last executing test programs:

3m35.237368033s ago: executing program 0 (id=2201):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0), 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fanotify_init(0x8, 0x80000)
mkdir(&(0x7f0000000100)='./file1\x00', 0x13b)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r2 = open(&(0x7f0000000580)='./file1\x00', 0x80342, 0x1df2a23c5997fa5f)
write$FUSE_CREATE_OPEN(r2, &(0x7f0000000180)={0xa0, 0xffffffffffffffda, 0x0, {{0x8, 0x1000000000003, 0x5, 0x8, 0x3, 0x1, {0x5, 0x17f, 0x20ff, 0x5, 0x89, 0xd615, 0xb, 0x7fffffff, 0xfffffffe, 0x8000, 0x0, 0x0, 0x0, 0x3ff, 0x1}}, {0x0, 0x13}}}, 0xa0)
sendfile(r2, r2, &(0x7f0000000080), 0x7f03)
setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f0000000000)=ANY=[@ANYRES16=r0], 0xa)

3m34.169079711s ago: executing program 0 (id=2206):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000027c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000f000000850000005000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2}, 0x94)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$OSF_MSG_ADD(r1, &(0x7f0000004580)={0x0, 0x0, &(0x7f0000004540)={&(0x7f0000000440)=ANY=[@ANYBLOB="6802000000050104000000000000000007000003540201000100000012060000050806000000140073797a3000000000000000000000000000000000000000000000000000000000d88c015acfc30158a7f3a8087b5ed756762c72576e12ed0937dee328ade3843fd06118a3b68829fae8a620ec39657b42a2060b764a3fb23b3363b0c1b46a56d60600080000000000010000000200090002000000090000004e00620e00000000030000000800f9ff0300000003000000010006000000000008000000d10900f001000000080000000c000e0001000000050000005b01008001000000010000000600000003000000b107000002006e76010000000100010009000000050000000a000000018006000100000002000000100040000300000002000000ceb1040003000000fcffffff020007000200000000000000b3d10600030000000900000039f7070001000000ffff0000010005000000000002000000767b070003000000ff0700000100000003000000310a000003000a000300000007000000710f0500030000000600009a6aad619a878b1502db6f9200fab5fcff000000000008000000009b0000000000050000000080f1e802000000070000000900010403000000020000007c41010000000000040000000900050002000000ff07000009000800010000000300000080000d0003000000040000000100010003000000ff00000081000600000000001e000000ff01080000000000000000000500000003000000030000001000080000000000010000000180050090ced1e90e000000ff0303000200000006000000ff0f02000300000001010000060008000200000009000000000000000100000000000000"], 0x268}}, 0x20008000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='sys_exit\x00', r0, 0x0, 0xbe}, 0x18)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000000)={0x3, 0x1000}, 0x4)
accept(0xffffffffffffffff, 0x0, 0x0)

3m33.961395289s ago: executing program 0 (id=2210):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000007c0)=@newqdisc={0x60, 0x24, 0x4, 0x70bd29, 0x25dfdc00, {0x60, 0x0, 0x0, 0x0, {0x0, 0x2}, {0xb, 0xffff}, {0xf, 0x7}}, [@qdisc_kind_options=@q_rr={{0x7}, {0x18, 0x2, {0x3, "173e0f00"}}}, @qdisc_kind_options=@q_etf={{0x8}, {0x14, 0x2, @TCA_ETF_PARMS={0x10, 0x1, {0x0, 0xb}}}}]}, 0x60}, 0x1, 0x0, 0x0, 0x204c819}, 0x8000)
symlink(&(0x7f0000000040)='.\x00', &(0x7f0000000100)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000500)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
rt_sigprocmask(0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xa6}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0xd68210}], 0x1, 0x0, 0x1f00000000000000, 0x200000}, 0x1f00)
pidfd_send_signal(0xffffffffffffffff, 0x11, 0x0, 0x4)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000005c0)=ANY=[@ANYRESOCT=r1], 0x4c}}, 0x4000010)
getsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, &(0x7f0000000000)=0x8, &(0x7f00000000c0)=0x2)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="8c0000000906010800000000000000000200fffd200007800c00018008e78c3a000140e000000208000a400000000208000840000000c00900020073797a3100000000050001000700000044000880100007800a001100aaaaaaaaaaaa00000c00078008000b40000000000c00078008001c40ffffffff0c00078008000b40000000110c00078008000941001dc46748e5e4823b9ae813ff902df096d34e"], 0x8c}, 0x1, 0x0, 0x0, 0xcb58c9f2fa78421b}, 0x40c0080)
sendmsg$IPSET_CMD_PROTOCOL(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000280)={&(0x7f0000000540)=ANY=[@ANYBLOB="2400000001160101edffffa2000000000005000001050001f5060500000000010007000008"], 0x24}, 0x1, 0x0, 0x0, 0x8080}, 0x4000000)
chdir(&(0x7f00000001c0)='./bus\x00')
lsetxattr$trusted_overlay_origin(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="12000000120001000200000000000000100000000c00001700000000000000000f10"], 0x30}], 0x1, 0x0, 0x0, 0x20004000}, 0x0)
r5 = dup(r4)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f00000000c0)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)

3m31.66268125s ago: executing program 0 (id=2216):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001a80)={0x11, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="18a80b9a36b936a40280264f027d95902afdfa0000000000000000000010000095000000000000008b74f7f5415ef3f5fbc203ba639c9342bbcb2cbded6d4a6b8ec6eb0fc0a29d0b759fd237732508f9b856ebcb0394ead027ee745c54f7e576c0f8382664baf62a7d4fce0b2e2c3123f7a93377f6662e44551ef38b7f6f59b7e2ece1068d9b4e89c15a3c6d549da41b97b76f50c719f22acbebd4bb2d258200fe86178972019d123e4e6ca0b8abc94952417fd4aebc6e158eb842b9487780e377120f42d0d19db86869ab67a3fef12a67542c25114be4acbe10b5f964a02b67a57fa664e341bb66b3eae4edec1ebef85e970155ed544b5c2de6a7cb894acbb580aa4da743d00451d0ed23e4b4e308bc0b3c2d1ca8cc9b"], &(0x7f00000018c0)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000180)='iocost_iocg_forgive_debt\x00', r0, 0x0, 0xfffffffffffffffa}, 0x18)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
getsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x0, &(0x7f0000000240)=""/132, &(0x7f00000001c0)=0x84)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000001180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=@getstats={0x1c, 0x5e, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r3, 0x2}}, 0x1c}}, 0x0)
read$FUSE(r1, &(0x7f0000006380)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000100)={0x50, 0x0, r4, {0x7, 0x1f, 0x1000001, 0x5069f481, 0x8, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x50)
r5 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$sock_int(r5, 0x1, 0x2a, 0x0, &(0x7f0000000100))
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='blkio.throttle.io_serviced\x00', 0x0, 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="f50000007cc25408edf0ff58cd791e2a110500000000009ae52ec509041f000200000000d50600000000000000000000003fddcffcf2"], 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000080)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

3m29.473689051s ago: executing program 0 (id=2230):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r0, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f00000001c0), 0x2, 0x0)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f0000000040)={0xc})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_io_uring_setup(0x110, &(0x7f00000000c0)={0x0, 0x1b00, 0x0, 0x3, 0x80}, &(0x7f0000000180)=<r4=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
write$cgroup_type(0xffffffffffffffff, &(0x7f0000000400), 0x9)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c000000020603000000000000000000ffea000005000100070000000900020073797a300000000014000780080012401b0000000800084000000000050005000000001005000400000000000d000300686173683a6d6163"], 0x5c}}, 0x0)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000000c0)=0xf)
pipe2$9p(&(0x7f0000000340)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x4000)
write$P9_RGETLOCK(r7, &(0x7f0000000440)=ANY=[], 0x1f)
r8 = fcntl$dupfd(r6, 0x0, r6)
ioctl$TCFLSH(r8, 0x400455c8, 0x2)
ioctl$TIOCSETD(r8, 0x5412, &(0x7f0000000140)=0xffffffc0)
ioctl$TIOCSTI(r8, 0x5412, &(0x7f0000000040)=0xfc)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000280)=0x4)

3m29.216113927s ago: executing program 0 (id=2233):
syz_emit_ethernet(0x97, &(0x7f0000000000)={@link_local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x20}, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "2c96ed", 0x61, 0x3c, 0x0, @dev={0xfe, 0x80, '\x00', 0xfe}, @private1, {[], "c7c3091b46c806c8169e7174cbe77fa96fce8e4b2a57552a331550e68c1ffd9547589fb1337f8ee272b28c6a51fe64b09253553372e799acbcac610c354f98cab0e853bc0460ad16b6048b22541335eaf18a4451c4b3453c10e6afa1e126df20ba"}}}}}, 0x0)

3m29.083453935s ago: executing program 32 (id=2233):
syz_emit_ethernet(0x97, &(0x7f0000000000)={@link_local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x20}, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "2c96ed", 0x61, 0x3c, 0x0, @dev={0xfe, 0x80, '\x00', 0xfe}, @private1, {[], "c7c3091b46c806c8169e7174cbe77fa96fce8e4b2a57552a331550e68c1ffd9547589fb1337f8ee272b28c6a51fe64b09253553372e799acbcac610c354f98cab0e853bc0460ad16b6048b22541335eaf18a4451c4b3453c10e6afa1e126df20ba"}}}}}, 0x0)

1m26.081325496s ago: executing program 5 (id=2236):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="200000001114030a28bdf000fcdbdf25080005"], 0x20}, 0x1, 0x0, 0x0, 0x400a004}, 0x4040004)
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x101, 0x4})
r4 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f0000000040)={0x0, &(0x7f00000002c0)=[<r5=>0x0], 0x0, 0x0, 0xfffffd52, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r3, 0xc01c64a3, &(0x7f0000000280)={0x3, r5, 0x0, 0x0, 0xa, 0x1ff, 0x1})
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
r7 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
sendfile(r7, r6, 0x0, 0x23b)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_REG(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)={0x14, r9, 0x701, 0x70bd2c, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x8814)
sendmsg$NL80211_CMD_SET_INTERFACE(r6, &(0x7f00000003c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000240)={&(0x7f0000000300)={0x68, r9, 0x10, 0x70bd27, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x5, 0x5f}}}}, [@NL80211_ATTR_4ADDR={0x5}, @NL80211_ATTR_4ADDR={0x5}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x4}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x4}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0xc}]}, 0x68}, 0x1, 0x0, 0x0, 0x40}, 0x4)
ioctl$DRM_IOCTL_MODE_CURSOR2(r3, 0xc02464bb, &(0x7f0000000080)={0x1, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1})
ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000100)={0x4, <r10=>r0})
ioctl$DMA_BUF_IOCTL_SYNC(r10, 0xc0086202, &(0x7f0000000540)=0x4)

1m3.251424145s ago: executing program 5 (id=2236):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="200000001114030a28bdf000fcdbdf25080005"], 0x20}, 0x1, 0x0, 0x0, 0x400a004}, 0x4040004)
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x101, 0x4})
r4 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f0000000040)={0x0, &(0x7f00000002c0)=[<r5=>0x0], 0x0, 0x0, 0xfffffd52, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r3, 0xc01c64a3, &(0x7f0000000280)={0x3, r5, 0x0, 0x0, 0xa, 0x1ff, 0x1})
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
r7 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
sendfile(r7, r6, 0x0, 0x23b)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_REG(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)={0x14, r9, 0x701, 0x70bd2c, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x8814)
sendmsg$NL80211_CMD_SET_INTERFACE(r6, &(0x7f00000003c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000240)={&(0x7f0000000300)={0x68, r9, 0x10, 0x70bd27, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x5, 0x5f}}}}, [@NL80211_ATTR_4ADDR={0x5}, @NL80211_ATTR_4ADDR={0x5}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x4}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x4}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0xc}]}, 0x68}, 0x1, 0x0, 0x0, 0x40}, 0x4)
ioctl$DRM_IOCTL_MODE_CURSOR2(r3, 0xc02464bb, &(0x7f0000000080)={0x1, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1})
ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000100)={0x4, <r10=>r0})
ioctl$DMA_BUF_IOCTL_SYNC(r10, 0xc0086202, &(0x7f0000000540)=0x4)

47.236036674s ago: executing program 5 (id=2236):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="200000001114030a28bdf000fcdbdf25080005"], 0x20}, 0x1, 0x0, 0x0, 0x400a004}, 0x4040004)
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x101, 0x4})
r4 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f0000000040)={0x0, &(0x7f00000002c0)=[<r5=>0x0], 0x0, 0x0, 0xfffffd52, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r3, 0xc01c64a3, &(0x7f0000000280)={0x3, r5, 0x0, 0x0, 0xa, 0x1ff, 0x1})
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
r7 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
sendfile(r7, r6, 0x0, 0x23b)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_REG(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)={0x14, r9, 0x701, 0x70bd2c, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x8814)
sendmsg$NL80211_CMD_SET_INTERFACE(r6, &(0x7f00000003c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000240)={&(0x7f0000000300)={0x68, r9, 0x10, 0x70bd27, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x5, 0x5f}}}}, [@NL80211_ATTR_4ADDR={0x5}, @NL80211_ATTR_4ADDR={0x5}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x4}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x4}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0xc}]}, 0x68}, 0x1, 0x0, 0x0, 0x40}, 0x4)
ioctl$DRM_IOCTL_MODE_CURSOR2(r3, 0xc02464bb, &(0x7f0000000080)={0x1, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1})
ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000100)={0x4, <r10=>r0})
ioctl$DMA_BUF_IOCTL_SYNC(r10, 0xc0086202, &(0x7f0000000540)=0x4)

32.574808885s ago: executing program 5 (id=2236):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="200000001114030a28bdf000fcdbdf25080005"], 0x20}, 0x1, 0x0, 0x0, 0x400a004}, 0x4040004)
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x101, 0x4})
r4 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f0000000040)={0x0, &(0x7f00000002c0)=[<r5=>0x0], 0x0, 0x0, 0xfffffd52, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r3, 0xc01c64a3, &(0x7f0000000280)={0x3, r5, 0x0, 0x0, 0xa, 0x1ff, 0x1})
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
r7 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
sendfile(r7, r6, 0x0, 0x23b)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_REG(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)={0x14, r9, 0x701, 0x70bd2c, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x8814)
sendmsg$NL80211_CMD_SET_INTERFACE(r6, &(0x7f00000003c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000240)={&(0x7f0000000300)={0x68, r9, 0x10, 0x70bd27, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x5, 0x5f}}}}, [@NL80211_ATTR_4ADDR={0x5}, @NL80211_ATTR_4ADDR={0x5}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x4}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x4}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0xc}]}, 0x68}, 0x1, 0x0, 0x0, 0x40}, 0x4)
ioctl$DRM_IOCTL_MODE_CURSOR2(r3, 0xc02464bb, &(0x7f0000000080)={0x1, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1})
ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000100)={0x4, <r10=>r0})
ioctl$DMA_BUF_IOCTL_SYNC(r10, 0xc0086202, &(0x7f0000000540)=0x4)

15.67352181s ago: executing program 5 (id=2236):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="200000001114030a28bdf000fcdbdf25080005"], 0x20}, 0x1, 0x0, 0x0, 0x400a004}, 0x4040004)
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x101, 0x4})
r4 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f0000000040)={0x0, &(0x7f00000002c0)=[<r5=>0x0], 0x0, 0x0, 0xfffffd52, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r3, 0xc01c64a3, &(0x7f0000000280)={0x3, r5, 0x0, 0x0, 0xa, 0x1ff, 0x1})
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
r7 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
sendfile(r7, r6, 0x0, 0x23b)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_REG(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)={0x14, r9, 0x701, 0x70bd2c, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x8814)
sendmsg$NL80211_CMD_SET_INTERFACE(r6, &(0x7f00000003c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000240)={&(0x7f0000000300)={0x68, r9, 0x10, 0x70bd27, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x5, 0x5f}}}}, [@NL80211_ATTR_4ADDR={0x5}, @NL80211_ATTR_4ADDR={0x5}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x4}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x4}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0xc}]}, 0x68}, 0x1, 0x0, 0x0, 0x40}, 0x4)
ioctl$DRM_IOCTL_MODE_CURSOR2(r3, 0xc02464bb, &(0x7f0000000080)={0x1, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1})
ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000100)={0x4, <r10=>r0})
ioctl$DMA_BUF_IOCTL_SYNC(r10, 0xc0086202, &(0x7f0000000540)=0x4)

12.732058829s ago: executing program 2 (id=2726):
r0 = syz_open_procfs(0x0, 0x0)
fchdir(r0)
munmap(&(0x7f0000901000/0x3000)=nil, 0x3000)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = gettid()
sched_setscheduler(r1, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={0x0}, 0x1, 0x0, 0x0, 0x20040051}, 0x4048080)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x14, r7, 0x9c3fa077fa966179, 0x4, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x0)
keyctl$set_timeout(0xf, 0x0, 0x1)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x800000, 0x0)
pread64(0xffffffffffffffff, &(0x7f0000000140)=""/15, 0xf, 0x4)
sched_setaffinity(r2, 0x8, &(0x7f0000000040)=0x7fff)

9.664119334s ago: executing program 1 (id=2731):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x5, 0x401d031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0, 0x4, 0x0)
quotactl_fd$Q_QUOTAON(0xffffffffffffffff, 0xffffffff80000200, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x80}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x87}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
fsopen(0x0, 0x1)
syz_genetlink_get_family_id$gtp(0x0, 0xffffffffffffffff)
sendmsg$GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000002340), 0x40800)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r1, 0xc058534f, 0x0)
r2 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000200)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd)
r3 = add_key$keyring(&(0x7f00000006c0), &(0x7f0000000540)={'syz', 0x0}, 0x0, 0x0, r2)
r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, r3)
r5 = add_key$keyring(&(0x7f0000000440), &(0x7f0000000480)={'syz', 0x1}, 0x0, 0x0, r4)
r6 = add_key$keyring(&(0x7f0000000140), 0x0, 0x0, 0x0, r5)
add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, r6)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'tunl0\x00'})

7.603840183s ago: executing program 1 (id=2736):
r0 = epoll_create1(0x0)
r1 = epoll_create1(0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
syz_usb_connect$cdc_ncm(0x6, 0x0, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000400)={0xa})
epoll_pwait(r0, &(0x7f0000000080)=[{}], 0x1, 0x4c6, 0x0, 0x0)
sched_setaffinity(0x0, 0x43, &(0x7f0000000040)=0x2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={0x0, 0x0})
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1002}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='contention_end\x00', r5}, 0x18)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="181700003e000701fefffffffcffffff017c000008004280040008000c00018006000600800a0000f0160280ec1617", @ANYRES64=r4], 0x1718}, 0x1, 0x0, 0x0, 0xa6fdace091686b28}, 0xc000)

7.458128081s ago: executing program 4 (id=2737):
socket$can_bcm(0x1d, 0x2, 0x2)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(0x0, r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x38}}, 0x0)
close(0xffffffffffffffff)
r3 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0)
syz_usb_control_io(r3, &(0x7f00000007c0)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x20, 0x29, 0xf, {0xf, 0x29, 0x2, 0x80, 0x7, 0x8, "3b6feb62", "f16c06b3"}}, 0x0}, 0x0)
syz_usb_control_io$hid(r3, 0x0, &(0x7f0000000440)={0x2c, &(0x7f0000000240)=ANY=[@ANYBLOB='Bh\x00\x00\x00\x00'], 0x0, 0x0, 0x0, 0x0})

7.213474541s ago: executing program 2 (id=2739):
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x270})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0x40a85323, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000002340)='mountstats\x00')
r6 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
read$FUSE(r6, &(0x7f0000000200)={0x2020}, 0x2020)
pread64(r5, &(0x7f0000002380)=""/253, 0xfd, 0x4eb)

6.290908385s ago: executing program 3 (id=2740):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x2244, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
ioctl$VHOST_SET_FEATURES(0xffffffffffffffff, 0x4008af00, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
r3 = syz_io_uring_setup(0x10e, &(0x7f00000000c0)={0x0, 0x8d2dc, 0x0, 0xffffffff}, &(0x7f00000003c0)=<r4=>0x0, &(0x7f0000000140)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x40, 0x5, r2, 0x0, 0x0, 0x0, 0x80000})
io_uring_enter(r3, 0x47f5, 0x0, 0xb, 0x0, 0x5e)
r6 = syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0)
sendmsg$rds(r2, &(0x7f0000001040)={&(0x7f0000000180)={0x2, 0x4e20, @broadcast}, 0x10, &(0x7f0000000580)=[{&(0x7f0000000300)=""/49, 0x31}, {&(0x7f00000004c0)=""/140, 0x8c}, {&(0x7f0000000400)=""/92, 0x5c}], 0x3, &(0x7f0000000e80)=[@rdma_args={0x48, 0x114, 0x1, {{0x9, 0xfffffffd}, {&(0x7f0000000600)}, &(0x7f00000007c0)=[{&(0x7f0000000640)=""/15, 0xf}, {&(0x7f0000000680)=""/201, 0xc9}, {&(0x7f0000000780)=""/24, 0x18}], 0x3, 0x51, 0x4}}, @cswp={0x58, 0x114, 0x7, {{0x8}, &(0x7f0000000800)=0x8, &(0x7f0000000840)=0x3, 0x6bf9, 0x1000, 0xd, 0x6, 0x3, 0x1ff}}, @rdma_args={0x48, 0x114, 0x1, {{0x6}, {&(0x7f0000000880)=""/127, 0x7f}, &(0x7f0000000d00)=[{&(0x7f0000000900)=""/177, 0xb1}, {&(0x7f00000009c0)=""/96, 0x60}, {&(0x7f0000000a40)=""/173, 0xad}, {&(0x7f0000000b00)=""/106, 0x6a}, {&(0x7f0000000b80)=""/188, 0xbc}, {&(0x7f0000000c40)=""/183, 0xb7}], 0x6, 0x0, 0x4}}, @cswp={0x58, 0x114, 0x7, {{0xfffffff9, 0x8001}, &(0x7f0000000d80)=0x9, &(0x7f0000000dc0)=0x916, 0x2, 0x7, 0x5, 0xffffffff, 0x43, 0x4}}, @fadd={0x58, 0x114, 0x6, {{0x3, 0x3}, &(0x7f0000000e00)=0xffffffffffffffff, &(0x7f0000000e40)=0x6477614d, 0x2, 0x7202, 0x10000, 0x3, 0x0, 0x3}}], 0x198, 0x80}, 0x20040000)
read$midi(r6, 0x0, 0x43)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r7, 0x4018620d, 0x0)
r8 = syz_io_uring_setup(0x4169, &(0x7f0000000200)={0x0, 0x0, 0x10100, 0x0, 0x200000}, &(0x7f0000000480), &(0x7f0000000000)=<r9=>0x0)
syz_io_uring_setup(0xa94, &(0x7f0000000280)={0x0, 0x95b0, 0x400}, &(0x7f0000000340)=<r10=>0x0, &(0x7f00000005c0))
syz_io_uring_submit(r10, r9, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54})
io_uring_enter(r8, 0x48e9, 0x0, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x7)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0))
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$TIOCSETD(r0, 0x5412, &(0x7f00000000c0)=0xe9)

