last executing test programs:

3m50.90924752s ago: executing program 3 (id=2144):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socket(0x10, 0x3, 0x0)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000006040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)=@newtfilter={0x480, 0x2c, 0xd27, 0x70bd24, 0x25dfdbfc, {0x0, 0x0, 0x0, r5, {0xd, 0xa}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_route={{0xa}, {0x450, 0x2, [@TCA_ROUTE4_TO={0x8, 0x2, 0xe9}, @TCA_ROUTE4_POLICE={0x444, 0x5, [@TCA_POLICE_TBF={0x3c, 0x1, {0x3, 0x4, 0x7f, 0x2, 0x7, {0x9, 0x2, 0x5, 0x4, 0x2, 0x1}, {0x3, 0x1, 0x8, 0x1, 0x3, 0x9}, 0x2fb8, 0x5, 0x2}}, @TCA_POLICE_RATE={0x404, 0x2, [0xffffffff, 0xad4, 0x10000, 0x5, 0xb60b, 0x2, 0x8, 0x1, 0x2, 0x8, 0x5, 0x4, 0xb2, 0x3, 0xcb9, 0x7, 0x7, 0x8000, 0x9, 0x10, 0xce3, 0x9, 0x7, 0x414b, 0x4603, 0x7, 0xff, 0x1, 0x5, 0x10, 0x7, 0x1ff, 0x100, 0x80002, 0x639d, 0x0, 0x2, 0x9, 0x15b, 0x9, 0x0, 0x80, 0x40, 0x1, 0x29, 0x3ff, 0x542, 0x3, 0x3, 0x4, 0x6, 0x4, 0x6, 0x6, 0x15e6, 0xc, 0x4, 0x7f, 0x9, 0x0, 0x83c, 0x0, 0x8, 0x52, 0x2, 0xa7ac, 0x7, 0xfffffffa, 0x4, 0x3, 0x2, 0x0, 0x9, 0x8, 0x9, 0x34b, 0x2, 0x0, 0xcd, 0x40, 0x4, 0x6, 0x44, 0x8, 0x1, 0x80, 0x3, 0xffff, 0x0, 0x4, 0x2, 0xd, 0x1, 0x8, 0x5, 0x100, 0x0, 0x7, 0x6, 0xfffffff7, 0x5, 0x2c000000, 0x64454b99, 0x1, 0x2, 0x3, 0x401, 0x4, 0x447, 0x0, 0x5c58, 0x0, 0x8001, 0x80000001, 0x16b, 0x3, 0x4, 0xfffffff8, 0x584b, 0x7a498270, 0x7, 0x2, 0x3ec, 0x8, 0x1ff, 0xbc5f, 0x0, 0x7b685e6b, 0x9, 0x0, 0x7, 0x6, 0x8001, 0x9, 0x0, 0x5, 0x400, 0x0, 0xfff, 0x9, 0x6, 0x10000, 0x9cd, 0x6, 0x4, 0x7, 0x6, 0xb1, 0x7, 0x2a34, 0x80, 0x2, 0x4, 0x6, 0xf0, 0x8, 0x8, 0x3, 0x8, 0x3, 0x0, 0x9, 0x6, 0x1ff, 0x10001, 0x2, 0x6, 0xfffffffe, 0x4, 0xfffffff8, 0x3, 0x5, 0x8, 0x6, 0x3, 0x0, 0xffffffff, 0x1, 0x4, 0x7, 0x4, 0x5, 0x4, 0x1ff, 0xfffffffc, 0x5, 0x952, 0x0, 0x7f, 0x3, 0x326, 0x5, 0x3, 0x0, 0x5, 0x0, 0x1, 0x6, 0x100, 0x4, 0x5, 0xe87b, 0x2, 0x8, 0x7fff, 0x9, 0x4, 0x2, 0x6, 0x7fff, 0x1, 0x2, 0xa, 0xf, 0x800, 0x0, 0x2e, 0x4, 0x100, 0x6, 0x2, 0x5d6, 0x0, 0x2, 0xee4, 0x9, 0x3, 0x7, 0x0, 0x4, 0x30e73fe0, 0x7, 0x3, 0x7ff, 0x2, 0x400, 0x1, 0x400000, 0x96c3, 0x1000, 0x0, 0x322c, 0x10001, 0x3, 0x94b, 0x4, 0x2, 0x2, 0x5, 0x8, 0x4, 0x3, 0x2, 0x9, 0x1]}]}]}}]}, 0x480}, 0x1, 0x0, 0x0, 0x8c8}, 0x20004804)
accept4$x25(0xffffffffffffffff, 0x0, 0x0, 0x80800)

