572b77d6e0d0fcd74031c8ef2629f5ecff4626746d6abe98a255e92c3c4f79bfcd0d91741380000cfeb73dec68ed56b5d3dfdf0cb8b71ad79000000000000000000000000000000dd434a25e95d0ec29d3adaccf89d0888031ecdfdb4dfbe444673be099ece7e4009c76c7108ef0a7e59fd6d906fbc3c9b412e0478cfee4485f423c63f49db43833c92eeeb647cebd4d7a93a17bcbb6bae5ff876375d4fe39cc2d292691672cc18ca372104ceb83a35ecedd97fc191d8f64d2b1d60c6d12911aada66c26aa4802c3514c3d92ec905000000b13f4a2575fbe943a6c40000000000000000000000000000028026b80c3899543223a6079ee96198b9a326db3be3a48af415ca28ca68c502550044ed8e29af8d763ef9b1f31befcad2ce5394601c7cdc233ba3d4ce26ed703dcb9fb3ad650f77e339768924dfdbeead13b88371154d743544a6091ec93e0d3fd5b4dc42911c1ba322fd4d6fbf19e617d51f964727bfd5cc5ba15370f6e1141d2271eded0b15e4316a1e4623272beb249a0928c417720be14c898f397411c88a7bcf3df46ab3efe7cd5e160c2afd3cc945f75011a102d952c7ad17a58d9be691c334ea35bae71e76e160cc2260bd028162917807ce89e11b5f261052ee0dde18efa1d802af2b7bcf6f8af41933cea0d0343261bccf64ca1c81045153eafbefdb91fbdff9ee3307d4a1837963b2dc2a3698d90e7915b098f19392e792adaea86052f4e948184001b6494e906925a092483adc7e9c8f7a29d226763c100aecae7f00619c36bceb9fb6dd7e55487d8485e498fdfc377fd3d266d21d46ab2f6b2ce22cd0aebba9b0ffbfe8ec3143c3734967c90b16ebbeeae1ce2baaae05aed6bf0f40c8a323f9235dc99698bd0b800067a901a79daada03cc77e74feb98b1586946b452764ff917a8ecc10e529c5bea49cad70e22df522c2803b6ef65df70223c6e22c3433e322d8dbd6e9b040065a9d6b3d5ae276cffe935d559bea88e1aa36b4e6c19e78457904297e77370e013b705a96548d47c609a93c45f4d1382b39c05dcc07d5b49ad75ddb3ce5b5b9416e03995da04647aa5e6fc1a6f5d663380967ccef9de49a90ced031335e3219ebd9d06c257a50497ec523f5ff7361261ccfe239d603364a42e2e81fc068fcbb9792b673827fe7018a988fbce55bb74cdb327ced4b77b8743fb3cb72cc280b9f62e4f92f46a19600b802cba88b7d0a938d9e0e6cfe5d66b874cd004179e5b6025c0e1050faec7ecd9de190a975db2f8c06a551236278c4766d7e22e3b85168c9851de6266c791252f919b4f8b257b5a786734e5142e4666c67aef5b7b2f88c6640995434aa8636993089c73f196c54ae829ad4307132655b075ae534fa7f1ea9a17e62357b0bd2bd1d62d34bfc1364640250136729ba4f763ff25c33e8acc806611792add8254e705fefd2a44d5b15e3b36f6b75c97c9c04c511d8cf9e24c61c8284a913a381cb1a5628878040000000000000017b68afd95d4abf7920de9ebe1c89661f4adc3d83d72b1b778e30c2bf2efbbcd054cf51f5705ebf9a98a0d9f18135cb1d8d567c3436fa697b72c5035d98b9e4f7f3379c0b3339debc78352b2e65299223d7ef2bd540e78167b3ac92a4c4f826f6d0e5c4ebf4f7a70c03e2f5ddbebf168586360c3663531eb5995d228f011a10ffc8b17d716b0c528dab6d0c4fe2ee402348104bc5d4012babedee898c6d3e1017be2e9bc759d3ab4d615f5000000000000000000000000000000000000000000007fff0000000000e693e314adf7dc9f517d04f1e6ca367d30d31d3647c6059db6e1e9529eb1623ef99e2d9ac2ab4872f8e784b07a31110bef6d000000a6f9e89e6d50ee06ce716f94da60f1f22d9669560d296287c13c92070000ee7553eb2df17839542fa88d09f000e88a90cf4406b9000000000000000000000000f441d6a6f516c235c6f5863e7f454ee0e16b9aa2593eb31fa3836703e7765aaeb77a8770e518efaa6d3dd85e03b3b133eb749057cea9af75a0e6f633532f2891b8e263cb6eecea691842827bc7c8c0130187081c8d320642389f5f0c42dba0ff75a257310f2d92cb1d1e16468949f5675262ee6609cf26ae4a8f5eac0ebf318e735930b01d8f586e34537bcff7d6196f494cdcf3a712078d745db0f5687a78ee6d000b3d171a0f08299b52d207f32e9da311ca090000003a42732808515eec574f892622c5be497fc3d9ca122d7c18b9e54637812c8debc61f0e42d838e44a819b74bce1a56108bb0f72c4a02475920532309c55b2c9ae9f281391ec5cc72a5e94cca1cbf1ff01000000000000bdb537a0c52bd45a9f966c25616cec30c3ea3246cb8e6aac7cf273638e6656a3e4ccadc348f0172028c99cc5f6d5c6d09ed65aa54549e73c28b7c8ad06ad3c5e3c27eec0eff1a6c84f1189919eefcee8072d1f88cb781e4cdb04af00ac92f1080211c4bee74381a0e31021918f27863fdbafb50f70857d52a1f7df51935a80b1980a4778d35f183ea517f55a98c5a471f3521956f8da6a4ccf2071095305701ab3f3ae43f06e91bc7d85e3800b46926944fba9805a985e63e53a62232fcd3f01dbe1728f300e247a7ebe344f9749818ff3961b2a42664ccd680a90bbb6ab400e286acc8f9febef64594777f848ed1cf980a3da2f0f7745760a05887d0c28060d613dd6539d392fc21fee0b5131609664b821d7a994e6c5965a4fa1ec1790c54e54586907dcc5e8bac16e79da9c2444420900000000000000f888a94365b99b72796fca1b922fc9aefaf1546c17cbb1d2d2fd12cb1a49cad501a3ca218c595b667b634606c57987ebfb0783a4948e4561d5cda158fe74453ff4a837beeedba483842c57d6005b544b4f80003386edfd3d4a88a667bd41eefe0d808abed08a29e6bc370a80cc0366fb4080bfbaaa946fd47ab662c794846e403950bbc3a48bb276cbb08a8eab145c06221ef16a238e3d50ad18aea9a2cec97d3c2d0569caabe2bffe02506bc9cb7294c5d020536dd5e7a6351642112df3b55d0215aaec7e45598995e79699e47567e353e68b03f82be860b188554b734e1192f9c1a867b815ef52cdc3307c0cc9be05a4fdde69c350e59f11f1d26a4d04d8c8b2c4a4d23ee931d14bc7807db773a614b670acf46f83f7c65a0f8d43c5f64705f0d27c46d4b686e867e9b0be76a7978a8f962bb5a070df97f2bf7612115cfe5ebdc7ad0bc5a5f3ace25347d0e5c347279d55aa67a967380000000000000000000000000000000000000000000000ed0942d980c754c6c69ef65c375ad018824f78b260d5f51bc3feba504408a8c8141d84f3f417603b5081680f346ff0ffbe4ae19e936511966965ce268b6345a0001c0f26a32e0a999fc869292e939dcf89b9bfd794f9c12d41959a00688cca43015a9eec58f647796adea520cd2abeb0b55c22949d10e5a05fee4543fdc1e02554a55b5fef2427a6e5708edc38fac53c2f961945a3f83cdf01979939b49bc6b1aef8c733401bbe473de8d64efbe056e2d686e796aaf09e74f2175c174ada1678c7db79492e8dd0f34e2ccf419cf7f14ffa408b50a52685b36aed14aa22ad928191d5a2697646edc52a1c0c5d720ae690add2b34aed161f51cc1cb424f76098e1e1921e5a405f9d298a8461f2da30e47b7c6ed7c95c84c745f58723e4cddffae3b53b5b947f9435e589f9ae55b30ecd3827b2de5df31976870823da8058c2538c04e397f3d0ef90c11c74da984fa558697ecb57224ce8fa6f79aadbd7dbf3678e74d790bc2ee72769a3ada1dd504f8e4133ce1effd446bc9a2f139e65cc4bd83912af3122352506c7c2191b3705116b2f4fc20d4e93882bdd6ccea97f3a08d3565b00"/3699], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe50, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

6.968604088s ago: executing program 3 (id=4220):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
openat$selinux_member(0xffffffffffffff9c, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f00000005c0)=0x7)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000003c0), 0xffffffffffffffff)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000040)={@cgroup, 0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000580))
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r4}, 0x10)
signalfd(0xffffffffffffffff, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
socket$inet6(0xa, 0x1, 0x0)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]})
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
close_range(r6, 0xffffffffffffffff, 0x0)

6.372704648s ago: executing program 6 (id=4222):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=@newlink={0x34, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x20400}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @vxcan={{0xa}, {0x4, 0x2, 0x0, 0x1, @void}}}]}, 0x34}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
timer_create(0x8, 0x0, &(0x7f0000002700)=<r4=>0x0)
timer_gettime(r4, &(0x7f0000000140))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