6.231325466s ago: executing program 2 (id=2741):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
creat(&(0x7f0000000180)='./file0\x00', 0x10)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x1010, r1, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff})
recvmmsg(r2, &(0x7f0000000400)=[{{0x0, 0x0, 0x0}, 0xf5ff}], 0x1, 0x2001, 0x0)
shutdown(r2, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/bus/input/handlers\x00', 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x3, &(0x7f0000001680)=ANY=[], &(0x7f0000001700)='GPL\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='contention_end\x00', r3}, 0x18)
socket$inet(0x2, 0x1, 0x100)
socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)=@newtaction={0x178, 0x30, 0x2, 0x0, 0x0, {}, [{0x164, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x4, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_vlan={0x11c, 0x1b, 0x0, 0x0, {{0x9}, {0x44, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0xceb}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0xe91}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x8100}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x6}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x5}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x2}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x8100}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5}]}, {0xb0, 0x6, "39c1f7c7ba1bfc0d308674e41033334fd5e01560f47cd76167e998bec2d148f8a993bbf289579625a77161ae3a31dd0174d98b3d4336cb0a11f9af96a986dc627526174b09e8605d6a4eb45a73c2d28b83165a015c7e14ca0e5789ff953e8e92ba18763310dcb71dbd8e2daf8c8482d0251d171e675c3ed2391260792e1df79db40ce910bc6c6f1f308a27ac41946822e5cabfa3ffe9e57c5f29c684c509672b872a013733ac3ad06a0b2b08"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0x178}, 0x1, 0x0, 0x0, 0x804}, 0x4e051)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x922f78cdfb754985, &(0x7f0000000100)=0x1002)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r7, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
gettid()
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0)

5.63616263s ago: executing program 1 (id=2742):
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000800)={{{@in6=@initdev, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in6=@mcast2}, 0x0, @in=@loopback}}, &(0x7f0000000580)=0xe8)
mount$overlay(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000740)={[{@uuid_auto}, {@redirect_dir_on}, {@default_permissions}, {@metacopy_on}, {@redirect_dir_nofollow}, {@xino_off}], [{@appraise}, {@euid_gt={'euid>', r2}}, {@subj_user={'subj_user', 0x3d, '802.15.4 MAC\x00'}}]})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
futex_waitv(&(0x7f0000000180)=[{0x0, &(0x7f0000000000), 0x2}, {0x3, &(0x7f0000000040)=0x3, 0x2}], 0x2, 0x0, 0x0, 0x0)
futex(&(0x7f0000000140), 0x5, 0x0, 0x0, &(0x7f0000000000), 0x0)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000380)=ANY=[@ANYRESOCT], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000500)=ANY=[@ANYRES8=r0, @ANYRESHEX=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r5}, 0x18)
r6 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, 0x0, &(0x7f0000000040)='c:::\x00\xfdM\xab\x89\xff\xda\xc7dw2\xa1\xb2\xabuQQ\x14\x97\xc9\xfae\xc7\xa1U\xe2\xbe\"\xb9t\xa0\x0e\xfa\xdb\xf1\xa5.\xd87\xc3p\xa5l\xf8vC\xe2\xe8 \xd5-<#\x186\xe1\xbd\xc0\xc3\xb5N(vj\xa7+<:\xc4\xe00\x01\xdd \x82\x83\xed\x0e\xc4\x1d\xac\xef7\b\xd3Z5\\A\'\x18\xa2\xc3\xab\xc7`\xc3\v\xf3L\x9d[Q\x9e\x11@=\xa1\x9b\xdc\xb1\xef\xc3k<\x97L\xa0\xab\xa6\x1ce\xcd\x99\xb3m\xef\x87\xc5i^N\xbd@\x01\xc0\xb2\x88\xc3\xe2\x96T\xa3\xa5\xeb\x0f\xf2f\xb9$\xd2\x14<L\x19K\xbf\xf7\x9c\xe7 \x12+4.\xa9\xa7\xdc[\xd2\xec\xbe\x1a\xa1\x04\xd3\x9e\x92\x8a\xf7\xdb\xe7f\xdeo\xc1\xa5\xb6T\r)\x1c\xbe\x12\xd1\xef\xc2S\xcci\xc8\x0e\x00]\xe6|\xccK\xc7\r\xfa \x02\xe8\x1b\xc1\x93\xce\x02%\x86\xcb\x94K\v\xe7x\xe3\x06[/\xf9\xa8\x82\x9b\xeeF\x88\xc0f\x82\xb7T\r\x04\xbb\x10\x1d3\xa6', 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001200)={0x0, 0x0, 0x0}, 0x4000010)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000001480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000600)='sys_enter\x00', r8}, 0x18)
rmdir(0x0)
sendmsg$IEEE802154_LLSEC_DEL_SECLEVEL(r7, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16, @ANYBLOB="100027bd7000fddbdf25310000000a0001007770616e31000000050034000400000005003300020000030500330080000000"], 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x4040840)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix={0x9, 0x8, 0x47524247, 0x3, 0x6, 0x2, 0x6, 0xa6e, 0x0, 0x4, 0x1, 0x5}})

5.221715838s ago: executing program 3 (id=2743):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={'vxcan1\x00'})
r1 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r1, &(0x7f0000000200)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
syz_io_uring_setup(0x497, &(0x7f0000000540)={0x0, 0x4660, 0x400, 0x3, 0x285}, &(0x7f00000004c0)=<r2=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
openat$nullb(0xffffffffffffff9c, 0x0, 0xa4242, 0x0)
openat$rtc(0xffffffffffffff9c, 0x0, 0x8002, 0x0)
pipe2$9p(0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0xc90}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r5 = io_uring_setup(0x3450, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x4, 0xfffffffb})
io_uring_register$IORING_REGISTER_BUFFERS(r5, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)

5.124574484s ago: executing program 1 (id=2744):
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x270})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0x40a85323, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000002340)='mountstats\x00')
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
pread64(r5, &(0x7f0000002380)=""/253, 0xfd, 0x4eb)

5.093760764s ago: executing program 2 (id=2745):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x5, 0x1000086}, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='contention_end\x00', r2}, 0x10)
write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r3 = dup(r1)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@cache_readahead}], [], 0x6b}})
truncate(&(0x7f0000000240)='./file0\x00', 0x206b12)
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xa2f00, 0xa3)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x43, &(0x7f0000000040)=0x2)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$kcm(0x29, 0x2, 0x0)
r5 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r5, 0x89f1, &(0x7f00000000c0)={'ip6tnl0\x00', &(0x7f0000000840)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x3b, @private0={0xfc, 0x0, '\x00', 0x1}, @mcast2={0xff, 0x3}, 0x0, 0x0, 0xfffffffc, 0x9}})

3.384117425s ago: executing program 1 (id=2746):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x100240, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r3, 0x4048ae9b, &(0x7f0000000300)={0x4376ea830d4d549b, 0x0, [0x8000000000000001, 0x8, 0x400000000, 0x4, 0x9, 0x3, 0xfffffffffffffffc, 0x1000800000]})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
inotify_init()
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setscheduler(0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000b80)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x106}}, 0x20)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r5, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)={0x34, r6, 0x1, 0x0, 0x0, {{}, {}, {0x18, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'team0\x00'}}}}}, 0x34}}, 0x0)

2.834801214s ago: executing program 4 (id=2747):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0xc8141, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg$unix(r0, &(0x7f00000bd000), 0x318, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0xd40, 0xd2)
close(r1)
r2 = socket$phonet_pipe(0x23, 0x5, 0x2)
mount$9p_fd(0x0, &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), 0x200000, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000080))
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC(r4, 0x29, 0xcc, 0x0, 0x0)
setsockopt$MRT6_ADD_MFC_PROXY(r4, 0x29, 0xd2, &(0x7f0000000300)={{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @mcast2}, 0x1}, 0x5c)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
r5 = socket$packet(0x11, 0x2, 0x300)
prctl$PR_SET_MM_MAP(0x23, 0xe, 0x0, 0x0)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x20, &(0x7f0000000000), 0x0)
recvmmsg(r5, &(0x7f0000000480)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=""/11, 0x17}}], 0x400000000000179, 0x10022, 0x0)
r6 = socket$packet(0x11, 0x2, 0x300)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r8=>0x0})
sendto$packet(r6, &(0x7f00000000c0)="e7c7e0fdbc6823eedb4376b1a121b541edbadbbe56fc607814a682af8d12d449a48d2dde1ae09cc934150829f0d2deec742e647ae1d03d52763da2684b2bfc3294829fa919dfb354f438deabb52745b28effaaa7ee29da38665241", 0x5b, 0x2400c005, &(0x7f0000000200)={0x11, 0x8100, r8, 0x1, 0x1, 0x6, @multicast}, 0x14)
socketpair$unix(0x1, 0x1, 0x0, 0x0)

2.83343447s ago: executing program 3 (id=2748):
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x200c0881}, 0x10) (async)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000080)=0x9fe, 0x4) (async)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) (async)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000001c0)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000001400000008000a00fc00000018000180140002006e657464657673696d300000000000000800050000fcffff08000900fc000000080011000700000008000e00800000000800", @ANYRES32=r3], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0) (async)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r2, &(0x7f0000000300)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000100)={0x1c, r5, 0x200, 0x70bd2b, 0x25dfdbfd, {}, [@ETHTOOL_A_CHANNELS_TX_COUNT={0x8, 0x7, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x40000) (async)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@abs, 0x6e) (async)
sendmmsg$unix(r9, &(0x7f0000000000), 0x651, 0x0) (async)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
write$P9_RREMOVE(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6) (async)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB], 0x50) (async)
sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x0) (async)
recvmmsg(r1, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000040)={r6, r10}, 0xc)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="3c00000010000304fcfffffffbdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="a5fdad88500000001c0012800b00010062726964676500000c00028005002d0000000000e2758ab34aba2d1cf1043b419e7e"], 0x3c}, 0x1, 0x300000000000000, 0x0, 0x4004}, 0x0)

2.680927926s ago: executing program 2 (id=2749):
syz_usb_connect(0x0, 0x3b, &(0x7f0000000140)=ANY=[@ANYBLOB="120100001b3ebd40d80483009c83010203010902290001000000000904000000020201"], 0x0)
r0 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000000)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0)
syz_usb_ep_write(r0, 0x1, 0xa8, &(0x7f0000000080)="2a03b98f5ea891867b3a2f6baffb89b849337afe4d2718bd68b714887c04e1308da66f1ce69ac455adf835d1d1776afff90dd57a5113967ddcaf71a2f8097cd9e795a3f0a7ca9a98d7487961434a85a02c6671d4aeb3326913fa3af0f1e728620895cbceecfcbbae4c9b3e54b97c3f4d11a8c334144c7c86b2dfaa3df7beb859d1a21ca1e4d91a83a5a51d3fa2e15838f2689dccfb074102a250fdb5ae9a2ccbd2440e45ac18b84a")
r1 = socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000000c0)="1b0000001a007f029e", 0x9}, {&(0x7f0000000240)="6848b2796acd812dce3d01d190a3cab1e8ce", 0x12}], 0x2}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setscheduler(0x0, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x8, 0x4, 0x4, 0xbf22, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x5}, 0x50)

2.666066601s ago: executing program 1 (id=2750):
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
accept4$tipc(r0, 0x0, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=@base={0xb, 0x5, 0x1, 0x7f, 0x1, 0x1, 0xffffffff}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000680), 0xca, r5}, 0x38)