3m49.412942473s ago: executing program 3 (id=2146):
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$inet_sctp(0x2, 0x5, 0x84)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e24, @private=0xa010101}]}, &(0x7f0000000180)=0x10)
r1 = memfd_secret(0x80000)
mmap(&(0x7f0000568000/0x4000)=nil, 0x4000, 0x1000001, 0x8010, r1, 0xc1a48000)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000280), 0x4)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000040)={0x1, [<r2=>0x0]}, &(0x7f0000000080)=0x8)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f00000008c0)={r2, 0x10, "83cd73d913625563f3877450d9e218b0"}, &(0x7f0000000340)=0x18)

3m48.444453322s ago: executing program 3 (id=2152):
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x118)
mount$fuse(0x0, 0x0, 0x0, 0x8, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=0x0])
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
read(r1, &(0x7f00000019c0)=""/4097, 0x1001)
mount(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000280)='autofs\x00', 0x201000c, &(0x7f0000000040))
r2 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2, 0x5031, 0xffffffffffffffff, 0xc2dcc000)
recvmmsg(0xffffffffffffffff, &(0x7f0000000440), 0x0, 0x40002042, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
socket$nl_sock_diag(0x10, 0x3, 0x4)
futex(&(0x7f0000000040)=0x2, 0xb, 0x2, 0x0, &(0x7f0000000100)=0x1, 0x2)
r3 = syz_clone(0x40011, 0x0, 0x0, 0x0, 0x0, 0x0)
exit(0xffff)
wait4(r3, 0x0, 0x8, 0x0)
wait4(r2, 0x0, 0x20000008, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x6c304000)
futex(&(0x7f0000000040)=0x1, 0x6, 0x0, &(0x7f0000000080)={0x77359400}, 0x0, 0x1)

3m47.10069643s ago: executing program 3 (id=2154):
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000040)={0x1, 0x3, 0xfffffffe, 0x717e387b, 0x40, "1ae34e0626788a22b2fb12dab240794233a5bd", 0x6, 0x2})
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000020c0), 0x60081, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15)
ioctl$TCSETS(r0, 0x404c4701, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x400000, 0x14, "3eccd8000000000000000010000000040100"})
rseq(0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$cgroup2(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x800010, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f0000000140)='./file0/../file0\x00', &(0x7f0000000240)='./file0\x00')
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r1, 0xffffffffffffffff, 0x0)

3m44.637736332s ago: executing program 3 (id=2160):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x14)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x10, &(0x7f0000006680))
rseq(&(0x7f00000004c0)={0x0, 0x0, 0x0, 0x1}, 0x20, 0x0, 0x0)
msgrcv(0x0, 0x0, 0x0, 0xd9481726d31966ee, 0x0)
msgsnd(0x0, &(0x7f0000000140)={0x3}, 0x8, 0x800)
chdir(&(0x7f0000000080)='./file0\x00')
renameat2(0xffffffffffffff9c, &(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0x2)
r0 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
r1 = memfd_create(&(0x7f0000000040)='G&:{-\xaa\xcb\xca\tZ\a\xec\xc5{\x00\x00\x00\x00\x10\x00'/37, 0x5)
pwrite64(r1, &(0x7f00000000c0)='i', 0x1, 0x3fff)
fcntl$addseals(r1, 0x409, 0x6)
ioctl$UDMABUF_CREATE_LIST(r0, 0x40087543, &(0x7f0000000280)={0x1, 0x2, [{r1, 0x0, 0x0, 0x1000}, {0xffffffffffffffff, 0x0, 0x2000, 0x1000}]})
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r2, 0x800448d4, &(0x7f0000000240)={0x1, 0x4, "0f00", 0x6, 0x8})
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="400000000008010200000000000000000a00000706000240001b000005000300c80000000900010073797a30000000000900010073797a3000000000040004"], 0x40}, 0x1, 0x0, 0x0, 0x20048805}, 0x20008000)