5.776003699s ago: executing program 4 (id=4223):
r0 = syz_open_procfs(0x0, &(0x7f0000001100)='net/fib_trie\x00')
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3, 0x0, 0x8000000000}, 0x18)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet(r4, &(0x7f0000003bc0)=[{{&(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10, 0x0, 0x0, &(0x7f00000008c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x28}, @initdev={0xac, 0x1e, 0x0, 0x0}}}}], 0x20}}], 0x1, 0x48040)
ioctl$HCIINQUIRY(r0, 0x800448f0, &(0x7f0000000180)={0x4, 0x6, "c03061", 0x2, 0x4})
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000100)=@newlink={0x34, 0x12, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0x4}, {0x4}}}]}, 0x34}}, 0x0)
sendto$unix(r4, 0x0, 0x2, 0x0, &(0x7f00000002c0)=@file={0x0, './file0\x00'}, 0x6e)
setsockopt$CAN_RAW_ERR_FILTER(r1, 0x65, 0x7, 0x0, 0x0)
setsockopt$CAN_RAW_FD_FRAMES(r1, 0x65, 0x5, 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x0, 0xb, 0x0, 0x0, 0x7995}, 0xfcb5, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = dup2(r6, r6)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(0xffffffffffffffff, &(0x7f000000e280)={0x2020, 0x0, <r8=>0x0, <r9=>0x0, <r10=>0x0}, 0x2020)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000380)={0x50, 0x0, r8, {0x7, 0x28, 0x0, 0x40488060, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24522716a989086f, 0xfffffffc}}, 0x50)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000002680)="8e503ba12553ae35664093744598ff2ed98313cfeff69bbb1f3ba451bc98d27cf439225d75522ac543a153ac5284bf131a87e53d0b20f8dddcb2af841def3e560070344be18fcee4983553ba856738012b512e3dc760fb581a17e5622e0e22e22546476d6cc6d6d94d828a2fa22ec77a1cf082f5ca88f1f8976e8b6c3a7a537f8f50b432bf4df69c912bfcc539a65851f86b23f24e714e0643429ec1198ea1647316538a3ce23fad21e19e087c0dedc7aa6d5e4b0dcbfcbe22c857f5a848aef15126b9ecc810249cbbc82c8b6ba49e46b71cb79f6ef9449d0838b9130946398941a4c64f6e2d84118b60ed4ccfed8a26446032fecf87434e71b7989253f64feb6d2e1013673a9600b1915174e55ad78d1d666fb75c24142e44ceca89a18ca66b4b5e66ba953ca42fb6a36d4a3612a2948393f67a7d1d0957a8553c73855fd007abbb6c3d4bbc943f3b102bb2ea6f40e714516a3de91acc6e1468e9e7b66ee57815da23054153d9d5fcb6bdb26ed8f7754d88154d46df2f2e4964ee5d7f47e9218d6877c3b232c945cddeef70b24e5c6c434fa30fd0a2ad1c348c3658494f7cfdfb6bb56b43f1d9b2d049c1166161c3232ada01f3c789b2d6958cdd9f044a654f8397d64cb928f4d57f0c4e9739afbf3afbf0e9f84d56a1aba6db7538d98404b7cdfa97f8770a6df4a13145c1d0cfb7ec0349b5639d9180eada54b2f8c12472fb379901e6d514fbfd6d41d2dd77eb42608a784fc016ae48fb126776b10be5c03f62ec90987e766d20d821a17c03e0d867f4aa3f4902fb803e8261833aa9397e107e6c100daa3d8b792bf4b5081ef56670762b5ae3f528836029ca332f44fcc5cf3750f39091985032afa8dd2e80b69cbffc29aa13fcdc0ff811a108794b4154ecaf70e58a9f70a573cf9d1040e23f5a04a873a583e4ab0fa5f77d620c60f0a45cdc789b849e9e8746528846bbbf8251a84f2aa97ccc3e49f4c9b6abf0248344e86a71486eba9e62ff5920bb80ceccc5813f068da0d5aa208c440b7889118d2f4e8baf22a84544f232d6a3a1aedf31d5fc22f0ece56ac611b1363ff35e5071342a0257d3f146dc3ea1cc795d2f06afeb1d6995e50eb2d2d21dc6c4377a2626dd9486446517d03a4a03c43ef2e255a92b775c198bfe92c21375599235aac33c69190bbbfaad76860d0c9e70ad53273460c370b06bdf94ee8bfc31c48609ff6de0d39f873ec11e8c2835f17b3f18891c8ae335a7074fb5a5c794007a327fbb2622e71d62e43f50a00cc59b7eeb3f8ceed5d87fa5eb62a7a8c74ec90b1096a0b24606bf14b1f13f78ea4ab522304c7ca1d7b8ae47b5859f6a0d9baf3b6ffd29a4fb6782732febcfa51446aa87691ac81bf891717fbf8e4deaccac63477d3bc7b8ed52e9b6ca3fd39eefee6a337c2ad76df9739e2fbff34bf36027be0cfbebfe5b2fd168d75b2fd64479e2faf85654c013955e04044a9b7bf8b3d42da91962796bfe6eb53fe29e36a7a7512a155c712ae561d885703cb26d72e6f1df3976cc665960f871f3110309ffb6b5a79e54057a7a286c62c11e973ef671e86051686f77992f985d729740f38fecf83e03a1fef542cd6b4cee48546f67873a9c682c4afe4a5beccfc64085c622c5a0b5a1f6355f938d16925cabe63bd1de8f261fb995790afe54448fb296a03322f3427e132e8c0623bd311af8a619c2d91415e851744941700f09a2d8471def9dbc448c6aefb4c664f8902c872cc7de9d26e8b300b55b1d08a80257095efef35d9b497487607a22bc95c68f39aeeae243e76ccd40dd1b7ccad6eb39b35d91d239b2b005c8bb6e50037ffb1253276e20384398a5e97ad705fcffd04c720539ddf80cf4e929e82e3fec3d7542e0b7495733eb5da29f6dff5a34ec88a71881f660a5bc9481e755fd3c5683e95ed97cc91ab0edf49afda477aea42bc436b364747d973d61be806e1e63b6982e42814a13c5adb3bd767ec724d2d654afb106198fba6b4c798f4b82f329c2b8055ac4d247da971e32eb4cb971c9ac99d18c0a216d48dd7dffd372e0cad9ce6f05b06e47842c2f53b7c987139c6ddac3446fdb163342f8ca8f5401db91d324a6b710f28dece5839d37760c2515d6ad815a746cd7ccd3a438a5d3f28ca331f6874dedbab107c64127a7590a2813c1287ca977807827d52df80a9c19bc7ef335791da1be53c89f6de8ee1f02f26069b786f22bfd23cd8366e3ca02c0b296d0966d7f8fdbc0ef06895c547224f1a01c92d5f43f81b35539469d1fd9cd76dbf8cdd21b479a6474578863c9906ce6b12d0dbf5a458dafc042fcabe64aeebeb70c0da9300ed22e5d2851c5e77b20f9da1cd26cd810e0b8f1ba17d7c819e8a8ad86aa5bc4eb64748b75ab4a85f05bb1dc542234ac175eced1fe8f3fbd86f1c7349a360f5af0244818df303dce6842ea7afa722be19cf162d671256e5659c77c5569d827b28dc44b7dbb7d9433bc9eff26edbff36cf796b8afb285393f2dab6bb9a3ed40dd065ba8a8ab62cb575e696b97a2853b1700835ae429b983a5bb88972e367f5996a21e9a3b00e943e15c1163fdee023e1cf6e8dc42655cb175590fb6b8c46148b37957c5026aa94e96cbb71bcf9e7899c489edd9b34ca2d3d0dbd29f135cb158652ded6c959820b26a5fb6e8f3a6cfb80bcfa52c36ae0a3868914bda36b5ac09d2ae6cfccff9859550cfc5c6c3b30cddf6a2130c0c563445ae10634f38c65a47aeb8c72a0f25a6747a6787e703e1723303dd6d5bd4303240cb6d4659ee32d80b92859327e882ec84d9bb2a6976d9c6fa450d5598c6af1c92fc4ed7614e3192a06e62e704278424e2e5d521ec4f2cbd87d9b8a65405e807f6247e3f9228e8a5c44e31c9de9247d1b8248ce71d34663cbfcce728c9f08628629fca3f334566118aeb86470886147d714d2dce240408fac3c971b851dd33cb7997e238a2362195ba4f0e83d5c1c5039328817f258d6645bcbc20512398a7a34e2288585b4dc626c6867f3af5a0f573492cdb04e5613bd95bcfe6a61541c3912b4e841b34db2820ed5aca226dcba496f9586b83ab44ed3b9f34cfd2397f36dc4f9811815b975a208b6cd163031296b289b7d202036bca9c4e862f6b1d6356c3c54d47de63e0d0b38e7b9e41e1b25d94fbd03853f786fcf2325020355469e52dd2cfc879e2758382f609173cb2c01775030d1d48b17d209d6bb04f1ad9bf3e5becfccd7dce72fa8882733d2c32cab1338ce67f301be74b1c51dbacff9bdc22868f3f16531cb86b7597aff03040a821c4f7cae2b5b92db792f327dce81e79ac83d4ca15aa248ddc2fad518ebd360c5ac8ff3636e15e8ff61501b1e5c6338847ff43c0d3ed38c87aa623c318c8facffb72fbad8bf4effdd2013dc60ad91f1f5a791905b572321ce0956ffded80e2152b0672875fe71923de673ce343a665d327560c5267223b6fa636ef188b94d4a42884721b4f2d51f90ff3e5145aab164fb56982648a7215601d23017b749c01b684082e250330d109af89bf5d20ca788fbd95fd8d1c128aad3306c4e1bd1c054def7b7ea1948e3c95826078991d234808f55c2314706c8177d7674b2378792afe66b2d65484b481b0e52d8b60e0980163fcf2fffa2cd81f4dbf57afd76fd4e71ec8a6604a697fcaf57e65bba50489f6f0c5b4c046a14303eac05700550ee10fa29d8f68a9eb02fa504b640865f7e2c21f1451ed7d75c90a4734ba64327bc3597b5aff23d0a8f1229f0539720bece2b980f85e11c5ecbf3a560e5dedc40e1260349ccbc647d4d9763b17a45fe1b63e5d16e1a49d55c0011e3ab898b64a6618682bd7bb7e8ed18dafa1b462f20f6aaf2d7c4777a6fb73aa7a1720d67a644f4f4b0bc3ff965e696fd3513979f2e72289dec447af56b240380cfa2a9ce38a808e961d26b6ee6810c75778e9d23a93b3f79b3b293f138f23ef2596b60ecd4afc2036debb7e14f61774d84c1325ee7b8f95dc80c12b001e32e894516473a82aa2c24b5ff7f8c3374e245f1b3ff2a8cf0cc33ecd4b9b7528c34cf54d77756ed3e1b74a0e66c9c1dd8e53c123872c084f70e8a04efe8a8c3527ba75f4d9ced8469229ad7453a1376cae90b155638696103216a07b02e93e3924c4a98d159ce8633b2c8bda44ef28f37ba5edf1e80184c9ac2c8b0db77096dbf2f866536ac4f5ee9eed4bb8dfe0dad4361e901450ba499c119aa1af2a1a7c527b09562a47d8260bd7647e29ee422432f063a84d195e9c843e6f6fa684dd044bd09b8cb3e7a976df68049f09caba37b69a595cea61667f2631e561be743309568b4c37fdaed8ebc628889bc3bf9c5a63bc74e9358a9c2228f51370eb483ee39e682cd4f56f15a16217904c6189ef50044e04f244da23d1c9f41a5209f4f485df4ad8d1922203d365eb11102d48c93c09b700e177aef00f8bf729c0406b89de32490fca998bd34f80c99be60601d4de10e9a86a5a22652eb9df948daa66529b6445cdde70ad125d06e41a3469216233a8b9eeb928f2d041eded321d518f0435ca377e90ae49e95793aabccf299c1f1a82ddec49b2b8732aecd1610d5f09cc5e509d4065c5cfb4edc55f6a15fbaf4dea24439ea95b63bae312ed90e47787000810f22ab9b6aa0622ab969fa30b724b24d82447d6a357468b2d1ec61a80ae680ff7b8b894158218b0e63f99103879f3c1dae33aedec60a1e755755604e33a6698cd0e378b0a0b04017278411f33eade9c4c0e3b7d0d6e62fdc3ebf5559310e0a2913d5aff1ce1bead51578b3879c0e25d96a7a150ba655c97875d864c3a6d5b595ff9dd9698857b3b0bab2d087bbf7f80f5a7225cdebf794ede16a61ca73201f311f87ef9cececb8fd07b2bf384a22a8ae988a5e91e6355e26ac923e78004968bf7f4ae3b319e61a422a43841831a51e2c41df8a118da5239c87b4b0aceb32854413d53e0228090babc167ed6600041390ce04e96c94c65c51fdc00e617e4ed870fe9ed2bbef84c1e1f3f796b2867b0f383b6e01ba2b82ecfced722ac5a7c092716d18b9b41674c342a1a6a7ef961893d451648cce5d0ccb4c180e0493a53f5453de43a6535c486acbfb9f480f3255f998831b684a468a88840e1e7e8a310ef296ce89bef65b7e54265c88bff204e48963cea9945608260e5de37b949acacc938e8e2de9fff925022c010f94a0cd6c7bf16d4e3132034a8a3301f1c1950b9a31ee8227b17cbf460db666f6207a59783064115eac2d4f29f9483ebcd34e8792809d5c25a380b2137bbcd7cda502f4a41a043f7d626e922adec9b4c6478ac0df9842bd4e8912deb2ad2026461510ca392383ee9a7ad0388ae499951a4283db39ca57ed9bebf43dcaa6caa391169077a189641fda3151d8e3a3a0b525dcafa2d9d7b2a01468e658c10c27a8ba74b487a968b05031a3d53b59139068b28ca87c5bfd9db867c0e9b9abd91142c96dbf8883e1a89db8d96c9f0a8999a4f9d6b07f32d6f8bb2ea6d2eaa8a531edf85f25aef35c84eb4bf3f46ab4213602be20cad885d404ef47fafc7793247247848f1c3a06ea31c23d0cbffa07aa5981714dc85736e95cd4d60ed1f25351b1c723e4f042f55f02d24a089862df124c75cc4f618853914439c1406a393a0f1ec0f2346f4cbd6beb17713149d67b9bf1854c814bd8ba3a199218e6eac655db998c955df382c8dee2b4d30c750a63a08e9a88009840e96a331bde3767bce177fc5c44528cb673e862e24c2dc2399be1435cd20916e9e060f8bef39d4b47f335dde4493e0e44b0f619822a35e69b7c5d93dc69575ff71ced7c858e43dbee46f4e50846288cbc8fecbb9291d455a015fdd6e1412aec0e6104d0377074b8e160ec7d813bbc6d3b8e6b0256bce8d255d7a592b408cdf6e63164c99d94f00a693e06c2ecba9dc6d36c6a35697c1647f942df4c805c18344b8e5ac885689068f864c395e8c970702e40cf6c683d10455c7ad75fc035ae260f359c2d8c91305406c6f56ec535be445601c75ffdde1758904787f29a558d0f3bd04bfa08f1612a7ee8a7acf129ed5eb854bba757d34afa354098ed8b4e3a599db4b7611a665fcbbb182a0774cb026a00714d8b91c7fb8691b629b6a93f92da2f3701348885dcefe5a548c90101e50dbaf3f4907611623f7616bcea943bd3feedecf3b3681b4d04a938ac83d9f18a21991a90dc17005e7c56d2e09a0f4ad9f3c676e7da478e96122046d0a167f7e1a28d97d514aa68d24dac8501a1a35ddb6f3703311b26bfa3319361ff5e4d38cd55a04ef1b4fb417a3b638cde7f8569531a22c0fa12ad3a55dfe3c2642205fe1ba0c82d36f8815ec52f6381fe789fcf89efb305498a9b1f0ffafe01bcc5581f5b5d195bba77797085ab1837fd081cf5f086da2a16b6a7f8ca9efbc4c9cf771961b70626120e3715b16b222932291e4ee2449591b1807d56a53d4d86f25011704e7d5efcb799ab130ec2aacd54afd3c43c8acda1c5874ce23234b090c4eaa8ddaedf979b1218a5b9dfb36b8196ce05924dcdc7f50d96b95d0c288551a0498ff23f56c7ccdfb8966480477849c7471bea99cb0af35dbcaa5e781b5ddecf3cde51d78067aed9ca267550dfae119a3d83710ecb92fe80841837b41a40d262f5fad16c20203d1cc3455ca63ebdf0f5dbb7a498b4629dcb87333f2d58726871e6b5adf60faa0f8c9cb4718005e5e199457330da1a11cd0d7e78f617b6805fff8fa45c2cb56e1e17904773e165d2a39470ce1616418e7e15481c798afed92efad9c2babcc3e3346f8022ce30b3e1db015a2b9f5dbd4560ee9776c77eb9cff5cf2af28ebf1085650e29bd8dac01b814e6c285bf964da2eb1a442aeb671589a02c29d58208829c9501c355644ac28c38835f4025dcdabfd3852b1a16e45e9c032e97f7f2f0f612739c6569f44731692e3f3b97ba5bcd0b7f2dea1ee6303b5f92514c022e54aa4c587eff74a5d509c17785686c613bf6b778e3624ff3653674e6daab3f788ec9cf879f06957a673a20fdccf721ced05a0d23e074de82614f775a84dfcd31c621cf0369e28791ab742b62f271218fa1bc8681e9d41b4a93b05cc693013d54d367b1e6e1a7e74b43b44b920192ed8fbb63b89f393e5ffab584d7c201d1b99b7bc6907033109986a4fe7bb79e803315c4df94ed471cba889e148645fd1748374015ea8c696ff64bf6d23bce7e5efa7c7e6215ceefa938cd88aa0374da4ee1e10cbfa96d5283b4a0867f4d76b8492fc618e2bca34ba9bc2ff3368756080a78a1ece2f0d1d1cc30cb721677de3c4cd6da378697c40419bc1f2184b86b8e40abd627aab9c308d8fd2db8daf8b43225003ea9124c11dfcbd1b6ea959a86623e360b40c381d991892c1fa6c0c81bb4d03d8d3656cedd1e48539192fc8bd1474ce961159816dcdc76e95ed9d9893e91a0ca670cd1152cb014310facf952fa9fd0d30900196b604c10596c1a31c1e70416824c207656426b09ef9b558496ae87fc7449bfdba0d5628e9af6397385ddadc986424fde545c07664fb6ef2756ed9e443e39257eef2179fb9e4a9e84062f9b6048125151e2e7fad2560df277323b5e22ab2731dc802d6f372d2a335b5da7e5a86508329b3dceb56f0d4f9f6f9e48507af3ec99fc172c237e67ece3d51198a033a9c66f3243ef694893af85421c36f93ecb95eacceba5fdc1a76810e999af3e14004223da85d40733b46433328b24ee17b718b135b74dd535202c7966de2de5a26412e600971704bb90007e42d3e6a3acd33e7358da6b32883c9ad30c2abb1cdef7452e211734c6fb6d199a397bea8aa3cf1f014929941c34ba06096e70d852fc420effc7924ec29c03bea29f289c82338f0115e00de549007456d5867253a5b9bb4493bcff815a3100fc45a0de0aad7b0b5c641ed1be3e8f07fb3b1a8a496ecfd3dff5abf0d8f5854621faeb4a9920d8c52b7a0338d49fd21d99c24e1943de3ba2668aea7bc95bcf21e2bf0b2d5f899f33d0cec31b60df4ef5a23e1b173cc89390c8bc3ee96e38de06f6016a2b0eafe86af9dc59bead4f5f948a81b1008a95e3ab39f8009bdb4f268f3002245e73ee2ff50cf1cd37e867cbe44ad370b9336e0dddcffb6dd8f2f79155235300bce6385e544105e6d278d345870216e61100337a871ab51b2cde74fe976e1f8b77a90bb8b51eefe7e4201db41915f482edbe1f8ae268314d5af95ffdeb94aba3f4e316990792d281a123d7febbba7f6abaed7ccfc0c567d4bd1c2d9ca217535167c9a09f1ad0ecaa99cc08338fead5deef7fab77d2082d893b91c27f8ea4e48e052a2a31c8e3f9510c4ce94ef16053bcc25eafa324e5a1d045a3de8f7d731e58ec9130427552323bcfde47f6b55b5634e8cb190fe183af132f12d72ef5e4d98508b57106ccb647ab505369c728958a0789c67ee80acc4bbf41b97fa56d8701c3ec5ead411aed16882dfb026c50c28b5fcc442c432837a82f8bfd47650b83aa71b909be61ea77cc029a0c615f8e390874995d19e224c38349c64bc166f50c54332d1a3eff0071d7a0b11a901c56a847b93ab5bd0bfad8f965cbfb53c2184c588fb7dbc5c693a3ade89b303e801a650b79c1ea957aabed937998b5df77ff29fd43515e8a5ffe441e323fefa45a2775237e1c749897d448f1f3ef60c7755d1a1441b96a136a86d341471d57c68c859813656658266c40b8bb8bafded8ed0d940f8c5954923eb43ad5afb58eb452d6430990bc924afb97191f31cd1a1f58e30b0c243f9636245c459280d16da1df1a30ff63de677554d6b252487455e8aff91370c4a0ba9f341384cf8483d18b9d3f2fc51b07ba8a5fa795d7925189ca344f0fddb8bf55e35013f6fab3806b3c4d17499ec1ae819d4f3aa6b6a570c2ea68558fa33373394584dbf11d41f7059b55f186bd54bdc30dea390872737bf0312f4c68dc963d28d5b218eca6314e23b7381cfbcd01c325d9a3869f1176eb82c183b37d65c8500a48e9bbb1c465e27bfb668a16100e5384d9116aa35f3b00b4ee3bc84700ab17283d4db6b420e6140d14d09b51ad020fc8e505d2c820ac307d45b211213c18487ce12dff233a5caf87cd94a77d0eba69d61452f41c1f82cbe32b567a39a4615a6d2155cc73c3b90dc55daf33c8d9eba3eb0e182c79dede1293dd30840ebf048df8a93e38d0136e856d94ea105cd04323406dc429b5551538625109105d88b1ac480d0fb1e9d1977099707f9f9534b683d855c4d3c30a29c6678a3221e0dea7772f8859f572420708da9a030ddf973cf9f221404117b05efb76bb08ecf34aa9b36b0418c74f90a07e8e5c91e1d7c8a8ea596c0de9b10c222e9588c2bbc77d860b7197b42b42a1ab834ce24fccbbe20f2579ec6dbd4efb9aa1a3d2e062de594d289273e98342440045a0c134e400003b50d4243826b029ecd177cf3d2cf3d164ddc58f88a970a0bbdc7f0d60271cab0df2dde79d1b929cd3028effccbe94c05008f4261297024e4f72604d52db9da7b0e5f2f4f59ebe77b319c54aaab9581a8355b75594eb6dc0fc25e91052c89764256ca464f9f6e45bc34d6e5aa28e1fd93997b58f21feff551aa3ecb5375c19ee4543f7339418c11b9ea18fe2637a9bc9744cc9fcb21a7643eb87683694732154bd1eec746f1c57bac65cf18a83267ea437f7993644c510ac44307703ea28b20e52644dbaabbe9ee1e23a38b29b91cf9077fecdb98ff4e4749c9d6ad2901c5a891c07a8b0c26ad1f8126e6db537df7fff65486afeb85eda80e2a04d09d46720330700267cbcf205b5c00076c01d9db0a64d5426864d14cce1781098afdc28f9f5948ab7791627baf78c3e9df2c0ed9ce50b083bc7a34ee0087f4efde579e2dea313e4e20580c5e63d5ef4509c05a9dc38ced91340bbb9cf948bb03ea5e60c666a1a5c4acd385d0c1a01797b9b3183f4afbc925dd2641d21410b4b1af2f21f8cca330fbc08834e1e8210fdcf332f70f08b48a2655cf017ec8a19640f2f263c54876d6f4ad2193be944667f6498baa32225d2b5b82abd3f2fc64033f1db9adff6b1c788555d5ffa1a35d4a691802447b163ba9a615d6c958036528bbab84230d676145054828d530f0e3af417ad0480eaf2004b9002b644bcd8f0ecf860c31766ace95769ab4fd01f297c595b45e6c7b1c9f662044f43fc82b6244e5d08b1e556599096c034600e20ff000d996b6ba3a6700116127b9468c9567ad920ddcf7ccf9c0a74f49984e24a7aaa2321ee58583c1bdba668cb98c319f682ffc5957015ba1799930d4b676bd3bc76037f6bc2d9ddcb47efebd366a90dc7e67076ebc25e2ef2929a89faee06aa04538a3ae7b196dfecd33725ce9f859c5df4713b220ecd18b1613ba76aebbe8f9f93eeaea9e88e46e7ed24c4efbd86fcd57a4f9fc76152175782871ab211a18ae303be8e9459aab930597d17875c5f5f24d9b16bd8dc4e25f6a7a1de05763da11ee7e26e1e32ee0a5ab2de5d069d03a6ea95a33abc1025d59800fccfff1f0e0f7335e2778b8731cbae94828dbe70507c5369f36d457e98d6042e342cbffde2ee74e05cf0f8aa7185de485e5050294472cd8c7ae03977b62cb287a9d6e4d66650dbc4d89e58ad4f7c24d46573acf85f633d1af73cf655788b431bf22315bdae78d9f6f9cfe32330cbf77bb0195a60244d4bcd0ea35b94bcdf7255ff58f1fb11a09a06747337c95f332a0ade622d49ce0f2943517fb4da8049f3c1b53cb68475c2eb52551d40cbeaf5e79a748c5314bb531b4fc28494b65ee8513427e1fd3cc990fe4ef5ead14b65f1c3e9e0598edf42e2862e2eb180b3e674fc3005859ac56ad17022a8f48b49dcc97e991cfece1d52b7ca82e711944a877567ca0da0663276480d69fa4be56f425bb84dc9177d3e3ed45fb737ce026b8df38336f9efedb89a8650f9fb73918d300c909e9f9189458e1930f09b05433980e79a2eacd0dda32852bdb1a417e4ba62b83d0e17ac8d39834f41c8cd49517013ec658c4e10b38d0788df96764d13ce074271b51041671240549d18540271c8898a5c9e4be4895881235d59666a1f0f3b3cd098786afd6ab4781b73275232b488fb3d9eff77e71f8448a95c653fc80d069c15aa2a80d5799e6c45eb27ea8d6675f28f7aa7cfe3cef877c91ecf3e576e942a20312ffb48a64a91876ec5d1ad2f6a68946e73db4785894736106906731793c3482365d4151051c8d5f16dcb0348628e3aba4087ea8c9ce24bb93190fa12916f529c8eed6dfd3f5bc24d09b1ad377699de3f687b392ec921d81e35dc27bd14be4d004e713c3d07cf600255d45fdfb326b4327c9507c6f69d01236eb9383133dbaa787ba37de14a12e850ec60381a9ffab939ce16cb9b490685343048c0933bc280e809fc8114096ae2d303bbcbbc941b70b5d1d03f59f0b534fa195cbcf34e57d2aaee9c1dcddb5eafd8399fd1d53bfdb48a6f6d3153bb903ce411800f7220bdcfa312ac603672c163a0896b85409859b817cd304e73f278634fab0b1dbe226d7e4f93f220180c3434c7c22ac3143e06702f9a21e66a46d4980bd20d9b0c62846362d0a1151584a28a87902dd0f35187850d501c689", 0x2000, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={0x90, 0x0, 0x8, {0x1, 0x2, 0x16, 0x1, 0xfffffffd, 0x4, {0x5, 0x80, 0x5, 0x0, 0x0, 0x4000000000008, 0x4, 0x800, 0x6, 0x1000, 0x7fffffff, r9, r10, 0x0, 0x6}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
fchownat(r7, &(0x7f00000001c0)='./file0\x00', 0x0, r10, 0x1000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r7}, 0x10)
r11 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000580)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581", @ANYRES16], 0x0)
syz_usb_control_io(r11, 0x0, 0x0)
syz_usb_control_io$hid(r11, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220f0000000bf896e404796592f7920300"], 0x0}, 0x0)
r12 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0)
ioctl$HIDIOCGUSAGE(r12, 0x501c4814, &(0x7f00000000c0)={0x2, 0xffffffff, 0x0, 0x0, 0x4e496f8})

4.838192577s ago: executing program 3 (id=4226):
sched_setscheduler(0x0, 0x2, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x2, 0x9, 0xfd, 0x9, 0x3, 0x0, 0x70bd2d, 0x25dfdbfb, [@sadb_x_sec_ctx={0x1, 0x18, 0x9, 0xc3}]}, 0x18}}, 0x44884)

3.695741699s ago: executing program 6 (id=4232):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)=@newsa={0x150, 0x10, 0x413, 0x70bd29, 0x0, {{@in=@empty, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x4e24, 0x0, 0xa, 0x0, 0x20, 0x21}, {@in=@multicast1, 0x0, 0x32}, @in6=@loopback={0x100000000000000}, {0x0, 0x2, 0x0, 0x0, 0x8, 0x80000, 0x81}, {0x0, 0x5, 0x4, 0x4000006}, {0x0, 0xfffffff9, 0x80000}, 0x0, 0x0, 0x2, 0x4, 0x81, 0x68}, [@algo_aead={0x60, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0xa0, 0x80, "25cac5216d3c8af0aa76902918bf448c5d9f5459"}}]}, 0x150}, 0x1, 0x0, 0x0, 0x612fc0b6c779297b}, 0x0)

3.605719113s ago: executing program 3 (id=4234):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x0)
r4 = openat$cgroup_subtree(r3, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000040)={[{0x2d, 'cpu'}]}, 0x5)
pidfd_getfd(r3, r0, 0x0)

2.699347883s ago: executing program 6 (id=4236):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x104)
ioctl$FIBMAP(r0, 0x1, 0x0)

2.656493786s ago: executing program 0 (id=4237):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sys_enter\x00', r2}, 0x10)
fstatfs(r0, &(0x7f00000002c0)=""/139)

2.623048026s ago: executing program 0 (id=4238):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x181042, 0x0)
pwrite64(r0, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r1, 0x0)
truncate(&(0x7f0000000900)='./file1\x00', 0xbf39)

2.600782348s ago: executing program 6 (id=4239):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@getnexthop={0x20, 0x76, 0x401, 0x0, 0x25dfdbfc, {}, [@NHA_ID={0x8, 0x1, 0x2}]}, 0x20}, 0x1, 0x0, 0x0, 0x24000054}, 0xc0)

2.536864032s ago: executing program 0 (id=4240):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x5, 0x6, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r1}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000240))

2.396519347s ago: executing program 0 (id=4242):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee3, 0x8031, 0xffffffffffffffff, 0x1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000340)=ANY=[], 0x5)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001300)=@newtfilter={0x40, 0x2c, 0xd27, 0x70bd28, 0x4, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {}, {0x7}}, [@filter_kind_options=@f_fw={{0x7}, {0x14, 0x2, [@TCA_FW_MASK={0x8, 0x5, 0x2}, @TCA_FW_CLASSID={0x8, 0x1, {0x10, 0x7}}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x80}, 0x20000800)

2.396069987s ago: executing program 6 (id=4243):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@arm64={0x7, 0xf, 0x9, '\x00', 0x9})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
socket$unix(0x1, 0x2, 0x0)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r6 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000280), 0x4)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed074479000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r7}, 0x18)
clock_settime(0x0, &(0x7f0000003c80)={0x77359400})
r8 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCSSOFTCAR(r8, 0x5453, 0x0)
ioctl$KDGKBSENT(r8, 0x4b48, 0x0)
syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x10)
r9 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
ioctl$BINDER_WRITE_READ(r9, 0xc0306201, &(0x7f00000001c0)={0x8, 0x0, &(0x7f0000000740)=[@acquire={0x40046305, 0x3}], 0x0, 0x0, 0x0})
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)

2.211518858s ago: executing program 5 (id=4244):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000100)=0x7f)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newqdisc={0x48, 0x14, 0xf0b, 0x4, 0x0, {0x2, 0x0, 0x0, 0x0, {0x4}, {0xb, 0x1}}, [@TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x6, 0xc, 0x1c, 0xd, 0x1, 0x8, 0x2}}, {0x4}}]}]}, 0x48}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00'}, 0x10)
r2 = socket(0x10, 0x3, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b0001006272696467650000140002800800040000000000050017"], 0x44}}, 0x0)
creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dd7a)
lsetxattr$system_posix_acl(&(0x7f0000003340)='./file0\x00', &(0x7f0000003380)='system.posix_acl_access\x00', &(0x7f00000021c0)=ANY=[@ANYBLOB="020000000100020000000000040005008cffffff1000010000ff0f002000000000000000"], 0x24, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
lchown(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)

2.180020442s ago: executing program 4 (id=4245):
r0 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000001900)=ANY=[@ANYBLOB="61102800000000006113740000000000bfa00000000000000700000008ffffffd50301001774004095000000000000006916360000000000bf67000000000000350607000fff07201706000020190000160300000ee60060bf050000000000007b650000000000006507f9ff01000000070700004d83dde4c375000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f17540faf80250aa20c669a5e12814cb1cea5d4601d295c45a6a0b9bdb7dd399703cac4f6f3be4b369226066812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000400c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44221b235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20ceddf4d03723f1c932b3a6aa57f1ad2e99e0e67ab93716d20000009f0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10fd7ed6735154beb4000000000000000000000000004000bc00f6746a9709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43ea0ffb567b40407d000000210000000000000000005f37d8703f37ca364a601ae899a56715a0a62a34c1d926a0f6a5480a55c22fe3a5ac00000000000000000000000500002000000000fb79ea00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e14d90deae46e26c596f84eba90000000000000000fffb0000000082fb0d3cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c693962895496d4f6e9cc54db6c7205a6b06ff7f0000000000007f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a1f37302f3b41eae59809fd05d12f6106f117b062df67d3a6473265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089e0b1c23c0f3cdad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a1a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631d22bad050e9856b48ae3a03a497c37758537650fe6db89da3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0af1cb3f1f815f8989d78854ca4d3116dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4c6ea9604faf0453bedf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202eeb81f428a5b3c29984864961a57ff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee15620789c524b3baf49a09d8be0fc5beecf153236c19740be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2b4dc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca87ddd9d064e081383409ed2912c811ae63f03212a5331c2a4ead000000000000000000000000000000000000000000000000001386866b311bd144bc32e059658c9f8342c90c1ade31b78072841b8b5a943d62a44cea6b050c42e3c205fad6a23fb43c93da0f49d911877265e6ee443e37397ecf89021e7f579e8d3a74c12b52938d91e9de07fc8eeeb9505f4a9c26266bf5449484ccc1317c7476"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x80c5}, 0x40008880)

1.63988599s ago: executing program 5 (id=4246):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
writev(r1, &(0x7f0000001340), 0x0)
fdatasync(r1)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xffffffffffffff75)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b708000002001e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000d00)='sched_switch\x00', r6}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$USBDEVFS_SETCONFIGURATION(0xffffffffffffffff, 0x80045505, &(0x7f0000000280)=0x2)
lsetxattr$system_posix_acl(&(0x7f0000000000)='.\x00', 0x0, &(0x7f0000000180)={{}, {}, [], {}, [], {0x8}, {0x10}}, 0x24, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000001100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="380000002000010329bd7000100000000200000403000007020000001400110069616376746170300000000000000000080006002503"], 0x38}, 0x1, 0x0, 0x0, 0x240480c4}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000004c0)='rxrpc_rx_packet\x00', 0xffffffffffffffff, 0x0, 0x9}, 0x18)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600600, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil)