2.6177932s ago: executing program 3 (id=2751):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x20010, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
rt_sigaction(0x19, 0x0, 0x0, 0x8, &(0x7f0000000440))
r1 = syz_open_dev$sndpcmc(&(0x7f0000000000), 0xb, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r1, 0xc2604110, &(0x7f0000000040)={0x0, [[0x9ef8, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x7fffffff], [0x10000, 0x0, 0x0, 0x0, 0x8001], [0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff]], '\x00', [{}, {0xfffffffd}, {}, {0x0, 0xfffffffc, 0x0, 0x1, 0x1}, {0x80000009, 0x0, 0x0, 0x1, 0x1}, {0x7fff, 0xfffffffa}, {}, {0x8000000, 0x8f96}], '\x00', 0x1000})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000001a40)=""/102392, 0x18ff8)
keyctl$instantiate(0xc, 0x0, &(0x7f000001bbc0)=ANY=[@ANYRESHEX=r2], 0x2a, 0x0)
r3 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0x5ba8, 0xfffffffffffffffd)
keyctl$read(0xb, r3, &(0x7f0000000240)=""/112, 0x349b7f55)
lchown(&(0x7f0000000040)='./file1\x00', 0xee01, 0xee01)
r4 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x40f02, 0x0)
ioctl$SNDCTL_DSP_SPEED(r4, 0xc0045002, &(0x7f0000000040))
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000480))
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
syz_fuse_handle_req(r5, &(0x7f000000c280)="897c6500ff3035465c7acb4e06980b05687c1480c7aafe631c0543db2bf0d6f539506e8782da06c1ca018774d72e9e5a3418ab66ee78dad68457b17ec9d47bf7d8272d607c1c0a4bd906f0cee7f8451828d2458596bdd6a459ba18ebaf61b38f5d66c27fa8a024ad7832a85e58689a4c254c94cbcf7208fce6e61d9566459789d15a6f91dd7db7c54cc3a94da956fb290a8a15f849270bc459d9d9f47801be86dd5c9d18382081a993b7bfde5c28adca4c71329afd6be743b076033b5859891703eb65fa256d6f47450b6edacbd05a9bd8b372e90cfc30f32826566dac6c48e6ef001881cbc30482f9ec469e476a101da496b8c0785eaf875d3608b0c49e9d39baaa1041f903a805f0f24aa63722fa2d87b98595fa5cfaf8b79c458de43ee39904e7cac7540a934b4108957785d58807abff186949f1b94cd21b724aff34ac45c7066dcdbd68ea7b766af9d045cd7fafeafc5c5a0c3400ef4e0c71a6fdd5b8d68a6f317644cda9d2fd2c839a82b97b3d909b54c672227bef573c9de1991d65a63017f724d1f7f1575e69db53318a7fd7065b303e751518c8eef04f642dbd4dfa349040a7b5401050ffc2b4ef62803a7c8eaba99e011dfac24d81b2b61e0b0581e53bf520f623eca17f0545c5e59ff15b527475f970f589894ae589145fa4283f7225088ccfeba1d72e9128f8c223ae1840f2edae3dbcdf7e560d5cdf4f71c9ada1931c0f8312c000101b264aaddb9fab166ba8d8903d6098eca20935ca607ea79e936798b3dfb22a7e159abb234cf21f3733dbf263a8ff116092f251659108892b2e21e1b428fd225096a5040270b2d70347013eaa1fd8e452942200283aab092c4ffc5b8b427b5d691a5a773e09da20539ff0f8214331c5d84107ae8a59aeb58efe22d7a079e446f1dfb07510377799bfdc7ee59cabcd76af0fe8a427ac8258ff33bbad5a8061f1cfdfbf375d73d676cc7916d6658ce46a0b17ad6350150f98e3512b513e25ca73f5f5df0a1fb9582ace7906c493fe1fd2889d9aac0b7c29c2b6c205537627bad64df433336a5ace32ca871e51b4dab0fbb00886a1fa81a98b74de0a26cebf65723515ebb807fc3c161ed42d1a7b6b55717613577ea437f3a2967c66ce45ff85a6a35b7cd40625fc575b107d7394e3d2db51d58347276c33e21f50b5a6b5672bf9fda63139bb75aead1fe4ee9a4064af5a5958466aa39faa6d821489fa415224c8d69d3b5922236832c2b1e4f6b8863b32f9aea83fb522a2de081d674502b48f73ce6db98d84136059b4a6676bc85ac6b7626329afa9bc7d3f9f2caa3c4d872744e0a8e02d72a75c6c545b8ec8e15b6fb0fe4185bd0d154960e6fef05ba40e5fe2968eb1301dcc52a03337179e74ba1522af93d77827845f8941c69ed8bb84567e3c63f1cc378a542f1de7007b688ff0a9c69d5861f0b85402c30a2fd391c52bafbe65f8e82135fd38361d7c0b43c982b2f3e7cb09c40c7e215114f4243d670cd576bcd93c1e959345170c75d6c3cf89cf8c2c70dc792e646e7c649d4c5f36bb016c7acd466ad58473d40dfef36394e581065a8581ab852250403cf372ac0065bf757fa3f445424ac0d82aec1938a2ea116bdfd306baa1cb06c62a4a97d66ab1b9489469cb8ba842da12e310caed02c5ef05c0be1e1e8c9c8b87d6871c94c57d164d08672b205c948086a06a545b266b7ad902a908681eb188bc51b6190b5cb9d8ca59b8c4c6e7369c00d6f6119fd5d437239e3d3c89cb81e09e560fb817590106015f08e7b09f1e1e65bfab3b8489fa058e24081978b9e25463d9945bfbca81c08885d4b6d4c62e217bd9e19460762f36c66bc948fe31cde089626fbb310e3c78a8d3f2eac21d374d9b58d887235d3a95721168e4b9475849071d60ecfe7ea5d6c4bf60da3747612ef59bb651270f326c0af31bc8c71361f851de34ccb3c8071b96f1128d7ee79b41246e566edd0272dbd3ccfe472b38e5e03d3ef83218bd498e6de8b4d92cb6f82716449ede7ba845028eccdb9137be8a622ac88ac53118fbc39637fa7a93cd3abc6f7671c7804420d66e94720acbcac916950f9baca77fef4217155ccc2cd0507339a0486f9f468eb28772986ee768c63eba671bf8c52e48a2a5dc2cc24fe925368706c2d712dd1064692b0fb2a32ddfbd4a0ffcf9c2abcedaae6e527bc1d42637aff2a275b76a7a7f010e42e1cc1d27141f6c3585a2bf58c6c5789ce61551d10118a000e3764631ec0b7f4b1a6f22a678133a30940b79dc76f863dd9f6e0d7776300898c97cef286c731c2050928c492439256e481652bff0d202db3cfdc54c9816ceea7895357bfa0362fad79afd09ed55189294d6ead7e898ac091cddbe7efcedb314bc02a18dd5bbddc42e089124758bb491fd1536aab27c5c124567bc325e7028bced5a179a011d1cb9a5ffb61d7af863e91ec8e60495561188b74d158ba1418228d44e92915a22eb1c166ef7d6179e84381ed950ffd747f13e24172942d922ca3109fb8b1e4e6264fa4a4eec75ad0d0e22579d90f45d6cd157300e38ae665eb56457202e25a8dd5877ba99725de288660badd2704345d9bad208c903ba27ea167dd45a77f77b6502b525b2973270582858183c784c324c1366fbba8d410c38bf75b41e067f6a9a017c56595161db4fc5639393fdafb1f148d3f416c1adc5fe1ab9cebe4689855c9b4bda6dcba5d5fa858a1b87d2ad23cdf54dbdf4d14aa4462da0b6f1107f4afa0091c2643508861a4d9f133ba77751941bb8fb756abf1a104205b80d47a3b4a59724d959c8b5833da4f56fb6613231f230a9378c9af741e94fd2c7213ac1d7625559b3f032f6c8df3ab441929720fe43d7c548cc661eed5b3c62b3c61f538ea3228376e2a18c6da2ad906322f64fb4865cde8e1889a8e5237fd6a39bbd6662f1dedc22fbd74e4376fa610cd710703dbd3924a38beae69783d1d5abf36122cbb87129ba719042748f060f4303a3199c5891c5040fd8cdb9761b006bf64cdcb65e5cc50a29994b8c1c34b83760ece12ed9ed7c3d2a7f8911cdf23a1afe0d7db1bf342aa0123dd5cd31339f5c8e160c4efef882602b3eccbe76fb690162b8bfb8a31910bcdf9a4a5dde76c2ac2fcd8678add7a000cfdcab398eb2171c026313eb6eb56b4b87bf8ef93f7f8a1c0bcc3775b681d4229ea561cb52281d8ba4315c3694ed08433596884d5a7ce3a8b1f82359846b7136726e2fe37bf4f7b7e2206cdcdb0705ced9f0dcaaa2ed3a78ea70d2cfeab668eb321400fc955e9aeb7bbcf86cd03f02dd443503a1480d9d9f899f53bd747a95293786798fc59fceb09e686a9328da4f929b6201841bbbefaffcf3386abdf69540e3b46a643ec10f0acf21f27c0053dc13f18485dbc898729dfbeaaa4887b58cd442d7ffa941808cd9658595be8650a815b088621278d89f0d8a4252566b923df3a3cd65c0e4af08fad385927251b31d35f75eaf25e6cf13a579aeeb0bcc0a14ca4a20a6831d532be0b2af3821792a2df95131b7fafef245aa19b214053342aa820c35858d13f84e496294529411015c41ed447b5b51dc44a45d52552a2be1abfc157f3ace7bfa32d5b931421d5a152dd66b7bf549311b08325e5a7201f793037b38990bedeca8a647c08d2478670f8fc2b4e8983ea18bcd514daeeeeb9d7a778f783c76edf01bd4beda4b77b612cd2e865c2e4f58ca7ae06147bf66ae6aee221cf9b9505dc07e6fb6cf4f82dc8c406c78e270210c11cf2531011ed678d9dfe1f49c9a69a95a9f3b0e5b624d9c2664d787ab911b75a4a38d63e9d6c353f8aaf433ff961fe5e34d84936ead0d0bc7954caf84e541f5c6f3f20c9eed21eb0316b82c0dc5182540e63a0af25565496792153d6395adc2b8d68b8bcd93dd110ff5685879db4384ec390d44b89663d43a5de3bdc0e103b7c1b355dc5f6fe3518c93628780ba03f156badea65d1d0af8433c9e8a975fdd19453da662a33fa9f0f5fa15fdb216b483fb48370a967246e0b763df8b3bc7924a6c76c4b114f803dbfa3b312e6815b4eb67be167283a9e482d9a5beac250089d069d4c386b7fda5fc228404a0f58b12ca4dc131c381b49b42b570bcfc0dd663f24afaf65a26a21f6d92f52c9f8de36cb76bacbaa0eef98ba6b7dbbc2629a03bb2b6f83fc5adaf20c217bc8d0f0d2421e01472532bcb546aeb2d483c8f95011a3ba1d2fd8086a717cb015dd53064ef4a80b6d6fdc12d9069223fdf2aa9b192a0e0bdb38436f49d9eedfef3665815633fee4344aff11162526362b70b18e1dbedbb5d8c4698860beccf667851878a25a1e766caae2861f2e23404aac859e62fdfeac06a6057554828d7035806e8ab3ee2fa6d711e5811db61231a22f4672f6a11b27641f350bcab78792362e6ebc1c054a643bbbf2746678c14dc567d1f73e37005c8ab6374c4d8d3106384a2d32c5fcf05cb9ba97cb7fa1aff11505a701bead543e555f3901ef3b693d5b9ebf49518c3509af042b7e84b1b867c22b7e08725220e4338fd074edce428212e6a3563a08e2ccd8ab71910256532904542e93d5c7deb5bf5d49beb3202d4da4f643649e55edbb91188cdcf0883a40c6ed6b8a086fb5c50dc08fee00308420121d4c7431b7c447bf9c1e099423ac451d67b12e930d9e391d0a799c7d4b54a0d56ea0aae00c1d009e21fb5459416b464b227d66ccc1a68da59d64c1583dee54bbcd7d61ffe541fd0fb7452adba91906918966a7d58019ad1f8fdebeceeed7018837b6e4272eefeec8385abe7207fb2d7061fa6cdc478165a98971f9729b818a73edefed976d5c7c0a651c091cfd1174c020e39330a79144271fe4cbc61ea0ffa274d0d87d06dd08c1d5f8a0364d46ef7b54426bc286330c75fa257afeb2715c2ae511ff53b1189cc59ab80b1325fbdcedfdb8f36ed71f70091116e16b52188b794e637755027caac8db8554f8674b844964c710cacd7a9d6b06baf6fef76159a380e639b0d3e66080a7cf7f86baac01dbe47fe687fcef2f3bfbf6f8fba045181dee688360a11ee56e5fc73ed31c0e2924ae57f0cc93c63a30662a65c5d5f17123ae28cc5b74dd13ed81b03dc7fa61dc575668868c0df12d3553269f04ba79084d070abcdbd4745de80e90e4e3e524f27249b5c4a2f2d4c8b331b0cb6d4efe62a298daacc6eacdfe008c1f912795dbdc37098c42db860953120fda709baa6d46f52eaba781505e68561ca0f281e850532ef8e7c779883e312806e1c357bdef8d0dda005e7fccfa6eb8686e8bf3bff036b3fcdc4036541d93530ce6f598442c24170b307ef05f23c93aa0ec96831b532d8120402214a940d1fa01ed649061a4a71308be189cffd729a196754fb8a75f23851189589be1b819f0612cad3dc94ccee88f4ab9ef6ac9c7daad8cf94f5ed9496c4c824e5b4f66ce32a80e7a6ef069a32f6812e656aa5f5742bd432afdf026c86e8f28212c1139dad47d7fc07e5c1a83e993daaa4a4bb5f0c9435ccab2a10f867ffe259dba7a1d9168619b1e3048860a5122e4a5d0b00372eaae861a0cc88549852fffa76e6d78739b654d67df15ea97a9a46b7c382d83191a673aa619b4a10ec05bc681379b0d6df824cb6fe158e9d89ae5dd1ef66976f67972b553db52eb6feef836dca6026293f83a61e117754a7424a3da63bd82d017f87f0603e2a9b8fc550aae611681935ae91f7ca2b5341b05a25208bd28f1a202a7f2a213b1d7411ffb557470aec00c4d13c70163f22a038a189710dd19a47e8db4a87c3fd329a63abca172a9810edad2d8e19ef85b57ea4287cfb3d740d7ea3fa9c80d06e1aa84b317f678ddb3c147ba5e0db432125f59ca4944c8e9050281ca82a3ecf67b2a5df678697a52a7297af1ecb03c586af7b91d74e881964ed95f7be12fa07e2a4e71aab8b913a13996fa33e915144bf00e49b8e7adec5b2c4b8165f54ba3155230e241ee023af77a295ab87c40f63f6092ccee05cb08a265abe8f57c9919bf45064b6c2240ba8011db223a283a4e2292d9b59df8c9a4fdc763f0631007db9976f351717db0e6b5f9c6e5f227c2efa1ae5fe0be1af0b22fc164f9f9678a01fe8b059749fe8a2972455732da1989c609d191544ef9fbb3e58da93ec4a582430523f260b776e4d747312747d18a9bae14740f5dcd35fd1072f8a4d81573b5882203be856b62d7e1d87081a9e431872c9d68864197bbc61f15dd8aeae950d34d6ce97182deebd2ad64cabd1c723baf512acfc7e94675b31369bd60e155af79b97bb734312569f736dcd5b5a78223ffaa0f7e93e1a112cb9f6a5b88fe3cf12c30024c16c6b8380fdf086c662665d3751c11617cc4dbd5b8bc7543301a23fbc90ba8d060193cdc2b68c31c734d516707b759f7db009c8f06e69b40154e1cd8ae444afb28134acdf871136b4fd78bd86d7faaaf618afb25e92d1ee37cdff0595278f9565f5eb109e181e9cacec2f22e32e9f34774ee223fdb992fecfc5dbc5cceeda16cbcf1434730d859e7e03d36ff17636a7a7e66956b515894da114f3040909f90ce3cfbb2d7d46e37049c0fb124e0683d662eb427cd7b851ada229451e6e3aaee64b9964ced3036bde5d9d80eb062474f96ecfb9b65fcafc719494ac12ab7df245475f2a5e7f85ca4789833ca373e6214d39176c8f51dde87a4cfe5414a20f68bb9f34709979b99533ba3435c4aa56e525195e10ffd00f8e41aee30a909c07b9739cf733d45500b539ebe2206d438216690998d9e256db1b7ac6bef3e810785e1986985c945a2b820323a592721fcfa444934d0faf8aa439d5efca5dcd77b72d1eb91b3790d50d0a7483e354c415f81d99c133d648c1293e795b3c43f9b47e23ef982e10072ea5baafb0df675e69af1807b225afa0cec3eafbde8535d3ecaa0ea6ddbffe4465207425bb003670320324df0aeeb16b38a043f9c0e85673b36def332fd68b2b1e6edda621d0cadebbced8c7fc8f890489115b457249e8d8103676b3207a472804d33e0fe511ac56cd8dc5333b2333892f87b455940ada78fcf5075c358fce990e6f65f095eb416d876ce6f120b8b02cfa6b176ee269c942f881247c3e464cce2aa65c39137607c585aeb4b5f24f5f8e058c9c8b48003c1809da3e8aad1bee7955c3a976d43fe132e2b16f4758a0a9884e51d13b930675a4361ff366b0fed190ad7b2a00385528951e39cd44ea06d8921b9d613d7626221154cf86249a550198fe4e5b05ad3052b474291da0a0a2f701759859bc0392adf243ad5eca89e6d18e28dff99ef95743bcabe75504be8c715cd6360facf3bb06cb97c29989d4f6ff5083573cefe6ef0b39a252a2678112fa88e5b06c9a6bfc9597cc96e5a49710c4fc120fb0da4945b9d94e46de1e9989d0fc3d8d20df23d815b660c799a903f651b0d013f7fe158f1d297f7fcb6a48780ca5525f1f081ada0aafa83552318b848783306549750b6254cf676c7b934cf7fdab992717f0cdc089b34278f3fb151cadde14d0d3250e85a4b0ff2a2778a219aa40563d3ef575285484424b6d0e7cc8392342e4848c6fc8cb20fa1b450cc4c1fea19f3bbdd9e342e6c49cd7ac893b1eda2e93d1d74d20969465946b398fbc733757741ac822c4a118632cd242a439fc37512cf79b7c629504ccc1e7f2f11798955c3262b5e9695625ba74d8050e20f51d4769e1ab938f487f1bc4b55b5abcaa3ec079c2d0972b2ae9bfb7c5423b959119292ea05f1d79d35afe47e49d97c946b193bffc0a8f607f18a6845cecbbdd98cd351db2b2dce05a4848ba84a6a497b4618950130cb7e76c03d0976eb2fb41d3a42a1430063ed8e5b8c67e80fd4fc1148911958babbcbff33a6505de209b0d9320017fd736fd027a16564008ab2e1f48a6dd66c9256730e9fda0a606875d0871b2b9b0bc2ed4e1b696dbf0283c8dc72cf4338e595266f5390bc3a21f988353118f2948fc75d050ea076b73508d9ed89bade0ba305c1f4e5daf9d40d2f5e7ababed8d1b1d919c61a6d3fb149c1a9b44e38585a2fe322f83d73a3aecb44da3f0e82942d75d62ed3f91eb44f3411df014f88839e4cb1e21b9b259d4eb4adaf6b0be433d0ed4c87ec77dde5ee9d566e3dd8d928fc1875c63af26c59daba5ae267d9bd5da72b99a03e6a33cc48ed961ab484ff4a46c2d5fa597e626e00b530d7b9a9705e4e08d03f3a7f2a5a5233ad6340e3b5c89db81ca713b6d7d855c6324955f85109b204566f50178cd88abe3fcba25de905e8ea0b75ad51831761ed9b1af2470f976f05ec73bf74d137c207270cfd614170518cdc449aeeb663e114359c8124eaf2499d8cf5dc84a0872301db2e57b50bd285060ec4390d99d4ae3674ca3bb8679c1b08e566ba4f30daec8684a980055eb43cb5a1306c4b52a154682aa96637e06c869278aa2f74ef7345632c11265ef8ac97e953745302556881ba0cb590fef271c0abb193fb84d18ee3f24d9976ae816b857d6f68d1fdfe10b312c799fe014debf875d04bff8b4f387859e97c6bf13f7083c28a2045a0b5eb09c94e781a165965e8617c0efed1701ea9667aeca26d9577ea7b1242e1d91b25d6a66756cc627648a293b9f4345966bc469fafaeddc1118d0972bd5c7751a1f51e5989fd952f314ae10417c97b41e60ebfbc47e496486fa4a89fd16aea7fa1eabebd26eb2a37a3e2b351e0c9d2f67b2e5be0f921adc9b6045b045948e5103af0e5050b9c0799b513c00865deebda730de538f956ceb6164e08bd6f58655a294b4b44fc65309b30f9c00f92ef5bd5b911a3d830f72c258b19521bb8e80db02129954efb61423f518d2c5f36587303890cad9a93fa4f4bcd0e24c67db679c67ea59c1350b8442577632d5e8735833f3daf5a74bc7bd82659a81beba8c889632efe03cd24187aee856cf659e16e195464f52f2b984fc7a299e7b2aa53979a147ebed35705d5e89691666536f2febacfcef9b32d14952f958b72512869e4f6a0a34176918217888b1eb8b89322ebb6bb1dead2b4744e728479880db70e6147edaff6c3f083f18e0696bdbd78cf0bda14d9f42e5c1077ced00041aadff90470aacec0e48e2a5f2a0ed37818a173b96061e8c5bf24c0bde9e09f9e0ddb8e13306ef1d4eb8043ebadde5d7553e5212ecd4691eb426251f9d6720b8276ac543dde02399a35d974b22c1727d4b6df01957cae47443b706d43165e01d6932b136f561ce837431254cfb2a6e7d8070a2d3805aaa15b3c10ccd0cda2e9b418ce9ef380e5d08217752e12b3b892d03a9495c83d78d674612fde5a67738b2d4649ce44606ecce6bf3bd1293eca246a83643e4f1c7ba362b110e07c8479f216e3d4afc4fcb8d0820c8ab702a66d8183e83174597035e92b9b500dee08c80b927b42c3689c7c9617b4112c9e54cbfa51e989b5fd42b80c595d3edd265f138e8128cfbbb0e4f53aa0aa95a2ecda4518b2e564c42d5de7671560843d08103b9bdceac5fdeb0b1266f72f491265dd2b2b80a225a50955167da1812364ea340d82f61535401bae6f3140a8795d7c318a64cee4676627244930957b2f0b227be21b72d90027e6a5a7af3c59470c74dcdb71d1ef090a0f49c91acd604c792385c8f4e085765292822ee5eca03885fd6bfeaca9b3bbbdeac939f7846a487c5a483ed1e4fbf37c93886ea27bb35c812089b900b77c7c924147e97b6a71533610750bc84921012aa8158b213f7601d934a20bdd1f757b0a33042a683af6b9069f3900059d7f80f9fdcc9f33ece8cf7888dc9e24f1fc6ca0ecccf161c5334c60f440feb3acfc3d115011c176dfa05314c5bcf089e3c82bbe7680a3eefdcdbf3ac27265b779db4f49bade0128eda6e29bc5933ef454601db1b49628fd39ab938794fa46a33937a086ece7050d31a21524e2f0cacb307ed4412a2078636f9cc8e11c5c31cc0f9edd7be6d1e31a1513a58e25215f5a24245cb988589e6d5e5119f4f6557c697fad7d1c3a7e3bae064db4382701e33e48c5b6a52fe9141a385ef2325c6f7781134607e98bfd02c43d6deefaa861700388b40d98e941cfb2ddec209f977e8b9f93d29fdbf85e3010ce7cd622e8c75ce3df535e392052b6d65d5042d2a6e78bbfe5ee146e8b18d4bc7fb024dbba57cbe0402205593766a313950cb719d00c67bb6b3bcaa1015b89e820f11475afce655947113a7c3dcbb52427f090df994fbf076db867e0ab3f6125fb8884c1d13ff3e99fab5fa8b9f0b72cb44db4d0a48d9ec17f9733764e213c40a15ad821ec60e4a88cb2fd9dd9a4f35e6a708f4b74067f4be3f03a95261f6b191df53fa5bb5164e4a164630ad9ce39087aa950ad9e60cd2c44fa2237c49abf858c97737fd21180fd0b954276715a2bed3f39a29e6c3484d9437e15d2439f2a54b2a1ac7e63e6c436658abc3f1dd52d984f6c6901768a8cf2ec98ebf44e90e0fc0c24f8957c62e05d8eacecaf25b178fd710af609a8a1bc4d7955b5f0cb4f48a37685e6304ea5843573a1abff37b5106916c83c8f23f939a0dc43aea8d196191ed6e18dd793990d1f37d7de0bf8fac6f469843724eaab86be8a483be281b8ecf4aa29d9c571951cde8cd8c2aaf4d597ac2cb48f23fad145916920a55d655924940573b64dbd42a280cddc4810434f930183fdbbdc72db1491a4c9d44daf9b1bc2fecd855508648063040faeb125da0e68e6cd2002181118eecff0be1dd8eae726af5d451630cd65119c52abd6dded97f931202f186a18c4ba34bc2c3f6d765e2d8f445e959f26ffb55827cf3ff2cc0289f17b82c8caa5a2d3d54306a300f0ef42bbe4ea9e32c5d4b1173942745cdcfe4f5d1619eefaf8dc600afbc9171d516f7f4b35331d0b9be005132ffad5e9df59710278b842afb626a78b8b8b37fc3a894dc705b2d4e0940cb264e9dc87eaa148e6faf78125462f28a0f1d7b3c65a291b85713fa71ffc478f6601e8716c35489f4a54ed0c70bcfd5502cc91374dc3c982075c5180398bc6b195b36e79dcc4087cb990cc9d964a150e0dcc887d496bdd27c3f298736b9ad8345ba2df46021964cf43c38f9d2e94b77bee2b7bf059e0870ff9f17b9ef1320c0aa88a2fa9781e9017ab64643de9a3df9ed4b8cfd8fa080a2e494409520b795eb1517d224a05e450c4c8ae0e9fd29c0e72d3a592cce55f6dd5107f21214e1a3f9a5448384de06149f959ec0c92790f0ff229ab4971171f1c528ae6d095ec007bf5e7f55d623a68194e9ea8edc3af418075338328f24e7504341c22bef72c2963fc9c3237ba990d29c2c8aa3007395f6d96e95b40ee1b18dbad550bf39d0d98268cb74dde76d987c3169c9067495fb1b88508bbb7e94cbb7dfc15c03b1d5b163132c8a468906f02d422a8cf98d0b432b5779dd962074b72dd27439b2e94312f573435e5aa84664432c1914839cd6e172186ce93eeb1d7cb0659696d9d550eb3b185f8c6ee16e53f78233cbe709f99d2879d63d93f7d0ed133241d2f1ab1eb2c56605ca0f0e01c39ab0ba2370fe5c4e68de0561b517ff9a10023c386236398372c7176e35443e2cf5dd6cbed9f23395f231e6a54f65626cb5860a8b72122c34664119e7c47204ef4a70583a", 0x2000, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000780)={0x90, 0x0, 0x0, {0x3, 0x0, 0x1, 0x0, 0x3, 0x0, {0x0, 0x0, 0x0, 0x40, 0x0, 0x8, 0x80, 0x0, 0x81, 0x1000, 0x10000, 0x0, 0x0, 0xd}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0xa, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a800000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000040), 0x2, 0xa}}, 0x20)

1.706551595s ago: executing program 4 (id=2752):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_open_dev$MSR(0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x28, 0x1, 0x0)
getsockname$packet(r1, &(0x7f0000000080)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0xfffffffffffffcb1, &(0x7f0000000240)={&(0x7f00000019c0)=@delchain={0x2c, 0x66, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, r2}}, 0x2c}}, 0x0)
symlink(&(0x7f00000016c0)='./file0\x00', &(0x7f0000001700)='./file0\x00')
readlink(&(0x7f0000001840)='./file0\x00', 0x0, 0x2f)
r3 = syz_open_dev$I2C(&(0x7f0000000080), 0x0, 0x0)
ioctl$I2C_RDWR(r3, 0x707, &(0x7f0000001b00)={&(0x7f0000000280)=[{0x0, 0xc11, 0x8c, &(0x7f00000000c0)="6c06042bec2fc28b7d9a73a36954c6e837a4c7f39b8f8c2a7c9dcd1cbb17ae3772f3db2617dc3949d1ddc9ad52e67a089f10cbe09ddfc301ecd7647d3ce248537972a1f3a7192e1e515343f4bab6c320654aeda3588be2308311b7db468c5aa08541c46ce33f71253be8b4ae682a356fafe4e3d9efcfef0aabbd6fcfcc7977b50f8f59b1cb59c1d46bfe81ea"}, {0x2, 0x0, 0x1, &(0x7f0000000240)="03"}], 0x2})

1.667352991s ago: executing program 3 (id=2753):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$igmp(0x2, 0x3, 0x2)
semop(0x0, &(0x7f00000001c0)=[{0x0, 0x43, 0x1800}, {0x0, 0xfd, 0x1000}], 0x2)

1.223947578s ago: executing program 4 (id=2754):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r0 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
r2 = openat$cgroup_subtree(r1, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000140), 0x0)
sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000002880)={0x0, 0x0, &(0x7f0000002840)={&(0x7f00000027c0)={0x14, 0x0, 0x301, 0x70bd25, 0x25dfdc00}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x24008040)

788.080344ms ago: executing program 4 (id=2755):
r0 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000800)={{{@in6=@initdev, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in6=@mcast2}, 0x0, @in=@loopback}}, &(0x7f0000000580)=0xe8)
mount$overlay(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000740)={[{@uuid_auto}, {@redirect_dir_on}, {@default_permissions}, {@metacopy_on}, {@redirect_dir_nofollow}, {@xino_off}], [{@appraise}, {@euid_gt={'euid>', r2}}, {@subj_user={'subj_user', 0x3d, '802.15.4 MAC\x00'}}]})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
futex_waitv(&(0x7f0000000180)=[{0x0, &(0x7f0000000000), 0x2}, {0x3, &(0x7f0000000040)=0x3, 0x2}], 0x2, 0x0, 0x0, 0x0)
futex(&(0x7f0000000140), 0x5, 0x0, 0x0, &(0x7f0000000000), 0x0)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000380)=ANY=[@ANYRESOCT], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000500)=ANY=[@ANYRES8=r0, @ANYRESHEX=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r5}, 0x18)
r6 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, 0x0, &(0x7f0000000040)='c:::\x00\xfdM\xab\x89\xff\xda\xc7dw2\xa1\xb2\xabuQQ\x14\x97\xc9\xfae\xc7\xa1U\xe2\xbe\"\xb9t\xa0\x0e\xfa\xdb\xf1\xa5.\xd87\xc3p\xa5l\xf8vC\xe2\xe8 \xd5-<#\x186\xe1\xbd\xc0\xc3\xb5N(vj\xa7+<:\xc4\xe00\x01\xdd \x82\x83\xed\x0e\xc4\x1d\xac\xef7\b\xd3Z5\\A\'\x18\xa2\xc3\xab\xc7`\xc3\v\xf3L\x9d[Q\x9e\x11@=\xa1\x9b\xdc\xb1\xef\xc3k<\x97L\xa0\xab\xa6\x1ce\xcd\x99\xb3m\xef\x87\xc5i^N\xbd@\x01\xc0\xb2\x88\xc3\xe2\x96T\xa3\xa5\xeb\x0f\xf2f\xb9$\xd2\x14<L\x19K\xbf\xf7\x9c\xe7 \x12+4.\xa9\xa7\xdc[\xd2\xec\xbe\x1a\xa1\x04\xd3\x9e\x92\x8a\xf7\xdb\xe7f\xdeo\xc1\xa5\xb6T\r)\x1c\xbe\x12\xd1\xef\xc2S\xcci\xc8\x0e\x00]\xe6|\xccK\xc7\r\xfa \x02\xe8\x1b\xc1\x93\xce\x02%\x86\xcb\x94K\v\xe7x\xe3\x06[/\xf9\xa8\x82\x9b\xeeF\x88\xc0f\x82\xb7T\r\x04\xbb\x10\x1d3\xa6', 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001200)={0x0, 0x0, 0x0}, 0x4000010)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000001480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000600)='sys_enter\x00', r8}, 0x18)
rmdir(0x0)
sendmsg$IEEE802154_LLSEC_DEL_SECLEVEL(r7, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16, @ANYBLOB="100027bd7000fddbdf25310000000a0001007770616e31000000050034000400000005003300020000030500330080000000"], 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x4040840)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix={0x9, 0x8, 0x47524247, 0x3, 0x6, 0x2, 0x6, 0xa6e, 0x0, 0x4, 0x1, 0x5}})

745.714689ms ago: executing program 3 (id=2756):
r0 = epoll_create1(0x0)
r1 = epoll_create1(0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
syz_usb_connect$cdc_ncm(0x6, 0x0, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000100)={0xa000000d})
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000400)={0xa})
epoll_pwait(r0, &(0x7f0000000080)=[{}], 0x1, 0x4c6, 0x0, 0x0)
sched_setaffinity(0x0, 0x43, &(0x7f0000000040)=0x2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={0x0, 0x0})
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1002}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='contention_end\x00', r5}, 0x18)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="181700003e000701fefffffffcffffff017c000008004280040008000c00018006000600800a0000f0160280ec1617", @ANYRES64=r4], 0x1718}, 0x1, 0x0, 0x0, 0xa6fdace091686b28}, 0xc000)

328.641028ms ago: executing program 2 (id=2757):
socket$can_bcm(0x1d, 0x2, 0x2)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(0x0, r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x38}}, 0x0)
close(0xffffffffffffffff)
r3 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0)
syz_usb_control_io(r3, &(0x7f00000007c0)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000000)={0x20, 0x29, 0xf, {0xf, 0x29, 0x2, 0x80, 0x7, 0x8, "3b6feb62", "f16c06b3"}}, 0x0}, 0x0)
syz_usb_control_io$hid(r3, 0x0, &(0x7f0000000440)={0x2c, &(0x7f0000000240)=ANY=[@ANYBLOB='Bh\x00\x00\x00\x00'], 0x0, 0x0, 0x0, 0x0})