3m41.192945915s ago: executing program 3 (id=2168):
bind$packet(0xffffffffffffffff, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000280)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
getsockopt(r0, 0x28, 0x1, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'geneve0\x00'})
r1 = getpid()
syz_pidfd_open(r1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = syz_open_dev$usbfs(&(0x7f0000000140), 0x204, 0x606280)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r2, 0x0)
ioctl$USBDEVFS_SUBMITURB(r2, 0x8038550a, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f00000001c0)={'\x00', 0x3, 0x5, 0x9, 0x40000000ff, 0x9})
openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xc, &(0x7f0000000000)=0x800001, 0x4)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r4, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r5 = socket$kcm(0x2d, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r5, 0x89e0, 0x0)
r6 = mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x169, 0x0)
fcntl$setlease(r6, 0x400, 0x0)
mq_unlink(&(0x7f0000000340)='eth0\x00')

3m40.707098449s ago: executing program 32 (id=2168):
bind$packet(0xffffffffffffffff, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000280)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
getsockopt(r0, 0x28, 0x1, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'geneve0\x00'})
r1 = getpid()
syz_pidfd_open(r1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = syz_open_dev$usbfs(&(0x7f0000000140), 0x204, 0x606280)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r2, 0x0)
ioctl$USBDEVFS_SUBMITURB(r2, 0x8038550a, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f00000001c0)={'\x00', 0x3, 0x5, 0x9, 0x40000000ff, 0x9})
openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xc, &(0x7f0000000000)=0x800001, 0x4)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r4, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r5 = socket$kcm(0x2d, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r5, 0x89e0, 0x0)
r6 = mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x169, 0x0)
fcntl$setlease(r6, 0x400, 0x0)
mq_unlink(&(0x7f0000000340)='eth0\x00')

2m24.990099829s ago: executing program 0 (id=2388):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(r1, 0x4038ae7a, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000000)={0x6, 0x8, &(0x7f0000000580)=ANY=[@ANYBLOB], &(0x7f00000000c0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
preadv(0xffffffffffffffff, &(0x7f0000000240), 0x0, 0x0, 0x0)
syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
socket$inet6(0xa, 0x5, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
setrlimit(0x3, &(0x7f0000000040)={0xe8, 0x7fffffff})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet_tcp(0x2, 0x1, 0x0)
close(r2)
r3 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r3, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
r4 = socket$kcm(0x11, 0x20000000000000a, 0x300)
setsockopt$sock_attach_bpf(r4, 0x1, 0x28, &(0x7f0000000000), 0x4)
socket$kcm(0x10, 0x2, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a70000000060a0b04000000000000000002000000440004802c0001800b0001006e756d67656e00001c000280080002400000000208000340000000000800014000000015140001800b00010072656a6563740000040002800908010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000a"], 0x98}}, 0x0)
r5 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r5, &(0x7f000001aa40)=""/102400, 0x19000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
syz_open_procfs(0x0, &(0x7f0000000040)='net/softnet_stat\x00')

2m24.349138733s ago: executing program 0 (id=2391):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00'}, 0x10)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r0 = syz_io_uring_setup(0xec5, &(0x7f00000008c0), &(0x7f0000000080)=<r1=>0x0, &(0x7f0000000340))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r0, 0x95d, 0xfa39, 0xc1, 0x0, 0x0)
dup(0xffffffffffffffff)
syz_io_uring_setup(0xe14, 0x0, 0x0, 0x0)
io_uring_enter(r0, 0xedd, 0x8acb, 0x41, 0x0, 0x0)
ptrace$peeksig(0x4212, 0x0, &(0x7f0000000440)={0x5}, &(0x7f0000000480))
io_uring_enter(r0, 0x47fa, 0x0, 0x0, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
creat(&(0x7f00000002c0)='./file0\x00', 0x51)
pipe2$9p(&(0x7f0000001900)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r4 = dup(r3)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet(0x2, 0x2, 0x0)
write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r4, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wzdno=', @ANYRESHEX=r4, @ANYBLOB=',cache=readahead,euid<', @ANYRESDEC=0x0, @ANYBLOB=',permit_directio,k'])
epoll_create(0x400)
eventfd(0x0)