1.610560989s ago: executing program 3 (id=4247):
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0b00000007000000d7c900003d00000001"], 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000880)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r0, &(0x7f0000000000), &(0x7f00000000c0)=""/109}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r2}, 0x10)
alarm(0x1000)

1.561802543s ago: executing program 3 (id=4248):
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
write$binfmt_elf32(r6, 0x0, 0x69)
close(r6)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, 0x0, &(0x7f0000000480)=""/74})
r7 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{}, &(0x7f0000000800), &(0x7f0000000840)=r7}, 0x20)

1.396623562s ago: executing program 0 (id=4249):
timer_create(0x0, 0x0, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000d00000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000d0"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffefb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000500)='hrtimer_start\x00', r1}, 0x10)
timer_settime(0x0, 0x0, &(0x7f0000000200)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)

1.025008864s ago: executing program 5 (id=4250):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r4, @ANYBLOB], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='net/packet\x00')
readv(r7, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r6}, 0x10)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x40400, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

1.007890036s ago: executing program 0 (id=4251):
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000002c0)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='sched_switch\x00', r3}, 0x18)
request_key(&(0x7f0000000080)='asymmetric\x00', 0x0, 0x0, 0xfffffffffffffffe)
r4 = socket$inet6(0x10, 0x80002, 0x6)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x16, 0x0, 0x2}]}, 0x10)

469.570721ms ago: executing program 4 (id=4252):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
writev(r0, &(0x7f0000000300)=[{&(0x7f0000000140)='4', 0x1}], 0x1)

147.249432ms ago: executing program 3 (id=4253):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}}]}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f0000005680)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}}, {{0x0, 0x0, &(0x7f0000004340), 0x0, 0x0, 0x0, 0x40000}}, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x24000040}}], 0x3, 0x4000000)
r5 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r5, 0x0, 0x0)
fchdir(r6)
timer_create(0x0, 0x0, &(0x7f0000000000))
r7 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents64(r7, &(0x7f0000001a80)=""/4096, 0x1000)
bpf$MAP_CREATE(0x0, 0x0, 0x48)

146.690682ms ago: executing program 5 (id=4254):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="2c00000020000100000000000000040002000000000000020000000008000400"], 0x2c}}, 0x4000800)

87.327491ms ago: executing program 5 (id=4255):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000c5000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000140000fbb703000000e31f008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x18)
sigaltstack(0x0, 0x0)

0s ago: executing program 5 (id=4256):
r0 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff}, 0x0)
r3 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x88, &(0x7f0000000300)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])

kernel console output (not intermixed with test programs):