143.045787ms ago: executing program 4 (id=2758):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={'vxcan1\x00'})
r1 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r1, &(0x7f0000000200)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
syz_io_uring_setup(0x497, &(0x7f0000000540)={0x0, 0x4660, 0x400, 0x3, 0x285}, &(0x7f00000004c0)=<r2=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
openat$nullb(0xffffffffffffff9c, 0x0, 0xa4242, 0x0)
openat$rtc(0xffffffffffffff9c, 0x0, 0x8002, 0x0)
pipe2$9p(0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0xc90}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r5 = io_uring_setup(0x3450, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x4, 0xfffffffb})
io_uring_register$IORING_REGISTER_BUFFERS(r5, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)

0s ago: executing program 5 (id=2236):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="200000001114030a28bdf000fcdbdf25080005"], 0x20}, 0x1, 0x0, 0x0, 0x400a004}, 0x4040004)
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x101, 0x4})
r4 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f0000000040)={0x0, &(0x7f00000002c0)=[<r5=>0x0], 0x0, 0x0, 0xfffffd52, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r3, 0xc01c64a3, &(0x7f0000000280)={0x3, r5, 0x0, 0x0, 0xa, 0x1ff, 0x1})
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
r7 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
sendfile(r7, r6, 0x0, 0x23b)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_REG(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)={0x14, r9, 0x701, 0x70bd2c, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x8814)
sendmsg$NL80211_CMD_SET_INTERFACE(r6, &(0x7f00000003c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000240)={&(0x7f0000000300)={0x68, r9, 0x10, 0x70bd27, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x5, 0x5f}}}}, [@NL80211_ATTR_4ADDR={0x5}, @NL80211_ATTR_4ADDR={0x5}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x4}, @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x4}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0xc}]}, 0x68}, 0x1, 0x0, 0x0, 0x40}, 0x4)
ioctl$DRM_IOCTL_MODE_CURSOR2(r3, 0xc02464bb, &(0x7f0000000080)={0x1, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1})
ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000100)={0x4, <r10=>r0})
ioctl$DMA_BUF_IOCTL_SYNC(r10, 0xc0086202, &(0x7f0000000540)=0x4)

kernel console output (not intermixed with test programs):