2m21.711451766s ago: executing program 0 (id=2398):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x18, 0x3, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = socket(0xa, 0x3, 0x3a)
r2 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, &(0x7f00000001c0)=0x2)
connect$unix(r3, &(0x7f0000000200)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x4000000000002ac, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r4, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
r5 = dup(0xffffffffffffffff)
ioctl$KVM_REGISTER_COALESCED_MMIO(r5, 0x4010ae67, &(0x7f00000000c0)={0x0, 0xc000})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r5, 0x4010ae68, &(0x7f0000000000)={0x8000000})
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x0, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x1bfde, 0xe1}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_NF_CALL_IP6TABLES={0x5}, @IFLA_BR_PRIORITY={0x6, 0x6, 0x6}]}}}]}, 0x44}}, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_int(r6, 0x0, 0x31, &(0x7f0000000100), 0x4)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
r7 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$sock_attach_bpf(r7, 0x29, 0x1a, 0x0, 0x0)
setsockopt$MRT6_ADD_MIF(r1, 0x29, 0xca, &(0x7f0000000000)={0x0, 0x1}, 0xc)
r8 = socket(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r8, 0x29, 0xcf, 0x0, 0x0)
setsockopt$MRT6_DEL_MIF(r1, 0x29, 0xcb, &(0x7f0000000040), 0xc)

2m20.363957903s ago: executing program 1 (id=2407):
keyctl$dh_compute(0x17, 0x0, 0x0, 0x0, 0x0)
r0 = socket(0x6, 0x3, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x1fffffffffffffed, &(0x7f0000000040)=ANY=[@ANYRES64=r0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000}, 0x94)
mknodat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETENCODER(r2, 0xc01464a6, &(0x7f0000000240))

2m19.910908384s ago: executing program 1 (id=2410):
socket(0x23, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x7)
r0 = syz_open_dev$usbmon(&(0x7f0000000180), 0x0, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000000), 0x20000007d, 0x0)
dup3(r0, r1, 0x0)
socket$inet6_sctp(0xa, 0x801, 0x84)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000440), 0x180, 0x0)
syz_io_uring_setup(0xd1, 0x0, &(0x7f0000000080)=<r2=>0x0, &(0x7f0000000100))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x114, &(0x7f0000000140)=0x9, 0x0, 0x4)
syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
r3 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r4 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r4, &(0x7f0000002700)=""/102392, 0x18ff8)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[], 0x7c}}, 0x4000084)
write$dsp(0xffffffffffffffff, 0x0, 0x0)
fsconfig$FSCONFIG_SET_BINARY(r3, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r3, 0x0, 0x0)
r6 = openat$cgroup_subtree(r5, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r6, &(0x7f00000000c0)={[{0x2b, 'cpuset'}]}, 0x8)

2m19.828855669s ago: executing program 0 (id=2411):
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file1\x00', &(0x7f0000000140), 0x2, &(0x7f0000002400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000000200)={0x2020, 0x0, <r1=>0x0}, 0x2020)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x40, 0x0, 0x3, 0x1, 0x0, 0xce, 0x0, 0x1})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r2, 0x0)
io_uring_enter(0xffffffffffffffff, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
write$FUSE_INIT(r0, &(0x7f0000002300)={0x50, 0x0, r1, {0x7, 0x9, 0x0, 0x31008003, 0xfffe}}, 0x50)

2m19.483655049s ago: executing program 2 (id=2412):
openat$autofs(0xffffffffffffff9c, 0x0, 0x10000, 0x0)
syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x4, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000004340)=""/102376, 0x18fe8)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@newtaction={0x48, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x34, 0x1, [@m_sample={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x4, {0x3}}}}]}]}, 0x48}}, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)=ANY=[@ANYBLOB="3800000054000100010000000000000007000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="010002006401010000000000000000000000000086dd"], 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003f000b05d25a806c8c6394f90324fc60100002000a000300053582c137153e3704020180fc0b09000c00", 0x33fe0}], 0x1}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(0xffffffffffffffff, 0x10, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000540)=[{0x0}, {0x0}], 0x0, 0x2}, 0x20)
r2 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_MSFILTER(r2, 0x29, 0x30, 0x0, 0x310)
prctl$PR_SET_NO_NEW_PRIVS(0x43, 0x1)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, 0xffffffffffffffff, 0x0)

2m19.468585044s ago: executing program 4 (id=2413):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000003ac0)={0x0, 0x0, &(0x7f0000003a80)={&(0x7f0000002880)=@delsa={0x3c, 0x11, 0x1, 0x70bd2b, 0x25dfdbfb, {@in=@empty, 0x4d3, 0x2, 0x3c}, [@srcaddr={0x14, 0xd, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}]}, 0x3c}, 0x1, 0x0, 0x0, 0x24018050}, 0x4000080)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000540)={0x14, r6, 0xb31, 0x70bd2c, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4040}, 0x40)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
sendmsg$unix(r8, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000440)="ea", 0x1}], 0x1, &(0x7f00000002c0)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0xc800)
setsockopt$sock_int(r9, 0x1, 0x2a, 0x0, 0x0)
unshare(0x8000600)
r10 = syz_open_dev$loop(&(0x7f0000001b00), 0x6, 0xd02)
fadvise64(r10, 0xffffffffffff7fff, 0xc, 0x0)
recvmmsg(r9, &(0x7f0000001140), 0x700, 0x2, 0x0)