ibute type 6 has an invalid length.
[ 1199.276666][T19413] ttyS ttyS3: ldisc open failed (-12), clearing slot 3
[ 1200.199328][   T43] usb 4-1: USB disconnect, device number 80
[ 1200.383948][   T43] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[ 1200.396049][T19456] netlink: 'syz.3.3427': attribute type 39 has an invalid length.
[ 1201.763804][T19474] Bluetooth: hci0: Opcode 0x0c20 failed: -22
[ 1201.782149][T19474] netlink: 20 bytes leftover after parsing attributes in process `syz.6.3432'.
[ 1201.991211][ T5822] usb 4-1: new high-speed USB device number 81 using dummy_hcd
[ 1202.331097][ T5822] usb 4-1: Using ep0 maxpacket: 16
[ 1202.342348][ T5822] usb 4-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[ 1202.359594][ T5822] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1202.388902][ T5822] usb 4-1: config 0 descriptor??
[ 1202.410574][ T5822] gspca_main: sonixj-2.14.0 probing 0471:0327
[ 1202.431153][    T9] usb 7-1: new high-speed USB device number 60 using dummy_hcd
[ 1202.581111][    T9] usb 7-1: device descriptor read/64, error -71
[ 1202.881345][    T9] usb 7-1: new high-speed USB device number 61 using dummy_hcd
[ 1203.376933][T19497] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=4624 sclass=netlink_route_socket pid=19497 comm=syz.4.3436
[ 1203.391047][    T9] usb 7-1: device descriptor read/64, error -71
[ 1203.511468][    T9] usb usb7-port1: attempt power cycle
[ 1203.841239][ T5820] Bluetooth: hci0: command tx timeout
[ 1203.861138][    T9] usb 7-1: new high-speed USB device number 62 using dummy_hcd
[ 1203.881623][    T9] usb 7-1: device descriptor read/8, error -71
[ 1203.911100][ T5928] usb 6-1: new high-speed USB device number 77 using dummy_hcd
[ 1204.060899][ T5928] usb 6-1: Using ep0 maxpacket: 8
[ 1204.067377][ T5928] usb 6-1: config 7 has an invalid interface number: 87 but max is 0
[ 1204.091079][ T5928] usb 6-1: config 7 contains an unexpected descriptor of type 0x2, skipping
[ 1204.099771][ T5928] usb 6-1: config 7 has no interface number 0
[ 1204.120935][    T9] usb 7-1: new high-speed USB device number 63 using dummy_hcd
[ 1204.121114][ T5928] usb 6-1: config 7 interface 87 altsetting 0 endpoint 0x7 has an invalid bInterval 128, changing to 11
[ 1204.150679][ T5928] usb 6-1: config 7 interface 87 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 16
[ 1204.150924][    T9] usb 7-1: device descriptor read/8, error -71
[ 1204.170904][ T5928] usb 6-1: config 7 interface 87 altsetting 0 has an endpoint descriptor with address 0x43, changing to 0x3
[ 1204.201197][ T5928] usb 6-1: config 7 interface 87 altsetting 0 endpoint 0x3 has invalid maxpacket 512, setting to 64
[ 1204.212053][ T5928] usb 6-1: config 7 interface 87 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1204.231190][ T5928] usb 6-1: config 7 interface 87 altsetting 0 endpoint 0xB has invalid maxpacket 1023, setting to 64
[ 1204.251103][ T5928] usb 6-1: config 7 interface 87 altsetting 0 endpoint 0x6 has invalid maxpacket 979, setting to 64
[ 1204.271347][ T5928] usb 6-1: config 7 interface 87 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1204.281258][    T9] usb usb7-port1: unable to enumerate USB device
[ 1204.301055][ T5928] usb 6-1: config 7 interface 87 altsetting 0 has a duplicate endpoint with address 0xB, skipping
[ 1204.321562][ T5928] usb 6-1: config 7 interface 87 altsetting 0 has a duplicate endpoint with address 0xB, skipping
[ 1204.340895][ T5928] usb 6-1: config 7 interface 87 altsetting 0 endpoint 0xE has invalid maxpacket 1024, setting to 64
[ 1204.364360][ T5928] usb 6-1: config 7 interface 87 altsetting 0 has a duplicate endpoint with address 0x8, skipping
[ 1204.380175][ T5928] usb 6-1: config 7 interface 87 altsetting 0 has a duplicate endpoint with address 0xB, skipping
[ 1204.397438][ T5928] usb 6-1: config 7 interface 87 altsetting 0 has an endpoint descriptor with address 0xC9, changing to 0x89
[ 1204.409912][ T5928] usb 6-1: config 7 interface 87 altsetting 0 endpoint 0x89 has invalid maxpacket 21666, setting to 1024
[ 1204.431064][ T5928] usb 6-1: config 7 interface 87 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 1024
[ 1204.446402][ T5928] usb 6-1: config 7 interface 87 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1204.457962][ T5928] usb 6-1: config 7 interface 87 altsetting 0 has a duplicate endpoint with address 0xB, skipping
[ 1204.469390][ T5928] usb 6-1: config 7 interface 87 altsetting 0 has 15 endpoint descriptors, different from the interface descriptor's value: 14
[ 1204.612022][ T5928] usb 6-1: New USB device found, idVendor=0930, idProduct=0d45, bcdDevice=38.00
[ 1204.621308][ T5928] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1204.629307][ T5928] usb 6-1: Product: syz
[ 1204.653614][ T5928] usb 6-1: Manufacturer: syz
[ 1204.661011][ T5928] usb 6-1: SerialNumber: syz
[ 1204.672553][T19503] raw-gadget.3 gadget.5: fail, usb_ep_enable returned -22
[ 1204.680793][T19503] raw-gadget.3 gadget.5: fail, usb_ep_enable returned -22
[ 1204.931226][ T5822] gspca_sonixj: i2c_w8 err -71
[ 1204.960757][ T5822] sonixj 4-1:0.0: probe with driver sonixj failed with error -71
[ 1205.188965][ T5928] option 6-1:7.87: GSM modem (1-port) converter detected
[ 1205.209014][ T5822] usb 4-1: USB disconnect, device number 81
[ 1205.224706][ T5928] usb 6-1: GSM modem (1-port) converter now attached to ttyUSB0
[ 1205.255177][ T5928] usb 6-1: USB disconnect, device number 77
[ 1205.272656][ T5928] option1 ttyUSB0: GSM modem (1-port) converter now disconnected from ttyUSB0
[ 1205.283134][ T5928] option 6-1:7.87: device disconnected
[ 1205.565488][T19523] Bluetooth: MGMT ver 1.23
[ 1205.639144][T19525] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3448'.
[ 1206.299367][T19530] netlink: 'syz.3.3449': attribute type 1 has an invalid length.
[ 1206.307450][T19530] netlink: 224 bytes leftover after parsing attributes in process `syz.3.3449'.
[ 1206.388092][T19532] FAULT_INJECTION: forcing a failure.
[ 1206.388092][T19532] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1206.437078][ T5928] usb 7-1: new high-speed USB device number 64 using dummy_hcd
[ 1206.557402][T19532] CPU: 0 UID: 0 PID: 19532 Comm: syz.5.3450 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[ 1206.557429][T19532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1206.557439][T19532] Call Trace:
[ 1206.557445][T19532]  <TASK>
[ 1206.557451][T19532]  dump_stack_lvl+0x16c/0x1f0
[ 1206.557473][T19532]  should_fail_ex+0x512/0x640
[ 1206.557492][T19532]  _copy_from_iter+0x29f/0x16f0
[ 1206.557510][T19532]  ? __alloc_skb+0x200/0x380
[ 1206.557527][T19532]  ? __pfx__copy_from_iter+0x10/0x10
[ 1206.557545][T19532]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[ 1206.557562][T19532]  netlink_sendmsg+0x829/0xdd0
[ 1206.557582][T19532]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1206.557600][T19532]  ____sys_sendmsg+0xa98/0xc70
[ 1206.557612][T19532]  ? copy_msghdr_from_user+0x10a/0x160
[ 1206.557629][T19532]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1206.557648][T19532]  ___sys_sendmsg+0x134/0x1d0
[ 1206.557666][T19532]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1206.557681][T19532]  ? __lock_acquire+0x622/0x1c90
[ 1206.557717][T19532]  __sys_sendmsg+0x16d/0x220
[ 1206.557734][T19532]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1206.557760][T19532]  do_syscall_64+0xcd/0x4c0
[ 1206.557782][T19532]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1206.557794][T19532] RIP: 0033:0x7fbbb738e929
[ 1206.557803][T19532] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1206.557814][T19532] RSP: 002b:00007fbbb827e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1206.557830][T19532] RAX: ffffffffffffffda RBX: 00007fbbb75b5fa0 RCX: 00007fbbb738e929
[ 1206.557842][T19532] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000003
[ 1206.557852][T19532] RBP: 00007fbbb827e090 R08: 0000000000000000 R09: 0000000000000000
[ 1206.557863][T19532] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1206.557873][T19532] R13: 0000000000000000 R14: 00007fbbb75b5fa0 R15: 00007ffee7d25d38
[ 1206.557897][T19532]  </TASK>
[ 1206.752916][ T5928] usb 7-1: Using ep0 maxpacket: 16
[ 1206.863222][ T5928] usb 7-1: config 0 has an invalid interface number: 198 but max is 0
[ 1206.884987][ T5928] usb 7-1: config 0 has no interface number 0
[ 1206.906043][ T5928] usb 7-1: New USB device found, idVendor=1a0a, idProduct=0101, bcdDevice=30.1d
[ 1206.919411][ T5928] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1206.928393][ T5928] usb 7-1: Product: syz
[ 1206.932685][ T5928] usb 7-1: Manufacturer: syz
[ 1206.937282][ T5928] usb 7-1: SerialNumber: syz
[ 1206.951363][ T5928] usb 7-1: config 0 descriptor??
[ 1206.967682][ T5928] usb_ehset_test 7-1:0.198: probe with driver usb_ehset_test failed with error -32
[ 1207.680927][ T5822] usb 7-1: USB disconnect, device number 64
[ 1208.179379][T19547] netlink: 'syz.5.3455': attribute type 10 has an invalid length.
[ 1208.216459][T19547] bond0: (slave wlan1): Enslaving as an active interface with an up link
[ 1208.324048][T19553] FAULT_INJECTION: forcing a failure.
[ 1208.324048][T19553] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1208.339281][T19553] CPU: 1 UID: 0 PID: 19553 Comm: syz.3.3458 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[ 1208.339305][T19553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1208.339316][T19553] Call Trace:
[ 1208.339322][T19553]  <TASK>
[ 1208.339330][T19553]  dump_stack_lvl+0x16c/0x1f0
[ 1208.339362][T19553]  should_fail_ex+0x512/0x640
[ 1208.339391][T19553]  _copy_to_user+0x32/0xd0
[ 1208.339420][T19553]  simple_read_from_buffer+0xcb/0x170
[ 1208.339445][T19553]  proc_fail_nth_read+0x197/0x270
[ 1208.339469][T19553]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1208.339493][T19553]  ? rw_verify_area+0xcf/0x680
[ 1208.339512][T19553]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1208.339534][T19553]  vfs_read+0x1e1/0xc60
[ 1208.339558][T19553]  ? __pfx___mutex_lock+0x10/0x10
[ 1208.339582][T19553]  ? __pfx_vfs_read+0x10/0x10
[ 1208.339610][T19553]  ? __fget_files+0x20e/0x3c0
[ 1208.339642][T19553]  ksys_read+0x12a/0x250
[ 1208.339662][T19553]  ? __pfx_ksys_read+0x10/0x10
[ 1208.339692][T19553]  do_syscall_64+0xcd/0x4c0
[ 1208.339720][T19553]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1208.339739][T19553] RIP: 0033:0x7fef5d18d33c
[ 1208.339753][T19553] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1208.339770][T19553] RSP: 002b:00007fef5e0d2030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1208.339787][T19553] RAX: ffffffffffffffda RBX: 00007fef5d3b5fa0 RCX: 00007fef5d18d33c
[ 1208.339800][T19553] RDX: 000000000000000f RSI: 00007fef5e0d20a0 RDI: 0000000000000004
[ 1208.339821][T19553] RBP: 00007fef5e0d2090 R08: 0000000000000000 R09: 0000000000000000
[ 1208.339832][T19553] R10: 000000000000004a R11: 0000000000000246 R12: 0000000000000001
[ 1208.339843][T19553] R13: 0000000000000000 R14: 00007fef5d3b5fa0 R15: 00007ffc36c961e8
[ 1208.339871][T19553]  </TASK>
[ 1208.884164][T19556] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 1209.150199][T19559] netlink: 'syz.4.3462': attribute type 4 has an invalid length.
[ 1209.773334][T19573] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1209.787124][T19573] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1211.181958][T19586] netlink: 'syz.4.3467': attribute type 1 has an invalid length.
[ 1211.780308][   T30] audit: type=1400 audit(1749494734.430:2724): avc:  denied  { map } for  pid=19599 comm="syz.3.3471" path="/dev/nbd3" dev="devtmpfs" ino=682 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1213.811881][ T3519] Bluetooth: Error in BCSP hdr checksum
[ 1214.720953][   T10] usb 5-1: new high-speed USB device number 63 using dummy_hcd
[ 1215.241243][   T10] usb 5-1: device descriptor read/64, error -71
[ 1215.565979][T19634] vivid-000: disconnect
[ 1215.582384][T19634] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3480'.
[ 1215.592367][T19634] vcan0: entered promiscuous mode
[ 1215.597429][T19634] vcan0: entered allmulticast mode
[ 1215.681018][ T5820] Bluetooth: hci1: Opcode 0x1003 failed: -110
[ 1215.803711][   T10] usb 5-1: new high-speed USB device number 64 using dummy_hcd
[ 1215.865104][T19636] fuse: Bad value for 'fd'
[ 1215.941282][   T10] usb 5-1: device descriptor read/64, error -71
[ 1216.052465][   T10] usb usb5-port1: attempt power cycle
[ 1216.151039][    T9] usb 7-1: new full-speed USB device number 65 using dummy_hcd
[ 1216.314195][    T9] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1216.340045][    T9] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[ 1216.364970][    T9] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1216.378589][    T9] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[ 1216.391780][   T10] usb 5-1: new high-speed USB device number 65 using dummy_hcd
[ 1216.408357][    T9] usb 7-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1216.418131][    T9] usb 7-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1216.428229][   T10] usb 5-1: device descriptor read/8, error -71
[ 1216.434667][    T9] usb 7-1: Manufacturer: syz
[ 1216.448006][    T9] usb 7-1: config 0 descriptor??
[ 1216.482544][ T6204] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1216.670933][   T10] usb 5-1: new high-speed USB device number 66 using dummy_hcd
[ 1216.691779][   T10] usb 5-1: device descriptor read/8, error -71
[ 1216.712076][    T9] rc_core: IR keymap rc-hauppauge not found
[ 1216.717989][    T9] Registered IR keymap rc-empty
[ 1216.724288][    T9] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[ 1216.750983][    T9] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[ 1216.772320][    T9] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/rc/rc0
[ 1216.786849][    T9] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/rc/rc0/input40
[ 1216.801940][    T9] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[ 1216.811192][   T10] usb usb5-port1: unable to enumerate USB device
[ 1216.831614][   T43] usb 6-1: new high-speed USB device number 78 using dummy_hcd
[ 1216.841780][    T9] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[ 1216.854334][T19650] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1216.869824][    T9] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[ 1216.878385][T19650] usb usb8: usbfs: process 19650 (syz.3.3487) did not claim interface 0 before use
[ 1216.892378][    T9] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[ 1216.900148][   T30] audit: type=1400 audit(1749494739.560:2725): avc:  denied  { setopt } for  pid=19649 comm="syz.3.3487" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[ 1216.923415][    T9] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[ 1216.956134][    T9] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[ 1216.966114][   T30] audit: type=1400 audit(1749494739.630:2726): avc:  denied  { read } for  pid=19649 comm="syz.3.3487" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[ 1216.988018][    T9] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[ 1217.001137][   T43] usb 6-1: Using ep0 maxpacket: 32
[ 1217.013157][    T9] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[ 1217.013345][   T43] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1217.032081][   T43] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1217.044512][   T43] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[ 1217.058541][   T43] usb 6-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[ 1217.058744][    T9] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[ 1217.067982][   T43] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1217.339892][   T43] usb 6-1: config 0 descriptor??
[ 1217.362278][    T9] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[ 1217.396375][    T9] mceusb 7-1:0.0: Registered 424242424242 with mce emulator interface version 1
[ 1217.413016][    T9] mceusb 7-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[ 1217.445504][    T9] usb 7-1: USB disconnect, device number 65
[ 1217.616113][T19646] netlink: 'syz.5.3486': attribute type 21 has an invalid length.
[ 1217.640568][T19646] netlink: 132 bytes leftover after parsing attributes in process `syz.5.3486'.
[ 1217.857098][T19659] Cannot find del_set index 0 as target
[ 1218.038340][   T43] input: HID 0458:5011 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:0458:5011.0016/input/input41
[ 1218.968466][   T43] input: HID 0458:5011 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:0458:5011.0016/input/input42
[ 1219.718358][   T43] kye 0003:0458:5011.0016: input,hiddev0,hidraw0: USB HID v0.00 Mouse [HID 0458:5011] on usb-dummy_hcd.5-1/input0
[ 1219.734649][   T43] usb 6-1: USB disconnect, device number 78
[ 1219.749511][T16011] udevd[16011]: setting mode of /dev/input/mouse1 to 020660 failed: No such file or directory
[ 1219.834778][T16011] udevd[16011]: setting owner of /dev/input/mouse1 to uid=0, gid=104 failed: No such file or directory
[ 1219.860393][T19670] fido_id[19670]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/6-1/report_descriptor': No such file or directory
[ 1220.064504][T19675] netlink: 596 bytes leftover after parsing attributes in process `syz.4.3493'.
[ 1220.849345][T19688] Bluetooth: hci0: Opcode 0x0c20 failed: -22
[ 1220.861065][   T10] usb 4-1: new high-speed USB device number 82 using dummy_hcd
[ 1220.957787][T19688] netlink: 20 bytes leftover after parsing attributes in process `syz.6.3499'.
[ 1221.021034][   T10] usb 4-1: device descriptor read/64, error -71
[ 1221.030192][T19691] usb usb8: usbfs: process 19691 (syz.4.3500) did not claim interface 0 before use
[ 1221.260986][   T10] usb 4-1: new high-speed USB device number 83 using dummy_hcd
[ 1221.281286][ T5822] usb 5-1: new full-speed USB device number 67 using dummy_hcd
[ 1221.401105][   T10] usb 4-1: device descriptor read/64, error -71
[ 1221.548739][   T10] usb usb4-port1: attempt power cycle
[ 1222.101832][   T10] usb 4-1: new high-speed USB device number 84 using dummy_hcd
[ 1222.257538][   T10] usb 4-1: device descriptor read/8, error -71
[ 1223.239057][T17863] Bluetooth: hci0: command tx timeout
[ 1223.441591][   T10] usb 4-1: new high-speed USB device number 85 using dummy_hcd
[ 1223.715878][   T10] usb 4-1: device descriptor read/8, error -71
[ 1223.941581][   T10] usb usb4-port1: unable to enumerate USB device
[ 1224.054100][ T5822] usb 5-1: unable to get BOS descriptor or descriptor too short
[ 1224.094449][ T5822] usb 5-1: unable to read config index 0 descriptor/start: -71
[ 1224.141346][ T5822] usb 5-1: can't read configurations, error -71
[ 1224.552043][T19725] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3508'.
[ 1224.866265][T19727] Bluetooth: hci0: Opcode 0x0c20 failed: -22
[ 1224.971576][T19727] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3512'.
[ 1226.093007][ T5822] usb 5-1: new full-speed USB device number 69 using dummy_hcd
[ 1226.482479][ T5822] usb 5-1: config 5 has an invalid interface number: 73 but max is 0
[ 1226.517784][ T5822] usb 5-1: config 5 has no interface number 0
[ 1226.540055][ T5822] usb 5-1: config 5 interface 73 altsetting 0 endpoint 0x8 has invalid maxpacket 1023, setting to 64
[ 1226.578556][ T5822] usb 5-1: New USB device found, idVendor=1b3d, idProduct=01eb, bcdDevice=59.01
[ 1226.603275][ T5822] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1226.626040][T19745] netlink: 'syz.5.3517': attribute type 39 has an invalid length.
[ 1226.628296][ T5822] usb 5-1: Product: syz
[ 1226.639669][T19744] tmpfs: Bad value for 'mpol'
[ 1226.641171][ T5822] usb 5-1: Manufacturer: syz
[ 1226.648957][ T5822] usb 5-1: SerialNumber: syz
[ 1226.688498][T19735] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1226.696256][   T30] audit: type=1400 audit(1749494749.360:2727): avc:  denied  { write } for  pid=19742 comm="syz.5.3517" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[ 1226.707944][ T5822] ftdi_sio 5-1:5.73: FTDI USB Serial Device converter detected
[ 1226.787631][ T5822] ftdi_sio ttyUSB0: unknown device type: 0x5901
[ 1226.880969][T17863] Bluetooth: hci0: command tx timeout
[ 1227.028035][T19752] bridge0: port 1(netdevsim2) entered blocking state
[ 1227.035654][T19752] bridge0: port 1(netdevsim2) entered disabled state
[ 1227.043827][T19752] netdevsim netdevsim5 netdevsim2: entered allmulticast mode
[ 1227.074164][T19752] netdevsim netdevsim5 netdevsim2: entered promiscuous mode
[ 1227.088506][T19752] bridge0: port 1(netdevsim2) entered blocking state
[ 1227.095502][T19752] bridge0: port 1(netdevsim2) entered forwarding state
[ 1227.117491][ T5928] usb 4-1: new high-speed USB device number 86 using dummy_hcd
[ 1227.171306][T19752] fuse: Bad value for 'fd'
[ 1227.300863][   T43] usb 5-1: USB disconnect, device number 69
[ 1227.328001][   T43] ftdi_sio 5-1:5.73: device disconnected
[ 1227.472552][ T5928] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1227.484776][ T5928] usb 4-1: New USB device found, idVendor=17ef, idProduct=60a3, bcdDevice= 0.00
[ 1227.493676][T19724] [U] �
[ 1227.494129][ T5928] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1227.525973][ T5928] usb 4-1: config 0 descriptor??
[ 1228.006152][ T5928] usbhid 4-1:0.0: can't add hid device: -71
[ 1228.012457][ T5928] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 1228.185010][ T5928] usb 4-1: USB disconnect, device number 86
[ 1228.236670][T19766] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1228.656783][T19772] FAULT_INJECTION: forcing a failure.
[ 1228.656783][T19772] name failslab, interval 1, probability 0, space 0, times 0
[ 1228.670101][T19772] CPU: 1 UID: 0 PID: 19772 Comm: syz.5.3526 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[ 1228.670125][T19772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1228.670136][T19772] Call Trace:
[ 1228.670143][T19772]  <TASK>
[ 1228.670150][T19772]  dump_stack_lvl+0x16c/0x1f0
[ 1228.670182][T19772]  should_fail_ex+0x512/0x640
[ 1228.670206][T19772]  ? __kmalloc_noprof+0xbf/0x510
[ 1228.670231][T19772]  ? fl_create+0x179/0xc40
[ 1228.670254][T19772]  should_failslab+0xc2/0x120
[ 1228.670279][T19772]  __kmalloc_noprof+0xd2/0x510
[ 1228.670304][T19772]  ? kasan_save_track+0x14/0x30
[ 1228.670329][T19772]  fl_create+0x179/0xc40
[ 1228.670359][T19772]  ? __pfx_fl_create+0x10/0x10
[ 1228.670399][T19772]  ? irqentry_exit+0x3b/0x90
[ 1228.670435][T19772]  ? ipv6_flowlabel_opt+0x29c/0x2f90
[ 1228.670459][T19772]  ? ipv6_flowlabel_opt+0x2e6/0x2f90
[ 1228.670488][T19772]  ipv6_flowlabel_opt+0x424/0x2f90
[ 1228.670521][T19772]  ? __pfx_ipv6_flowlabel_opt+0x10/0x10
[ 1228.670551][T19772]  ? sockopt_lock_sock+0x54/0x70
[ 1228.670588][T19772]  ? do_ipv6_setsockopt+0xff4/0x4400
[ 1228.670609][T19772]  do_ipv6_setsockopt+0xff4/0x4400
[ 1228.670636][T19772]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[ 1228.670657][T19772]  ? rcu_is_watching+0x12/0xc0
[ 1228.670682][T19772]  ? __schedule+0x1181/0x5de0
[ 1228.670705][T19772]  ? avc_has_perm_noaudit+0x149/0x3b0
[ 1228.670731][T19772]  ? __pfx_avc_has_perm+0x10/0x10
[ 1228.670753][T19772]  ? __pfx___schedule+0x10/0x10
[ 1228.670788][T19772]  ? sock_has_perm+0x259/0x2f0
[ 1228.670810][T19772]  ? __pfx_sock_has_perm+0x10/0x10
[ 1228.670834][T19772]  ? selinux_netlbl_socket_setsockopt+0x183/0x470
[ 1228.670861][T19772]  ? rcu_is_watching+0x12/0xc0
[ 1228.670879][T19772]  ? irqentry_exit+0x3b/0x90
[ 1228.670907][T19772]  ? ipv6_setsockopt+0xcb/0x170
[ 1228.670926][T19772]  ipv6_setsockopt+0xcb/0x170
[ 1228.670949][T19772]  udpv6_setsockopt+0x7d/0xd0
[ 1228.670975][T19772]  ? __pfx_sock_common_setsockopt+0x10/0x10
[ 1228.670995][T19772]  do_sock_setsockopt+0x224/0x470
[ 1228.671014][T19772]  ? __pfx_do_sock_setsockopt+0x10/0x10
[ 1228.671048][T19772]  __sys_setsockopt+0x1a0/0x230
[ 1228.671078][T19772]  __x64_sys_setsockopt+0xbd/0x160
[ 1228.671102][T19772]  ? x64_sys_call+0x4/0x1730
[ 1228.671122][T19772]  do_syscall_64+0xcd/0x4c0
[ 1228.671151][T19772]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1228.671170][T19772] RIP: 0033:0x7fbbb738e929
[ 1228.671185][T19772] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1228.671202][T19772] RSP: 002b:00007fbbb825d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1228.671219][T19772] RAX: ffffffffffffffda RBX: 00007fbbb75b6080 RCX: 00007fbbb738e929
[ 1228.671231][T19772] RDX: 0000000000000020 RSI: 0000000000000029 RDI: 0000000000000009
[ 1228.671242][T19772] RBP: 00007fbbb825d090 R08: 0000000000000021 R09: 0000000000000000
[ 1228.671252][T19772] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001
[ 1228.671263][T19772] R13: 0000000000000000 R14: 00007fbbb75b6080 R15: 00007ffee7d25d38
[ 1228.671289][T19772]  </TASK>
[ 1230.305599][T19785] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3531'.
[ 1230.315072][T19785] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3531'.
[ 1231.513616][T19796] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3533'.
[ 1234.120907][   T24] usb 5-1: new high-speed USB device number 70 using dummy_hcd
[ 1234.292794][   T24] usb 5-1: config 17 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1234.365441][   T24] usb 5-1: config 17 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1234.479626][   T24] usb 5-1: config 17 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1235.141707][   T24] usb 5-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[ 1235.196333][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1235.338343][T19811] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1235.450909][ T5822] usb 7-1: new high-speed USB device number 66 using dummy_hcd
[ 1235.498008][   T24] aiptek 5-1:17.0: Aiptek using 400 ms programming speed
[ 1236.056784][   T24] input: Aiptek as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:17.0/input/input43
[ 1236.096905][   T24] usb 5-1: USB disconnect, device number 70
[ 1236.102875][    C1] aiptek 5-1:17.0: aiptek_irq - usb_submit_urb failed with result -19
[ 1236.123836][ T5822] usb 7-1: device descriptor read/64, error -71