 for  pid=14255 comm="syz.1.2301" path="/468/file0" dev="9p" ino=720898 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  777.484316][   T30] audit: type=1800 audit(1753648887.886:747): pid=14280 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.1.2301" name="/" dev="9p" ino=720898 res=0 errno=0
[  778.209800][ T5981] cxacru 2-1:0.0: usbatm_usb_probe: bind failed: -19!
[  778.238064][ T5981] usb 2-1: USB disconnect, device number 50
[  778.372447][T14320] netlink: 'syz.1.2309': attribute type 8 has an invalid length.
[  778.852957][T14324] bridge3: entered promiscuous mode
[  779.011378][T14326] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[  779.096005][T14326] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2313'.
[  779.489470][ T5944] usb 4-1: new full-speed USB device number 63 using dummy_hcd
[  779.593871][T14343] bond0: (slave rose0): Error: Device type is different from other slaves
[  780.100487][T14337] tipc: Enabling of bearer <eth:team0> rejected, failed to enable media
[  780.186385][ T5833] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  780.195263][ T5833] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  780.207062][T14349] netlink: 240 bytes leftover after parsing attributes in process `syz.1.2317'.
[  780.216948][ T5833] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  780.224707][ T5833] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  780.233225][ T5833] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  780.268009][T14350] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2318'.
[  780.280445][ T5944] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  780.291740][ T5944] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  780.301635][ T5944] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  780.310785][ T5944] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  780.322766][ T5944] usb 4-1: config 0 descriptor??
[  780.323801][T14345] Failed to initialize the IGMP autojoin socket (err -2)
[  780.356838][ T5944] hub 4-1:0.0: USB hub found
[  780.561220][ T5944] hub 4-1:0.0: 2 ports detected
[  781.023325][ T5944] usb 4-1: USB disconnect, device number 63
[  781.035104][T14363] bond0: entered promiscuous mode
[  781.051887][T14363] bond_slave_0: entered promiscuous mode
[  781.077120][T14363] bond_slave_1: entered promiscuous mode
[  782.182113][   T30] kauditd_printk_skb: 18 callbacks suppressed
[  782.182125][   T30] audit: type=1400 audit(1753648892.966:766): avc:  denied  { ioctl } for  pid=14385 comm="syz.3.2323" path="socket:[43978]" dev="sockfs" ino=43978 ioctlcmd=0x89ea scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  782.309218][T11198] Bluetooth: hci0: command tx timeout
[  782.519441][T14386] C: renamed from lo (while UP)
[  782.617263][T14386] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  782.801554][   T30] audit: type=1400 audit(1753648893.586:767): avc:  denied  { create } for  pid=14376 comm="syz.4.2322" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  783.114393][T14376] ALSA: mixer_oss: invalid OSS volume ''
[  783.344864][   T30] audit: type=1400 audit(1753648893.626:768): avc:  denied  { ioctl } for  pid=14376 comm="syz.4.2322" path="socket:[43996]" dev="sockfs" ino=43996 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  783.430077][   T30] audit: type=1400 audit(1753648893.626:769): avc:  denied  { bind } for  pid=14376 comm="syz.4.2322" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  783.548445][   T30] audit: type=1400 audit(1753648893.636:770): avc:  denied  { write } for  pid=14376 comm="syz.4.2322" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  783.579303][   T30] audit: type=1400 audit(1753648893.696:771): avc:  denied  { firmware_load } for  pid=14392 comm="syz.1.2325" path="/lib/firmware/regulatory.db" dev="sda1" ino=448 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[  783.681541][T14404] overlayfs: failed to resolve './file0': -2
[  783.712814][T14345] netdevsim netdevsim5 netdevsim0: renamed from eth1
[  784.460239][ T5833] Bluetooth: hci0: command tx timeout
[  784.579908][   T30] audit: type=1400 audit(1753648893.776:772): avc:  denied  { mount } for  pid=14392 comm="syz.1.2325" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  784.579957][   T30] audit: type=1400 audit(1753648894.296:773): avc:  denied  { unmount } for  pid=5839 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  784.585145][   T30] audit: type=1400 audit(1753648895.365:774): avc:  denied  { unmount } for  pid=5834 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  785.691633][T14409] netlink: 88 bytes leftover after parsing attributes in process `syz.1.2327'.
[  785.706724][T14345] netdevsim netdevsim5 netdevsim1: renamed from eth2
[  786.624658][T11198] Bluetooth: hci0: command tx timeout
[  786.634332][T14345] netdevsim netdevsim5 netdevsim2: renamed from eth3
[  789.696348][T14345] netdevsim netdevsim5 netdevsim3: renamed from eth4
[  789.708736][T11198] Bluetooth: hci0: command tx timeout
[  790.775885][T14429] comedi comedi0: Minor 4 could not be opened
[  790.850579][   T24] usb 4-1: new full-speed USB device number 64 using dummy_hcd
[  791.251954][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  791.319040][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  791.373221][   T24] usb 4-1: New USB device found, idVendor=13ec, idProduct=0006, bcdDevice= 0.00
[  791.410417][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  791.462072][   T24] usb 4-1: config 0 descriptor??
[  791.591511][   T48] usb 2-1: new high-speed USB device number 51 using dummy_hcd
[  791.761589][   T48] usb 2-1: Using ep0 maxpacket: 8
[  791.812246][   T48] usb 2-1: config 64 has an invalid interface number: 19 but max is 0
[  791.822326][T14466] overlayfs: failed to resolve './file0': -2
[  791.830212][   T48] usb 2-1: config 64 has no interface number 0
[  791.897388][   T48] usb 2-1: config 64 interface 19 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  791.910538][   T24] zydacron 0003:13EC:0006.002A: unknown main item tag 0x0
[  791.938716][   T24] zydacron 0003:13EC:0006.002A: unknown main item tag 0x0
[  791.956490][   T48] usb 2-1: config 64 interface 19 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  791.977577][   T24] zydacron 0003:13EC:0006.002A: unknown main item tag 0x0
[  791.988066][   T48] usb 2-1: New USB device found, idVendor=2201, idProduct=012c, bcdDevice=3f.e0
[  791.998641][   T24] zydacron 0003:13EC:0006.002A: unknown main item tag 0x0
[  792.009114][   T24] zydacron 0003:13EC:0006.002A: unknown main item tag 0x0
[  792.018380][   T48] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  792.081051][   T24] zydacron 0003:13EC:0006.002A: hidraw0: USB HID v0.00 Device [HID 13ec:0006] on usb-dummy_hcd.3-1/input0
[  792.118491][   T48] usb 2-1: probing VID:PID(2201:012C)   
[  792.154825][   T48] usb 2-1: vub300 testing BULK OUT EndPoint(0) 02
[  792.449420][T14475] netlink: 88 bytes leftover after parsing attributes in process `syz.4.2335'.
[  792.539815][   T48] usb 2-1: Could not find two sets of bulk-in/out endpoint pairs
[  792.555016][   T24] usb 4-1: USB disconnect, device number 64
[  792.628110][   T48] vub300 2-1:64.19: probe with driver vub300 failed with error -22
[  792.685332][T14473] fido_id[14473]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/4-1/report_descriptor': No such file or directory
[  792.772625][   T30] audit: type=1400 audit(1753648903.494:775): avc:  denied  { listen } for  pid=14456 comm="syz.1.2334" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  792.833979][   T48] usb 2-1: USB disconnect, device number 51
[  792.856469][T14345] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  793.042597][T14345] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  793.120139][T14486] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[  793.141912][T14345] wireguard: wg0: Could not create IPv4 socket
[  793.154226][   T30] audit: type=1400 audit(1753648903.934:776): avc:  denied  { setopt } for  pid=14481 comm="syz.3.2337" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  793.194714][T14345] wireguard: wg1: Could not create IPv4 socket
[  793.235191][T14345] wireguard: wg2: Could not create IPv4 socket
[  793.246826][   T30] audit: type=1400 audit(1753648903.934:777): avc:  denied  { connect } for  pid=14481 comm="syz.3.2337" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  793.343536][   T30] audit: type=1400 audit(1753648904.114:778): avc:  denied  { ioctl } for  pid=14489 comm="syz.4.2338" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=44684 ioctlcmd=0x5002 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  793.788329][T14503] netlink: 'syz.3.2340': attribute type 4 has an invalid length.
[  793.796207][T14503] netlink: 17 bytes leftover after parsing attributes in process `syz.3.2340'.
[  793.827545][   T30] audit: type=1400 audit(1753648904.564:779): avc:  denied  { create } for  pid=14494 comm="syz.3.2340" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  793.869458][T14498] netlink: 84 bytes leftover after parsing attributes in process `syz.1.2339'.
[  794.126679][T14506] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  794.133514][T14506] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  794.229283][   T30] audit: type=1400 audit(1753648904.954:780): avc:  denied  { read } for  pid=14494 comm="syz.3.2340" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  794.287943][T14506] vhci_hcd vhci_hcd.0: Device attached
[  794.296165][T14511] vhci_hcd: connection closed
[  794.298983][ T6633] vhci_hcd: stop threads
[  794.319474][ T6633] vhci_hcd: release socket
[  794.347108][ T6633] vhci_hcd: disconnect device
[  794.454070][T14494] delete_channel: no stack
[  794.621391][T12974] usb 2-1: new high-speed USB device number 52 using dummy_hcd
[  794.815536][T12974] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  794.834813][T12974] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  794.876014][T12974] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  794.887534][T12974] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  794.920543][T12974] usb 2-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  794.940518][T12974] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  794.948941][T12974] usb 2-1: Product: syz
[  794.954901][T12974] usb 2-1: Manufacturer: syz
[  794.961097][T12974] usb 2-1: SerialNumber: syz
[  794.975425][T12974] usb 2-1: config 0 descriptor??
[  795.189929][T12974] adutux 2-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0
[  795.401328][  T975] usb 2-1: USB disconnect, device number 52
[  795.920651][T14573] overlayfs: failed to resolve './file0': -2
[  796.364896][T14583] netlink: 88 bytes leftover after parsing attributes in process `syz.3.2344'.
[  796.753402][T14592] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2348'.
[  796.926257][   T30] audit: type=1400 audit(1753648907.704:781): avc:  denied  { setopt } for  pid=14608 comm="syz.1.2349" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  797.022900][T11198] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  797.065481][T11198] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  797.077311][T11198] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  797.086919][T11198] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  797.094937][T11198] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  797.154875][T14621] Failed to initialize the IGMP autojoin socket (err -2)
[  797.394625][T14585] delete_channel: no stack
[  797.404590][   T30] audit: type=1400 audit(1753648908.154:782): avc:  denied  { bind } for  pid=14628 comm="syz.2.2350" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  797.490847][   T30] audit: type=1400 audit(1753648908.154:783): avc:  denied  { write } for  pid=14628 comm="syz.2.2350" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  797.587555][T14647] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2350'.
[  798.507315][   T30] audit: type=1400 audit(1753648909.134:784): avc:  denied  { open } for  pid=14656 comm="syz.1.2352" path="/dev/ttyq6" dev="devtmpfs" ino=381 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  798.921844][   T30] audit: type=1400 audit(1753648909.694:785): avc:  denied  { append } for  pid=14663 comm="syz.1.2353" name="loop6" dev="devtmpfs" ino=653 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  799.192827][T11198] Bluetooth: hci0: command tx timeout
[  799.397454][   T30] audit: type=1400 audit(1753648910.174:786): avc:  denied  { block_suspend } for  pid=14673 comm="syz.2.2358" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  799.529654][T14679] netlink: 88 bytes leftover after parsing attributes in process `syz.1.2356'.
[  799.856708][   T30] audit: type=1400 audit(1753648910.634:787): avc:  denied  { getopt } for  pid=14678 comm="syz.3.2359" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  800.204451][   T30] audit: type=1400 audit(1753648910.724:788): avc:  denied  { read write } for  pid=14678 comm="syz.3.2359" name="nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  800.257134][T14678] [U] 
[  800.276980][T14621] netdevsim netdevsim5 netdevsim0: renamed from eth1
[  800.326510][   T30] audit: type=1400 audit(1753648910.724:789): avc:  denied  { open } for  pid=14678 comm="syz.3.2359" path="/dev/nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  800.434778][T14621] netdevsim netdevsim5 netdevsim1: renamed from eth2
[  800.544384][T14621] netdevsim netdevsim5 netdevsim2: renamed from eth3
[  800.619465][T14621] netdevsim netdevsim5 netdevsim3: renamed from eth4
[  801.241777][T11198] Bluetooth: hci0: command tx timeout
[  802.005032][T14720] netlink: 72 bytes leftover after parsing attributes in process `syz.1.2364'.
[  802.084947][   T30] audit: type=1400 audit(1753648912.863:790): avc:  denied  { create } for  pid=14725 comm="syz.4.2368" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  802.121863][T12974] usb 4-1: new low-speed USB device number 65 using dummy_hcd
[  802.154168][   T30] audit: type=1400 audit(1753648912.893:791): avc:  denied  { ioctl } for  pid=14725 comm="syz.4.2368" path="socket:[45982]" dev="sockfs" ino=45982 ioctlcmd=0x890c scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  802.194586][   T30] audit: type=1400 audit(1753648912.973:792): avc:  denied  { mounton } for  pid=14729 comm="syz.1.2369" path="/proc/1686/task" dev="proc" ino=46003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  802.220329][   T30] audit: type=1326 audit(1753648912.973:793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14729 comm="syz.1.2369" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f902238e9a9 code=0x0
[  802.273219][  T975] usb 3-1: new high-speed USB device number 87 using dummy_hcd
[  802.291972][T12974] usb 4-1: Invalid ep0 maxpacket: 64
[  802.424315][T12974] usb 4-1: new low-speed USB device number 66 using dummy_hcd
[  802.433986][  T975] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  802.453724][  T975] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  802.464959][  T975] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  802.475741][  T975] usb 3-1: config 0 descriptor??
[  802.556928][T14621] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  802.580802][T14621] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  802.597087][T12974] usb 4-1: Invalid ep0 maxpacket: 64
[  802.610746][T12974] usb usb4-port1: attempt power cycle
[  802.620857][T14621] wireguard: wg0: Could not create IPv4 socket
[  802.632985][T14621] wireguard: wg1: Could not create IPv4 socket
[  802.641478][T14621] wireguard: wg2: Could not create IPv4 socket
[  802.696244][  T975] usbhid 3-1:0.0: can't add hid device: -71
[  802.706728][  T975] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  802.721629][  T975] usb 3-1: USB disconnect, device number 87
[  803.072319][T12974] usb 4-1: new low-speed USB device number 67 using dummy_hcd
[  803.093999][T12974] usb 4-1: Invalid ep0 maxpacket: 64
[  803.483528][T14763] 8021q: VLANs not supported on ip6gre0
[  803.499233][T12974] usb 4-1: new low-speed USB device number 68 using dummy_hcd
[  803.520743][   T30] kauditd_printk_skb: 3 callbacks suppressed
[  803.520783][   T30] audit: type=1400 audit(1753648914.223:797): avc:  denied  { write } for  pid=14754 comm="syz.4.2371" name="001" dev="devtmpfs" ino=724 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  803.609406][T12974] usb 4-1: Invalid ep0 maxpacket: 64
[  803.621919][T12974] usb usb4-port1: unable to enumerate USB device
[  803.822206][  T975] usb 3-1: new high-speed USB device number 88 using dummy_hcd
[  803.908556][   T30] audit: type=1400 audit(1753648914.693:798): avc:  denied  { write } for  pid=14761 comm="syz.1.2372" path="socket:[47192]" dev="sockfs" ino=47192 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  803.982278][  T975] usb 3-1: Using ep0 maxpacket: 32
[  803.994884][  T975] usb 3-1: config index 0 descriptor too short (expected 36, got 27)
[  804.015595][  T975] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  804.274383][  T975] usb 3-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40
[  804.360664][  T975] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  804.391561][  T975] usb 3-1: config 0 descriptor??
[  804.428020][  T975] ldusb 3-1:0.0: Interrupt in endpoint not found
[  804.456564][  T975] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  804.665486][   T30] audit: type=1400 audit(1753648915.453:799): avc:  denied  { ioctl } for  pid=14723 comm="syz.2.2367" path="socket:[47112]" dev="sockfs" ino=47112 ioctlcmd=0x5507 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  804.669177][T12974] usb 3-1: USB disconnect, device number 88
[  804.900179][T14784] netlink: 212384 bytes leftover after parsing attributes in process `syz.3.2376'.
[  804.922243][T14784] openvswitch: netlink: Message has 5 unknown bytes.
[  805.098345][   T30] audit: type=1400 audit(1753648915.883:800): avc:  denied  { append } for  pid=14790 comm="syz.3.2378" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  805.127601][T14788] block nbd1: NBD_DISCONNECT
[  805.970796][  T975] usb 3-1: new high-speed USB device number 89 using dummy_hcd
[  806.233669][  T975] usb 3-1: Using ep0 maxpacket: 32
[  806.449848][  T975] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  806.552341][  T975] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  806.552370][  T975] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  806.552409][  T975] usb 3-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[  806.552429][  T975] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  806.563510][  T975] usb 3-1: config 0 descriptor??
[  807.500150][  T975] input: HID 0458:5011 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0458:5011.002B/input/input60
[  807.628310][   T30] audit: type=1400 audit(1753648918.393:801): avc:  denied  { read } for  pid=5187 comm="acpid" name="mouse1" dev="devtmpfs" ino=3485 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  807.646220][  T975] input: HID 0458:5011 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0458:5011.002B/input/input61
[  807.795774][   T30] audit: type=1400 audit(1753648918.393:802): avc:  denied  { open } for  pid=5187 comm="acpid" path="/dev/input/mouse1" dev="devtmpfs" ino=3485 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  807.825265][   T30] audit: type=1400 audit(1753648918.473:803): avc:  denied  { ioctl } for  pid=5187 comm="acpid" path="/dev/input/mouse1" dev="devtmpfs" ino=3485 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  807.941879][  T975] kye 0003:0458:5011.002B: input,hiddev0,hidraw0: USB HID v0.00 Mouse [HID 0458:5011] on usb-dummy_hcd.2-1/input0
[  808.027252][  T975] usb 3-1: USB disconnect, device number 89
[  808.075602][T14830] fido_id[14830]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/3-1/report_descriptor': No such file or directory
[  808.528927][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  808.535368][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  809.292892][T14884] netlink: 'syz.1.2386': attribute type 1 has an invalid length.
[  809.311454][T14884] netlink: 216 bytes leftover after parsing attributes in process `syz.1.2386'.
[  809.913210][T14889] comedi comedi0: Minor 4 could not be opened
[  810.215225][ T5833] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  810.227994][ T5833] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  810.237162][ T5833] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  810.247294][ T5833] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  810.256831][ T5833] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  810.286784][T14905] Failed to initialize the IGMP autojoin socket (err -2)
[  810.373192][   T48] usb 4-1: new high-speed USB device number 69 using dummy_hcd
[  810.416724][T12974] usb 3-1: new high-speed USB device number 90 using dummy_hcd
[  810.574153][   T48] usb 4-1: too many configurations: 9, using maximum allowed: 8
[  810.614256][   T48] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  810.634067][   T48] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  810.658142][   T48] usb 4-1: config 0 interface 0 has no altsetting 0
[  810.668195][   T48] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  810.678560][T12974] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  810.689861][   T48] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  810.700843][T12974] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  810.712322][   T48] usb 4-1: config 0 interface 0 has no altsetting 0
[  810.722490][T12974] usb 3-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  810.757569][   T48] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  810.774428][T12974] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  810.786998][   T48] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  810.802527][   T48] usb 4-1: config 0 interface 0 has no altsetting 0
[  810.834742][T12974] usb 3-1: config 0 descriptor??
[  811.100785][   T48] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  811.184397][   T48] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  811.260925][   T48] usb 4-1: config 0 interface 0 has no altsetting 0
[  811.281391][   T48] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  811.588645][T12974] cp2112 0003:10C4:EA90.002C: unknown main item tag 0x0
[  811.595825][   T48] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  811.614090][   T48] usb 4-1: config 0 interface 0 has no altsetting 0
[  811.624685][T12974] cp2112 0003:10C4:EA90.002C: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.2-1/input0
[  811.649017][   T48] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  811.718177][   T48] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  811.747299][   T48] usb 4-1: config 0 interface 0 has no altsetting 0
[  811.760656][   T48] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  811.777337][   T48] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  811.788953][   T48] usb 4-1: config 0 interface 0 has no altsetting 0
[  811.789099][T12974] cp2112 0003:10C4:EA90.002C: Part Number: 0x01 Device Version: 0x00
[  811.805908][   T48] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  811.815325][   T48] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  811.843018][   T48] usb 4-1: config 0 interface 0 has no altsetting 0
[  811.863652][   T48] usb 4-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  811.902996][   T48] usb 4-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  811.925150][   T48] usb 4-1: Product: syz
[  811.933523][   T48] usb 4-1: Manufacturer: syz
[  811.950471][   T48] usb 4-1: SerialNumber: syz
[  811.965319][   T48] usb 4-1: config 0 descriptor??
[  812.128599][T14937] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2395'.
[  812.200391][   T48] yurex 4-1:0.0: USB YUREX device now attached to Yurex #0
[  812.230506][   T48] usb 4-1: USB disconnect, device number 69
[  812.262059][   T30] audit: type=1400 audit(1753648923.042:804): avc:  denied  { mount } for  pid=14928 comm="syz.4.2396" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  812.288203][T11198] Bluetooth: hci0: command tx timeout
[  812.340409][   T48] yurex 4-1:0.0: USB YUREX #0 now disconnected
[  812.492853][T14929] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  812.561946][T14936] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  812.637681][T12974] cp2112 0003:10C4:EA90.002C: error reading lock byte: -71
[  812.651427][   T30] audit: type=1400 audit(1753648923.432:805): avc:  denied  { unmount } for  pid=5834 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  812.685170][T12974] usb 3-1: USB disconnect, device number 90
[  812.744541][   T30] audit: type=1400 audit(1753648923.522:806): avc:  denied  { remove_name } for  pid=14943 comm="syz.4.2397" name="binder1" dev="binder" ino=17 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  812.820415][   T30] audit: type=1400 audit(1753648923.562:807): avc:  denied  { unlink } for  pid=14943 comm="syz.4.2397" name="binder1" dev="binder" ino=17 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  812.901059][   T30] audit: type=1400 audit(1753648923.682:808): avc:  denied  { mount } for  pid=14946 comm="syz.4.2398" name="/" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[  812.938101][   T30] audit: type=1400 audit(1753648923.682:809): avc:  denied  { watch } for  pid=14946 comm="syz.4.2398" path="/484/file0" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  813.061897][T14905] netdevsim netdevsim5 netdevsim0: renamed from eth1
[  813.443364][T14905] netdevsim netdevsim5 netdevsim1: renamed from eth2
[  813.460199][   T30] audit: type=1400 audit(1753648924.242:810): avc:  denied  { unmount } for  pid=5834 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[  813.547253][T14905] netdevsim netdevsim5 netdevsim2: renamed from eth3
[  813.555647][T14961] FAULT_INJECTION: forcing a failure.
[  813.555647][T14961] name failslab, interval 1, probability 0, space 0, times 0
[  813.596922][   T30] audit: type=1400 audit(1753648924.382:811): avc:  denied  { create } for  pid=14962 comm="syz.4.2401" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  813.598165][T14961] CPU: 0 UID: 0 PID: 14961 Comm: syz.1.2402 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  813.598187][T14961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  813.598196][T14961] Call Trace:
[  813.598202][T14961]  <TASK>
[  813.598208][T14961]  dump_stack_lvl+0x16c/0x1f0
[  813.598238][T14961]  should_fail_ex+0x512/0x640
[  813.598261][T14961]  ? fs_reclaim_acquire+0xae/0x150
[  813.598283][T14961]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  813.598299][T14961]  should_failslab+0xc2/0x120
[  813.598315][T14961]  __kmalloc_noprof+0xd2/0x510
[  813.598343][T14961]  tomoyo_realpath_from_path+0xc2/0x6e0
[  813.598361][T14961]  ? tomoyo_profile+0x47/0x60
[  813.598381][T14961]  tomoyo_path_number_perm+0x245/0x580
[  813.598401][T14961]  ? tomoyo_path_number_perm+0x237/0x580
[  813.598424][T14961]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  813.598447][T14961]  ? find_held_lock+0x2b/0x80
[  813.598490][T14961]  ? find_held_lock+0x2b/0x80
[  813.598508][T14961]  ? hook_file_ioctl_common+0x145/0x410
[  813.598532][T14961]  ? __fget_files+0x20e/0x3c0
[  813.598550][T14961]  security_file_ioctl+0x9b/0x240
[  813.598568][T14961]  __x64_sys_ioctl+0xb7/0x210
[  813.598590][T14961]  do_syscall_64+0xcd/0x4c0
[  813.598607][T14961]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  813.598623][T14961] RIP: 0033:0x7f902238e9a9
[  813.598636][T14961] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  813.598651][T14961] RSP: 002b:00007f90232dd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  813.598666][T14961] RAX: ffffffffffffffda RBX: 00007f90225b5fa0 RCX: 00007f902238e9a9
[  813.598676][T14961] RDX: 0000200000000040 RSI: 00000000c008561c RDI: 0000000000000004
[  813.598685][T14961] RBP: 00007f90232dd090 R08: 0000000000000000 R09: 0000000000000000
[  813.598694][T14961] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  813.598703][T14961] R13: 0000000000000000 R14: 00007f90225b5fa0 R15: 00007ffd4f54dd68
[  813.598725][T14961]  </TASK>
[  813.598732][T14961] ERROR: Out of memory at tomoyo_realpath_from_path.
[  813.657979][T14905] netdevsim netdevsim5 netdevsim3: renamed from eth4
[  814.246955][T14980] FAULT_INJECTION: forcing a failure.
[  814.246955][T14980] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  814.260594][   T30] audit: type=1400 audit(1753648925.022:812): avc:  denied  { mount } for  pid=14972 comm="syz.3.2403" name="/" dev="configfs" ino=97 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  814.273211][T14980] CPU: 0 UID: 0 PID: 14980 Comm: syz.3.2403 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  814.273235][T14980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  814.273245][T14980] Call Trace:
[  814.273250][T14980]  <TASK>
[  814.273256][T14980]  dump_stack_lvl+0x16c/0x1f0
[  814.273286][T14980]  should_fail_ex+0x512/0x640
[  814.273314][T14980]  _copy_to_user+0x32/0xd0
[  814.273333][T14980]  simple_read_from_buffer+0xcb/0x170
[  814.273359][T14980]  proc_fail_nth_read+0x197/0x270
[  814.273383][T14980]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  814.273406][T14980]  ? rw_verify_area+0xcf/0x680
[  814.273427][T14980]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  814.273448][T14980]  vfs_read+0x1e1/0xc60
[  814.273473][T14980]  ? __pfx___mutex_lock+0x10/0x10
[  814.273488][T14980]  ? __pfx_vfs_read+0x10/0x10
[  814.273516][T14980]  ? __fget_files+0x20e/0x3c0
[  814.273528][T14980]  ? rcu_watching_snap_stopped_since+0x80/0x110
[  814.273557][T14980]  ksys_read+0x12a/0x250
[  814.273578][T14980]  ? __pfx_ksys_read+0x10/0x10
[  814.273607][T14980]  do_syscall_64+0xcd/0x4c0
[  814.273624][T14980]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  814.273639][T14980] RIP: 0033:0x7f897498d3bc
[  814.273653][T14980] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  814.273667][T14980] RSP: 002b:00007f8975718030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  814.273683][T14980] RAX: ffffffffffffffda RBX: 00007f8974bb6080 RCX: 00007f897498d3bc
[  814.273693][T14980] RDX: 000000000000000f RSI: 00007f89757180a0 RDI: 0000000000000008