2m19.433043451s ago: executing program 0 (id=2414):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
lseek(r0, 0x551, 0x1)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$dri(0x0, 0xd21, 0x4000)
r2 = openat$sequencer(0xffffffffffffff9c, 0x0, 0x8002, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000047c0)=ANY=[@ANYBLOB="140000003a00010100000000000204000a"], 0x14}}, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000001000000850000000e000000850000000500000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='sys_exit\x00', r4}, 0x18)
signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8)
recvmmsg(r3, &(0x7f0000003700)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000280)=""/4085, 0xff5}], 0x1}}], 0x4000000000001a3, 0x140, 0x0)
write$P9_RSTATu(r2, 0x0, 0x21e)
ioctl$SNDCTL_SEQ_GETOUTCOUNT(0xffffffffffffffff, 0x4004510d, &(0x7f0000000000))
socket$nl_generic(0x10, 0x3, 0x10)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x20000, 0x0)
readv(r5, &(0x7f0000000000)=[{&(0x7f0000001300)=""/244, 0xfdef}], 0x1)
ioctl$TCSETS(r5, 0x40045431, &(0x7f0000001200)={0x0, 0xffffff1e, 0xffffffff, 0x4, 0x16, "001bf100eeff0000a2c2000100000000002000"})
r6 = syz_open_pts(r5, 0x101)
dup3(r6, r5, 0x0)
syz_io_uring_setup(0x88c, &(0x7f0000001440)={0x0, 0xaee2, 0x80, 0x2, 0xbffffffc, 0x0, r1}, &(0x7f0000000000)=<r7=>0x0, &(0x7f0000000100))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
fsopen(&(0x7f0000000040)='gfs2meta\x00', 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000fc0)={'syz1\x00', {0x6, 0x9, 0x444, 0x529}, 0x25, [0xf5, 0x8, 0x80000001, 0x6, 0x200, 0x3, 0x8e, 0x9, 0x9, 0x4, 0x0, 0x9, 0x7, 0x1, 0x71c, 0x38, 0xffdfff7f, 0xac, 0x5, 0x3ff, 0x0, 0xea7, 0x1, 0x9be4bf38, 0x0, 0x20002, 0xc, 0x0, 0x8, 0x2000006, 0x84, 0xd3, 0x8001, 0x3, 0x2001, 0xb, 0x2, 0x5f85, 0xfffffffe, 0xc1e, 0x9da, 0x939a, 0x8000, 0x0, 0x5c, 0x8, 0x7f, 0xd1, 0xf2b, 0x1, 0x806, 0xfffffffa, 0xffff, 0x8, 0x2, 0x6, 0xffffff80, 0x9, 0x6, 0xd2, 0x3ff, 0x5, 0x52, 0x1], [0x5, 0x2, 0xd91, 0x8, 0x3ff, 0xffff7ff8, 0x4000000a, 0x5, 0xfffffffe, 0x40a89, 0xffb, 0xffffff4b, 0x1, 0x2, 0x0, 0x1, 0x8, 0x8, 0x0, 0x40d, 0x2, 0x9, 0x5, 0x9, 0xd, 0x9, 0x206, 0x9, 0x8, 0x5, 0xf, 0xa2d1, 0x1, 0x200, 0x10000000, 0xfffffff9, 0xe22, 0x9, 0x5, 0x10001, 0x1, 0x865f, 0x80000000, 0x3, 0x801, 0x4, 0x3, 0x29e3, 0x7fc, 0xb4e5, 0x20000, 0x200, 0x6e99, 0x4, 0xff, 0x9, 0x1d, 0x3, 0x10000, 0xa, 0x26, 0x2, 0x6, 0x7fff], [0x4343fe9f, 0xfffffffd, 0x6, 0xffffffff, 0x7f, 0x8, 0x6, 0x3, 0xc, 0x9, 0xcb06, 0xfffeffff, 0x5, 0x37, 0x5, 0x80003, 0xc7, 0x8, 0x8000, 0x2, 0xdf9e, 0x40005, 0x8, 0xf9f, 0x3, 0x7, 0x9, 0x5, 0x3, 0x2, 0x3, 0x1000002, 0x1, 0x1, 0x10000004, 0x911, 0x6, 0x8000, 0x31c1, 0x8, 0xb, 0x4, 0x4002, 0x1f85, 0x9, 0x3, 0x2, 0x8, 0x7, 0x402, 0x9, 0xffff, 0x40, 0x80000000, 0x3, 0xa, 0x80, 0xf, 0x8, 0x8, 0x9, 0x4, 0x4, 0x6], [0x27b, 0x40000005, 0x6, 0x8000, 0x7, 0x6, 0x8, 0x6, 0x7fffffff, 0x400e00e, 0xfffffff8, 0x8, 0xffff7bfb, 0x0, 0x401, 0x100, 0x404, 0x0, 0xa, 0x8, 0x3, 0x5, 0xfffffc00, 0x9, 0x9, 0x4, 0x2, 0x2, 0xc, 0x27, 0x400, 0x70, 0x2, 0xffc, 0x400002, 0xc, 0xffffffff, 0x49, 0x80088, 0x10, 0xfff, 0x9a2, 0x81, 0x3, 0x400, 0x4, 0x8, 0x5, 0x0, 0xfffffffe, 0xb, 0x1, 0xc3, 0x9, 0x807ff, 0x1, 0x3, 0xfffffbff, 0x4, 0x10001, 0xf2, 0x8, 0xa, 0xfffffff7]}, 0x45c)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9, 0x12, 0xffffffffffffffff, 0x0)
shutdown(0xffffffffffffffff, 0x1)