[ 1236.162504][T19840] i2c i2c-0: Invalid block write size 33
[ 1236.916515][T19847] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 1236.952568][ T5822] usb 7-1: new high-speed USB device number 67 using dummy_hcd
[ 1237.104177][ T5822] usb 7-1: device descriptor read/64, error -71
[ 1237.211667][ T5822] usb usb7-port1: attempt power cycle
[ 1238.248316][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1239.808787][T19887] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1242.511224][ T5822] usb 7-1: new high-speed USB device number 69 using dummy_hcd
[ 1242.689573][ T5822] usb 7-1: device descriptor read/64, error -71
[ 1243.331247][ T5822] usb 7-1: new high-speed USB device number 70 using dummy_hcd
[ 1243.513559][ T5822] usb 7-1: device descriptor read/64, error -71
[ 1243.521088][T19926] netlink: 'syz.5.3572': attribute type 10 has an invalid length.
[ 1243.621748][ T5822] usb usb7-port1: attempt power cycle
[ 1244.001416][   T43] usb 6-1: new high-speed USB device number 79 using dummy_hcd
[ 1244.242145][   T43] usb 6-1: Using ep0 maxpacket: 8
[ 1244.249118][   T43] usb 6-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 1244.259880][   T43] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1244.273712][   T43] usb 6-1: config 0 descriptor??
[ 1244.899303][   T43] asix 6-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[ 1244.918579][   T43] asix 6-1:0.0: probe with driver asix failed with error -71
[ 1245.249528][   T43] usb 6-1: USB disconnect, device number 79
[ 1246.267047][T19960] bond2: entered promiscuous mode
[ 1246.284120][T19960] bond2: entered allmulticast mode
[ 1246.289829][T19960] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1246.301283][T19974] netlink: 'syz.6.3585': attribute type 1 has an invalid length.
[ 1246.303723][T19975] Bluetooth: hci0: Opcode 0x0c20 failed: -22
[ 1246.321356][T19975] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3587'.
[ 1246.997844][T19983] can0: slcan on pts0.
[ 1247.551273][T19968] can0 (unregistered): slcan off pts0.
[ 1247.730016][T20000] Cannot find add_set index 0 as target
[ 1247.912670][T20004] fuse: Bad value for 'rootmode'
[ 1248.332998][T17863] Bluetooth: hci0: command tx timeout
[ 1249.578324][T16488] wlan0: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1249.626721][   T30] audit: type=1800 audit(1749494771.560:2728): pid=20012 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.3.3595" name="bus" dev="overlay" ino=775 res=0 errno=0
[ 1250.962661][T17863] Bluetooth: hci2: unexpected event for opcode 0x2012
[ 1250.982439][T18908] usb 4-1: new high-speed USB device number 87 using dummy_hcd
[ 1251.086331][T20044] netlink: 'syz.5.3607': attribute type 39 has an invalid length.
[ 1252.285108][T18908] usb 4-1: Using ep0 maxpacket: 32
[ 1252.532232][T18908] usb 4-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[ 1252.561158][T18908] usb 4-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[ 1252.571593][T18908] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1252.600979][T18908] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1253.042772][T18908] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1253.062381][T18908] usb 4-1: Product: syz
[ 1253.326306][T18908] usb 4-1: Manufacturer: syz
[ 1253.365447][T18908] usb 4-1: SerialNumber: syz
[ 1253.671622][ T5822] usb 6-1: new high-speed USB device number 80 using dummy_hcd
[ 1253.777846][T20039] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1253.947302][T20039] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1254.038191][T18908] usb 4-1: 0:2 : does not exist
[ 1254.062768][T18908] usb 4-1: USB disconnect, device number 87
[ 1254.072944][T20073] Bluetooth: hci0: Opcode 0x0c20 failed: -22
[ 1254.101111][ T5822] usb 6-1: device descriptor read/64, error -71
[ 1254.112428][T20073] netlink: 20 bytes leftover after parsing attributes in process `syz.6.3616'.
[ 1254.118261][T16011] udevd[16011]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1254.269739][T20077] netlink: 'syz.0.3617': attribute type 1 has an invalid length.
[ 1254.573901][T20078] bond1: entered promiscuous mode
[ 1254.578982][T20078] bond1: entered allmulticast mode
[ 1254.592450][ T5822] usb 6-1: new high-speed USB device number 81 using dummy_hcd
[ 1254.663239][T20078] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1254.780951][ T5822] usb 6-1: device descriptor read/64, error -71
[ 1254.864362][   T30] audit: type=1400 audit(1749494777.530:2729): avc:  denied  { setattr } for  pid=20086 comm="syz.6.3620" name="ptype" dev="proc" ino=4026533347 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[ 1254.887292][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1254.901156][ T5822] usb usb6-port1: attempt power cycle
[ 1255.005345][T18908] usb 5-1: new full-speed USB device number 71 using dummy_hcd
[ 1255.051050][   T10] usb 4-1: new high-speed USB device number 88 using dummy_hcd
[ 1255.162642][T18908] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1255.173913][T18908] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1255.184733][T18908] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 1255.193971][T18908] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1255.211283][   T10] usb 4-1: Using ep0 maxpacket: 8
[ 1255.224628][T18908] usb 5-1: config 0 descriptor??
[ 1255.232445][   T10] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1255.256139][   T10] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1255.267725][ T5822] usb 6-1: new high-speed USB device number 82 using dummy_hcd
[ 1255.281063][   T10] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1255.310942][   T10] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1255.324614][ T5822] usb 6-1: device descriptor read/8, error -71
[ 1255.340884][   T10] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1255.350371][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1255.651334][T20100] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3624'.
[ 1255.661038][T20100] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3624'.
[ 1256.078021][T18908] savu 0003:1E7D:2D5A.0017: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.4-1/input0
[ 1256.089963][T17863] Bluetooth: hci0: command tx timeout
[ 1256.151223][T20085] xt_CT: No such helper "snmp"
[ 1256.165985][   T10] usb 4-1: GET_CAPABILITIES returned 0
[ 1256.175945][   T10] usbtmc 4-1:16.0: can't read capabilities
[ 1256.356485][T18908] usb 5-1: USB disconnect, device number 71
[ 1256.440634][   T10] usb 4-1: USB disconnect, device number 88
[ 1257.436827][T20121] netlink: 212408 bytes leftover after parsing attributes in process `syz.6.3628'.
[ 1260.031380][ T5822] usb 6-1: new full-speed USB device number 84 using dummy_hcd
[ 1260.193884][   T10] usb 5-1: new high-speed USB device number 72 using dummy_hcd
[ 1260.714472][   T30] audit: type=1326 audit(1749494783.380:2730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20153 comm="syz.3.3639" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fef5d18e929 code=0x7ffc0000
[ 1260.722164][ T5822] usb 6-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1260.749630][ T5822] usb 6-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1260.759429][   T10] usb 5-1: device descriptor read/64, error -71
[ 1260.772431][ T5822] usb 6-1: config 0 interface 0 has no altsetting 0
[ 1260.797495][ T5822] usb 6-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00
[ 1260.838946][ T5822] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1261.022829][ T5822] usb 6-1: config 0 descriptor??
[ 1261.051206][   T10] usb 5-1: new high-speed USB device number 73 using dummy_hcd
[ 1261.868843][   T10] usb 5-1: device descriptor read/64, error -71
[ 1261.991312][   T10] usb usb5-port1: attempt power cycle
[ 1262.283070][T20174] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3644'.
[ 1263.279042][ T5822] usbhid 6-1:0.0: can't add hid device: -71
[ 1263.285175][ T5822] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[ 1263.311232][ T5822] usb 6-1: USB disconnect, device number 84
[ 1263.432621][   T30] audit: type=1400 audit(1749494786.090:2731): avc:  denied  { bind } for  pid=20185 comm="syz.3.3647" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[ 1263.760133][T20186] block nbd3: NBD_DISCONNECT
[ 1264.425631][   T24] usb 6-1: new full-speed USB device number 85 using dummy_hcd
[ 1265.038669][   T24] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1265.050058][   T24] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 1265.064704][   T24] usb 6-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[ 1265.076546][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1265.104607][   T24] usb 6-1: config 0 descriptor??
[ 1265.155348][   T24] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[ 1265.185904][   T24] dvb-usb: bulk message failed: -22 (3/0)
[ 1265.231399][ T5822] usb 4-1: new high-speed USB device number 89 using dummy_hcd
[ 1265.272155][   T24] dvb-usb: will use the device's hardware PID filter (table count: 16).
[ 1265.297626][   T24] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[ 1265.305094][   T24] usb 6-1: media controller created
[ 1265.313335][   T24] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1265.346248][   T24] dvb-usb: bulk message failed: -22 (6/0)
[ 1265.346397][   T24] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[ 1265.371716][   T24] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb6/6-1/input/input45
[ 1265.374494][   T24] dvb-usb: schedule remote query interval to 150 msecs.
[ 1265.374513][   T24] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[ 1265.390933][ T5822] usb 4-1: device descriptor read/64, error -71
[ 1265.452183][   T43] usb 6-1: USB disconnect, device number 85
[ 1265.495422][   T43] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[ 1265.661042][ T5822] usb 4-1: new high-speed USB device number 90 using dummy_hcd
[ 1265.761274][T20209] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 1265.813399][ T5822] usb 4-1: device descriptor read/64, error -71
[ 1265.951224][ T5822] usb usb4-port1: attempt power cycle
[ 1266.101233][T20214] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3658'.
[ 1266.357638][ T5822] usb 4-1: new high-speed USB device number 91 using dummy_hcd
[ 1266.383985][T20217] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3659'.
[ 1266.401290][ T5822] usb 4-1: device descriptor read/8, error -71
[ 1266.680870][ T5822] usb 4-1: new high-speed USB device number 92 using dummy_hcd
[ 1266.726451][T20223] /dev/nullb0: Can't open blockdev
[ 1267.096952][T20224] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1267.109327][T20224] netlink: 248 bytes leftover after parsing attributes in process `syz.5.3662'.
[ 1267.125264][ T5822] usb 4-1: device descriptor read/8, error -71
[ 1267.223494][ T5820] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1267.244734][ T5820] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1267.254005][ T5820] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1267.272350][ T5820] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1267.283112][ T5822] usb usb4-port1: unable to enumerate USB device
[ 1267.292051][ T5820] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1267.416888][T20240] fuse: Bad value for 'fd'
[ 1268.330323][T20245] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3668'.
[ 1268.502686][   T12] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1268.574484][T20226] chnl_net:caif_netlink_parms(): no params data found
[ 1269.163947][   T12] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1269.361523][T17863] Bluetooth: hci1: command tx timeout
[ 1269.411171][T15440] usb 4-1: new high-speed USB device number 93 using dummy_hcd
[ 1269.435316][   T12] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1269.611280][T15440] usb 4-1: device descriptor read/64, error -71
[ 1269.676777][T20226] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1269.684320][T20226] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1269.697422][T20226] bridge_slave_0: entered allmulticast mode
[ 1269.705780][T20226] bridge_slave_0: entered promiscuous mode
[ 1269.714223][T20226] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1269.754322][T20226] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1269.775924][T20226] bridge_slave_1: entered allmulticast mode
[ 1269.792401][T20226] bridge_slave_1: entered promiscuous mode
[ 1269.828591][   T12] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1269.855021][ T5822] usb 5-1: new high-speed USB device number 75 using dummy_hcd
[ 1269.862821][T15440] usb 4-1: new high-speed USB device number 94 using dummy_hcd
[ 1270.142940][T20226] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1270.159186][T20226] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1270.216601][T20226] team0: Port device team_slave_0 added
[ 1270.247682][T20226] team0: Port device team_slave_1 added
[ 1270.281028][ T5822] usb 5-1: Using ep0 maxpacket: 8
[ 1270.287619][ T5822] usb 5-1: config index 0 descriptor too short (expected 28277, got 36)
[ 1270.296174][ T5822] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1270.306278][ T5822] usb 5-1: config 0 has no interfaces?
[ 1270.311819][ T5822] usb 5-1: New USB device found, idVendor=046d, idProduct=c20e, bcdDevice= 0.00
[ 1270.312201][T20226] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1270.320859][ T5822] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1270.323357][ T5822] usb 5-1: config 0 descriptor??
[ 1270.341942][T20226] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1270.372325][T20226] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1270.426418][T20226] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1270.435658][T20226] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1270.463994][T20226] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1270.585531][T15440] usb 4-1: device descriptor read/64, error -71
[ 1270.705566][T15440] usb usb4-port1: attempt power cycle
[ 1270.887565][   T12] bond0 (unregistering): Released all slaves
[ 1270.900371][T20226] hsr_slave_0: entered promiscuous mode
[ 1270.909156][T20226] hsr_slave_1: entered promiscuous mode
[ 1270.915630][T20226] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1270.917525][T17863] Bluetooth: hci2: ACL packet for unknown connection handle 200
[ 1270.933057][T20226] Cannot create hsr debugfs directory
[ 1271.090889][T15440] usb 4-1: new high-speed USB device number 95 using dummy_hcd
[ 1271.164866][   T12] : left promiscuous mode
[ 1271.191457][T15440] usb 4-1: device descriptor read/8, error -71
[ 1271.578996][T17863] Bluetooth: hci1: command tx timeout
[ 1271.586913][   T30] audit: type=1804 audit(1749494794.160:2732): pid=20284 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.5.3678" name="/newroot/585/file0" dev="tmpfs" ino=3121 res=1 errno=0
[ 1271.791129][T15440] usb 4-1: new high-speed USB device number 96 using dummy_hcd
[ 1271.814763][T15440] usb 4-1: device descriptor read/8, error -71
[ 1271.931173][T15440] usb usb4-port1: unable to enumerate USB device
[ 1272.033792][   T12] hsr_slave_0: left promiscuous mode
[ 1272.055966][   T12] hsr_slave_1: left promiscuous mode
[ 1272.083229][   T12] veth1_macvtap: left promiscuous mode
[ 1272.088869][   T12] veth0_macvtap: left promiscuous mode
[ 1272.094835][   T12] veth1_vlan: left promiscuous mode
[ 1272.100764][   T12] veth0_vlan: left promiscuous mode
[ 1272.247117][T20289] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3680'.
[ 1272.421501][T18908] usb 5-1: USB disconnect, device number 75
[ 1272.707736][T20294] FAULT_INJECTION: forcing a failure.
[ 1272.707736][T20294] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1272.722098][T20294] CPU: 0 UID: 0 PID: 20294 Comm: syz.4.3681 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[ 1272.722124][T20294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1272.722135][T20294] Call Trace:
[ 1272.722141][T20294]  <TASK>
[ 1272.722148][T20294]  dump_stack_lvl+0x16c/0x1f0
[ 1272.722179][T20294]  should_fail_ex+0x512/0x640
[ 1272.722207][T20294]  should_fail_alloc_page+0xe7/0x130
[ 1272.722234][T20294]  prepare_alloc_pages+0x3c2/0x610
[ 1272.722253][T20294]  ? lock_acquire+0x179/0x350
[ 1272.722290][T20294]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 1272.722316][T20294]  ? mark_held_locks+0x49/0x80
[ 1272.722341][T20294]  ? finish_task_switch.isra.0+0x221/0xc10
[ 1272.722364][T20294]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1272.722390][T20294]  ? finish_task_switch.isra.0+0x221/0xc10
[ 1272.722412][T20294]  ? rcu_is_watching+0x12/0xc0
[ 1272.722434][T20294]  ? trace_sched_exit_tp+0xde/0x130
[ 1272.722460][T20294]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1272.722482][T20294]  ? rcu_is_watching+0x12/0xc0
[ 1272.722502][T20294]  ? finish_task_switch.isra.0+0x221/0xc10
[ 1272.722525][T20294]  ? finish_task_switch.isra.0+0x151/0xc10
[ 1272.722556][T20294]  ? __lock_acquire+0xb8a/0x1c90
[ 1272.722582][T20294]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1272.722604][T20294]  ? policy_nodemask+0xea/0x4e0
[ 1272.722632][T20294]  alloc_pages_mpol+0x1fb/0x550
[ 1272.722658][T20294]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1272.722686][T20294]  ? mark_held_locks+0x49/0x80
[ 1272.722715][T20294]  alloc_pages_noprof+0x131/0x390
[ 1272.722741][T20294]  pte_alloc_one+0x1c/0x3a0
[ 1272.722758][T20294]  __pte_alloc+0x6d/0x3c0
[ 1272.722783][T20294]  ? __pfx___pte_alloc+0x10/0x10
[ 1272.722815][T20294]  __handle_mm_fault+0x4358/0x5490
[ 1272.722842][T20294]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1272.722876][T20294]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1272.722907][T20294]  handle_mm_fault+0x589/0xd10
[ 1272.722933][T20294]  __get_user_pages+0x589/0x3b80
[ 1272.722967][T20294]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1272.722991][T20294]  ? rcu_preempt_deferred_qs_irqrestore+0x4f5/0xbc0
[ 1272.723021][T20294]  ? __pfx___get_user_pages+0x10/0x10
[ 1272.723058][T20294]  get_user_pages_remote+0x258/0xb20
[ 1272.723077][T20294]  ? __pfx_mtree_load+0x10/0x10
[ 1272.723104][T20294]  ? __pfx_get_user_pages_remote+0x10/0x10
[ 1272.723143][T20294]  __access_remote_vm+0x246/0x810
[ 1272.723172][T20294]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1272.723190][T20294]  ? __pfx___access_remote_vm+0x10/0x10
[ 1272.723215][T20294]  ? environ_read+0x214/0x450
[ 1272.723239][T20294]  environ_read+0x31e/0x450
[ 1272.723268][T20294]  ? __pfx_environ_read+0x10/0x10
[ 1272.723285][T20294]  vfs_readv+0x5be/0x8b0
[ 1272.723314][T20294]  ? __pfx_vfs_readv+0x10/0x10
[ 1272.723333][T20294]  ? trace_sched_exit_tp+0xde/0x130
[ 1272.723358][T20294]  ? __schedule+0x1181/0x5de0
[ 1272.723398][T20294]  ? __fget_files+0x20e/0x3c0
[ 1272.723428][T20294]  ? do_preadv+0x1a6/0x270
[ 1272.723447][T20294]  do_preadv+0x1a6/0x270
[ 1272.723469][T20294]  ? __pfx_do_preadv+0x10/0x10
[ 1272.723497][T20294]  do_syscall_64+0xcd/0x4c0
[ 1272.723525][T20294]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1272.723544][T20294] RIP: 0033:0x7ffab8b8e929
[ 1272.723559][T20294] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1272.723576][T20294] RSP: 002b:00007ffab992b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[ 1272.723594][T20294] RAX: ffffffffffffffda RBX: 00007ffab8db6160 RCX: 00007ffab8b8e929
[ 1272.723606][T20294] RDX: 0000000000000001 RSI: 0000200000001400 RDI: 0000000000000008
[ 1272.723616][T20294] RBP: 00007ffab992b090 R08: 0000000000000000 R09: 0000000000000000
[ 1272.723627][T20294] R10: 0000000000c002a0 R11: 0000000000000246 R12: 0000000000000001
[ 1272.723638][T20294] R13: 0000000000000000 R14: 00007ffab8db6160 R15: 00007ffdf9fe0b48
[ 1272.723662][T20294]  </TASK>
[ 1273.184277][T20296] fuse: Bad value for 'fd'
[ 1273.600939][T17863] Bluetooth: hci1: command tx timeout
[ 1273.848844][ T1159] tipc: Subscription rejected, illegal request
[ 1273.881016][ T5822] usb 5-1: new high-speed USB device number 76 using dummy_hcd
[ 1274.106636][ T5822] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1274.118159][ T5822] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1274.136593][ T5822] usb 5-1: Product: syz
[ 1274.140776][ T5822] usb 5-1: Manufacturer: syz
[ 1274.150875][ T5822] usb 5-1: SerialNumber: syz
[ 1274.203303][ T5822] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1274.230736][   T10] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1274.538272][T20309] bridge0: port 3(ipvlan2) entered blocking state
[ 1274.551125][T20309] bridge0: port 3(ipvlan2) entered disabled state
[ 1274.601115][T20309] ipvlan2: entered allmulticast mode
[ 1274.606446][T20309] bridge0: entered allmulticast mode
[ 1274.646907][T20303] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1274.666679][T20309] ipvlan2: left allmulticast mode
[ 1274.675691][T20303] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1274.689694][T20309] bridge0: left allmulticast mode
[ 1274.700614][T20303] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1274.714456][T20303] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1274.929540][T18908] usb 5-1: USB disconnect, device number 76
[ 1275.044830][   T12] IPVS: stop unused estimator thread 0...
[ 1275.095296][T20321] Bluetooth: hci0: Opcode 0x0c20 failed: -22
[ 1275.096352][T20226] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1275.107759][T20321] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3690'.
[ 1275.130367][T20226] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1275.144517][T20226] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1275.172560][T20226] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1275.283031][   T10] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[ 1275.300699][   T10] ath9k_htc: Failed to initialize the device
[ 1275.322312][T18908] usb 5-1: ath9k_htc: USB layer deinitialized
[ 1275.326807][T20226] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1275.374609][T20226] 8021q: adding VLAN 0 to HW filter on device team0
[ 1275.510126][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1275.517252][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1275.535538][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1275.542665][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1275.681106][T17863] Bluetooth: hci1: command tx timeout
[ 1275.734477][T20334] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1276.653265][T20346] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1277.000208][T20226] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1277.086436][T20349] fuse: Bad value for 'fd'
[ 1277.122200][T17863] Bluetooth: hci0: command tx timeout
[ 1278.009360][T20226] veth0_vlan: entered promiscuous mode
[ 1278.039488][T20226] veth1_vlan: entered promiscuous mode
[ 1278.095484][T20226] veth0_macvtap: entered promiscuous mode
[ 1278.122942][T20226] veth1_macvtap: entered promiscuous mode
[ 1278.270194][T20226] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1278.292811][T20226] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1278.302887][T20226] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1278.341451][T20226] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1278.350169][T20226] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1278.376669][T20226] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1278.415633][T20372] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1278.620897][T18908] usb 5-1: new high-speed USB device number 77 using dummy_hcd
[ 1278.772195][T20378] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1279.347331][T20383] fuse: Bad value for 'fd'
[ 1279.545405][T16488] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1279.571630][T16488] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1279.621486][ T7167] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1279.639261][ T7167] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1279.740201][T20399] FAULT_INJECTION: forcing a failure.
[ 1279.740201][T20399] name failslab, interval 1, probability 0, space 0, times 0
[ 1279.811721][T20399] CPU: 1 UID: 0 PID: 20399 Comm: syz.5.3707 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[ 1279.811748][T20399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1279.811759][T20399] Call Trace:
[ 1279.811766][T20399]  <TASK>
[ 1279.811773][T20399]  dump_stack_lvl+0x16c/0x1f0
[ 1279.811803][T20399]  should_fail_ex+0x512/0x640
[ 1279.811824][T20399]  ? fs_reclaim_acquire+0xae/0x150
[ 1279.811844][T20399]  ? tomoyo_encode2+0x100/0x3e0
[ 1279.811865][T20399]  should_failslab+0xc2/0x120
[ 1279.811889][T20399]  __kmalloc_noprof+0xd2/0x510
[ 1279.811911][T20399]  tomoyo_encode2+0x100/0x3e0
[ 1279.811929][T20399]  tomoyo_encode+0x29/0x50
[ 1279.811944][T20399]  tomoyo_realpath_from_path+0x18f/0x6e0
[ 1279.811961][T20399]  ? tomoyo_profile+0x47/0x60
[ 1279.811980][T20399]  tomoyo_path_number_perm+0x245/0x580
[ 1279.811993][T20399]  ? tomoyo_path_number_perm+0x237/0x580
[ 1279.812007][T20399]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1279.812022][T20399]  ? find_held_lock+0x2b/0x80
[ 1279.812050][T20399]  ? find_held_lock+0x2b/0x80
[ 1279.812063][T20399]  ? hook_file_ioctl_common+0x145/0x410
[ 1279.812077][T20399]  ? __fget_files+0x20e/0x3c0
[ 1279.812096][T20399]  security_file_ioctl+0x9b/0x240
[ 1279.812112][T20399]  __x64_sys_ioctl+0xb7/0x210
[ 1279.812126][T20399]  do_syscall_64+0xcd/0x4c0
[ 1279.812146][T20399]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1279.812158][T20399] RIP: 0033:0x7fbbb738e929
[ 1279.812168][T20399] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1279.812179][T20399] RSP: 002b:00007fbbb825d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1279.812189][T20399] RAX: ffffffffffffffda RBX: 00007fbbb75b6080 RCX: 00007fbbb738e929
[ 1279.812197][T20399] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[ 1279.812203][T20399] RBP: 00007fbbb825d090 R08: 0000000000000000 R09: 0000000000000000