[  814.273703][T14980] RBP: 00007f8975718090 R08: 0000000000000000 R09: 0000000000000000
[  814.273711][T14980] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  814.273720][T14980] R13: 0000000000000000 R14: 00007f8974bb6080 R15: 00007fff2a922c88
[  814.273742][T14980]  </TASK>
[  814.393641][T11198] Bluetooth: hci0: command tx timeout
[  814.550411][   T30] audit: type=1400 audit(1753648925.022:813): avc:  denied  { search } for  pid=14972 comm="syz.3.2403" name="/" dev="configfs" ino=97 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  816.077437][T15012] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[  816.527633][T11198] Bluetooth: hci0: command tx timeout
[  816.617153][T15019] Failed to initialize the IGMP autojoin socket (err -2)
[  816.755369][T14905] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  816.928711][T14905] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  816.982303][T14905] wireguard: wg0: Could not create IPv4 socket
[  817.284514][T14905] wireguard: wg1: Could not create IPv4 socket
[  817.286305][T14905] wireguard: wg2: Could not create IPv4 socket
[  817.626232][   T30] kauditd_printk_skb: 5 callbacks suppressed
[  817.626249][   T30] audit: type=1400 audit(1753648928.402:819): avc:  denied  { relabelfrom } for  pid=15034 comm="syz.3.2412" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  817.663484][   T30] audit: type=1400 audit(1753648928.402:820): avc:  denied  { relabelto } for  pid=15034 comm="syz.3.2412" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  817.700215][   T30] audit: type=1326 audit(1753648928.482:821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15034 comm="syz.3.2412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f897498e9a9 code=0x7ffc0000
[  817.769729][   T30] audit: type=1326 audit(1753648928.482:822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15034 comm="syz.3.2412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f897498e9a9 code=0x7ffc0000
[  817.861898][   T30] audit: type=1326 audit(1753648928.482:823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15034 comm="syz.3.2412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f897498e9a9 code=0x7ffc0000
[  817.895878][   T30] audit: type=1326 audit(1753648928.482:824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15034 comm="syz.3.2412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f897498e9a9 code=0x7ffc0000
[  817.949942][   T30] audit: type=1326 audit(1753648928.482:825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15034 comm="syz.3.2412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f897498e9a9 code=0x7ffc0000
[  818.163712][   T30] audit: type=1326 audit(1753648928.482:826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15034 comm="syz.3.2412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f897498e9a9 code=0x7ffc0000
[  818.216924][   T30] audit: type=1326 audit(1753648928.482:827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15034 comm="syz.3.2412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f897498e9a9 code=0x7ffc0000
[  818.329310][T15045] tipc: Enabling of bearer <eth:team0> rejected, failed to enable media
[  818.334795][   T30] audit: type=1326 audit(1753648928.482:828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15034 comm="syz.3.2412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f897498e9a9 code=0x7ffc0000
[  818.524740][   T48] usb 4-1: new high-speed USB device number 70 using dummy_hcd
[  820.208041][T15087] input: syz0 as /devices/virtual/input/input62
[  823.070926][T15173] netlink: 'syz.2.2424': attribute type 1 has an invalid length.
[  823.093588][   T30] kauditd_printk_skb: 58 callbacks suppressed
[  823.093605][   T30] audit: type=1400 audit(1753648933.871:887): avc:  denied  { connect } for  pid=15174 comm="syz.3.2425" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  824.087927][T15180] tipc: Enabling of bearer <eth:team0> rejected, failed to enable media
[  824.363076][   T30] audit: type=1400 audit(1753648935.141:888): avc:  denied  { write } for  pid=15181 comm="syz.1.2427" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=socket permissive=1
[  824.393944][ T5833] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  824.406577][   T30] audit: type=1400 audit(1753648935.141:889): avc:  denied  { read } for  pid=15181 comm="syz.1.2427" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=socket permissive=1
[  824.430410][ T5833] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  824.439962][ T5833] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  824.453090][ T5833] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  824.462872][ T5833] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  824.675666][ T5944] usb 3-1: new high-speed USB device number 91 using dummy_hcd
[  824.677389][T15185] Failed to initialize the IGMP autojoin socket (err -2)
[  824.991684][ T5944] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  825.023501][   T30] audit: type=1400 audit(1753648935.791:890): avc:  denied  { create } for  pid=15197 comm="syz.4.2431" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  825.053459][ T5944] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  825.217875][ T5944] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  825.228908][   T30] audit: type=1400 audit(1753648935.791:891): avc:  denied  { setopt } for  pid=15197 comm="syz.4.2431" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  825.248379][ T5944] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  825.261976][ T5944] usb 3-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  825.271589][ T5944] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  825.279655][ T5944] usb 3-1: Product: syz
[  825.283797][ T5944] usb 3-1: Manufacturer: syz
[  825.364549][ T5944] usb 3-1: SerialNumber: syz
[  825.377859][ T5944] usb 3-1: config 0 descriptor??
[  825.442395][   T30] audit: type=1400 audit(1753648936.221:892): avc:  denied  { read } for  pid=15197 comm="syz.4.2431" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  825.588925][   T30] audit: type=1400 audit(1753648936.241:893): avc:  denied  { open } for  pid=15197 comm="syz.4.2431" path="/dev/snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  825.642546][ T5944] adutux 3-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0
[  825.896221][ T5944] usb 3-1: USB disconnect, device number 91
[  826.944243][T15185] netdevsim netdevsim5 netdevsim0: renamed from eth1
[  826.985030][T15185] netdevsim netdevsim5 netdevsim1: renamed from eth2
[  827.028849][T15185] netdevsim netdevsim5 netdevsim2: renamed from eth3
[  827.090736][T15185] netdevsim netdevsim5 netdevsim3: renamed from eth4
[  827.131493][   T30] audit: type=1400 audit(1753648937.911:894): avc:  denied  { write } for  pid=15240 comm="syz.1.2435" name="vlan1" dev="proc" ino=4026533809 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  827.681076][T15185] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  827.703235][T15185] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  827.723374][T15185] wireguard: wg0: Could not create IPv4 socket
[  827.729853][T15210] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  827.736276][ T5833] Bluetooth: hci0: command 0x041b tx timeout
[  827.748243][T15185] wireguard: wg1: Could not create IPv4 socket
[  827.757172][T15185] wireguard: wg2: Could not create IPv4 socket
[  827.913417][T15210] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  827.930185][T15210] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  828.008132][T15208] block device autoloading is deprecated and will be removed.
[  828.062672][T15208] syz.3.2432: attempt to access beyond end of device
[  828.062672][T15208] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  828.112769][T15287] binder: 15286:15287 ioctl c0306201 200000000640 returned -22
[  828.115279][   T30] audit: type=1400 audit(1753648938.890:895): avc:  denied  { ioctl } for  pid=15286 comm="syz.2.2437" path="/dev/binderfs/binder0" dev="binder" ino=10 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  828.147005][T15287] binder: 15286:15287 ioctl c04064aa 200000000480 returned -22
[  828.306865][   T30] audit: type=1400 audit(1753648938.890:896): avc:  denied  { set_context_mgr } for  pid=15286 comm="syz.2.2437" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  828.355628][ T5944] usb 2-1: new high-speed USB device number 53 using dummy_hcd
[  828.398666][   T30] audit: type=1400 audit(1753648939.020:897): avc:  denied  { setopt } for  pid=15286 comm="syz.2.2437" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  828.585013][ T5944] usb 2-1: Using ep0 maxpacket: 8
[  828.600197][ T5944] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  828.619419][ T5944] usb 2-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  828.799998][ T5944] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  828.810725][ T5944] usb 2-1: config 0 descriptor??
[  828.819338][ T5944] gspca_main: vc032x-2.14.0 probing 046d:0892
[  829.810345][ T5944] gspca_vc032x: reg_r err -110
[  829.815832][ T5944] vc032x 2-1:0.0: probe with driver vc032x failed with error -110
[  829.922628][   T30] audit: type=1400 audit(1753648940.680:898): avc:  denied  { setopt } for  pid=15306 comm="syz.4.2441" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  830.157717][   T30] audit: type=1400 audit(1753648940.700:899): avc:  denied  { ioctl } for  pid=15306 comm="syz.4.2441" path="socket:[48359]" dev="sockfs" ino=48359 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  830.372158][   T30] audit: type=1326 audit(1753648940.910:900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15300 comm="syz.2.2440" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fce7cb8e9a9 code=0x0
[  830.398939][   T30] audit: type=1400 audit(1753648941.180:901): avc:  denied  { mount } for  pid=15300 comm="syz.2.2440" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  830.521624][T15317] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[  830.799681][T15322] netlink: 272 bytes leftover after parsing attributes in process `syz.1.2436'.
[  832.865674][ T5944] usb 2-1: USB disconnect, device number 53
[  832.956686][T15349] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2450'.
[  833.557189][   T30] audit: type=1400 audit(1753648944.330:902): avc:  denied  { append } for  pid=15360 comm="syz.1.2452" name="comedi3" dev="devtmpfs" ino=1279 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  833.727949][T15364] comedi comedi3: comedi_config --init_data is deprecated
[  836.468918][T15451] trusted_key: encrypted_key: insufficient parameters specified
[  836.901367][T15452] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[  837.271909][T15454] netlink: 88 bytes leftover after parsing attributes in process `syz.2.2455'.
[  838.384909][T15465] netlink: 'syz.1.2459': attribute type 10 has an invalid length.
[  838.456735][T15465] mac80211_hwsim hwsim4 wlan1: entered promiscuous mode
[  838.505444][T15465] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  838.547807][T11198] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  838.562305][T11198] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  838.572148][T11198] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  838.580326][T11198] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  838.587985][T11198] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  838.694005][T15471] Failed to initialize the IGMP autojoin socket (err -2)
[  838.813114][   T30] audit: type=1326 audit(1753648949.589:903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15477 comm="syz.2.2462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce7cb8e9a9 code=0x7ffc0000
[  838.816161][T15478] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  838.888027][   T30] audit: type=1326 audit(1753648949.589:904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15477 comm="syz.2.2462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce7cb8e9a9 code=0x7ffc0000
[  839.035330][   T30] audit: type=1326 audit(1753648949.589:905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15477 comm="syz.2.2462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fce7cb8e9a9 code=0x7ffc0000
[  839.173963][   T30] audit: type=1326 audit(1753648949.589:906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15477 comm="syz.2.2462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce7cb8e9a9 code=0x7ffc0000
[  839.435818][   T30] audit: type=1326 audit(1753648949.589:907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15477 comm="syz.2.2462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fce7cb8e9a9 code=0x7ffc0000
[  839.508009][   T30] audit: type=1326 audit(1753648949.589:908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15477 comm="syz.2.2462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce7cb8e9a9 code=0x7ffc0000
[  839.562990][   T30] audit: type=1326 audit(1753648949.589:909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15477 comm="syz.2.2462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fce7cb8e9a9 code=0x7ffc0000
[  839.648529][   T30] audit: type=1326 audit(1753648949.719:910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15477 comm="syz.2.2462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce7cb8e9a9 code=0x7ffc0000
[  839.731883][   T30] audit: type=1326 audit(1753648949.719:911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15477 comm="syz.2.2462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce7cb8e9a9 code=0x7ffc0000
[  839.840165][   T30] audit: type=1400 audit(1753648950.379:912): avc:  denied  { bind } for  pid=15488 comm="syz.2.2464" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  840.709191][T11198] Bluetooth: hci0: command tx timeout
[  841.387801][T15521] 8021q: VLANs not supported on ip6gre0
[  842.081920][T15540] syz.4.2476: attempt to access beyond end of device
[  842.081920][T15540] nbd4: rw=4096, sector=2, nr_sectors = 2 limit=0
[  842.151143][T15540] EXT4-fs (nbd4): unable to read superblock
[  842.706425][ T5944] usb 2-1: new high-speed USB device number 54 using dummy_hcd
[  842.766737][T11198] Bluetooth: hci0: command tx timeout
[  842.871838][ T5944] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  842.948583][ T5944] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  842.982994][ T5944] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  842.989332][T15471] netdevsim netdevsim5 netdevsim0: renamed from eth1
[  843.009988][ T5944] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  843.053088][ T5944] usb 2-1: config 0 descriptor??
[  843.079138][T15471] netdevsim netdevsim5 netdevsim1: renamed from eth2
[  843.126010][T15471] netdevsim netdevsim5 netdevsim2: renamed from eth3
[  843.138009][T15566] netlink: 88 bytes leftover after parsing attributes in process `syz.3.2479'.
[  843.228934][T15471] netdevsim netdevsim5 netdevsim3: renamed from eth4
[  843.576232][ T5944] cp2112 0003:10C4:EA90.002D: unknown main item tag 0x0
[  843.616878][T15572] netlink: 88 bytes leftover after parsing attributes in process `syz.2.2480'.
[  843.837490][ T5944] cp2112 0003:10C4:EA90.002D: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.1-1/input0
[  843.960623][ T5944] cp2112 0003:10C4:EA90.002D: Part Number: 0x01 Device Version: 0x00
[  844.856633][T11198] Bluetooth: hci0: command tx timeout
[  845.225896][ T5944] cp2112 0003:10C4:EA90.002D: error reading lock byte: -71
[  845.251307][ T5944] usb 2-1: USB disconnect, device number 54
[  845.892881][T15599] 8021q: VLANs not supported on ip6gre0
[  846.488053][T15606] netlink: 'syz.4.2484': attribute type 7 has an invalid length.
[  846.593347][T15606] : entered promiscuous mode
[  847.219574][T11198] Bluetooth: hci0: command tx timeout
[  847.453839][T15625] comedi comedi0: Minor 4 could not be opened
[  847.654097][   T30] kauditd_printk_skb: 1 callbacks suppressed
[  847.654113][   T30] audit: type=1400 audit(1753648958.408:914): avc:  denied  { getopt } for  pid=15619 comm="syz.4.2488" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  847.692006][T15471] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  847.750075][T15471] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  847.773711][   T30] audit: type=1400 audit(1753648958.508:915): avc:  denied  { getopt } for  pid=15631 comm="syz.2.2490" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  848.544728][T15471] wireguard: wg0: Could not create IPv4 socket
[  848.562468][T15471] wireguard: wg1: Could not create IPv4 socket
[  848.649546][T15471] wireguard: wg2: Could not create IPv4 socket
[  851.783938][T15657] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(11)
[  851.790584][T15657] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  851.900368][T15657] vhci_hcd vhci_hcd.0: Device attached
[  851.911980][T15663] vhci_hcd: connection closed
[  851.937938][ T3516] vhci_hcd: stop threads
[  851.946946][ T3516] vhci_hcd: release socket
[  852.029643][T15669] 8021q: VLANs not supported on ip6gre0
[  852.177890][   T48] usb 37-1: new high-speed USB device number 2 using vhci_hcd
[  852.403376][ T3516] vhci_hcd: disconnect device
[  852.412528][   T48] usb 37-1: enqueue for inactive port 0
[  852.425148][   T30] audit: type=1400 audit(1753648963.198:916): avc:  denied  { compute_member } for  pid=15668 comm="syz.1.2496" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  852.523767][   T48] vhci_hcd: vhci_device speed not set
[  852.884976][T15678] netlink: 'syz.1.2497': attribute type 7 has an invalid length.
[  852.917550][T15678] : entered promiscuous mode
[  854.844928][T15711] FAULT_INJECTION: forcing a failure.
[  854.844928][T15711] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  854.865102][   T30] audit: type=1400 audit(1753648965.637:917): avc:  denied  { ioctl } for  pid=15708 comm="syz.4.2501" path="socket:[50386]" dev="sockfs" ino=50386 ioctlcmd=0x8903 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  854.867320][T15713] Failed to initialize the IGMP autojoin socket (err -2)
[  854.919549][T15711] CPU: 0 UID: 0 PID: 15711 Comm: syz.1.2498 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  854.919577][T15711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  854.919587][T15711] Call Trace:
[  854.919593][T15711]  <TASK>
[  854.919600][T15711]  dump_stack_lvl+0x16c/0x1f0
[  854.919634][T15711]  should_fail_ex+0x512/0x640
[  854.919665][T15711]  should_fail_alloc_page+0xe7/0x130
[  854.919686][T15711]  prepare_alloc_pages+0x3c2/0x610
[  854.919712][T15711]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  854.919741][T15711]  ? is_bpf_text_address+0x94/0x1a0
[  854.919762][T15711]  ? kernel_text_address+0x8d/0x100
[  854.919781][T15711]  ? __kernel_text_address+0xd/0x40
[  854.919800][T15711]  ? unwind_get_return_address+0x59/0xa0
[  854.919818][T15711]  ? arch_stack_walk+0xa6/0x100
[  854.919839][T15711]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  854.919870][T15711]  ? _parse_integer_limit+0x17f/0x1d0
[  854.919897][T15711]  ? _kstrtoull+0x145/0x200
[  854.919918][T15711]  ? __pfx__kstrtoull+0x10/0x10
[  854.919941][T15711]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  854.919963][T15711]  ? policy_nodemask+0xea/0x4e0
[  854.919983][T15711]  alloc_pages_mpol+0x1fb/0x550
[  854.920000][T15711]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  854.920018][T15711]  ? iovec_from_user+0xbb/0x140
[  854.920040][T15711]  ? __pfx_selinux_transaction_write+0x10/0x10
[  854.920063][T15711]  alloc_pages_noprof+0x131/0x390
[  854.920081][T15711]  get_zeroed_page_noprof+0x18/0xb0
[  854.920101][T15711]  simple_transaction_get+0x62/0x140
[  854.920128][T15711]  ? __pfx_sel_write_member+0x10/0x10
[  854.920150][T15711]  selinux_transaction_write+0xc3/0x180
[  854.920174][T15711]  vfs_writev+0x5df/0xde0
[  854.920197][T15711]  ? __pfx___mutex_trylock_common+0x10/0x10
[  854.920222][T15711]  ? __pfx_vfs_writev+0x10/0x10
[  854.920246][T15711]  ? __mutex_lock+0x1ca/0xb90
[  854.920270][T15711]  ? __pfx___mutex_lock+0x10/0x10
[  854.920297][T15711]  ? __fget_files+0x20e/0x3c0
[  854.920311][T15711]  ? __fget_files+0x190/0x3c0
[  854.920332][T15711]  ? do_writev+0x132/0x340
[  854.920353][T15711]  do_writev+0x132/0x340
[  854.920376][T15711]  ? __pfx_do_writev+0x10/0x10
[  854.920407][T15711]  do_syscall_64+0xcd/0x4c0
[  854.920426][T15711]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  854.920444][T15711] RIP: 0033:0x7f902238e9a9
[  854.920458][T15711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  854.920474][T15711] RSP: 002b:00007f90232dd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  854.920492][T15711] RAX: ffffffffffffffda RBX: 00007f90225b5fa0 RCX: 00007f902238e9a9
[  854.920503][T15711] RDX: 0000000000000004 RSI: 0000200000000780 RDI: 0000000000000003
[  854.920518][T15711] RBP: 00007f90232dd090 R08: 0000000000000000 R09: 0000000000000000
[  854.920528][T15711] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  854.920538][T15711] R13: 0000000000000000 R14: 00007f90225b5fa0 R15: 00007ffd4f54dd68
[  854.920563][T15711]  </TASK>
[  855.387184][ T5833] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  855.398148][ T5833] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  855.407718][ T5833] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  855.416376][ T5833] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  855.424328][ T5833] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  855.614920][T15723] Failed to initialize the IGMP autojoin socket (err -2)
[  856.059154][   T30] audit: type=1400 audit(1753648966.637:918): avc:  denied  { connect } for  pid=15714 comm="syz.2.2499" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  856.718984][   T30] audit: type=1400 audit(1753648967.497:919): avc:  denied  { create } for  pid=15712 comm="syz.3.2500" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  856.760320][T15751] netlink: 88 bytes leftover after parsing attributes in process `syz.1.2506'.
[  856.819071][   T30] audit: type=1400 audit(1753648967.597:920): avc:  denied  { getopt } for  pid=15712 comm="syz.3.2500" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  857.518594][T15762] FAULT_INJECTION: forcing a failure.
[  857.518594][T15762] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  857.544598][T15762] CPU: 0 UID: 0 PID: 15762 Comm: syz.1.2508 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  857.544626][T15762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  857.544636][T15762] Call Trace:
[  857.544643][T15762]  <TASK>
[  857.544650][T15762]  dump_stack_lvl+0x16c/0x1f0
[  857.544689][T15762]  should_fail_ex+0x512/0x640
[  857.544720][T15762]  _copy_from_user+0x2e/0xd0
[  857.544738][T15762]  snd_pcm_oss_write2+0x1c2/0x410
[  857.544762][T15762]  ? __pfx_snd_pcm_oss_write2+0x10/0x10
[  857.544780][T15762]  ? snd_pcm_kernel_ioctl+0x267/0x2e0
[  857.544811][T15762]  snd_pcm_oss_write+0x711/0xa10
[  857.544834][T15762]  ? security_file_permission+0x71/0x210
[  857.544856][T15762]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  857.544876][T15762]  vfs_write+0x2a0/0x1150
[  857.544907][T15762]  ? __pfx_vfs_write+0x10/0x10
[  857.544929][T15762]  ? find_held_lock+0x2b/0x80
[  857.544952][T15762]  ? __fget_files+0x204/0x3c0
[  857.544970][T15762]  ? __fget_files+0x20e/0x3c0
[  857.544993][T15762]  ksys_write+0x12a/0x250
[  857.545016][T15762]  ? __pfx_ksys_write+0x10/0x10
[  857.545048][T15762]  do_syscall_64+0xcd/0x4c0
[  857.545066][T15762]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  857.545083][T15762] RIP: 0033:0x7f902238e9a9
[  857.545097][T15762] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  857.545113][T15762] RSP: 002b:00007f90232dd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  857.545130][T15762] RAX: ffffffffffffffda RBX: 00007f90225b5fa0 RCX: 00007f902238e9a9
[  857.545142][T15762] RDX: 0000000000004000 RSI: 00002000000012c0 RDI: 0000000000000003
[  857.545152][T15762] RBP: 00007f90232dd090 R08: 0000000000000000 R09: 0000000000000000
[  857.545161][T15762] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  857.545172][T15762] R13: 0000000000000000 R14: 00007f90225b5fa0 R15: 00007ffd4f54dd68
[  857.545195][T15762]  </TASK>
[  857.745948][ T5833] Bluetooth: hci0: command tx timeout
[  858.603783][T15788] 8021q: VLANs not supported on ip6gre0
[  858.788895][   T30] audit: type=1400 audit(1753648969.547:921): avc:  denied  { create } for  pid=15792 comm="syz.2.2512" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_dnrt_socket permissive=1
[  858.893492][   T30] audit: type=1400 audit(1753648969.667:922): avc:  denied  { setopt } for  pid=15792 comm="syz.2.2512" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  859.007987][T15723] netdevsim netdevsim5 netdevsim0: renamed from eth1
[  859.067081][T15723] netdevsim netdevsim5 netdevsim1: renamed from eth2
[  859.101650][T15806] FAULT_INJECTION: forcing a failure.
[  859.101650][T15806] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  859.115368][T15806] CPU: 0 UID: 0 PID: 15806 Comm: syz.1.2515 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  859.115392][T15806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  859.115403][T15806] Call Trace:
[  859.115409][T15806]  <TASK>
[  859.115416][T15806]  dump_stack_lvl+0x16c/0x1f0
[  859.115447][T15806]  should_fail_ex+0x512/0x640
[  859.115479][T15806]  should_fail_alloc_page+0xe7/0x130
[  859.115499][T15806]  prepare_alloc_pages+0x3c2/0x610
[  859.115526][T15806]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  859.115563][T15806]  ? __kasan_check_byte+0x13/0x50
[  859.115582][T15806]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  859.115607][T15806]  ? unwind_next_frame+0x3f4/0x20a0
[  859.115627][T15806]  ? __kasan_check_byte+0x13/0x50
[  859.115647][T15806]  ? lock_release+0x201/0x2f0
[  859.115662][T15806]  ? bpf_ksym_find+0x127/0x1c0
[  859.115686][T15806]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  859.115717][T15806]  ? is_bpf_text_address+0x94/0x1a0
[  859.115737][T15806]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  859.115759][T15806]  ? policy_nodemask+0xea/0x4e0
[  859.115777][T15806]  alloc_pages_mpol+0x1fb/0x550
[  859.115795][T15806]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  859.115814][T15806]  ? stack_trace_save+0x8e/0xc0
[  859.115838][T15806]  folio_alloc_mpol_noprof+0x36/0x2f0
[  859.115860][T15806]  vma_alloc_folio_noprof+0xed/0x1e0
[  859.115880][T15806]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  859.115901][T15806]  ? rcu_read_unlock+0x2d/0xb0
[  859.115933][T15806]  do_wp_page+0x1136/0x4f20
[  859.115961][T15806]  ? __pfx_do_wp_page+0x10/0x10
[  859.115984][T15806]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  859.116012][T15806]  __handle_mm_fault+0x2223/0x5490
[  859.116044][T15806]  ? __pfx___handle_mm_fault+0x10/0x10
[  859.116066][T15806]  ? __pfx_mt_find+0x10/0x10
[  859.116097][T15806]  ? find_vma+0xbf/0x140
[  859.116112][T15806]  ? __pfx_find_vma+0x10/0x10
[  859.116130][T15806]  handle_mm_fault+0x589/0xd10
[  859.116152][T15806]  ? __pkru_allows_pkey+0x51/0xb0
[  859.116176][T15806]  do_user_addr_fault+0x7a6/0x1370
[  859.116202][T15806]  ? rcu_is_watching+0x12/0xc0
[  859.116226][T15806]  exc_page_fault+0x5c/0xb0
[  859.116252][T15806]  asm_exc_page_fault+0x26/0x30
[  859.116269][T15806] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  859.116293][T15806] Code: 11 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[  859.116310][T15806] RSP: 0018:ffffc9000457fab8 EFLAGS: 00050246
[  859.116326][T15806] RAX: 0000000000000001 RBX: 0000000000000040 RCX: 0000000000000040
[  859.116337][T15806] RDX: fffff520008aff96 RSI: ffffc9000457fc70 RDI: 0000200000002840
[  859.116348][T15806] RBP: 0000200000002840 R08: 0000000000000000 R09: fffff520008aff95
[  859.116360][T15806] R10: ffffc9000457fcaf R11: 0000000000000001 R12: ffffc9000457fda0
[  859.116371][T15806] R13: 0000200000002880 R14: ffffc9000457fc70 R15: 00007ffffffff000
[  859.116402][T15806]  _copy_to_iter+0x383/0x16f0
[  859.116427][T15806]  ? __pfx___ldsem_down_read_nested+0x10/0x10
[  859.116451][T15806]  ? __pfx__copy_to_iter+0x10/0x10
[  859.116471][T15806]  ? __pfx_woken_wake_function+0x10/0x10
[  859.116506][T15806]  tty_read+0x26f/0x5d0
[  859.116529][T15806]  ? __pfx_tty_read+0x10/0x10
[  859.116555][T15806]  ? bpf_lsm_file_permission+0x9/0x10
[  859.116574][T15806]  ? security_file_permission+0x71/0x210
[  859.116596][T15806]  ? rw_verify_area+0xcf/0x680
[  859.116625][T15806]  vfs_read+0x8bc/0xc60
[  859.116658][T15806]  ? __pfx_vfs_read+0x10/0x10
[  859.116681][T15806]  ? find_held_lock+0x2b/0x80
[  859.116728][T15806]  ksys_read+0x12a/0x250
[  859.116753][T15806]  ? __pfx_ksys_read+0x10/0x10
[  859.116779][T15806]  ? fput+0x70/0xf0
[  859.116803][T15806]  do_syscall_64+0xcd/0x4c0
[  859.116822][T15806]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  859.116839][T15806] RIP: 0033:0x7f902238e9a9
[  859.116854][T15806] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  859.116870][T15806] RSP: 002b:00007f90232bc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  859.116884][T15806] RAX: ffffffffffffffda RBX: 00007f90225b6080 RCX: 00007f902238e9a9
[  859.116895][T15806] RDX: 0000000000002020 RSI: 0000200000002840 RDI: 0000000000000003
[  859.116906][T15806] RBP: 00007f90232bc090 R08: 0000000000000000 R09: 0000000000000000
[  859.116916][T15806] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  859.116925][T15806] R13: 0000000000000000 R14: 00007f90225b6080 R15: 00007ffd4f54dd68
[  859.116951][T15806]  </TASK>
[  859.586040][T15723] netdevsim netdevsim5 netdevsim2: renamed from eth3
[  859.611313][T15723] netdevsim netdevsim5 netdevsim3: renamed from eth4
[  859.686112][T15808] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2516'.
[  859.808912][ T5833] Bluetooth: hci0: command tx timeout
[  859.824112][   T30] audit: type=1400 audit(1753648970.577:923): avc:  denied  { getopt } for  pid=15807 comm="syz.2.2516" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  860.450467][T15822] syz.4.2519: attempt to access beyond end of device
[  860.450467][T15822] nbd4: rw=4096, sector=2, nr_sectors = 2 limit=0
[  860.543479][T15822] EXT4-fs (nbd4): unable to read superblock
[  861.534798][T15835] netlink: 88 bytes leftover after parsing attributes in process `syz.1.2518'.
[  861.819094][T15843] netlink: 88 bytes leftover after parsing attributes in process `syz.2.2521'.