2m18.410034512s ago: executing program 4 (id=2415):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=@bridge_getneigh={0x20, 0x1e, 0xd01, 0xffa6, 0x0, {0x7, 0x0, 0x0, 0x0, 0xa001, 0x45001}}, 0x20}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

2m18.36068249s ago: executing program 2 (id=2416):
openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4001af83, &(0x7f00000000c0))
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)

2m18.354000446s ago: executing program 1 (id=2417):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
syz_80211_join_ibss(&(0x7f0000000100)='wlan1\x00', 0x0, 0x0, 0x1)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x100000001, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = dup(0xffffffffffffffff)
setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000000)=0x4, 0x4)
r4 = syz_io_uring_setup(0x10f, &(0x7f0000000380)={0x0, 0x211a, 0x0, 0x4, 0x306}, &(0x7f0000000340)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
ioctl$SOUND_OLD_MIXER_INFO(r3, 0x80304d65, &(0x7f00000000c0))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000040)=0xffefffdc, 0x0, 0x4)
pipe(&(0x7f0000000080))
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r4, 0x9, 0x0, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_FILES_UPDATE={0x14, 0x24, 0x0, 0x0, 0x9, &(0x7f0000000000)=[r0, r7, r1], 0x3, 0x0, 0x1, {0x0, r8}})
io_uring_enter(r4, 0x3516, 0xc2de, 0x8, 0x0, 0x0)

2m18.257048739s ago: executing program 4 (id=2418):
inotify_init()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000300)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000600)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
lsm_get_self_attr(0x65, 0x0, 0xffffffffffffffff, 0x1)

2m18.020206365s ago: executing program 4 (id=2419):
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000080)={'ip6gre0\x00', 0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x884}, 0x20000080)
r0 = socket(0x10, 0x803, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x31, 0xffffffffffffffff, 0x0)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
dup(0xffffffffffffffff)
ftruncate(0xffffffffffffffff, 0xc17a)
prlimit64(0x0, 0xe, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r3, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4)
setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, &(0x7f0000000600)={0x32}, 0x8)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e2a, 0xffffffff, @mcast2, 0x9}, 0x1c)
sendmmsg$inet6(r3, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4001c00)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b0000000000", 0xf, 0x0, 0x0, 0x0)