[ 1279.812210][T20399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1279.812216][T20399] R13: 0000000000000001 R14: 00007fbbb75b6080 R15: 00007ffee7d25d38
[ 1279.812231][T20399]  </TASK>
[ 1279.812586][T20399] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1282.054138][T20420] FAULT_INJECTION: forcing a failure.
[ 1282.054138][T20420] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1282.067601][T20420] CPU: 0 UID: 0 PID: 20420 Comm: syz.5.3712 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[ 1282.067624][T20420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1282.067634][T20420] Call Trace:
[ 1282.067640][T20420]  <TASK>
[ 1282.067646][T20420]  dump_stack_lvl+0x16c/0x1f0
[ 1282.067675][T20420]  should_fail_ex+0x512/0x640
[ 1282.067703][T20420]  _copy_from_user+0x2e/0xd0
[ 1282.067729][T20420]  copy_msghdr_from_user+0x98/0x160
[ 1282.067756][T20420]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1282.067791][T20420]  ___sys_sendmsg+0xfe/0x1d0
[ 1282.067817][T20420]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1282.067840][T20420]  ? __lock_acquire+0x622/0x1c90
[ 1282.067897][T20420]  __sys_sendmsg+0x16d/0x220
[ 1282.067922][T20420]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1282.067964][T20420]  do_syscall_64+0xcd/0x4c0
[ 1282.067993][T20420]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1282.068025][T20420] RIP: 0033:0x7fbbb738e929
[ 1282.068039][T20420] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1282.068056][T20420] RSP: 002b:00007fbbb827e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1282.068073][T20420] RAX: ffffffffffffffda RBX: 00007fbbb75b5fa0 RCX: 00007fbbb738e929
[ 1282.068084][T20420] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[ 1282.068095][T20420] RBP: 00007fbbb827e090 R08: 0000000000000000 R09: 0000000000000000
[ 1282.068106][T20420] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1282.068116][T20420] R13: 0000000000000000 R14: 00007fbbb75b5fa0 R15: 00007ffee7d25d38
[ 1282.068140][T20420]  </TASK>
[ 1282.353070][   T24] usb 4-1: new high-speed USB device number 97 using dummy_hcd
[ 1282.620931][   T24] usb 4-1: Using ep0 maxpacket: 32
[ 1282.636595][   T24] usb 4-1: config 9 has an invalid interface number: 219 but max is 1
[ 1282.655229][   T24] usb 4-1: config 9 has an invalid interface number: 29 but max is 1
[ 1282.672218][   T24] usb 4-1: config 9 contains an unexpected descriptor of type 0x1, skipping
[ 1283.767035][T20433] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3716'.
[ 1283.776062][   T24] usb 4-1: config 9 has no interface number 0
[ 1283.792770][   T24] usb 4-1: config 9 has no interface number 1
[ 1283.798922][   T24] usb 4-1: config 9 interface 219 altsetting 131 endpoint 0xA has invalid maxpacket 1024, setting to 64
[ 1283.828514][   T24] usb 4-1: config 9 interface 219 altsetting 131 has a duplicate endpoint with address 0x2, skipping
[ 1283.876875][   T24] usb 4-1: config 9 interface 219 altsetting 131 endpoint 0xC has invalid maxpacket 512, setting to 64
[ 1283.908933][   T24] usb 4-1: config 9 interface 219 altsetting 131 bulk endpoint 0x7 has invalid maxpacket 1023
[ 1283.953146][   T24] usb 4-1: config 9 interface 219 altsetting 131 has a duplicate endpoint with address 0xF, skipping
[ 1283.981878][   T24] usb 4-1: config 9 interface 219 altsetting 131 has a duplicate endpoint with address 0x4, skipping
[ 1284.002021][   T24] usb 4-1: config 9 interface 219 altsetting 131 has a duplicate endpoint with address 0x4, skipping
[ 1284.016763][   T24] usb 4-1: config 9 interface 29 altsetting 4 endpoint 0x5 has invalid maxpacket 512, setting to 64
[ 1284.028317][   T24] usb 4-1: config 9 interface 29 altsetting 4 endpoint 0x1 has invalid maxpacket 512, setting to 64
[ 1284.046479][   T24] usb 4-1: config 9 interface 29 altsetting 4 has a duplicate endpoint with address 0x4, skipping
[ 1284.057490][   T24] usb 4-1: config 9 interface 29 altsetting 4 has a duplicate endpoint with address 0xC, skipping
[ 1284.070205][   T24] usb 4-1: config 9 interface 29 altsetting 4 has a duplicate endpoint with address 0x1, skipping
[ 1284.081155][   T24] usb 4-1: config 9 interface 29 altsetting 4 has a duplicate endpoint with address 0x3, skipping
[ 1284.091995][   T24] usb 4-1: config 9 interface 219 has no altsetting 0
[ 1284.098791][   T24] usb 4-1: config 9 interface 29 has no altsetting 0
[ 1284.108935][   T24] usb 4-1: Dual-Role OTG device on HNP port
[ 1284.115331][   T24] usb 4-1: New USB device found, idVendor=04da, idProduct=0901, bcdDevice= 1.d8
[ 1284.124758][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1284.132920][   T24] usb 4-1: Product: syz
[ 1284.137272][   T24] usb 4-1: Manufacturer: Г
[ 1284.141999][   T24] usb 4-1: SerialNumber: syz
[ 1284.150164][T20411] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1284.159724][ T6204] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[ 1284.241985][ T5822] usb 7-1: new high-speed USB device number 72 using dummy_hcd
[ 1284.642099][T20448] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1284.937330][ T5822] usb 7-1: Using ep0 maxpacket: 8
[ 1285.207829][ T5822] usb 7-1: config 179 has an invalid interface number: 65 but max is 0
[ 1285.249266][ T5822] usb 7-1: config 179 has no interface number 0
[ 1285.266421][ T5822] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[ 1285.294917][   T24] usb-storage 4-1:9.219: USB Mass Storage device detected
[ 1285.294989][ T5822] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[ 1285.328486][ T5822] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1285.480903][ T5822] usb 7-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[ 1286.049332][   T24] usb-storage 4-1:9.29: USB Mass Storage device detected
[ 1286.302963][ T5822] usb 7-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 1286.340922][ T5822] usb 7-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[ 1286.350053][ T5822] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1286.377705][T20438] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1286.403670][   T24] usb 4-1: USB disconnect, device number 97
[ 1286.801216][   T24] usb 4-1: new high-speed USB device number 98 using dummy_hcd
[ 1287.171124][   T24] usb 4-1: device descriptor read/64, error -71
[ 1287.921319][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[ 1287.949515][   T24] usb 4-1: new high-speed USB device number 99 using dummy_hcd
[ 1288.037516][T20482] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 1288.090966][   T24] usb 4-1: device descriptor read/64, error -71
[ 1288.200102][T16539] usb 7-1: USB disconnect, device number 72
[ 1288.200202][    C0] xpad 7-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[ 1288.214670][   T24] usb usb4-port1: attempt power cycle
[ 1288.214755][    C0] dummy_hcd dummy_hcd.6: timer fired with no URBs pending?
[ 1288.640378][   T24] usb 4-1: new high-speed USB device number 100 using dummy_hcd
[ 1288.778995][T20499] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1288.892419][    T9] usb 7-1: new high-speed USB device number 73 using dummy_hcd
[ 1289.366814][T20501] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=20501 comm=syz.4.3736
[ 1289.477895][    T9] usb 7-1: Using ep0 maxpacket: 16
[ 1289.547441][    T9] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1289.578759][   T24] usb 4-1: device not accepting address 100, error -71
[ 1289.581034][    T9] usb 7-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[ 1290.080100][    T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1290.109105][    T9] usb 7-1: config 0 descriptor??
[ 1290.782925][    T9] usbhid 7-1:0.0: can't add hid device: -71
[ 1290.800676][    T9] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[ 1290.965640][T20515] loop6: detected capacity change from 0 to 524287999
[ 1291.449888][    T9] usb 7-1: USB disconnect, device number 73
[ 1291.958937][ T5820] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1291.968561][ T5820] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1291.977276][ T5820] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1291.985044][ T5820] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1291.993859][ T5820] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1292.216199][   T12] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1292.325954][   T30] audit: type=1400 audit(1749494814.990:2733): avc:  denied  { connect } for  pid=20541 comm="syz.3.3746" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[ 1292.376434][T20535] fuse: Bad value for 'rootmode'
[ 1292.393470][   T30] audit: type=1400 audit(1749494815.010:2734): avc:  denied  { setopt } for  pid=20541 comm="syz.3.3746" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[ 1292.449516][   T12] bridge0: port 1(netdevsim2) entered disabled state
[ 1292.616083][   T12] netdevsim netdevsim5 netdevsim2 (unregistering): left allmulticast mode
[ 1292.741101][T16539] usb 4-1: new high-speed USB device number 102 using dummy_hcd
[ 1292.789269][   T12] netdevsim netdevsim5 netdevsim2 (unregistering): left promiscuous mode
[ 1292.968785][   T12] bridge0: port 1(netdevsim2) entered disabled state
[ 1292.977973][T16539] usb 4-1: Using ep0 maxpacket: 16
[ 1293.231228][T14741] usb 7-1: new high-speed USB device number 74 using dummy_hcd
[ 1293.506932][T16539] usb 4-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[ 1293.616316][T16539] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1293.665854][   T12] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1293.799245][T16539] usb 4-1: config 0 descriptor??
[ 1293.907179][T16539] gspca_main: sonixj-2.14.0 probing 0471:0327
[ 1294.049969][   T12] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1294.071416][T14741] usb 7-1: device descriptor read/64, error -71
[ 1294.091135][ T5820] Bluetooth: hci3: command tx timeout
[ 1294.320256][T14741] usb 7-1: new high-speed USB device number 75 using dummy_hcd
[ 1294.503900][   T12] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1294.630935][T14741] usb 7-1: device descriptor read/64, error -71
[ 1294.935367][T14741] usb usb7-port1: attempt power cycle
[ 1295.045078][   T30] audit: type=1400 audit(1749494817.710:2735): avc:  denied  { listen } for  pid=20564 comm="syz.4.3753" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1295.220450][   T30] audit: type=1400 audit(1749494817.710:2736): avc:  denied  { accept } for  pid=20564 comm="syz.4.3753" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1295.301414][T14741] usb 7-1: new high-speed USB device number 76 using dummy_hcd
[ 1295.383499][T14741] usb 7-1: device descriptor read/8, error -71
[ 1295.725104][T16539] gspca_sonixj: i2c_w8 err -71
[ 1295.740998][T16539] sonixj 4-1:0.0: probe with driver sonixj failed with error -71
[ 1295.751756][T16539] usb 4-1: USB disconnect, device number 102
[ 1295.809806][T20576] netlink: zone id is out of range
[ 1295.819115][T20576] netlink: zone id is out of range
[ 1295.824673][T20576] netlink: zone id is out of range
[ 1295.829908][T20576] netlink: zone id is out of range
[ 1295.879347][T20576] netlink: zone id is out of range
[ 1295.922268][T20576] netlink: set zone limit has 4 unknown bytes
[ 1296.161319][ T5820] Bluetooth: hci3: command tx timeout
[ 1296.339679][   T12] bond0 (unregistering): (slave wlan1): Releasing backup interface
[ 1296.357203][   T12] bond0 (unregistering): Released all slaves
[ 1296.579667][   T12] bond1 (unregistering): Released all slaves
[ 1296.606206][T20575] team_slave_0: entered allmulticast mode
[ 1296.625173][T20531] chnl_net:caif_netlink_parms(): no params data found
[ 1297.191371][T20597] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1297.562756][T20531] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1297.574534][T20531] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1297.586086][T20531] bridge_slave_0: entered allmulticast mode
[ 1297.598032][T20531] bridge_slave_0: entered promiscuous mode
[ 1297.606755][T20531] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1297.614139][T20531] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1297.623205][T20531] bridge_slave_1: entered allmulticast mode
[ 1297.635462][T20531] bridge_slave_1: entered promiscuous mode
[ 1297.847297][T20531] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1298.251076][ T5820] Bluetooth: hci3: command tx timeout
[ 1298.259655][T20531] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1298.483803][T14741] usb 7-1: new high-speed USB device number 78 using dummy_hcd
[ 1298.644162][T14741] usb 7-1: device descriptor read/64, error -71
[ 1299.112838][T14741] usb 7-1: new high-speed USB device number 79 using dummy_hcd
[ 1299.401556][T14741] usb 7-1: device descriptor read/64, error -71
[ 1299.602185][T14741] usb usb7-port1: attempt power cycle
[ 1299.688113][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1299.751365][   T12] hsr_slave_0: left promiscuous mode
[ 1299.791140][   T43] usb 4-1: new high-speed USB device number 103 using dummy_hcd
[ 1299.800630][   T12] hsr_slave_1: left promiscuous mode
[ 1299.891500][   T12] veth1_macvtap: left promiscuous mode
[ 1299.897137][   T12] veth0_macvtap: left promiscuous mode
[ 1299.902865][   T12] veth1_vlan: left promiscuous mode
[ 1299.908291][   T12] veth0_vlan: left promiscuous mode
[ 1299.957201][   T43] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1299.986623][   T43] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1300.010922][T14741] usb 7-1: new high-speed USB device number 80 using dummy_hcd
[ 1300.012319][   T43] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1300.044940][   T43] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1300.064212][T14741] usb 7-1: device descriptor read/8, error -71
[ 1300.084874][   T43] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1300.128283][   T43] usb 4-1: config 0 descriptor??
[ 1300.335701][ T5820] Bluetooth: hci3: command tx timeout
[ 1300.419528][T14741] usb 7-1: new high-speed USB device number 81 using dummy_hcd
[ 1300.473600][T14741] usb 7-1: device descriptor read/8, error -71
[ 1300.525501][   T12] pimreg3 (unregistering): left allmulticast mode
[ 1300.625484][T14741] usb usb7-port1: unable to enumerate USB device
[ 1300.635903][   T43] plantronics 0003:047F:FFFF.0018: No inputs registered, leaving
[ 1300.664459][   T43] plantronics 0003:047F:FFFF.0018: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[ 1300.895890][T20629] netlink: 'syz.3.3767': attribute type 23 has an invalid length.
[ 1300.983862][   T43] usb 4-1: USB disconnect, device number 103
[ 1301.086399][T20645] Bluetooth: hci0: Opcode 0x0c20 failed: -22
[ 1301.097746][T20645] netlink: 20 bytes leftover after parsing attributes in process `syz.6.3773'.
[ 1301.275288][T20531] team0: Port device team_slave_0 added
[ 1301.287951][T20531] team0: Port device team_slave_1 added
[ 1301.402044][T20650] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1301.431873][T20653] overlayfs: missing 'lowerdir'
[ 1301.499749][T20531] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1301.557965][T20531] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1301.701177][T20531] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1301.870299][T20531] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1301.878717][T20531] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1301.994166][T20531] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1302.864257][T20665] netlink: zone id is out of range
[ 1302.869425][T20665] netlink: zone id is out of range
[ 1302.880510][T20531] hsr_slave_0: entered promiscuous mode
[ 1302.883789][T20665] netlink: zone id is out of range
[ 1302.888456][T20531] hsr_slave_1: entered promiscuous mode
[ 1302.897494][T20531] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1302.911284][T20531] Cannot create hsr debugfs directory
[ 1302.936402][T20665] netlink: zone id is out of range
[ 1302.962059][T20665] netlink: zone id is out of range
[ 1303.171209][ T5820] Bluetooth: hci0: command tx timeout
[ 1303.268178][T20665] netlink: set zone limit has 4 unknown bytes
[ 1303.296786][   T12] IPVS: stop unused estimator thread 0...
[ 1303.449194][T20673] Bluetooth: hci0: Opcode 0x0c20 failed: -22
[ 1303.468567][T20673] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3782'.
[ 1303.985720][T20680] Bluetooth: hci0: Opcode 0x0c20 failed: -22
[ 1304.009262][T20680] netlink: 20 bytes leftover after parsing attributes in process `syz.6.3785'.
[ 1304.522993][T20689] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1304.813433][T20531] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1305.530876][ T5820] Bluetooth: hci0: command tx timeout
[ 1305.602225][T20531] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1305.689906][T20531] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1305.767188][T20699] SELinux: security_context_str_to_sid (5���]�S9q#���) failed with errno=-22
[ 1305.779961][T20531] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1306.156606][T20714] Bluetooth: hci0: Opcode 0x0c20 failed: -22
[ 1306.166124][T20714] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3791'.
[ 1306.921510][T20531] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1307.051945][T20531] 8021q: adding VLAN 0 to HW filter on device team0
[ 1307.072168][ T1159] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1307.079343][ T1159] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1307.549967][ T1159] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1307.557092][ T1159] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1307.744518][T20741] Bluetooth: hci0: Opcode 0x0c20 failed: -22
[ 1307.754284][T20741] netlink: 20 bytes leftover after parsing attributes in process `syz.6.3798'.
[ 1308.171481][ T5820] Bluetooth: hci0: command tx timeout
[ 1308.185289][T20745] Bluetooth: hci0: Opcode 0x0c20 failed: -22
[ 1308.304401][T20748] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3799'.
[ 1308.609661][T20531] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1309.837643][   T30] audit: type=1400 audit(1749494832.500:2737): avc:  denied  { listen } for  pid=20754 comm="syz.3.3801" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[ 1309.923780][T20770] qrtr: Invalid version 48
[ 1310.604308][T20780] fuse: Bad value for 'fd'
[ 1310.695235][T20784] sp0: Synchronizing with TNC
[ 1310.741903][T20782] [U] �
[ 1310.756973][ T5820] Bluetooth: hci4: unexpected event for opcode 0x2062
[ 1310.810897][   T24] usb 5-1: new high-speed USB device number 78 using dummy_hcd
[ 1310.839768][T20531] veth0_vlan: entered promiscuous mode
[ 1310.896162][T20531] veth1_vlan: entered promiscuous mode
[ 1310.965469][   T24] usb 5-1: device descriptor read/64, error -71
[ 1310.973395][T20531] veth0_macvtap: entered promiscuous mode
[ 1310.995084][T20531] veth1_macvtap: entered promiscuous mode
[ 1311.661366][T20531] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1311.672862][T20531] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1311.685571][T20531] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1311.695254][T20531] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1311.704084][T20531] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1311.733703][T20531] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1311.821290][   T24] usb 5-1: new high-speed USB device number 79 using dummy_hcd
[ 1311.976703][   T24] usb 5-1: device descriptor read/64, error -71
[ 1312.174479][   T24] usb usb5-port1: attempt power cycle
[ 1312.394898][ T3519] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1312.405118][ T3519] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1312.430476][T20796] vlan2: entered allmulticast mode
[ 1312.436944][T20796] veth1_to_batadv: entered allmulticast mode
[ 1312.571741][   T24] usb 5-1: new high-speed USB device number 80 using dummy_hcd
[ 1313.317834][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1313.335164][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1313.691929][   T24] usb 5-1: device descriptor read/8, error -71
[ 1313.866749][T20807] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present!
[ 1314.134020][T20812] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3815'.
[ 1314.180862][T20812] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3815'.
[ 1314.189858][T20812] netlink: 'syz.6.3815': attribute type 18 has an invalid length.
[ 1314.731726][T20817] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1314.807291][ T5820] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[ 1314.816994][ T5820] Bluetooth: hci4: Injecting HCI hardware error event
[ 1314.874849][T20820] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1314.905920][ T5820] Bluetooth: hci4: hardware error 0x00
[ 1315.349362][T20832] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3818'.
[ 1315.976358][T20840] netlink: 300 bytes leftover after parsing attributes in process `syz.6.3821'.
[ 1316.961049][ T5820] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[ 1317.761097][ T5820] Bluetooth: hci3: command 0x0405 tx timeout
[ 1317.844730][T20860] netlink: 'syz.6.3827': attribute type 10 has an invalid length.
[ 1319.308057][T20882] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1319.748281][T20883] hub 8-0:1.0: USB hub found
[ 1319.758772][T20883] hub 8-0:1.0: 1 port detected
[ 1319.868790][T20844] delete_channel: no stack
[ 1320.199254][ T5822] usb 5-1: new high-speed USB device number 82 using dummy_hcd
[ 1320.710844][ T5822] usb 5-1: Using ep0 maxpacket: 8
[ 1321.570989][ T5822] usb 5-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 1321.609388][ T5822] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1321.638250][ T5822] usb 5-1: config 0 descriptor??
[ 1321.790628][   T30] audit: type=1400 audit(1749494844.450:2738): avc:  denied  { ioctl } for  pid=20901 comm="syz.3.3838" path="/dev/fuse" dev="devtmpfs" ino=99 ioctlcmd=0x564a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[ 1321.869856][T20902] netlink: 300 bytes leftover after parsing attributes in process `syz.3.3838'.
[ 1321.953308][ T5822] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[ 1321.967663][ T5822] asix 5-1:0.0: probe with driver asix failed with error -71
[ 1321.998418][ T5822] usb 5-1: USB disconnect, device number 82
[ 1324.451241][ T5822] usb 5-1: new high-speed USB device number 83 using dummy_hcd
[ 1324.797888][T20934] netlink: 'syz.3.3843': attribute type 25 has an invalid length.
[ 1324.805803][ T5822] usb 5-1: device descriptor read/64, error -71
[ 1325.201044][   T10] usb 7-1: new high-speed USB device number 82 using dummy_hcd
[ 1325.271060][ T5822] usb 5-1: new high-speed USB device number 84 using dummy_hcd
[ 1325.330900][   T10] usb 7-1: device descriptor read/64, error -71
[ 1325.407610][T20942] netlink: 300 bytes leftover after parsing attributes in process `syz.5.3849'.
[ 1325.491006][ T5822] usb 5-1: device descriptor read/64, error -71
[ 1325.572400][   T10] usb 7-1: new high-speed USB device number 83 using dummy_hcd
[ 1325.601175][ T5822] usb usb5-port1: attempt power cycle
[ 1325.701304][   T10] usb 7-1: device descriptor read/64, error -71
[ 1325.821251][   T10] usb usb7-port1: attempt power cycle
[ 1325.925964][T20954] SELinux: security_context_str_to_sid (5���]�S9q#���) failed with errno=-22
[ 1326.144191][ T5822] usb 5-1: new high-speed USB device number 85 using dummy_hcd
[ 1326.181474][ T5822] usb 5-1: device descriptor read/8, error -71
[ 1326.290879][   T10] usb 7-1: new high-speed USB device number 84 using dummy_hcd
[ 1326.341767][   T10] usb 7-1: device descriptor read/8, error -71
[ 1326.470928][ T5822] usb 5-1: new high-speed USB device number 86 using dummy_hcd
[ 1326.512394][ T5822] usb 5-1: device descriptor read/8, error -71
[ 1326.633830][   T10] usb 7-1: new high-speed USB device number 85 using dummy_hcd
[ 1326.655898][T20959] SELinux: security_context_str_to_sid (5���]�S9q#���) failed with errno=-22
[ 1326.773101][ T5822] usb usb5-port1: unable to enumerate USB device
[ 1326.895494][   T10] usb 7-1: device descriptor read/8, error -71
[ 1327.032058][   T10] usb usb7-port1: unable to enumerate USB device
[ 1327.142488][T20968] fuse: Bad value for 'fd'
[ 1327.612807][T20975] Bluetooth: hci0: Opcode 0x0c20 failed: -22
[ 1328.254440][T20992] netlink: 'syz.0.3865': attribute type 1 has an invalid length.
[ 1328.448192][T20994] bond2: entered promiscuous mode
[ 1328.466436][T20994] bond2: entered allmulticast mode
[ 1328.474152][T20994] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1328.929501][T21012] netlink: 300 bytes leftover after parsing attributes in process `syz.3.3871'.
[ 1329.681013][ T5820] Bluetooth: hci0: command tx timeout
[ 1329.840071][T21028] Bluetooth: hci0: Opcode 0x0c20 failed: -22
[ 1330.447640][T21049] netlink: 176 bytes leftover after parsing attributes in process `syz.6.3878'.
[ 1331.490180][T21062] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1331.841029][ T5820] Bluetooth: hci0: command tx timeout
[ 1333.194680][T21089] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3891'.
[ 1333.341098][   T43] usb 7-1: new high-speed USB device number 86 using dummy_hcd
[ 1333.419886][T21095] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3892'.
[ 1333.571204][   T43] usb 7-1: Using ep0 maxpacket: 32
[ 1333.577648][   T43] usb 7-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[ 1333.586623][   T43] usb 7-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[ 1333.597512][   T43] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1333.784899][   T43] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1333.920235][T21102] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1334.239925][   T43] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1334.259875][   T43] usb 7-1: Product: syz
[ 1334.264420][   T43] usb 7-1: Manufacturer: syz
[ 1334.270145][   T43] usb 7-1: SerialNumber: syz
[ 1334.545792][T21085] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1334.554382][T21085] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1334.964404][   T43] usb 7-1: 0:2 : does not exist