[  861.888816][ T5833] Bluetooth: hci0: command tx timeout
[  861.988967][T15850] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[  862.631573][T15865] comedi comedi0: Minor 4 could not be opened
[  863.472818][   T30] audit: type=1400 audit(1753648974.237:924): avc:  denied  { listen } for  pid=15874 comm="syz.3.2525" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  863.586914][   T30] audit: type=1400 audit(1753648974.247:925): avc:  denied  { connect } for  pid=15874 comm="syz.3.2525" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  863.674452][   T30] audit: type=1400 audit(1753648974.247:926): avc:  denied  { accept } for  pid=15874 comm="syz.3.2525" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  863.811057][T15723] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  863.862399][T15723] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  863.899264][ T5981] usb 4-1: new high-speed USB device number 71 using dummy_hcd
[  863.930599][T15723] wireguard: wg0: Could not create IPv4 socket
[  863.944699][T15723] wireguard: wg1: Could not create IPv4 socket
[  863.962751][T15723] wireguard: wg2: Could not create IPv4 socket
[  863.971729][ T5833] Bluetooth: hci0: command tx timeout
[  864.115744][ T5981] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  864.200994][ T5981] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  864.219082][ T5981] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  864.232140][ T5981] usb 4-1: New USB device found, idVendor=0c70, idProduct=f001, bcdDevice= 0.00
[  864.242423][ T5981] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  864.264460][ T5981] usb 4-1: config 0 descriptor??
[  864.528939][ T5944] usb 2-1: new high-speed USB device number 55 using dummy_hcd
[  864.690638][ T5944] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  864.731277][ T5944] usb 2-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice=83.9c
[  864.748763][ T5944] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  864.777595][ T5944] usb 2-1: Product: syz
[  864.819432][ T5944] usb 2-1: Manufacturer: syz
[  864.828762][ T5944] usb 2-1: SerialNumber: syz
[  864.845016][ T5944] usb 2-1: config 0 descriptor??
[  864.864850][ T5944] ims_pcu 2-1:0.0: Zero length descriptor
[  864.880756][ T5944] ims_pcu 2-1:0.0: probe with driver ims_pcu failed with error -22
[  864.987833][   T30] audit: type=1400 audit(1753648975.756:927): avc:  denied  { getopt } for  pid=15895 comm="syz.2.2533" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  865.057380][ T5981] usbhid 4-1:0.0: can't add hid device: -71
[  865.180892][ T5981] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  865.206505][T15891] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  865.221490][ T5981] usb 4-1: USB disconnect, device number 71
[  865.301836][   T30] audit: type=1400 audit(1753648976.079:928): avc:  denied  { shutdown } for  pid=15903 comm="syz.2.2535" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  865.350151][T15891] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  865.493471][T15907] befs: (nbd2): No write support. Marking filesystem read-only
[  865.508047][T15907] syz.2.2535: attempt to access beyond end of device
[  865.508047][T15907] nbd2: rw=0, sector=0, nr_sectors = 2 limit=0
[  865.768567][T15891] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  865.813980][T15891] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  865.868902][ T5944] usb 2-1: USB disconnect, device number 55
[  865.983534][   T30] audit: type=1400 audit(1753648976.759:929): avc:  denied  { accept } for  pid=15901 comm="syz.3.2534" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[  867.440183][T15937] syz.2.2537: attempt to access beyond end of device
[  867.440183][T15937] nbd2: rw=4096, sector=2, nr_sectors = 2 limit=0
[  867.489049][T15937] EXT4-fs (nbd2): unable to read superblock
[  867.649604][   T48] usb 2-1: new high-speed USB device number 56 using dummy_hcd
[  867.999181][   T48] usb 2-1: Using ep0 maxpacket: 16
[  868.006285][   T48] usb 2-1: config 0 has an invalid descriptor of length 1, skipping remainder of the config
[  868.028986][   T48] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  868.142990][   T48] usb 2-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 8.00
[  868.174729][   T48] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  868.218807][   T48] usb 2-1: config 0 descriptor??
[  868.258640][T11198] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  868.271568][T11198] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  868.282493][T11198] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  868.299212][T11198] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  868.307769][T11198] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  868.415387][T15952] Failed to initialize the IGMP autojoin socket (err -2)
[  868.474125][   T48] usb 2-1: USB disconnect, device number 56
[  868.566773][   T30] audit: type=1326 audit(1753648979.339:930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15960 comm="syz.1.2541" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f902238e9a9 code=0x0
[  868.629542][   T30] audit: type=1400 audit(1753648979.399:931): avc:  denied  { bind } for  pid=15960 comm="syz.1.2541" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  869.480749][T15977] overlayfs: missing 'lowerdir'
[  869.519259][ T5944] usb 3-1: new high-speed USB device number 92 using dummy_hcd
[  870.303589][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  870.312037][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  870.323232][ T5944] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  870.353993][T15984] netlink: 88 bytes leftover after parsing attributes in process `syz.3.2544'.
[  870.393901][   T30] audit: type=1400 audit(1753648980.549:932): avc:  denied  { setcheckreqprot } for  pid=15978 comm="syz.1.2545" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  870.464766][T11198] Bluetooth: hci0: command tx timeout
[  870.704522][ T5944] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  870.761097][ T5944] usb 3-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  870.826241][ T5944] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  870.884328][ T5944] usb 3-1: config 0 descriptor??
[  871.339041][  T975] usb 2-1: new high-speed USB device number 57 using dummy_hcd
[  871.353531][ T5944] cp2112 0003:10C4:EA90.002E: unknown main item tag 0x0
[  871.418670][ T5944] cp2112 0003:10C4:EA90.002E: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.2-1/input0
[  871.693777][  T975] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  872.242807][   T30] audit: type=1400 audit(1753648982.219:933): avc:  denied  { ioctl } for  pid=15993 comm="syz.3.2548" path="socket:[51003]" dev="sockfs" ino=51003 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  872.622296][  T975] usb 2-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice=83.9c
[  872.665345][  T975] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  872.697043][  T975] usb 2-1: Product: syz
[  872.716410][  T975] usb 2-1: Manufacturer: syz
[  872.725140][  T975] usb 2-1: SerialNumber: syz
[  872.748501][  T975] usb 2-1: config 0 descriptor??
[  872.769100][T11198] Bluetooth: hci0: command tx timeout
[  872.821815][  T975] ims_pcu 2-1:0.0: Zero length descriptor
[  872.947357][  T975] ims_pcu 2-1:0.0: probe with driver ims_pcu failed with error -22
[  873.040137][T15987] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  873.073529][T15987] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  873.141526][T15987] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  873.154743][T15987] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  873.188214][  T975] usb 2-1: USB disconnect, device number 57
[  873.491815][T15952] netdevsim netdevsim5 netdevsim0: renamed from eth1
[  873.575915][T15952] netdevsim netdevsim5 netdevsim1: renamed from eth2
[  873.654446][T15952] netdevsim netdevsim5 netdevsim2: renamed from eth3
[  873.704116][T15952] netdevsim netdevsim5 netdevsim3: renamed from eth4
[  873.801877][ T5915] usb 4-1: new high-speed USB device number 72 using dummy_hcd
[  873.970245][ T5915] usb 4-1: too many configurations: 17, using maximum allowed: 8
[  873.988375][ T5915] usb 4-1: config 4 has an invalid descriptor of length 67, skipping remainder of the config
[  874.007986][ T5915] usb 4-1: too many endpoints for config 4 interface 0 altsetting 0: 253, using maximum allowed: 30
[  874.024155][ T5915] usb 4-1: config 4 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 253
[  874.057908][ T5915] usb 4-1: config 4 has an invalid descriptor of length 67, skipping remainder of the config
[  874.076652][ T5915] usb 4-1: too many endpoints for config 4 interface 0 altsetting 0: 253, using maximum allowed: 30
[  874.111223][ T5915] usb 4-1: config 4 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 253
[  874.130513][ T5915] usb 4-1: config 4 has an invalid descriptor of length 67, skipping remainder of the config
[  874.146311][ T5944] cp2112 0003:10C4:EA90.002E: error requesting version
[  874.154073][ T5915] usb 4-1: too many endpoints for config 4 interface 0 altsetting 0: 253, using maximum allowed: 30
[  874.154118][ T5915] usb 4-1: config 4 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 253
[  874.155083][ T5915] usb 4-1: config 4 has an invalid descriptor of length 67, skipping remainder of the config
[  874.192939][ T5944] cp2112 0003:10C4:EA90.002E: probe with driver cp2112 failed with error -71
[  874.197606][ T5915] usb 4-1: too many endpoints for config 4 interface 0 altsetting 0: 253, using maximum allowed: 30
[  874.230037][ T5915] usb 4-1: config 4 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 253
[  874.258972][ T5981] usb 2-1: new full-speed USB device number 58 using dummy_hcd
[  874.260324][ T5915] usb 4-1: config 4 has an invalid descriptor of length 67, skipping remainder of the config
[  874.433632][ T5915] usb 4-1: too many endpoints for config 4 interface 0 altsetting 0: 253, using maximum allowed: 30
[  874.441535][ T5981] usb 2-1: config 0 has an invalid interface number: 214 but max is 0
[  874.461619][ T5915] usb 4-1: config 4 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 253
[  874.473600][ T5981] usb 2-1: config 0 has no interface number 0
[  874.582452][   T30] audit: type=1400 audit(1753648985.329:934): avc:  denied  { mounton } for  pid=16030 comm="syz.2.2554" path="/521/file0" dev="tmpfs" ino=2998 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1
[  874.690930][ T5915] usb 4-1: config 4 has an invalid descriptor of length 67, skipping remainder of the config
[  874.759807][ T5915] usb 4-1: too many endpoints for config 4 interface 0 altsetting 0: 253, using maximum allowed: 30
[  874.850598][T11198] Bluetooth: hci0: command tx timeout
[  874.877862][ T5915] usb 4-1: config 4 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 253
[  874.878910][ T5981] usb 2-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  874.918395][ T5981] usb 2-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5
[  874.928822][ T5915] usb 4-1: config 4 has an invalid descriptor of length 67, skipping remainder of the config
[  874.929706][ T5981] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  874.949003][ T5981] usb 2-1: Product: syz
[  874.953362][ T5981] usb 2-1: Manufacturer: syz
[  874.957972][ T5981] usb 2-1: SerialNumber: syz
[  874.959851][ T5915] usb 4-1: too many endpoints for config 4 interface 0 altsetting 0: 253, using maximum allowed: 30
[  874.974537][ T5981] usb 2-1: config 0 descriptor??
[  874.980824][ T5915] usb 4-1: config 4 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 253
[  874.996518][ T5915] usb 4-1: config 4 has an invalid descriptor of length 67, skipping remainder of the config
[  875.013936][ T5915] usb 4-1: too many endpoints for config 4 interface 0 altsetting 0: 253, using maximum allowed: 30
[  875.026466][ T5915] usb 4-1: config 4 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 253
[  875.041978][ T5915] usb 4-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  875.054744][ T5915] usb 4-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  875.066530][ T5915] usb 4-1: Manufacturer: syz
[  875.096740][ T5915] usbhid 4-1:4.0: couldn't find an input interrupt endpoint
[  875.177253][T15952] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  875.204176][ T5981] usbtouchscreen 2-1:0.214: Failed to read FW rev: 0
[  875.216637][T15952] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  875.218343][ T5981] usbtouchscreen 2-1:0.214: probe with driver usbtouchscreen failed with error -5
[  875.275863][   T30] audit: type=1400 audit(1753648986.049:935): avc:  denied  { mount } for  pid=16044 comm="syz.2.2555" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  875.300503][T15952] wireguard: wg0: Could not create IPv4 socket
[  875.306013][ T5944] usb 3-1: USB disconnect, device number 92
[  875.308473][T15952] wireguard: wg1: Could not create IPv4 socket
[  875.338200][T15952] wireguard: wg2: Could not create IPv4 socket
[  875.428192][T16025] fuse: Unknown parameter '�'
[  875.466051][   T30] audit: type=1400 audit(1753648986.239:936): avc:  denied  { write } for  pid=16024 comm="syz.1.2553" name="sg0" dev="devtmpfs" ino=762 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  875.922965][   T30] audit: type=1400 audit(1753648986.619:937): avc:  denied  { create } for  pid=16050 comm="syz.2.2556" name="#195" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  876.043520][   T30] audit: type=1400 audit(1753648986.619:938): avc:  denied  { link } for  pid=16050 comm="syz.2.2556" name="#195" dev="tmpfs" ino=3020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  876.142580][   T30] audit: type=1400 audit(1753648986.619:939): avc:  denied  { rename } for  pid=16050 comm="syz.2.2556" name="#196" dev="tmpfs" ino=3020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  876.696921][T16061] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2557'.
[  876.722016][   T30] audit: type=1400 audit(1753648987.449:940): avc:  denied  { map } for  pid=16057 comm="syz.4.2557" path="socket:[52453]" dev="sockfs" ino=52453 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[  876.801844][T16068] trusted_key: encrypted_key: insufficient parameters specified
[  877.263262][ T5915] usb 2-1: USB disconnect, device number 58
[  878.293703][  T975] usb 4-1: USB disconnect, device number 72
[  878.329967][   T48] usb 3-1: new high-speed USB device number 93 using dummy_hcd
[  878.511306][   T48] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  879.035778][   T30] audit: type=1326 audit(1753648989.809:941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16098 comm="syz.1.2565" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f902238e9a9 code=0x0
[  879.358383][   T48] usb 3-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice=83.9c
[  879.367633][   T48] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  879.376001][   T48] usb 3-1: Product: syz
[  879.386378][   T48] usb 3-1: Manufacturer: syz
[  879.391178][   T48] usb 3-1: SerialNumber: syz
[  879.403438][   T48] usb 3-1: config 0 descriptor??
[  879.410367][   T48] ims_pcu 3-1:0.0: Zero length descriptor
[  879.416996][   T48] ims_pcu 3-1:0.0: probe with driver ims_pcu failed with error -22
[  879.637438][T16120] 9pnet_fd: Insufficient options for proto=fd
[  879.933524][T16122] 8021q: VLANs not supported on ip6gre0
[  880.228579][T16120] netlink: 4440 bytes leftover after parsing attributes in process `syz.4.2570'.
[  880.256854][T16089] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  880.512679][T16089] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  880.725205][T16089] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  880.818088][T16089] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  880.868232][   T48] usb 3-1: USB disconnect, device number 93
[  882.569062][   T30] audit: type=1400 audit(1753648993.339:942): avc:  denied  { create } for  pid=16212 comm="syz.3.2573" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  882.704133][   T30] audit: type=1400 audit(1753648993.369:943): avc:  denied  { connect } for  pid=16209 comm="syz.1.2571" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  883.805154][   T30] audit: type=1400 audit(1753648993.459:944): avc:  denied  { write } for  pid=16209 comm="syz.1.2571" path="socket:[53508]" dev="sockfs" ino=53508 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  885.237173][T16239] 9pnet_fd: Insufficient options for proto=fd
[  885.249449][T16239] netlink: 4440 bytes leftover after parsing attributes in process `syz.3.2578'.
[  885.887194][ T5833] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  885.898451][ T5833] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  885.907014][ T5833] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  885.916206][ T5833] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  885.926422][ T5833] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  885.947345][T16247] Failed to initialize the IGMP autojoin socket (err -2)
[  886.125531][   T30] audit: type=1400 audit(1753648996.899:945): avc:  denied  { read write } for  pid=16248 comm="syz.4.2580" name="rtc0" dev="devtmpfs" ino=921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  886.890303][   T30] audit: type=1400 audit(1753648996.899:946): avc:  denied  { open } for  pid=16248 comm="syz.4.2580" path="/dev/rtc0" dev="devtmpfs" ino=921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  887.070898][T16264] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[  887.561080][T16269] comedi comedi0: Minor 4 could not be opened
[  887.974169][T11198] Bluetooth: hci0: command tx timeout
[  888.575077][T16278] 8021q: VLANs not supported on ip6gre0
[  888.581665][T16275] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[  889.681087][T16304] 8021q: VLANs not supported on ip6gre0
[  889.877011][T16312] trusted_key: encrypted_key: insufficient parameters specified
[  890.048867][T11198] Bluetooth: hci0: command tx timeout
[  890.669751][ T5944] usb 3-1: new high-speed USB device number 94 using dummy_hcd
[  890.689076][  T975] usb 2-1: new full-speed USB device number 59 using dummy_hcd
[  890.713561][T16247] netdevsim netdevsim5 netdevsim0: renamed from eth1
[  890.801066][T16247] netdevsim netdevsim5 netdevsim1: renamed from eth2
[  890.866544][T16247] netdevsim netdevsim5 netdevsim2: renamed from eth3
[  890.894896][ T5944] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  890.934608][  T975] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  890.960440][ T5944] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  891.002110][  T975] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  891.079325][ T5944] usb 3-1: New USB device found, idVendor=07c0, idProduct=1125, bcdDevice= 0.00
[  891.106495][ T5944] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  891.114207][T16247] netdevsim netdevsim5 netdevsim3: renamed from eth4
[  891.115041][  T975] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  891.189661][ T5944] usb 3-1: config 0 descriptor??
[  891.228556][  T975] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  891.257846][  T975] usb 2-1: config 0 descriptor??
[  891.280150][  T975] hub 2-1:0.0: USB hub found
[  891.488972][  T975] hub 2-1:0.0: 2 ports detected
[  891.634876][ T5944] vrc2 0003:07C0:1125.002F: fixing up VRC-2 report descriptor
[  892.018972][ T5944] input: HID 07c0:1125 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:07C0:1125.002F/input/input64
[  892.030729][T16325] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  892.085871][T16325] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  892.128864][T11198] Bluetooth: hci0: command tx timeout
[  892.155299][T16325] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2594'.
[  892.174607][ T5944] vrc2 0003:07C0:1125.002F: input,hidraw0: USB HID v0.01 Joystick [HID 07c0:1125] on usb-dummy_hcd.2-1/input0
[  892.219086][  T975] usb 2-1: USB disconnect, device number 59
[  892.283369][ T5944] usb 3-1: USB disconnect, device number 94
[  892.534442][T16360] fido_id[16360]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[  893.041704][T16370] 8021q: VLANs not supported on ip6gre0
[  893.442432][T16247] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  893.499685][T16247] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  893.544576][T16247] wireguard: wg0: Could not create IPv4 socket
[  893.565601][T16247] wireguard: wg1: Could not create IPv4 socket
[  893.594011][T16247] wireguard: wg2: Could not create IPv4 socket
[  894.208584][T11198] Bluetooth: hci0: command tx timeout
[  894.229598][T16387] 8021q: VLANs not supported on ip6gre0
[  894.236022][T16379] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[  894.470215][T16394] syz.1.2604: attempt to access beyond end of device
[  894.470215][T16394] nbd1: rw=4096, sector=2, nr_sectors = 2 limit=0
[  894.515998][T16394] EXT4-fs (nbd1): unable to read superblock
[  895.471912][T16400] netdevsim netdevsim4: Direct firmware load for ./file0 failed with error -2
[  895.484124][T16400] netdevsim netdevsim4: Falling back to sysfs fallback for: ./file0
[  895.484148][   T30] audit: type=1400 audit(2000000007.740:947): avc:  denied  { firmware_load } for  pid=16391 comm="syz.4.2605" scontext=system_u:system_r:kernel_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  896.517595][   T30] audit: type=1400 audit(2000000008.770:948): avc:  denied  { setopt } for  pid=16419 comm="syz.1.2608" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  896.830275][   T30] audit: type=1400 audit(2000000009.010:949): avc:  denied  { read } for  pid=16419 comm="syz.1.2608" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  896.855675][   T30] audit: type=1400 audit(2000000009.010:950): avc:  denied  { open } for  pid=16419 comm="syz.1.2608" path="/dev/autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  897.036321][T16432] 8021q: VLANs not supported on ip6tnl0
[  897.389672][   T30] audit: type=1400 audit(2000000009.010:951): avc:  denied  { ioctl } for  pid=16419 comm="syz.1.2608" path="/dev/autofs" dev="devtmpfs" ino=98 ioctlcmd=0x937a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  897.479717][T16434] netlink: 88 bytes leftover after parsing attributes in process `syz.3.2609'.
[  900.394590][T16458] 8021q: VLANs not supported on ip6tnl0
[  903.098767][T16478] vxcan1: tx drop: invalid sa for name 0x0000000000000040
[  906.602227][T16555] FAULT_INJECTION: forcing a failure.
[  906.602227][T16555] name failslab, interval 1, probability 0, space 0, times 0
[  906.614860][   T30] audit: type=1400 audit(2000000018.861:952): avc:  denied  { write } for  pid=16554 comm="syz.1.2620" name="fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  906.763644][T16555] CPU: 1 UID: 0 PID: 16555 Comm: syz.1.2620 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  906.763674][T16555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  906.763685][T16555] Call Trace:
[  906.763692][T16555]  <TASK>
[  906.763699][T16555]  dump_stack_lvl+0x16c/0x1f0
[  906.763735][T16555]  should_fail_ex+0x512/0x640
[  906.763762][T16555]  ? fs_reclaim_acquire+0xae/0x150
[  906.763787][T16555]  ? tomoyo_encode2+0x100/0x3e0
[  906.763804][T16555]  should_failslab+0xc2/0x120
[  906.763822][T16555]  __kmalloc_noprof+0xd2/0x510
[  906.763848][T16555]  ? d_absolute_path+0x136/0x1a0
[  906.763875][T16555]  tomoyo_encode2+0x100/0x3e0
[  906.763897][T16555]  tomoyo_encode+0x29/0x50
[  906.763913][T16555]  tomoyo_realpath_from_path+0x18f/0x6e0
[  906.763940][T16555]  tomoyo_path_number_perm+0x245/0x580
[  906.763965][T16555]  ? tomoyo_path_number_perm+0x237/0x580
[  906.763994][T16555]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  906.764021][T16555]  ? find_held_lock+0x2b/0x80
[  906.764069][T16555]  ? find_held_lock+0x2b/0x80
[  906.764090][T16555]  ? hook_file_ioctl_common+0x145/0x410
[  906.764118][T16555]  ? __fget_files+0x20e/0x3c0
[  906.764140][T16555]  security_file_ioctl+0x9b/0x240
[  906.764160][T16555]  __x64_sys_ioctl+0xb7/0x210
[  906.764187][T16555]  do_syscall_64+0xcd/0x4c0
[  906.764207][T16555]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  906.764226][T16555] RIP: 0033:0x7f902238e9a9
[  906.764241][T16555] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  906.764259][T16555] RSP: 002b:00007f90232dd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  906.764277][T16555] RAX: ffffffffffffffda RBX: 00007f90225b5fa0 RCX: 00007f902238e9a9
[  906.764289][T16555] RDX: 0000200000000040 RSI: 0000000000004601 RDI: 0000000000000003
[  906.764300][T16555] RBP: 00007f90232dd090 R08: 0000000000000000 R09: 0000000000000000
[  906.764311][T16555] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  906.764321][T16555] R13: 0000000000000000 R14: 00007f90225b5fa0 R15: 00007ffd4f54dd68
[  906.764347][T16555]  </TASK>
[  906.764453][T16555] ERROR: Out of memory at tomoyo_realpath_from_path.
[  907.215054][ T5833] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  907.228295][ T5833] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  907.238286][ T5833] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  907.247183][ T5833] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  907.261586][ T5833] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  907.287013][T16570] Failed to initialize the IGMP autojoin socket (err -2)
[  907.568875][T16579] netlink: 88 bytes leftover after parsing attributes in process `syz.2.2625'.
[  907.833126][T16585] 8021q: VLANs not supported on ip6gre0
[  909.339367][T11198] Bluetooth: hci0: command tx timeout
[  910.828284][T16630] FAULT_INJECTION: forcing a failure.
[  910.828284][T16630] name failslab, interval 1, probability 0, space 0, times 0
[  910.841061][T16630] CPU: 0 UID: 0 PID: 16630 Comm: syz.1.2638 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  910.841086][T16630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  910.841097][T16630] Call Trace:
[  910.841108][T16630]  <TASK>
[  910.841115][T16630]  dump_stack_lvl+0x16c/0x1f0
[  910.841147][T16630]  should_fail_ex+0x512/0x640
[  910.841175][T16630]  ? fs_reclaim_acquire+0xae/0x150
[  910.841198][T16630]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  910.841217][T16630]  should_failslab+0xc2/0x120
[  910.841235][T16630]  __kmalloc_noprof+0xd2/0x510
[  910.841268][T16630]  tomoyo_realpath_from_path+0xc2/0x6e0
[  910.841289][T16630]  ? tomoyo_profile+0x47/0x60
[  910.841312][T16630]  tomoyo_path_number_perm+0x245/0x580
[  910.841337][T16630]  ? tomoyo_path_number_perm+0x237/0x580
[  910.841364][T16630]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  910.841390][T16630]  ? preempt_schedule_common+0x44/0xc0
[  910.841443][T16630]  ? find_held_lock+0x2b/0x80
[  910.841465][T16630]  ? hook_file_ioctl_common+0x145/0x410
[  910.841492][T16630]  ? __fget_files+0x20e/0x3c0
[  910.841515][T16630]  security_file_ioctl+0x9b/0x240
[  910.841534][T16630]  __x64_sys_ioctl+0xb7/0x210
[  910.841560][T16630]  do_syscall_64+0xcd/0x4c0
[  910.841580][T16630]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  910.841598][T16630] RIP: 0033:0x7f902238e9a9
[  910.841612][T16630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  910.841629][T16630] RSP: 002b:00007f902329b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  910.841647][T16630] RAX: ffffffffffffffda RBX: 00007f90225b6160 RCX: 00007f902238e9a9
[  910.841658][T16630] RDX: 0000000000000000 RSI: 000000004004550d RDI: 0000000000000005
[  910.841669][T16630] RBP: 00007f902329b090 R08: 0000000000000000 R09: 0000000000000000
[  910.841679][T16630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  910.841690][T16630] R13: 0000000000000000 R14: 00007f90225b6160 R15: 00007ffd4f54dd68
[  910.841715][T16630]  </TASK>
[  910.841737][T16630] ERROR: Out of memory at tomoyo_realpath_from_path.
[  911.417550][T11198] Bluetooth: hci0: command tx timeout
[  911.512645][T16639] trusted_key: encrypted_key: insufficient parameters specified
[  911.848173][T16647] overlayfs: missing 'workdir'
[  912.436924][   T30] audit: type=1400 audit(2000000024.691:953): avc:  denied  { read } for  pid=16650 comm="syz.3.2642" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  912.504872][T16570] netdevsim netdevsim5 netdevsim0: renamed from eth1
[  912.554451][   T30] audit: type=1400 audit(2000000024.691:954): avc:  denied  { write } for  pid=16650 comm="syz.3.2642" path="socket:[55476]" dev="sockfs" ino=55476 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  912.596451][T16570] netdevsim netdevsim5 netdevsim1: renamed from eth2
[  912.613354][T16649] netlink: 88 bytes leftover after parsing attributes in process `syz.1.2641'.
[  912.656034][T16570] netdevsim netdevsim5 netdevsim2: renamed from eth3
[  912.763782][T16570] netdevsim netdevsim5 netdevsim3: renamed from eth4
[  913.417586][ T5944] usb 3-1: new full-speed USB device number 95 using dummy_hcd
[  913.499054][T11198] Bluetooth: hci0: command tx timeout
[  913.579739][ T5944] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  913.590808][ T5944] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  913.620062][ T5944] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  913.695642][ T5944] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  913.710993][ T5944] usb 3-1: config 0 descriptor??
[  913.723176][ T5944] hub 3-1:0.0: USB hub found
[  913.923404][ T5944] hub 3-1:0.0: 2 ports detected
[  914.198874][  T975] usb 4-1: new high-speed USB device number 73 using dummy_hcd
[  914.348253][ T5944] usb 3-1: USB disconnect, device number 95
[  914.382935][  T975] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  914.433917][  T975] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  914.457235][  T975] usb 4-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  914.509307][  T975] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  914.538449][  T975] usb 4-1: config 0 descriptor??
[  914.925357][T16570] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  914.967727][T16570] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  915.158181][  T975] cp2112 0003:10C4:EA90.0030: unknown main item tag 0x0
[  915.207597][  T975] cp2112 0003:10C4:EA90.0030: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.3-1/input0
[  915.242393][T16570] wireguard: wg0: Could not create IPv4 socket