2m17.978322204s ago: executing program 2 (id=2420):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r3=>r2, {0xffffffffffffffff, 0xee01}}, './file0\x00'})
recvmmsg$unix(r3, &(0x7f0000021540)=[{{&(0x7f00000002c0), 0x6e, &(0x7f0000000740)=[{&(0x7f0000000480)=""/254, 0xfe}, {&(0x7f0000000580)=""/143, 0x8f}, {&(0x7f0000000340)=""/74, 0x4a}, {&(0x7f0000000640)=""/69, 0x45}, {&(0x7f0000000100)=""/32, 0x20}, {&(0x7f00000006c0)=""/103, 0x67}], 0x6, &(0x7f00000007c0)=[@rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x78}}, {{&(0x7f0000000840), 0x6e, &(0x7f0000000180)=[{&(0x7f00000008c0)=""/74, 0x4a}, {&(0x7f000001aa40)=""/4096, 0x1000}, {&(0x7f000001ba40)=""/4096, 0x1000}], 0x3, &(0x7f0000000940)=[@rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}], 0x98}}, {{0x0, 0x0, &(0x7f0000000ac0)=[{&(0x7f000001ca40)=""/4096, 0x1000}, {&(0x7f0000000a00)}, {&(0x7f0000000a40)=""/84, 0x54}], 0x3, &(0x7f0000000b00)=[@rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0xe8}}, {{&(0x7f0000000c00), 0x6e, &(0x7f0000001180)=[{&(0x7f0000000c80)=""/252, 0xfc}, {&(0x7f0000000d80)=""/36, 0x24}, {&(0x7f0000000dc0)=""/178, 0xb2}, {&(0x7f0000000e80)=""/67, 0x43}, {&(0x7f0000000f00)=""/105, 0x69}, {&(0x7f0000000f80)=""/79, 0x4f}, {&(0x7f0000001000)=""/58, 0x3a}, {&(0x7f0000001040)=""/179, 0xb3}, {&(0x7f0000001100)=""/91, 0x5b}], 0x9, &(0x7f0000001240)=[@cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}], 0xa8}}, {{&(0x7f0000001300)=@abs, 0x6e, &(0x7f0000001640)=[{&(0x7f0000001380)=""/133, 0x85}, {&(0x7f0000001440)=""/159, 0x9f}, {&(0x7f0000001500)=""/163, 0xa3}, {&(0x7f000001da40)=""/4096, 0x1000}, {&(0x7f0000001600)=""/10, 0xa}, {&(0x7f000001ea40)=""/4096, 0x1000}], 0x6, &(0x7f00000016c0)=[@rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x20}}, {{&(0x7f0000001700)=@abs, 0x6e, &(0x7f0000001840)=[{&(0x7f0000001780)=""/45, 0x2d}, {&(0x7f00000017c0)=""/78, 0x4e}], 0x2, &(0x7f0000001880)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x28}}, {{&(0x7f00000018c0), 0x6e, &(0x7f0000020f00)=[{&(0x7f0000001940)=""/218, 0xda}, {&(0x7f000001fa40)=""/149, 0x95}, {&(0x7f000001fb00)=""/183, 0xb7}, {&(0x7f000001fbc0)=""/13, 0xd}, {&(0x7f000001fc00)=""/203, 0xcb}, {&(0x7f000001fd00)=""/4096, 0x1000}, {&(0x7f0000020d00)=""/167, 0xa7}, {&(0x7f0000020dc0)=""/109, 0x6d}, {&(0x7f0000020e40)=""/23, 0x17}, {&(0x7f0000020e80)=""/71, 0x47}], 0xa}}, {{&(0x7f0000020fc0), 0x6e, &(0x7f0000021280)=[{&(0x7f0000021040)=""/171, 0xab}, {&(0x7f0000021100)=""/99, 0x63}, {&(0x7f0000021180)=""/15, 0xf}, {&(0x7f00000211c0)=""/161, 0xa1}], 0x4}}, {{&(0x7f00000212c0), 0x6e, &(0x7f0000021480)=[{&(0x7f0000021340)=""/119, 0x77}, {&(0x7f00000213c0)}, {&(0x7f0000021400)=""/77, 0x4d}], 0x3, &(0x7f00000214c0)=[@cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x70}}], 0x9, 0x11000, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000015c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_REG(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)={0x1c, r4, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x4000010)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000001a40)=""/102392, 0x18ff8)
r6 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r6, &(0x7f0000000200)={0xa, 0x0, 0xfffffffd, @local, 0x1}, 0x1c)
r7 = syz_open_dev$video(&(0x7f0000000040), 0x6, 0x480000)
ioctl$VIDIOC_LOG_STATUS(r7, 0x5646, 0x0)
r8 = dup(r6)
r9 = open(&(0x7f00000000c0)='./file0\x00', 0x16f8c2, 0x0)
ftruncate(r9, 0x200004)
sendfile(r8, r9, 0x0, 0x80001d00c0d1)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$BINDER_SET_MAX_THREADS(r0, 0x40046205, 0x0)
r10 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
read$FUSE(r10, &(0x7f0000005180)={0x2020}, 0x2020)