[ 1334.989313][   T43] usb 7-1: USB disconnect, device number 86
[ 1335.253452][T21118] netlink: 'syz.4.3901': attribute type 39 has an invalid length.
[ 1336.875465][T21135] binder: 21134:21135 ioctl 4018620d 0 returned -22
[ 1337.343887][T21139] netlink: 'syz.5.3907': attribute type 16 has an invalid length.
[ 1337.351942][T21139] netlink: 'syz.5.3907': attribute type 17 has an invalid length.
[ 1339.513861][T21174] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3918'.
[ 1339.770482][T21179] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1340.718111][T21199] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1341.730889][T21213] ubi: mtd0 is already attached to ubi31
[ 1341.983713][T21209] sp0: Synchronizing with TNC
[ 1342.230858][    T9] usb 4-1: new low-speed USB device number 104 using dummy_hcd
[ 1342.409966][ T3745] usb 5-1: new high-speed USB device number 87 using dummy_hcd
[ 1342.742447][    T9] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a4, bcdDevice=37.c2
[ 1342.754701][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1342.762982][ T3745] usb 5-1: config index 0 descriptor too short (expected 23569, got 27)
[ 1342.768168][    T9] usb 4-1: config 0 descriptor??
[ 1342.778880][    T9] usbtest 4-1:0.0: Linux user mode test driver
[ 1342.788832][ T3745] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1342.788918][    T9] usbtest 4-1:0.0: low-speed {control} tests
[ 1342.823159][ T3745] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[ 1342.835711][ T3745] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[ 1342.854268][ T3745] usb 5-1: Manufacturer: syz
[ 1342.874402][ T3745] usb 5-1: config 0 descriptor??
[ 1342.952722][ T3745] rc_core: IR keymap rc-hauppauge not found
[ 1342.959111][ T3745] Registered IR keymap rc-empty
[ 1342.987548][ T3745] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[ 1342.999620][T21226] 9pnet_fd: Insufficient options for proto=fd
[ 1343.009073][   T43] usb 4-1: USB disconnect, device number 104
[ 1343.041198][ T3745] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input47
[ 1343.057224][ T5820] Bluetooth: hci3: unexpected event for opcode 0x2012
[ 1343.157472][    C1] igorplugusb 5-1:0.0: Error: urb status = -32
[ 1343.158321][T21216] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1343.274163][T21216] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1343.548109][T21216] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1343.607576][T21216] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1343.649186][T21216] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1343.678391][T21216] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1343.766083][   T10] usb 5-1: USB disconnect, device number 87
[ 1343.935336][T21235] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1343.943053][T21235] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1344.538871][    T9] usb 6-1: new high-speed USB device number 86 using dummy_hcd
[ 1344.582180][T21246] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1345.036625][T21249] SELinux: security_context_str_to_sid (5���]�S9q#���) failed with errno=-22
[ 1345.259222][    T9] usb 6-1: New USB device found, idVendor=093a, idProduct=050f, bcdDevice=c2.b7
[ 1345.407173][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1345.472815][    T9] usb 6-1: config 0 descriptor??
[ 1345.564736][T21256] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3942'.
[ 1345.745817][    T9] gspca_main: mars-2.14.0 probing 093a:050f
[ 1346.417052][T21274] FAULT_INJECTION: forcing a failure.
[ 1346.417052][T21274] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1346.434057][T21274] CPU: 0 UID: 0 PID: 21274 Comm: syz.4.3948 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[ 1346.434083][T21274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1346.434094][T21274] Call Trace:
[ 1346.434101][T21274]  <TASK>
[ 1346.434109][T21274]  dump_stack_lvl+0x16c/0x1f0
[ 1346.434141][T21274]  should_fail_ex+0x512/0x640
[ 1346.434168][T21274]  _copy_from_user+0x2e/0xd0
[ 1346.434195][T21274]  copy_from_sockptr_offset.constprop.0+0x153/0x1a0
[ 1346.434220][T21274]  ? __pfx_copy_from_sockptr_offset.constprop.0+0x10/0x10
[ 1346.434243][T21274]  ? __pfx_avc_has_perm+0x10/0x10
[ 1346.434267][T21274]  packet_setsockopt+0xbbd/0x33c0
[ 1346.434297][T21274]  ? __pfx_packet_setsockopt+0x10/0x10
[ 1346.434321][T21274]  ? selinux_netlbl_socket_setsockopt+0x183/0x470
[ 1346.434347][T21274]  ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10
[ 1346.434371][T21274]  ? irqentry_exit+0x3b/0x90
[ 1346.434408][T21274]  ? selinux_socket_setsockopt+0x6a/0x80
[ 1346.434432][T21274]  ? __pfx_packet_setsockopt+0x10/0x10
[ 1346.434457][T21274]  do_sock_setsockopt+0x224/0x470
[ 1346.434475][T21274]  ? __pfx_do_sock_setsockopt+0x10/0x10
[ 1346.434509][T21274]  __sys_setsockopt+0x1a0/0x230
[ 1346.434539][T21274]  __x64_sys_setsockopt+0xbd/0x160
[ 1346.434562][T21274]  ? x64_sys_call+0xd06/0x1730
[ 1346.434583][T21274]  do_syscall_64+0xcd/0x4c0
[ 1346.434611][T21274]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1346.434630][T21274] RIP: 0033:0x7ffab8b8e929
[ 1346.434644][T21274] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1346.434662][T21274] RSP: 002b:00007ffab992b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1346.434679][T21274] RAX: ffffffffffffffda RBX: 00007ffab8db6160 RCX: 00007ffab8b8e929
[ 1346.434691][T21274] RDX: 0000000000000012 RSI: 0000000000000107 RDI: 0000000000000005
[ 1346.434706][T21274] RBP: 00007ffab992b090 R08: 0000000000000004 R09: 0000000000000000
[ 1346.434717][T21274] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001
[ 1346.434728][T21274] R13: 0000000000000000 R14: 00007ffab8db6160 R15: 00007ffdf9fe0b48
[ 1346.434755][T21274]  </TASK>
[ 1346.643846][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1346.864960][T21281] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3938'.
[ 1346.946334][T21282] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1346.956203][T21282] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1347.409299][T21288] FAULT_INJECTION: forcing a failure.
[ 1347.409299][T21288] name failslab, interval 1, probability 0, space 0, times 0
[ 1347.464624][T21288] CPU: 1 UID: 0 PID: 21288 Comm: syz.0.3953 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[ 1347.464648][T21288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1347.464658][T21288] Call Trace:
[ 1347.464664][T21288]  <TASK>
[ 1347.464670][T21288]  dump_stack_lvl+0x16c/0x1f0
[ 1347.464699][T21288]  should_fail_ex+0x512/0x640
[ 1347.464725][T21288]  should_failslab+0xc2/0x120
[ 1347.464750][T21288]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1347.464773][T21288]  ? skb_clone+0x190/0x3f0
[ 1347.464803][T21288]  skb_clone+0x190/0x3f0
[ 1347.464829][T21288]  netlink_deliver_tap+0xabd/0xd30
[ 1347.464855][T21288]  netlink_unicast+0x5df/0x7f0
[ 1347.464877][T21288]  ? __pfx_netlink_unicast+0x10/0x10
[ 1347.464905][T21288]  netlink_sendmsg+0x8d1/0xdd0
[ 1347.464930][T21288]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1347.464960][T21288]  ____sys_sendmsg+0xa98/0xc70
[ 1347.464982][T21288]  ? copy_msghdr_from_user+0x10a/0x160
[ 1347.465008][T21288]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1347.465052][T21288]  ___sys_sendmsg+0x134/0x1d0
[ 1347.465082][T21288]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1347.465105][T21288]  ? __lock_acquire+0x622/0x1c90
[ 1347.465165][T21288]  __sys_sendmsg+0x16d/0x220
[ 1347.465191][T21288]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1347.465234][T21288]  do_syscall_64+0xcd/0x4c0
[ 1347.465266][T21288]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1347.465284][T21288] RIP: 0033:0x7fc2e218e929
[ 1347.465299][T21288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1347.465316][T21288] RSP: 002b:00007fc2e2f2f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1347.465333][T21288] RAX: ffffffffffffffda RBX: 00007fc2e23b5fa0 RCX: 00007fc2e218e929
[ 1347.465344][T21288] RDX: 0000000000000000 RSI: 0000200000000380 RDI: 0000000000000003
[ 1347.465355][T21288] RBP: 00007fc2e2f2f090 R08: 0000000000000000 R09: 0000000000000000
[ 1347.465365][T21288] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1347.465375][T21288] R13: 0000000000000000 R14: 00007fc2e23b5fa0 R15: 00007fff857b9328
[ 1347.465398][T21288]  </TASK>
[ 1348.631203][ T5822] usb 6-1: USB disconnect, device number 86
[ 1348.814107][T21314] fuse: Bad value for 'group_id'
[ 1348.823994][T21314] fuse: Bad value for 'group_id'
[ 1349.161200][ T5822] usb 6-1: new high-speed USB device number 87 using dummy_hcd
[ 1349.492073][ T5822] usb 6-1: Using ep0 maxpacket: 16
[ 1349.504329][ T5822] usb 6-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1349.514901][ T5822] usb 6-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[ 1349.805188][ T5822] usb 6-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1349.822747][ T5822] usb 6-1: config 1 interface 0 has no altsetting 0
[ 1349.832701][ T5822] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1349.845169][ T5822] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1349.854270][ T5822] usb 6-1: Product: syz
[ 1349.858448][ T5822] usb 6-1: Manufacturer: syz
[ 1349.858602][T21333] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3969'.
[ 1349.863083][ T5822] usb 6-1: SerialNumber: syz
[ 1349.943024][    T9] usb 7-1: new high-speed USB device number 87 using dummy_hcd
[ 1350.240117][ T5822] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 87 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[ 1350.281195][    T9] usb 7-1: device descriptor read/64, error -71
[ 1350.540837][    T9] usb 7-1: new high-speed USB device number 88 using dummy_hcd
[ 1351.440946][    T9] usb 7-1: device descriptor read/64, error -71
[ 1351.455800][T21350] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 1351.463249][T21350] /dev/nullb0: Can't open blockdev
[ 1351.675885][    T9] usb usb7-port1: attempt power cycle
[ 1351.799852][T15441] usb 6-1: USB disconnect, device number 87
[ 1351.808867][T15441] usblp0: removed
[ 1352.374525][T15441] usb 6-1: new high-speed USB device number 88 using dummy_hcd
[ 1352.498027][    T9] usb 7-1: new high-speed USB device number 89 using dummy_hcd
[ 1352.778765][    T9] usb 7-1: device descriptor read/8, error -71
[ 1352.878192][T21366] fuse: Bad value for 'group_id'
[ 1352.890238][T21366] fuse: Bad value for 'group_id'
[ 1352.891569][T15441] usb 6-1: device descriptor read/64, error -71
[ 1353.079009][T21364] bridge0: port 3(ipvlan2) entered blocking state
[ 1353.086010][T21364] bridge0: port 3(ipvlan2) entered disabled state
[ 1353.094926][T21364] ipvlan2: entered allmulticast mode
[ 1353.100272][T21364] bridge0: entered allmulticast mode
[ 1353.107728][T21364] ipvlan2: left allmulticast mode
[ 1353.113089][T21364] bridge0: left allmulticast mode
[ 1353.160912][T15441] usb 6-1: new high-speed USB device number 89 using dummy_hcd
[ 1353.321061][T15441] usb 6-1: device descriptor read/64, error -71
[ 1353.455232][T15441] usb usb6-port1: attempt power cycle
[ 1353.820904][T15441] usb 6-1: new high-speed USB device number 90 using dummy_hcd
[ 1353.851905][T15441] usb 6-1: device descriptor read/8, error -71
[ 1354.115168][T15441] usb 6-1: new high-speed USB device number 91 using dummy_hcd
[ 1354.120905][ T3745] usb 5-1: new high-speed USB device number 88 using dummy_hcd
[ 1354.181908][T15441] usb 6-1: device descriptor read/8, error -71
[ 1354.284127][ T3745] usb 5-1: too many configurations: 58, using maximum allowed: 8
[ 1354.298841][ T3745] usb 5-1: unable to read config index 0 descriptor/start: -61
[ 1354.308706][ T3745] usb 5-1: can't read configurations, error -61
[ 1354.319708][T15441] usb usb6-port1: unable to enumerate USB device
[ 1354.631045][ T3745] usb 5-1: new high-speed USB device number 89 using dummy_hcd
[ 1355.489955][ T3745] usb 5-1: too many configurations: 58, using maximum allowed: 8
[ 1355.506115][ T3745] usb 5-1: unable to read config index 0 descriptor/start: -61
[ 1355.514507][ T3745] usb 5-1: can't read configurations, error -61
[ 1355.523178][ T3745] usb usb5-port1: attempt power cycle
[ 1355.821842][    T9] usb 7-1: new high-speed USB device number 91 using dummy_hcd
[ 1355.950871][ T3745] usb 5-1: new high-speed USB device number 90 using dummy_hcd
[ 1355.960966][    T9] usb 7-1: device descriptor read/64, error -71
[ 1355.971870][ T3745] usb 5-1: too many configurations: 58, using maximum allowed: 8
[ 1355.981437][ T3745] usb 5-1: unable to read config index 0 descriptor/start: -61
[ 1355.989006][ T3745] usb 5-1: can't read configurations, error -61
[ 1356.131107][ T3745] usb 5-1: new high-speed USB device number 91 using dummy_hcd
[ 1356.211288][ T3745] usb 5-1: too many configurations: 58, using maximum allowed: 8
[ 1356.221603][ T3745] usb 5-1: unable to read config index 0 descriptor/start: -61
[ 1356.229685][ T3745] usb 5-1: can't read configurations, error -61
[ 1356.246613][ T3745] usb usb5-port1: unable to enumerate USB device
[ 1356.250910][    T9] usb 7-1: new high-speed USB device number 92 using dummy_hcd
[ 1356.292096][T21410] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[ 1356.300233][T21410] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[ 1356.390908][    T9] usb 7-1: device descriptor read/64, error -71
[ 1356.512738][    T9] usb usb7-port1: attempt power cycle
[ 1356.829639][T21428] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1357.450864][    T9] usb 7-1: new high-speed USB device number 93 using dummy_hcd
[ 1357.543737][    T9] usb 7-1: device descriptor read/8, error -71
[ 1357.783179][T21447] netlink: 32 bytes leftover after parsing attributes in process `syz.4.4004'.
[ 1357.793556][T21447] netlink: 32 bytes leftover after parsing attributes in process `syz.4.4004'.
[ 1358.210879][    T9] usb 7-1: new high-speed USB device number 94 using dummy_hcd
[ 1358.321073][    T9] usb 7-1: device descriptor read/8, error -71
[ 1358.448053][    T9] usb usb7-port1: unable to enumerate USB device
[ 1360.351263][ T5822] usb 5-1: new high-speed USB device number 92 using dummy_hcd
[ 1360.901628][ T5822] usb 5-1: Using ep0 maxpacket: 16
[ 1360.913873][ T5822] usb 5-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[ 1360.946440][ T5822] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1361.049086][ T5822] usb 5-1: config 0 descriptor??
[ 1361.160806][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1361.185739][ T5822] gspca_main: sonixj-2.14.0 probing 0471:0327
[ 1362.656589][ T5822] gspca_sonixj: reg_r err -32
[ 1362.662264][ T5822] sonixj 5-1:0.0: probe with driver sonixj failed with error -32
[ 1362.767000][T21496] netlink: 40 bytes leftover after parsing attributes in process `syz.6.4021'.
[ 1363.721119][    T9] usb 5-1: USB disconnect, device number 92
[ 1363.869905][T21508] netlink: zone id is out of range
[ 1363.875369][T21508] netlink: zone id is out of range
[ 1363.880562][T21508] netlink: zone id is out of range
[ 1363.886330][T21508] netlink: zone id is out of range
[ 1363.893575][T21508] netlink: zone id is out of range
[ 1363.900864][   T30] audit: type=1326 audit(1749494886.560:2739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21505 comm="syz.6.4023" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f825ff8e929 code=0x0
[ 1363.937865][T21508] netlink: set zone limit has 4 unknown bytes
[ 1363.971002][ T5822] usb 4-1: new high-speed USB device number 105 using dummy_hcd
[ 1364.596379][ T5822] usb 4-1: device descriptor read/64, error -71
[ 1364.842140][ T5822] usb 4-1: new high-speed USB device number 106 using dummy_hcd
[ 1365.201675][ T5822] usb 4-1: device descriptor read/64, error -71
[ 1365.345013][ T5822] usb usb4-port1: attempt power cycle
[ 1365.691512][ T5822] usb 4-1: new high-speed USB device number 107 using dummy_hcd
[ 1365.739870][T21532] fuse: Unknown parameter '00000000000000000000'
[ 1365.746664][ T5822] usb 4-1: device descriptor read/8, error -71
[ 1365.776664][T21533] netlink: 'syz.6.4031': attribute type 1 has an invalid length.
[ 1365.801107][T21533] netlink: 168864 bytes leftover after parsing attributes in process `syz.6.4031'.
[ 1365.814163][T21535] Cannot find map_set index 0 as target
[ 1366.032059][ T5822] usb 4-1: new high-speed USB device number 108 using dummy_hcd
[ 1366.084667][ T5822] usb 4-1: device descriptor read/8, error -71
[ 1366.160875][T15441] usb 6-1: new high-speed USB device number 92 using dummy_hcd
[ 1366.201243][ T5822] usb usb4-port1: unable to enumerate USB device
[ 1366.323192][T15441] usb 6-1: config 4 has an invalid interface number: 10 but max is 2
[ 1366.332181][T15441] usb 6-1: config 4 has an invalid interface number: 196 but max is 2
[ 1366.340327][T15441] usb 6-1: config 4 has an invalid interface number: 251 but max is 2
[ 1366.348658][T15441] usb 6-1: config 4 contains an unexpected descriptor of type 0x1, skipping
[ 1366.357487][T15441] usb 6-1: config 4 has an invalid interface number: 55 but max is 2
[ 1366.376806][T15441] usb 6-1: config 4 contains an unexpected descriptor of type 0x2, skipping
[ 1366.395867][T15441] usb 6-1: config 4 has an invalid descriptor of length 249, skipping remainder of the config
[ 1366.409060][T15441] usb 6-1: config 4 has 4 interfaces, different from the descriptor's value: 3
[ 1366.418861][T15441] usb 6-1: config 4 has no interface number 0
[ 1366.427710][T15441] usb 6-1: config 4 has no interface number 1
[ 1366.433973][T15441] usb 6-1: config 4 has no interface number 2
[ 1366.440078][T15441] usb 6-1: config 4 has no interface number 3
[ 1366.448335][T15441] usb 6-1: config 4 interface 10 altsetting 64 endpoint 0xE has invalid maxpacket 512, setting to 64
[ 1366.459866][T15441] usb 6-1: config 4 interface 10 altsetting 64 has a duplicate endpoint with address 0xE, skipping
[ 1366.473403][T15441] usb 6-1: config 4 interface 10 altsetting 64 endpoint 0x7 has invalid maxpacket 512, setting to 64
[ 1366.486063][T15441] usb 6-1: config 4 interface 10 altsetting 64 has a duplicate endpoint with address 0x7, skipping
[ 1366.500013][T15441] usb 6-1: config 4 interface 10 altsetting 64 endpoint 0x5 has invalid maxpacket 1032, setting to 64
[ 1366.513669][T15441] usb 6-1: config 4 interface 10 altsetting 64 endpoint 0x8 has invalid maxpacket 1023, setting to 64
[ 1366.524850][T15441] usb 6-1: config 4 interface 10 altsetting 64 endpoint 0x9 has invalid maxpacket 512, setting to 64
[ 1366.537609][T15441] usb 6-1: config 4 interface 10 altsetting 64 has a duplicate endpoint with address 0x8, skipping
[ 1366.548494][T15441] usb 6-1: config 4 interface 10 altsetting 64 has an invalid descriptor for endpoint zero, skipping
[ 1366.561264][T15441] usb 6-1: config 4 interface 10 altsetting 64 endpoint 0x4 has invalid maxpacket 1024, setting to 64
[ 1366.574434][T15441] usb 6-1: config 4 interface 10 altsetting 64 has an endpoint descriptor with address 0x6D, changing to 0xD
[ 1366.587960][T15441] usb 6-1: config 4 interface 10 altsetting 64 endpoint 0xD has invalid maxpacket 487, setting to 64
[ 1366.609503][T15441] usb 6-1: config 4 interface 10 altsetting 64 has 12 endpoint descriptors, different from the interface descriptor's value: 15
[ 1366.625454][T15441] usb 6-1: too many endpoints for config 4 interface 196 altsetting 248: 154, using maximum allowed: 30
[ 1366.636915][T15441] usb 6-1: config 4 interface 196 altsetting 248 has a duplicate endpoint with address 0x8, skipping
[ 1366.653607][T15441] usb 6-1: config 4 interface 196 altsetting 248 endpoint 0xC has invalid maxpacket 1024, setting to 64
[ 1366.664971][T15441] usb 6-1: config 4 interface 196 altsetting 248 has 3 endpoint descriptors, different from the interface descriptor's value: 154
[ 1366.680204][T15441] usb 6-1: config 4 interface 251 altsetting 87 has a duplicate endpoint with address 0x7, skipping
[ 1366.694767][T15441] usb 6-1: config 4 interface 251 altsetting 87 endpoint 0xF has invalid maxpacket 512, setting to 64
[ 1366.706845][T15441] usb 6-1: config 4 interface 251 altsetting 87 has a duplicate endpoint with address 0xF, skipping
[ 1366.727040][T15441] usb 6-1: config 4 interface 251 altsetting 87 has a duplicate endpoint with address 0x1, skipping
[ 1366.756284][T15441] usb 6-1: config 4 interface 251 altsetting 87 has a duplicate endpoint with address 0xF, skipping
[ 1366.767654][T15441] usb 6-1: config 4 interface 251 altsetting 87 has a duplicate endpoint with address 0x8, skipping
[ 1366.782353][T15441] usb 6-1: config 4 interface 251 altsetting 87 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1366.794331][T15441] usb 6-1: config 4 interface 251 altsetting 87 has a duplicate endpoint with address 0x5, skipping
[ 1366.808120][T15441] usb 6-1: config 4 interface 251 altsetting 87 has an invalid descriptor for endpoint zero, skipping
[ 1366.820853][T15441] usb 6-1: config 4 interface 251 altsetting 87 has a duplicate endpoint with address 0x5, skipping
[ 1366.820875][   T43] usb 4-1: new high-speed USB device number 109 using dummy_hcd
[ 1367.648076][T15441] usb 6-1: config 4 interface 55 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 5
[ 1367.661246][T15441] usb 6-1: config 4 interface 10 has no altsetting 0
[ 1367.667933][T15441] usb 6-1: config 4 interface 196 has no altsetting 0
[ 1367.686536][T15441] usb 6-1: config 4 interface 251 has no altsetting 0
[ 1367.697301][T15441] usb 6-1: config 4 interface 55 has no altsetting 0
[ 1367.705878][T15441] usb 6-1: New USB device found, idVendor=413c, idProduct=81b6, bcdDevice=d9.bc
[ 1367.716867][T15441] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1367.728326][T15441] usb 6-1: Product: syz
[ 1367.732667][T15441] usb 6-1: Manufacturer: syz
[ 1367.738335][T15441] usb 6-1: SerialNumber: syz
[ 1367.755082][T21539] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1367.875335][   T43] usb 4-1: config 0 has no interfaces?
[ 1368.152036][T21558] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4038'.
[ 1368.940755][T15441] usb 6-1: USB disconnect, device number 92
[ 1369.071910][   T43] usb 4-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[ 1369.081668][   T43] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1369.089677][   T43] usb 4-1: Product: syz
[ 1369.096699][   T43] usb 4-1: Manufacturer: syz
[ 1369.101426][   T43] usb 4-1: SerialNumber: syz
[ 1369.113080][   T43] usb 4-1: config 0 descriptor??
[ 1369.913419][   T43] usb 4-1: USB disconnect, device number 109
[ 1371.170886][T15440] usb 7-1: new full-speed USB device number 95 using dummy_hcd
[ 1371.179130][T15441] usb 5-1: new high-speed USB device number 93 using dummy_hcd
[ 1371.800589][T15440] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1371.841041][T15441] usb 5-1: device descriptor read/64, error -71
[ 1371.879206][T21600] SELinux: security_context_str_to_sid (5���]�S9q#���) failed with errno=-22
[ 1371.971630][T15440] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[ 1372.004910][T15440] usb 7-1: New USB device found, idVendor=05ac, idProduct=8240, bcdDevice= 0.00
[ 1372.228147][T15440] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1372.251114][T15440] usb 7-1: rejected 1 configuration due to insufficient available bus power
[ 1372.259831][T15440] usb 7-1: no configuration chosen from 1 choice
[ 1372.292232][T15441] usb 5-1: new high-speed USB device number 94 using dummy_hcd
[ 1372.433409][T15441] usb 5-1: device descriptor read/64, error -71
[ 1372.731494][T15441] usb usb5-port1: attempt power cycle
[ 1373.473474][   T43] usb 7-1: USB disconnect, device number 95
[ 1373.490889][T15441] usb 5-1: new high-speed USB device number 95 using dummy_hcd
[ 1373.722068][T15441] usb 5-1: device not accepting address 95, error -71
[ 1374.938757][T21640] netdevsim netdevsim4: Direct firmware load for ./file0 failed with error -2
[ 1374.948173][T21640] netdevsim netdevsim4: Falling back to sysfs fallback for: ./file0
[ 1375.056653][T21641] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4059'.
[ 1375.761087][T17863] Bluetooth: hci3: command 0x0405 tx timeout
[ 1377.170935][T15441] usb 5-1: new high-speed USB device number 97 using dummy_hcd
[ 1377.200149][T21670] overlayfs: missing 'lowerdir'
[ 1377.624217][T21678] geneve2: entered promiscuous mode
[ 1377.629491][T21678] geneve2: entered allmulticast mode
[ 1377.640434][   T43] usb 7-1: new high-speed USB device number 96 using dummy_hcd
[ 1377.890232][T21680] SELinux: security_context_str_to_sid (5���]�S9q#���) failed with errno=-22
[ 1377.971074][T15441] usb 5-1: device descriptor read/64, error -71
[ 1378.140873][   T43] usb 7-1: Using ep0 maxpacket: 32
[ 1378.277510][   T43] usb 7-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[ 1378.310478][   T43] usb 7-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[ 1378.331523][T15441] usb 5-1: new high-speed USB device number 98 using dummy_hcd
[ 1378.334897][   T43] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1378.348617][T21685] fuse: Unknown parameter '00000000000000000000'
[ 1378.362786][   T43] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1378.376079][   T43] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1378.384467][   T43] usb 7-1: Product: syz
[ 1378.388645][   T43] usb 7-1: Manufacturer: syz
[ 1378.393336][   T43] usb 7-1: SerialNumber: syz
[ 1378.470945][T15441] usb 5-1: device descriptor read/64, error -71
[ 1378.867480][T21671] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1378.880207][T21671] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1378.936846][   T43] usb 7-1: 0:2 : does not exist
[ 1378.978311][   T43] usb 7-1: USB disconnect, device number 96
[ 1379.022235][T15441] usb usb5-port1: attempt power cycle
[ 1380.205423][T21711] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1381.318383][   T30] audit: type=1400 audit(1749494903.980:2740): avc:  denied  { ioctl } for  pid=21722 comm="syz.6.4082" path="socket:[75335]" dev="sockfs" ino=75335 ioctlcmd=0x89c1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[ 1382.071241][T15441] usb 5-1: new high-speed USB device number 100 using dummy_hcd