[  915.448243][T16708] CUSE: unknown device info "�KJ�H+��ۤ2Lh��nL�1�`�Cc��n�����8���0���(�3նi��>f���_ٮ,��
�<�_e�F��"
[  915.460327][T16708] CUSE: unknown device info "3�ܟ�,��̘�"
[  915.466943][T16708] CUSE: unknown device info "J���2SZ�� !e/��������J�+-n��a4����D�|G$��5O~�q	��
[  915.466943][T16708] f����z��X�SA�x��j��T�ǔ��w���xR�ɐQ��(hҏj	p�VdY0��|M?2J��I�v�^
R�@��"
[  915.485823][T16708] CUSE: unknown device info "!To�}ݝ&|L+U��o��ϲ���"��FstV�:׌E�gJ�����<@c�����4�T�M�M|�����"
[  915.497477][T16708] CUSE: DEVNAME unspecified
[  915.606360][T11198] Bluetooth: hci0: command tx timeout
[  915.612600][   T30] audit: type=1400 audit(2000000027.861:955): avc:  denied  { kexec_image_load } for  pid=16701 comm="syz.2.2648" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[  915.751271][T16570] wireguard: wg1: Could not create IPv4 socket
[  915.757783][  T975] cp2112 0003:10C4:EA90.0030: Part Number: 0x01 Device Version: 0x00
[  915.764278][ T5915] usb 2-1: new high-speed USB device number 60 using dummy_hcd
[  915.785950][T16570] wireguard: wg2: Could not create IPv4 socket
[  916.191620][ T5915] usb 2-1: Using ep0 maxpacket: 32
[  916.210489][ T5915] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  916.239629][ T5915] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  916.271485][ T5915] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  916.281983][T16716] comedi comedi1: bad chanlist[0]=0x00000004 chan=4 range length=1
[  916.318546][ T5915] usb 2-1: config 0 descriptor??
[  916.360366][ T5915] hub 2-1:0.0: bad descriptor, ignoring hub
[  916.382456][ T5915] hub 2-1:0.0: probe with driver hub failed with error -5
[  916.413980][ T5915] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  916.494302][  T975] cp2112 0003:10C4:EA90.0030: error reading lock byte: -71
[  916.585105][T16722] trusted_key: encrypted_key: insufficient parameters specified
[  916.852909][T16723] comedi comedi1: bad chanlist[0]=0x00000004 chan=4 range length=1
[  917.051753][T16734] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  917.089703][T16734] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  917.859298][  T975] usb 4-1: USB disconnect, device number 73
[  918.644138][   T48] usb 2-1: USB disconnect, device number 60
[  921.738520][T16864] vxcan1: tx drop: invalid sa for name 0x0000000000000040
[  923.035150][T16868] netlink: 88 bytes leftover after parsing attributes in process `syz.2.2659'.
[  923.179617][T16863] netlink: 'syz.4.2661': attribute type 10 has an invalid length.
[  923.197463][T16863] bridge0: port 2(bridge_slave_1) entered disabled state
[  923.204674][T16863] bridge0: port 1(bridge_slave_0) entered disabled state
[  923.281789][   T30] audit: type=1800 audit(2000000035.531:956): pid=16853 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.1.2658" name="/" dev="9p" ino=2 res=0 errno=0
[  923.322928][T16871] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2661'.
[  923.335996][T16863] bridge0: port 2(bridge_slave_1) entered blocking state
[  923.343192][T16863] bridge0: port 2(bridge_slave_1) entered forwarding state
[  923.350698][T16863] bridge0: port 1(bridge_slave_0) entered blocking state
[  923.357888][T16863] bridge0: port 1(bridge_slave_0) entered forwarding state
[  923.370610][T16863] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  923.403993][T16871] bridge_slave_1: left allmulticast mode
[  923.432113][T16871] bridge_slave_1: left promiscuous mode
[  923.599315][T16871] bridge0: port 2(bridge_slave_1) entered disabled state
[  924.129635][T16871] bridge_slave_0: left allmulticast mode
[  924.157819][T16871] bridge_slave_0: left promiscuous mode
[  924.163858][T16871] bridge0: port 1(bridge_slave_0) entered disabled state
[  924.339110][ T5833] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  924.353138][ T5833] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  924.366721][ T5833] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  924.378203][ T5833] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  924.418653][ T5833] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  924.737637][T16871] bond0: (slave bridge0): Releasing backup interface
[  924.895473][T16878] 8021q: VLANs not supported on ip6gre0
[  924.916694][T16881] Failed to initialize the IGMP autojoin socket (err -2)
[  925.236817][T16888] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[  926.306592][T16918] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[  926.446142][T16925] 9pnet_fd: Insufficient options for proto=fd
[  926.453252][T11198] Bluetooth: hci0: command tx timeout
[  926.457953][T16925] netlink: 4440 bytes leftover after parsing attributes in process `syz.3.2673'.
[  927.648118][T16881] netdevsim netdevsim5 netdevsim0: renamed from eth1
[  927.779071][T16881] netdevsim netdevsim5 netdevsim1: renamed from eth2
[  928.073095][T16881] netdevsim netdevsim5 netdevsim2: renamed from eth3
[  928.316665][T16881] netdevsim netdevsim5 netdevsim3: renamed from eth4
[  928.435800][   T30] audit: type=1400 audit(2000000040.692:957): avc:  denied  { ioctl } for  pid=16951 comm="syz.2.2677" path="socket:[55932]" dev="sockfs" ino=55932 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  928.526737][T11198] Bluetooth: hci0: command tx timeout
[  929.470731][T16978] Failed to initialize the IGMP autojoin socket (err -2)
[  929.880454][T16991] FAULT_INJECTION: forcing a failure.
[  929.880454][T16991] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  929.941714][T16991] CPU: 1 UID: 0 PID: 16991 Comm: syz.1.2683 Not tainted 6.16.0-rc7-syzkaller #0 PREEMPT(full) 
[  929.941741][T16991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  929.941751][T16991] Call Trace:
[  929.941758][T16991]  <TASK>
[  929.941764][T16991]  dump_stack_lvl+0x16c/0x1f0
[  929.941796][T16991]  should_fail_ex+0x512/0x640
[  929.941825][T16991]  _copy_from_user+0x2e/0xd0
[  929.941842][T16991]  copy_msghdr_from_user+0x98/0x160
[  929.941869][T16991]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  929.941906][T16991]  ___sys_sendmsg+0xfe/0x1d0
[  929.941933][T16991]  ? __pfx____sys_sendmsg+0x10/0x10
[  929.941965][T16991]  ? __lock_acquire+0x622/0x1c90
[  929.942013][T16991]  __sys_sendmsg+0x16d/0x220
[  929.942031][T16991]  ? __pfx___sys_sendmsg+0x10/0x10
[  929.942062][T16991]  do_syscall_64+0xcd/0x4c0
[  929.942079][T16991]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  929.942096][T16991] RIP: 0033:0x7f902238e9a9
[  929.942110][T16991] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  929.942127][T16991] RSP: 002b:00007f90232dd038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  929.942144][T16991] RAX: ffffffffffffffda RBX: 00007f90225b5fa0 RCX: 00007f902238e9a9
[  929.942156][T16991] RDX: 0000000020000000 RSI: 00002000000006c0 RDI: 0000000000000003
[  929.942166][T16991] RBP: 00007f90232dd090 R08: 0000000000000000 R09: 0000000000000000
[  929.942176][T16991] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  929.942187][T16991] R13: 0000000000000000 R14: 00007f90225b5fa0 R15: 00007ffd4f54dd68
[  929.942209][T16991]  </TASK>
[  930.304926][T16997] Failed to initialize the IGMP autojoin socket (err -2)
[  930.606715][T11198] Bluetooth: hci0: command tx timeout
[  930.803750][T16881] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  931.222008][T16881] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  931.301406][T16881] wireguard: wg0: Could not create IPv4 socket
[  931.310838][T17024] netlink: 88 bytes leftover after parsing attributes in process `syz.3.2686'.
[  931.342793][T16881] wireguard: wg1: Could not create IPv4 socket
[  931.379540][T16881] wireguard: wg2: Could not create IPv4 socket
[  931.457279][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  931.466469][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  933.287000][ T5915] usb 3-1: new high-speed USB device number 96 using dummy_hcd
[  933.457066][ T5915] usb 3-1: Using ep0 maxpacket: 32
[  933.469637][ T5915] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  933.484473][ T5915] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  933.507059][ T5915] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  933.520074][ T5915] usb 3-1: config 0 descriptor??
[  933.537882][ T5915] hub 3-1:0.0: bad descriptor, ignoring hub
[  933.543835][ T5915] hub 3-1:0.0: probe with driver hub failed with error -5
[  933.565257][ T5915] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  935.483047][   T30] audit: type=1400 audit(2000000047.742:958): avc:  denied  { read } for  pid=17144 comm="syz.4.2692" name="mice" dev="devtmpfs" ino=916 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  935.830324][   T30] audit: type=1400 audit(2000000047.742:959): avc:  denied  { open } for  pid=17144 comm="syz.4.2692" path="/dev/input/mice" dev="devtmpfs" ino=916 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  936.054095][T17148] overlayfs: missing 'lowerdir'
[  936.469628][ T5944] usb 3-1: USB disconnect, device number 96
[  936.515098][T17159] netlink: 88 bytes leftover after parsing attributes in process `syz.3.2691'.
[  936.980973][ T5833] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  936.995432][ T5833] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  937.616924][T17166] 8021q: VLANs not supported on ip6tnl0
[  937.948848][ T5833] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  937.957360][ T5833] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  937.965003][ T5833] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  938.154827][T17165] Failed to initialize the IGMP autojoin socket (err -2)
[  938.729092][   T30] audit: type=1400 audit(2000000050.552:960): avc:  denied  { setattr } for  pid=17175 comm="syz.4.2695" name="" dev="pipefs" ino=4454 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  939.426211][ T5944] usb 4-1: new high-speed USB device number 74 using dummy_hcd
[  939.816107][ T5944] usb 4-1: Using ep0 maxpacket: 8
[  939.832902][ T5944] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 13
[  939.861478][ T5944] usb 4-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[  939.880907][ T5944] usb 4-1: New USB device strings: Mfr=241, Product=1, SerialNumber=3
[  939.897358][ T5944] usb 4-1: Product: syz
[  939.908739][ T5944] usb 4-1: Manufacturer: syz
[  939.917418][ T5944] usb 4-1: SerialNumber: syz
[  939.937950][ T5944] usb 4-1: config 0 descriptor??
[  939.968919][T17201] netlink: 88 bytes leftover after parsing attributes in process `syz.1.2697'.
[  939.990490][ T5944] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[  940.066389][T11198] Bluetooth: hci0: command tx timeout
[  940.516772][   T30] audit: type=1400 audit(2000000052.772:961): avc:  denied  { create } for  pid=17209 comm="syz.4.2701" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  940.971056][ T5944] gspca_zc3xx: reg_w_i err -110
[  940.994998][   T30] audit: type=1400 audit(2000000052.772:962): avc:  denied  { ioctl } for  pid=17209 comm="syz.4.2701" path="socket:[56617]" dev="sockfs" ino=56617 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  941.136340][   T30] audit: type=1400 audit(2000000052.782:963): avc:  denied  { connect } for  pid=17209 comm="syz.4.2701" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  941.565867][ T5944] gspca_zc3xx: Unknown sensor - set to TAS5130C
[  942.298102][ T5944] gspca_zc3xx 4-1:0.0: probe with driver gspca_zc3xx failed with error -110
[  942.318111][T11198] Bluetooth: hci0: command tx timeout
[  942.466725][ T5944] usb 4-1: USB disconnect, device number 74
[  943.232695][T17247] 8021q: VLANs not supported on ip6tnl0
[  943.306555][T17255] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2703'.
[  943.507702][T17245] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2703'.
[  943.547418][   T30] audit: type=1400 audit(2000000055.803:964): avc:  denied  { write } for  pid=17253 comm="syz.2.2708" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  943.572274][T17254] random: crng reseeded on system resumption
[  943.627783][   T30] audit: type=1400 audit(2000000055.873:965): avc:  denied  { ioctl } for  pid=17253 comm="syz.2.2708" path="/dev/snapshot" dev="devtmpfs" ino=92 ioctlcmd=0x3309 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  943.792088][  T975] usb 4-1: new high-speed USB device number 75 using dummy_hcd
[  943.801051][T17264] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2708'.
[  944.001594][  T975] usb 4-1: Using ep0 maxpacket: 16
[  944.026423][  T975] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  944.085981][  T975] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  944.234702][  T975] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  944.245613][  T975] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  944.255425][  T975] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  944.271512][  T975] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  944.318976][  T975] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  944.432411][T11198] Bluetooth: hci0: command tx timeout
[  944.802534][  T975] usb 4-1: Manufacturer: syz
[  944.831761][  T975] usb 4-1: config 0 descriptor??
[  945.056548][T17165] netdevsim netdevsim5 netdevsim0: renamed from eth1
[  945.234227][T17165] netdevsim netdevsim5 netdevsim1: renamed from eth2
[  945.407059][T17165] netdevsim netdevsim5 netdevsim2: renamed from eth3
[  945.481046][T17165] netdevsim netdevsim5 netdevsim3: renamed from eth4
[  945.548283][  T975] rc_core: IR keymap rc-hauppauge not found
[  945.554226][  T975] Registered IR keymap rc-empty
[  945.618244][  T975] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  945.692236][  T975] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  945.801388][  T975] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[  945.858842][  T975] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input65
[  946.145232][  T975] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  946.445849][T11198] Bluetooth: hci0: command tx timeout
[  946.505825][  T975] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  946.535787][  T975] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  946.575919][  T975] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  946.755824][  T975] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  946.775837][  T975] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  946.806129][  T975] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  946.831561][  T975] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  946.905562][  T975] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  947.018742][  T975] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  947.184479][  T975] mceusb 4-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  947.268822][  T975] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  947.484250][  T975] usb 4-1: USB disconnect, device number 75
[  947.565853][ T5944] usb 2-1: new high-speed USB device number 61 using dummy_hcd
[  947.856693][ T5944] usb 2-1: Using ep0 maxpacket: 8
[  947.906496][ T5944] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[  947.914772][ T5944] usb 2-1: config 179 has no interface number 0
[  947.923067][T17319] tipc: Enabling of bearer <eth:team0> rejected, failed to enable media
[  947.949089][ T5944] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[  947.962650][ T5944] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[  947.999316][ T5944] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 52, changing to 9
[  948.013693][ T5944] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid maxpacket 8241, setting to 1024
[  948.030437][ T5944] usb 2-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  948.046080][ T5915] usb 3-1: new full-speed USB device number 97 using dummy_hcd
[  948.196080][  T975] usb 4-1: new high-speed USB device number 76 using dummy_hcd
[  948.204343][ T5944] usb 2-1: config 179 interface 65 has no altsetting 0
[  948.212215][ T5944] usb 2-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  948.221907][ T5944] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  948.241334][ T5915] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  948.378733][ T5915] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  948.554458][ T5915] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  948.708151][ T5944] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:179.65/input/input66
[  948.709026][ T5915] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  948.773036][ T5915] usb 3-1: config 0 descriptor??
[  948.788716][  T975] usb 4-1: Using ep0 maxpacket: 16
[  948.790589][ T5915] hub 3-1:0.0: USB hub found
[  948.794065][ T5187] input input66: unable to receive magic message: -110
[  948.835826][  T975] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  948.851323][T17165] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  948.865479][  T975] usb 4-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  948.886888][  T975] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  948.967958][ T5187] input input66: unable to receive magic message: -32
[  948.976156][  T975] usb 4-1: config 0 descriptor??
[  948.995754][T17165] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  949.022110][  T975] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input67
[  949.035859][ T5915] hub 3-1:0.0: 2 ports detected
[  949.051990][T17315] input input66: unable to receive magic message: -32
[  949.063429][T17165] wireguard: wg0: Could not create IPv4 socket
[  949.088399][T17165] wireguard: wg1: Could not create IPv4 socket
[  949.114310][T17165] wireguard: wg2: Could not create IPv4 socket
[  949.127705][   T30] audit: type=1400 audit(2000000061.383:966): avc:  denied  { mounton } for  pid=17334 comm="syz.4.2722" path="/562/file0" dev="afs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=dir permissive=1
[  949.171186][ T5944] usb 2-1: USB disconnect, device number 61
[  949.177218][    C0] xpad 2-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  949.206963][T14607] Bluetooth: hci5: received HCILL_GO_TO_SLEEP_ACK in state 1
[  949.317337][ T5187] bcm5974 4-1:0.0: could not read from device
[  949.340928][  T975] usb 4-1: USB disconnect, device number 76
[  949.350359][ T5187] bcm5974 4-1:0.0: could not read from device
[  949.375302][T13445] bcm5974 4-1:0.0: could not read from device
[  949.444364][ T5915] usb 3-1: USB disconnect, device number 97
[  950.746107][T17364] netlink: 88 bytes leftover after parsing attributes in process `syz.3.2724'.
[  951.245919][ T5833] Bluetooth: hci5: command 0x1003 tx timeout
[  951.246424][T11198] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  956.040394][T16884] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  956.050913][T16884] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  956.064391][T16884] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  956.074330][T17510] random: crng reseeded on system resumption
[  956.082981][T16884] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  956.093972][T16884] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  956.164581][T17505] Failed to initialize the IGMP autojoin socket (err -2)
[  957.626850][T17533] trusted_key: encrypted_key: insufficient parameters specified
[  957.907405][T17534] Bluetooth: MGMT ver 1.23
[  958.037649][T17534] bridge2: entered promiscuous mode
[  958.205231][T11198] Bluetooth: hci0: command tx timeout
[  959.245825][T17505] netdevsim netdevsim5 netdevsim0: renamed from eth1
[  959.451156][T17505] netdevsim netdevsim5 netdevsim1: renamed from eth2
[  959.493090][T17505] netdevsim netdevsim5 netdevsim2: renamed from eth3
[  959.560581][T17505] netdevsim netdevsim5 netdevsim3: renamed from eth4
[  959.565388][T17573] binder: 17565:17573 ioctl 4018620d 0 returned -22
[  959.672926][T17573] sp0: Synchronizing with TNC
[  959.933558][T12974] libceph: mon0 (1)[c::]:6789 connect error
[  960.209917][T12974] libceph: mon0 (1)[c::]:6789 connect error
[  960.285012][T11198] Bluetooth: hci0: command tx timeout
[  960.347132][T17570] ceph: No mds server is up or the cluster is laggy
[  962.365004][T11198] Bluetooth: hci0: command tx timeout
[  962.447927][T17505] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  962.811168][T17616] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[  962.842016][   T30] audit: type=1800 audit(2000000075.094:967): pid=17609 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.2.2745" name="/" dev="9p" ino=2 res=0 errno=0
[  962.871354][T17505] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  962.903626][T17505] wireguard: wg0: Could not create IPv4 socket
[  962.932024][T17505] wireguard: wg1: Could not create IPv4 socket
[  962.960448][T17505] wireguard: wg2: Could not create IPv4 socket
[  963.325078][T12974] usb 3-1: new high-speed USB device number 98 using dummy_hcd
[  963.375375][T17642] trusted_key: encrypted_key: insufficient parameters specified
[  963.498841][T12974] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  963.753797][T12974] usb 3-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice=83.9c
[  963.837838][T12974] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  963.893839][T12974] usb 3-1: Product: syz
[  963.922983][T12974] usb 3-1: Manufacturer: syz
[  963.935445][T12974] usb 3-1: SerialNumber: syz
[  963.951598][T12974] usb 3-1: config 0 descriptor??
[  963.976162][T12974] ims_pcu 3-1:0.0: Zero length descriptor
[  963.981988][T12974] ims_pcu 3-1:0.0: probe with driver ims_pcu failed with error -22
[  964.039669][T17652] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2752'.
[  964.396448][T17637] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  964.412811][T17637] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  964.796983][  T975] usb 3-1: USB disconnect, device number 98
[  965.631699][  T975] usb 3-1: new full-speed USB device number 99 using dummy_hcd
[  965.869870][  T975] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  965.958871][  T975] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  966.060810][  T975] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  966.151086][  T975] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  966.290932][  T975] usb 3-1: config 0 descriptor??
[  966.408540][  T975] hub 3-1:0.0: USB hub found
[  966.556953][  T975] hub 3-1:0.0: 2 ports detected
SYZFAIL: mmap of data segment failed
want 0x200000000000, got 0xffffffffffffffff (errno 13: Permission denied)
SYZFAIL: mmap of data segment failed
want 0x200000000000, got 0xffffffffffffffff (errno 13: Permission denied)
SYZFAIL: mmap of data segment failed
want 0x200000000000, got 0xffffffffffffffff (errno 13: Permission denied)
SYZFAIL: mmap of data segment failed
want 0x200000000000, got 0xffffffffffffffff (errno 13: Permission denied)
SYZFAIL: mmap of data segment failed
want 0x200000000000, got 0xffffffffffffffff (errno 13: Permission denied)
SYZFAIL: mmap of data segment failed
want 0x200000000000, got 0xffffffffffffffff (errno 13: Permission denied)
SYZFAIL: mmap of data segment failed
want 0x200000000000, got 0xffffffffffffffff (errno 13: Permission denied)
SYZFAIL: mmap of data segment failed
want 0x200000000000, got 0xffffffffffffffff (errno 13: Permission denied)
SYZFAIL: initialize_wifi_devices: failed set up IBSS network
device=0 (errno 2: No such file or directory)
loop exited with status 67
SYZFAIL: initialize_wifi_devices: failed set up IBSS network
device=0 (errno 2: No such file or directory)
loop exited with status 67
SYZFAIL: initialize_wifi_devices: failed set up IBSS network
device=0 (errno 2: No such file or directory)
loop exited with status 67
SYZFAIL: initialize_wifi_devices: failed set up IBSS network
device=0 (errno 2: No such file or directory)
loop exited with status 67
SYZFAIL: initialize_wifi_devices: failed set up IBSS network
device=0 (errno 2: No such file or directory)
loop exited with status 67
SYZFAIL: initialize_wifi_devices: failed set up IBSS network
device=0 (errno 2: No such file or directory)
loop exited with status 67
SYZFAIL: initialize_wifi_devices: failed set up IBSS network
device=0 (errno 2: No such file or directory)
loop exited with status 67
SYZFAIL: initialize_wifi_devices: failed set up IBSS network
device=0 (errno 2: No such file or directory)
loop exited with status 67
SYZFAIL: initialize_wifi_devices: failed set up IBSS network
device=0 (errno 2: No such file or directory)
loop exited with status 67
SYZFAIL: initialize_wifi_devices: failed set up IBSS network
device=0 (errno 2: No such file or directory)
loop exited with status 67
SYZFAIL: initialize_wifi_devices: failed set up IBSS network
device=0 (errno 2: No such file or directory)
loop exited with status 67
SYZFAIL: initialize_wifi_devices: failed set up IBSS network
device=0 (errno 2: No such file or directory)
loop exited with status 67
SYZFAIL: initialize_wifi_devices: failed set up IBSS network
device=0 (errno 2: No such file or directory)
loop exited with status 67
SYZFAIL: repeatedly failed to execute the program
proc=5 req=2236 state=3 status=67 (errno 9: Bad file descriptor)
[  966.639620][   T30] audit: type=1400 audit(2000000078.894:968): avc:  denied  { write } for  pid=5815 comm="syz-executor" path="pipe:[3805]" dev="pipefs" ino=3805 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[  966.983376][  T975] usb 3-1: USB disconnect, device number 99
[  967.418141][T14603] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  967.871944][T14603] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  967.970803][T14603] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  968.238751][T14603] bridge_slave_1: left allmulticast mode
[  968.249082][T14603] bridge_slave_1: left promiscuous mode
[  968.260071][T14603] bridge0: port 2(bridge_slave_1) entered disabled state
[  968.272317][T14603] bridge_slave_0: left allmulticast mode
[  968.280225][T14603] bridge_slave_0: left promiscuous mode
[  968.287892][T14603] bridge0: port 1(bridge_slave_0) entered disabled state
[  968.563990][T14603] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  968.574111][T14603] bond_slave_0: left promiscuous mode
[  968.581667][T14603] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  968.591719][T14603] bond_slave_1: left promiscuous mode
[  968.598618][T14603] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  968.607066][T14603] mac80211_hwsim hwsim4 wlan1: left promiscuous mode
[  968.625117][T14603] bond0 (unregistering): Released all slaves
[  968.722805][T14603] bond1 (unregistering): Released all slaves
[  968.735963][T14603] bond2 (unregistering): Released all slaves
[  968.816237][T14603] : left promiscuous mode
[  968.872032][T14603] tipc: Disabling bearer <eth:team0>
[  968.884148][T14603] tipc: Left network mode
[  969.198183][T14603] hsr_slave_0: left promiscuous mode
[  969.203925][T14603] hsr_slave_1: left promiscuous mode
[  969.209941][T14603] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  969.218775][T14603] batman_adv: batadv0: Removing interface: batadv_slave_0
[  969.227861][T14603] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  969.235652][T14603] batman_adv: batadv0: Removing interface: batadv_slave_1
[  969.255426][T14603] veth1_macvtap: left promiscuous mode
[  969.261162][T14603] veth0_macvtap: left promiscuous mode
[  969.267415][T14603] veth1_vlan: left promiscuous mode
[  969.272705][T14603] veth0_vlan: left promiscuous mode
[  969.612571][T14603] team0 (unregistering): Port device team_slave_1 removed
[  970.260911][T14603] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  970.341934][T14603] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  970.417021][T14603] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  970.472786][T14603] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  970.640523][T14603] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  970.701500][T14603] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  970.760032][T14603] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  970.835163][T14603] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  971.014790][T12974] wg1 speed is unknown, defaulting to 1000
[  971.020700][T12974] syz0: Port: 1 Link DOWN
[  971.027689][T14603] bridge_slave_1: left allmulticast mode
[  971.033364][T14603] bridge_slave_1: left promiscuous mode
[  971.052595][T14603] bridge0: port 2(bridge_slave_1) entered disabled state
[  971.068484][T14603] bridge_slave_0: left allmulticast mode
[  971.074225][T14603] bridge_slave_0: left promiscuous mode
[  971.080285][T14603] bridge0: port 1(bridge_slave_0) entered disabled state
[  971.721967][T14603] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  971.739874][T14603] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  971.750503][T14603] bond0 (unregistering): Released all slaves
[  971.889285][T14603] bond1 (unregistering): Released all slaves
[  972.393064][T14603] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  972.407912][T14603] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  972.418048][T14603] bond0 (unregistering): Released all slaves
[  972.445609][T12974] wg1 speed is unknown, defaulting to 1000
[  972.509911][T14603] : left promiscuous mode
[  972.568147][T14603] tipc: Disabling bearer <eth:team0>
[  972.573818][T14603] tipc: Left network mode
[  972.606575][T14603] tipc: Left network mode
[  973.257029][T14603] hsr_slave_0: left promiscuous mode
[  973.262907][T14603] hsr_slave_1: left promiscuous mode
[  973.273153][T14603] hsr_slave_0: left promiscuous mode
[  973.279556][T14603] hsr_slave_1: left promiscuous mode
[  973.288880][T14603] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  973.296756][T14603] batman_adv: batadv0: Removing interface: batadv_slave_0
[  973.307925][T14603] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  973.315697][T14603] batman_adv: batadv0: Removing interface: batadv_slave_1
[  973.357364][T14603] veth1_macvtap: left allmulticast mode
[  973.362979][T14603] veth1_macvtap: left promiscuous mode
[  973.368916][T14603] veth0_macvtap: left promiscuous mode
[  973.374596][T14603] veth1_vlan: left promiscuous mode
[  973.380892][T14603] veth1_macvtap: left promiscuous mode
[  973.386498][T14603] veth0_macvtap: left promiscuous mode
[  973.392057][T14603] veth1_vlan: left promiscuous mode
[  973.397683][T14603] veth0_vlan: left promiscuous mode
[  974.000565][T14603] team0 (unregistering): Port device team_slave_1 removed
[  974.221222][   T59] smc: removing ib device syz0