[ 1382.173710][T21734] SELinux: security_context_str_to_sid (5���]�S9q#���) failed with errno=-22
[ 1382.234897][T15441] usb 5-1: device descriptor read/64, error -71
[ 1382.360947][   T24] usb 6-1: new high-speed USB device number 93 using dummy_hcd
[ 1382.490866][T15441] usb 5-1: new high-speed USB device number 101 using dummy_hcd
[ 1382.510879][   T24] usb 6-1: Using ep0 maxpacket: 16
[ 1382.517600][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1382.529767][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1382.539674][   T24] usb 6-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[ 1382.548851][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1382.558590][   T24] usb 6-1: config 0 descriptor??
[ 1382.630847][T15441] usb 5-1: device descriptor read/64, error -71
[ 1382.741910][T15441] usb usb5-port1: attempt power cycle
[ 1383.011465][T21745] SELinux: security_context_str_to_sid (5���]�S9q#���) failed with errno=-22
[ 1383.243558][   T24] input: HID 05ac:8241 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:05AC:8241.0019/input/input48
[ 1383.258313][T15441] usb 5-1: new high-speed USB device number 102 using dummy_hcd
[ 1383.311378][T15441] usb 5-1: device descriptor read/8, error -71
[ 1383.363951][   T24] appleir 0003:05AC:8241.0019: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.5-1/input0
[ 1384.049747][T21754] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1384.061152][T21754] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1384.070847][T15441] usb 5-1: new high-speed USB device number 103 using dummy_hcd
[ 1384.098091][T15441] usb 5-1: device descriptor read/8, error -71
[ 1384.221317][T15441] usb usb5-port1: unable to enumerate USB device
[ 1384.249958][T15441] usb 6-1: USB disconnect, device number 93
[ 1384.651009][   T24] usb 7-1: new full-speed USB device number 97 using dummy_hcd
[ 1384.905445][   T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1384.934980][   T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1384.945629][   T24] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1384.960311][   T24] usb 7-1: New USB device found, idVendor=0461, idProduct=4e72, bcdDevice= 0.00
[ 1384.969815][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1385.321148][   T24] usb 7-1: config 0 descriptor??
[ 1385.346964][   T30] audit: type=1400 audit(1749494908.000:2741): avc:  denied  { setopt } for  pid=21769 comm="syz.4.4098" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[ 1385.808851][T21777] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4099'.
[ 1386.099330][   T24] hid-rmi 0003:0461:4E72.001A: unknown main item tag 0x0
[ 1386.106753][   T24] hid-rmi 0003:0461:4E72.001A: unknown main item tag 0x0
[ 1386.114254][   T24] hid-rmi 0003:0461:4E72.001A: unknown main item tag 0x0
[ 1386.121601][   T24] hid-rmi 0003:0461:4E72.001A: unknown main item tag 0x0
[ 1386.128680][   T24] hid-rmi 0003:0461:4E72.001A: unknown main item tag 0x0
[ 1386.135968][   T24] hid-rmi 0003:0461:4E72.001A: unknown main item tag 0x0
[ 1386.143077][   T24] hid-rmi 0003:0461:4E72.001A: unknown main item tag 0x0
[ 1386.152075][   T24] hid-rmi 0003:0461:4E72.001A: hidraw0: USB HID v0.00 Device [HID 0461:4e72] on usb-dummy_hcd.6-1/input0
[ 1386.661325][T15440] usb 7-1: USB disconnect, device number 97
[ 1387.423053][T21801] xt_hashlimit: size too large, truncated to 1048576
[ 1387.476731][T21804] xt_hashlimit: size too large, truncated to 1048576
[ 1387.512540][T21802] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4106'.
[ 1388.520896][   T24] usb 7-1: new high-speed USB device number 98 using dummy_hcd
[ 1388.685423][   T24] usb 7-1: config 0 has an invalid interface number: 220 but max is 0
[ 1388.703975][   T24] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1388.734689][   T24] usb 7-1: config 0 has no interface number 0
[ 1388.752283][   T24] usb 7-1: New USB device found, idVendor=08ca, idProduct=0010, bcdDevice=48.e3
[ 1388.784078][   T24] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1388.814094][   T24] usb 7-1: config 0 descriptor??
[ 1388.835896][   T24] aiptek 7-1:0.220: interface has no int in endpoints, but must have minimum 1
[ 1389.029236][   T24] usb 7-1: USB disconnect, device number 98
[ 1389.140290][   T30] audit: type=1400 audit(1749494911.800:2742): avc:  denied  { search } for  pid=21833 comm="syz.3.4120" name="/" dev="configfs" ino=1101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[ 1389.204638][   T30] audit: type=1400 audit(1749494911.870:2743): avc:  denied  { search } for  pid=21833 comm="syz.3.4120" name="/" dev="configfs" ino=1101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[ 1389.253763][T15441] usb 5-1: new full-speed USB device number 104 using dummy_hcd
[ 1389.262758][   T30] audit: type=1400 audit(1749494911.900:2744): avc:  denied  { read open } for  pid=21833 comm="syz.3.4120" path="/" dev="configfs" ino=1101 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[ 1389.351868][T15440] usb 6-1: new high-speed USB device number 94 using dummy_hcd
[ 1389.432745][T15441] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[ 1389.450997][T15441] usb 5-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[ 1389.472863][T15441] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1389.502907][T15441] usb 5-1: config 0 descriptor??
[ 1389.509112][T21836] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[ 1389.516396][T15440] usb 6-1: Using ep0 maxpacket: 8
[ 1389.525657][T15440] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1389.547411][T15440] usb 6-1: New USB device found, idVendor=045e, idProduct=0730, bcdDevice= 0.00
[ 1389.578989][T15440] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1389.599738][T15440] usb 6-1: config 0 descriptor??
[ 1389.681792][   T30] audit: type=1400 audit(1749494912.340:2745): avc:  denied  { mounton } for  pid=21851 comm="syz.6.4128" path="/90/file0" dev="tmpfs" ino=486 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1
[ 1389.978751][T15441] elan 0003:04F3:0755.001B: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.4-1/input0
[ 1390.033426][T15440] microsoft 0003:045E:0730.001C: unknown main item tag 0x0
[ 1390.084033][T15440] microsoft 0003:045E:0730.001C: item fetching failed at offset 2/5
[ 1390.205142][T21856] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1390.216761][T21856] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1390.602708][T15440] microsoft 0003:045E:0730.001C: parse failed
[ 1390.608264][ T3745] usb 5-1: USB disconnect, device number 104
[ 1390.608867][T15440] microsoft 0003:045E:0730.001C: probe with driver microsoft failed with error -22
[ 1390.628343][T15440] usb 6-1: USB disconnect, device number 94
[ 1390.823454][   T30] audit: type=1400 audit(1749494913.480:2746): avc:  denied  { unmount } for  pid=20226 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[ 1392.061007][T15440] usb 6-1: new full-speed USB device number 95 using dummy_hcd
[ 1392.075759][T21875] netlink: 'syz.6.4134': attribute type 16 has an invalid length.
[ 1392.144200][T21875] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1392.257193][T15440] usb 6-1: config 0 interface 0 altsetting 3 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1392.273942][T15440] usb 6-1: config 0 interface 0 altsetting 3 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1392.298059][T15440] usb 6-1: config 0 interface 0 has no altsetting 0
[ 1392.317903][T15440] usb 6-1: New USB device found, idVendor=17ef, idProduct=6009, bcdDevice= 0.00
[ 1392.359636][T15440] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1392.383034][T15440] usb 6-1: config 0 descriptor??
[ 1392.799436][T21887] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1392.811482][T21887] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1393.242369][T15440] lenovo 0003:17EF:6009.001D: unexpected long global item
[ 1393.250073][T15440] lenovo 0003:17EF:6009.001D: hid_parse failed
[ 1393.311538][T15440] lenovo 0003:17EF:6009.001D: probe with driver lenovo failed with error -22
[ 1393.455462][T15440] usb 6-1: USB disconnect, device number 95
[ 1393.515918][T21881] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4137'.
[ 1393.974480][T17863] Bluetooth: hci1: command 0x0406 tx timeout
[ 1394.841113][ T3745] usb 7-1: new high-speed USB device number 99 using dummy_hcd
[ 1395.214672][ T3745] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1395.478113][ T3745] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1395.640906][ T3745] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1395.668867][ T3745] usb 7-1: Product: syz
[ 1395.681026][ T3745] usb 7-1: Manufacturer: syz
[ 1395.685658][ T3745] usb 7-1: SerialNumber: syz
[ 1395.950301][ T3745] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 99 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[ 1396.141375][ T3745] usb 7-1: USB disconnect, device number 99
[ 1396.173496][ T3745] usblp0: removed
[ 1396.769865][T21920] overlayfs: failed to resolve './file0': -2
[ 1398.655160][T21946] sit0: entered allmulticast mode
[ 1398.689573][T21948] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4159'.
[ 1398.728972][T21948] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[ 1400.946489][T21968] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4163'.
[ 1400.956193][T21968] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4163'.
[ 1401.165473][T21970] �: renamed from pim6reg1
[ 1404.230848][   T10] usb 7-1: new high-speed USB device number 100 using dummy_hcd
[ 1404.728233][T22003] netlink: 96 bytes leftover after parsing attributes in process `syz.3.4176'.
[ 1404.766084][   T10] usb 7-1: Using ep0 maxpacket: 16
[ 1404.779764][   T10] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 11
[ 1404.797235][   T10] usb 7-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0
[ 1404.825718][   T10] usb 7-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0
[ 1404.852187][   T10] usb 7-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0
[ 1404.872350][   T10] usb 7-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0
[ 1404.894140][   T10] usb 7-1: config 1 interface 0 has no altsetting 0
[ 1404.908253][   T10] usb 7-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77
[ 1404.936942][   T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1404.976491][   T10] ums-sddr09 7-1:1.0: USB Mass Storage device detected
[ 1405.355105][   T49] Bluetooth: hci5: Frame reassembly failed (-84)
[ 1405.582165][   T10] scsi host1: usb-storage 7-1:1.0
[ 1405.597512][T22020] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4179'.
[ 1406.346024][   T24] usb 7-1: USB disconnect, device number 100
[ 1407.194094][T22043] netlink: 44 bytes leftover after parsing attributes in process `syz.6.4187'.
[ 1407.214369][T22043] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4187'.
[ 1407.360965][ T5820] Bluetooth: hci5: Opcode 0x1003 failed: -110
[ 1407.741366][T22054] netlink: 'syz.3.4191': attribute type 1 has an invalid length.
[ 1408.388949][T22064] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1408.396239][T22064] IPv6: NLM_F_CREATE should be set when creating new route
[ 1408.861875][   T30] audit: type=1326 audit(1749494931.530:2747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22077 comm="syz.5.4200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba4bf8e929 code=0x7ffc0000
[ 1409.047832][T22078] netlink: 72 bytes leftover after parsing attributes in process `syz.5.4200'.
[ 1409.332298][   T30] audit: type=1326 audit(1749494931.530:2748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22077 comm="syz.5.4200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba4bf8e929 code=0x7ffc0000
[ 1409.370996][   T30] audit: type=1326 audit(1749494931.550:2749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22077 comm="syz.5.4200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fba4bf8e929 code=0x7ffc0000
[ 1409.530524][   T30] audit: type=1326 audit(1749494931.550:2750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22077 comm="syz.5.4200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba4bf8e929 code=0x7ffc0000
[ 1409.593418][   T30] audit: type=1326 audit(1749494931.550:2751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22077 comm="syz.5.4200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba4bf8e929 code=0x7ffc0000
[ 1409.679476][   T30] audit: type=1326 audit(1749494931.700:2752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22077 comm="syz.5.4200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fba4bf8e929 code=0x7ffc0000
[ 1409.729788][   T30] audit: type=1326 audit(1749494931.700:2753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22077 comm="syz.5.4200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba4bf8e929 code=0x7ffc0000
[ 1409.778477][   T30] audit: type=1326 audit(1749494931.700:2754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22077 comm="syz.5.4200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba4bf8e929 code=0x7ffc0000
[ 1409.823604][   T30] audit: type=1326 audit(1749494931.710:2755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22077 comm="syz.5.4200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fba4bf8e929 code=0x7ffc0000
[ 1409.870603][   T30] audit: type=1326 audit(1749494931.710:2756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22077 comm="syz.5.4200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba4bf8e929 code=0x7ffc0000
[ 1414.086835][   T30] kauditd_printk_skb: 32 callbacks suppressed
[ 1414.086867][   T30] audit: type=1400 audit(1749494936.630:2789): avc:  denied  { name_bind } for  pid=22142 comm="syz.5.4221" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[ 1414.401142][T17863] Bluetooth: hci3: command 0x0405 tx timeout
[ 1415.530880][   T10] usb 5-1: new high-speed USB device number 105 using dummy_hcd
[ 1415.629357][T22162] tmpfs: Unknown parameter '�1d'
[ 1415.768272][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1415.790695][   T10] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1415.849510][   T10] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1415.868922][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1415.904762][   T10] usb 5-1: config 0 descriptor??
[ 1416.294343][T22183] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4233'.
[ 1416.320534][   T10] plantronics 0003:047F:FFFF.001E: unknown main item tag 0x0
[ 1416.340428][   T10] plantronics 0003:047F:FFFF.001E: No inputs registered, leaving
[ 1416.363368][   T10] plantronics 0003:047F:FFFF.001E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[ 1417.091346][   T10] usb 5-1: USB disconnect, device number 105
[ 1417.441998][   T30] audit: type=1400 audit(1749494940.100:2790): avc:  denied  { map } for  pid=22209 comm="syz.5.4241" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[ 1419.915322][   T30] audit: type=1400 audit(1749494942.580:2791): avc:  denied  { read write } for  pid=20531 comm="syz-executor" name="loop5" dev="devtmpfs" ino=652 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1420.002518][   T30] audit: type=1400 audit(1749494942.610:2792): avc:  denied  { open } for  pid=20531 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=652 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 1525.180729][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 1525.187694][    C1] rcu: 	0-...!: (1 GPs behind) idle=d26c/1/0x4000000000000000 softirq=123762/123763 fqs=1
[ 1525.198641][    C1] rcu: 	(detected by 1, t=10502 jiffies, g=101557, q=77 ncpus=2)
[ 1525.206352][    C1] Sending NMI from CPU 1 to CPUs 0:
[ 1525.206377][    C0] NMI backtrace for cpu 0
[ 1525.206389][    C0] CPU: 0 UID: 0 PID: 22256 Comm: syz.3.4253 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[ 1525.206407][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1525.206415][    C0] RIP: 0010:lock_release+0x8d/0x2f0
[ 1525.206440][    C0] Code: 85 16 01 00 00 65 4c 8b 35 98 48 34 12 41 8b b6 ec 0a 00 00 85 f6 0f 85 ff 00 00 00 48 81 3b 00 a5 d3 93 0f 84 f2 00 00 00 9c <41> 5d fa 48 c7 c7 4c af f0 8d e8 94 4d e7 09 65 ff 05 15 8a 34 12
[ 1525.206453][    C0] RSP: 0018:ffffc90000007d40 EFLAGS: 00000006
[ 1525.206465][    C0] RAX: 0000000000000000 RBX: ffffffff8e5c4840 RCX: ffffffff89927ba7
[ 1525.206474][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[ 1525.206483][    C0] RBP: ffff8880353c8000 R08: 0000000000000001 R09: 0000000000000000
[ 1525.206491][    C0] R10: 0000000000000001 R11: 0000000000000001 R12: ffffffff899279cc
[ 1525.206500][    C0] R13: 18548145ad204fe6 R14: ffff88806d2e4880 R15: ffff8880481d2010
[ 1525.206509][    C0] FS:  00007fef5e0b16c0(0000) GS:ffff888124754000(0000) knlGS:0000000000000000
[ 1525.206524][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1525.206533][    C0] CR2: 00005555857e6808 CR3: 00000000464e0000 CR4: 00000000003526f0
[ 1525.206542][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1525.206550][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1525.206559][    C0] Call Trace:
[ 1525.206565][    C0]  <IRQ>
[ 1525.206574][    C0]  advance_sched+0x6f1/0xc80
[ 1525.206597][    C0]  ? __pfx_advance_sched+0x10/0x10
[ 1525.206623][    C0]  __hrtimer_run_queues+0x1ff/0xad0
[ 1525.206642][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[ 1525.206656][    C0]  ? read_tsc+0x9/0x20
[ 1525.206674][    C0]  hrtimer_interrupt+0x397/0x8e0
[ 1525.206693][    C0]  __sysvec_apic_timer_interrupt+0x108/0x3f0
[ 1525.206714][    C0]  sysvec_apic_timer_interrupt+0x9f/0xc0
[ 1525.206733][    C0]  </IRQ>
[ 1525.206738][    C0]  <TASK>
[ 1525.206743][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1525.206762][    C0] RIP: 0010:_raw_spin_unlock_irqrestore+0x31/0x80
[ 1525.206780][    C0] Code: f5 53 48 8b 74 24 10 48 89 fb 48 83 c7 18 e8 16 21 16 f6 48 89 df e8 fe 74 16 f6 f7 c5 00 02 00 00 75 23 9c 58 f6 c4 02 75 37 <bf> 01 00 00 00 e8 35 95 06 f6 65 8b 05 0e 6a 4a 08 85 c0 74 16 5b
[ 1525.206793][    C0] RSP: 0018:ffffc90004dff858 EFLAGS: 00000246
[ 1525.206804][    C0] RAX: 0000000000000002 RBX: ffff888066108f40 RCX: 0000000000000006
[ 1525.206812][    C0] RDX: 0000000000000000 RSI: ffffffff8de18f45 RDI: ffffffff8c157020
[ 1525.206821][    C0] RBP: 0000000000000282 R08: 0000000000000001 R09: 0000000000000001
[ 1525.206829][    C0] R10: ffffffff90a80c57 R11: 0000000000000001 R12: 0000000000000002
[ 1525.206837][    C0] R13: ffff888066108db0 R14: ffff888066108f80 R15: ffff888066108928
[ 1525.206855][    C0]  __unix_dgram_recvmsg+0x313/0xc50
[ 1525.206878][    C0]  ? __pfx___unix_dgram_recvmsg+0x10/0x10
[ 1525.206897][    C0]  ? __lock_acquire+0xb8a/0x1c90
[ 1525.206919][    C0]  ? iovec_from_user+0xbb/0x140
[ 1525.206941][    C0]  unix_dgram_recvmsg+0xd0/0x110
[ 1525.206964][    C0]  ____sys_recvmsg+0x5f6/0x6b0
[ 1525.206982][    C0]  ? __pfx_____sys_recvmsg+0x10/0x10
[ 1525.206999][    C0]  ? kfree+0x24f/0x4d0
[ 1525.207014][    C0]  ? __lock_acquire+0x622/0x1c90
[ 1525.207034][    C0]  ___sys_recvmsg+0x114/0x1a0
[ 1525.207053][    C0]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1525.207078][    C0]  ? __pfx___might_resched+0x10/0x10
[ 1525.207097][    C0]  do_recvmmsg+0x2fe/0x750
[ 1525.207117][    C0]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1525.207136][    C0]  ? lock_acquire+0x179/0x350
[ 1525.207155][    C0]  ? do_futex+0x122/0x350
[ 1525.207178][    C0]  ? __x64_sys_futex+0x1e0/0x4c0
[ 1525.207197][    C0]  __x64_sys_recvmmsg+0x22a/0x280
[ 1525.207217][    C0]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1525.207240][    C0]  do_syscall_64+0xcd/0x4c0
[ 1525.207261][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1525.207274][    C0] RIP: 0033:0x7fef5d18e929
[ 1525.207286][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1525.207298][    C0] RSP: 002b:00007fef5e0b1038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1525.207311][    C0] RAX: ffffffffffffffda RBX: 00007fef5d3b6080 RCX: 00007fef5d18e929
[ 1525.207319][    C0] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000003
[ 1525.207328][    C0] RBP: 00007fef5d210b39 R08: 0000000000000000 R09: 0000000000000000
[ 1525.207336][    C0] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[ 1525.207344][    C0] R13: 0000000000000000 R14: 00007fef5d3b6080 R15: 00007ffc36c961e8
[ 1525.207358][    C0]  </TASK>
[ 1525.207372][    C1] rcu: rcu_preempt kthread starved for 10500 jiffies! g101557 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[ 1525.667539][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 1525.677498][    C1] rcu: RCU grace-period kthread stack dump:
[ 1525.683374][    C1] task:rcu_preempt     state:R  running task     stack:27368 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00004000
[ 1525.696858][    C1] Call Trace:
[ 1525.700126][    C1]  <TASK>
[ 1525.703057][    C1]  __schedule+0x116a/0x5de0
[ 1525.707575][    C1]  ? __lock_acquire+0x622/0x1c90
[ 1525.712521][    C1]  ? __pfx___schedule+0x10/0x10
[ 1525.717375][    C1]  ? find_held_lock+0x2b/0x80
[ 1525.722049][    C1]  ? schedule+0x2d7/0x3a0
[ 1525.726383][    C1]  schedule+0xe7/0x3a0
[ 1525.730453][    C1]  schedule_timeout+0x123/0x290
[ 1525.735298][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[ 1525.740669][    C1]  ? __pfx_process_timeout+0x10/0x10
[ 1525.745956][    C1]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1525.751765][    C1]  ? prepare_to_swait_event+0xf5/0x480
[ 1525.757231][    C1]  rcu_gp_fqs_loop+0x1ea/0xb00
[ 1525.762004][    C1]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[ 1525.767289][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1525.772491][    C1]  ? __pfx_rcu_gp_init+0x10/0x10
[ 1525.777427][    C1]  ? rcu_gp_cleanup+0x7c1/0xd90
[ 1525.782283][    C1]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1525.788092][    C1]  rcu_gp_kthread+0x270/0x380
[ 1525.792773][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1525.797971][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1525.802736][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1525.807933][    C1]  ? __kthread_parkme+0x19e/0x250
[ 1525.812960][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1525.818161][    C1]  kthread+0x3c5/0x780
[ 1525.822225][    C1]  ? __pfx_kthread+0x10/0x10
[ 1525.826807][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1525.831570][    C1]  ? __pfx_kthread+0x10/0x10
[ 1525.836152][    C1]  ret_from_fork+0x5d4/0x6f0
[ 1525.840743][    C1]  ? __pfx_kthread+0x10/0x10
[ 1525.845329][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1525.850100][    C1]  </TASK>
[ 1525.853110][    C1] rcu: Stack dump where RCU GP kthread last ran:
[ 1525.859423][    C1] CPU: 1 UID: 0 PID: 3462 Comm: kworker/u8:8 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
[ 1525.869826][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1525.879888][    C1] Workqueue: events_unbound toggle_allocation_gate
[ 1525.886399][    C1] RIP: 0010:its_return_thunk+0x0/0x10
[ 1525.891779][    C1] Code: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc <c3> cc 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 e9 db 5c a9 f5 cc
[ 1525.911393][    C1] RSP: 0018:ffffc9000c6c7898 EFLAGS: 00000293
[ 1525.917460][    C1] RAX: 0000000000000000 RBX: ffff8880b8443ba0 RCX: ffffffff81b0011d
[ 1525.925437][    C1] RDX: ffff888032b74880 RSI: ffffffff81b000f9 RDI: 0000000000000005
[ 1525.933409][    C1] RBP: 0000000000000001 R08: 0000000000000005 R09: 0000000000000000
[ 1525.941376][    C1] R10: 0000000000000001 R11: 0000000000000001 R12: dffffc0000000000
[ 1525.949347][    C1] R13: 0000000000000003 R14: ffffed1017088775 R15: ffff8880b853cf40
[ 1525.957314][    C1] FS:  0000000000000000(0000) GS:ffff888124854000(0000) knlGS:0000000000000000
[ 1525.966238][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1525.972816][    C1] CR2: 0000001b2cc19ff8 CR3: 000000000e382000 CR4: 00000000003526f0
[ 1525.980783][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1525.988756][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1525.996726][    C1] Call Trace:
[ 1526.000003][    C1]  <TASK>
[ 1526.002927][    C1]  smp_call_function_many_cond+0xd79/0x1510
[ 1526.008829][    C1]  ? __pfx_do_sync_core+0x10/0x10
[ 1526.013854][    C1]  ? __pfx_smp_call_function_many_cond+0x10/0x10
[ 1526.020177][    C1]  ? perf_event_text_poke+0x130/0x180
[ 1526.025560][    C1]  ? __kmalloc_node_track_caller_noprof+0xeb/0x510
[ 1526.032066][    C1]  ? __pfx_perf_event_text_poke+0x10/0x10
[ 1526.037801][    C1]  ? __pfx_do_sync_core+0x10/0x10
[ 1526.042817][    C1]  on_each_cpu_cond_mask+0x40/0x90
[ 1526.047933][    C1]  smp_text_poke_batch_finish+0x5ae/0xdb0
[ 1526.053653][    C1]  ? __pfx_smp_text_poke_batch_finish+0x10/0x10
[ 1526.059898][    C1]  ? arch_jump_label_transform_queue+0xc0/0x120
[ 1526.066144][    C1]  arch_jump_label_transform_apply+0x1c/0x30
[ 1526.072132][    C1]  jump_label_update+0x376/0x550
[ 1526.077085][    C1]  static_key_disable_cpuslocked+0x158/0x1c0
[ 1526.083068][    C1]  static_key_disable+0x1a/0x20
[ 1526.087912][    C1]  toggle_allocation_gate+0x145/0x280
[ 1526.093283][    C1]  ? __pfx_toggle_allocation_gate+0x10/0x10
[ 1526.099175][    C1]  ? __pfx_autoremove_wake_function+0x10/0x10
[ 1526.105241][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1526.110007][    C1]  process_one_work+0x9cf/0x1b70
[ 1526.114951][    C1]  ? __pfx_nsim_dev_trap_report_work+0x10/0x10
[ 1526.121102][    C1]  ? __pfx_process_one_work+0x10/0x10
[ 1526.126474][    C1]  ? assign_work+0x1a0/0x250
[ 1526.131071][    C1]  worker_thread+0x6c8/0xf10
[ 1526.135679][    C1]  ? __pfx_worker_thread+0x10/0x10
[ 1526.140793][    C1]  kthread+0x3c5/0x780
[ 1526.144856][    C1]  ? __pfx_kthread+0x10/0x10
[ 1526.149448][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1526.154217][    C1]  ? __pfx_kthread+0x10/0x10
[ 1526.158800][    C1]  ret_from_fork+0x5d4/0x6f0
[ 1526.163475][    C1]  ? __pfx_kthread+0x10/0x10
[ 1526.168061][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1526.172837][    C1]  </TASK>