2m17.343188468s ago: executing program 2 (id=2422):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
r4 = syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0)
r5 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x80383, 0x0)
read$midi(r4, 0x0, 0x0)
ioctl$SNDCTL_SEQ_PANIC(r5, 0x5100)
read$midi(r4, 0x0, 0x0)
r6 = userfaultfd(0x80801)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x100})
ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r6, 0xc028aa03, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x4, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mknod$loop(&(0x7f0000000000)='./file0\x00', 0x3ed238d32da7c388, 0x0)
r7 = socket$inet6(0xa, 0x3, 0x3c)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e22, 0xffff, @rand_addr=' \x01\x00'}, 0x1c)
connect$inet6(r7, &(0x7f0000000000)={0xa, 0x4000, 0x0, @remote, 0x5}, 0x1c)
writev(r7, &(0x7f00000000c0)=[{&(0x7f0000000100)=',', 0xffdf}], 0x1)

2m16.121035263s ago: executing program 5 (id=2424):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file1\x00', &(0x7f0000000140), 0x2, &(0x7f0000002400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f0000000200)={0x2020, 0x0, <r2=>0x0}, 0x2020)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x40, 0x0, 0x3, 0x1, 0x0, 0xce, 0x0, 0x1})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
io_uring_enter(0xffffffffffffffff, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
write$FUSE_INIT(r1, &(0x7f0000002300)={0x50, 0x0, r2, {0x7, 0x9, 0x0, 0x31008003, 0xfffe}}, 0x50)

2m15.890770353s ago: executing program 0 (id=2425):
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="00222200000096010006010003000000002a90a08538b3"], 0x0}, 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_ep_write(r1, 0x3f, 0x6c, &(0x7f0000000100)="2a729a3b669ca8b0634e3f1c6db665c2117871793b429cdb537d7c0e0629ad4e1d82bc54a89adb3aac2ddb84d1fb8b46b849f57e7e2eeb4a6ddb2bb4319697992ffe4ac6971ce7b953cc6cd5470aa43ab1d8d536044660c8bd283f32132c0b0fcf244fcf44bf1b8cc8861b4e")
read$char_usb(r0, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
sendmsg$tipc(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440), 0x0, 0x0, 0x0, 0x4c001}, 0x240000d5)
recvmsg(r2, 0x0, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff6000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc89e, 0xc000, 0x8, 0xc1})
r3 = syz_init_net_socket$ax25(0x3, 0x2, 0xcb)
bind$ax25(r3, &(0x7f0000000540)={{0x3, @bcast, 0x1}, [@default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48)
connect$ax25(r3, &(0x7f00000001c0)={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x3a)
capget(&(0x7f0000feaff9)={0x20071026}, &(0x7f00000001c0))
syz_usb_ep_write(0xffffffffffffffff, 0x81, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
setreuid(0x0, 0xee00)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r4, 0x29, 0x20, &(0x7f00000000c0)="0bbb268dd6ffa80800030000000000000000210d0000aaa8fa017242ba9380d4", 0x20)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="180500000000040000000000000000008500000067c599e84ffb72373c23942a0956167a0000009500000000000000d4ceddf04a56ed813bf0fc7ba70a6940fa956fe64e9e7620b0d1cd"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r6, 0x1, 0x32, &(0x7f0000000640)=r5, 0x4)
sendmsg$unix(r7, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0xc000090)
socket(0x18, 0x1, 0x61d)

2m15.890164131s ago: executing program 1 (id=2426):
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = socket(0x11, 0x3, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$sock_inet_SIOCSIFADDR(r0, 0x8918, &(0x7f0000000480)={'veth1_macvtap\x00', {0x2, 0x80, @multicast1}})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r1 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000140)=<r2=>0x0)
sched_setaffinity(r2, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102392, 0x18ff8)
r4 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x202c81, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r4, 0xc004500a, &(0x7f0000000240)=0x3)
ioctl$SNDCTL_DSP_CHANNELS(r4, 0xc0045006, &(0x7f0000000080)=0x7f)
syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000100))
socket$kcm(0x11, 0x3, 0x0)
ioctl$SNDCTL_DSP_SPEED(r4, 0xc0045002, &(0x7f00000000c0))
read$dsp(r4, &(0x7f00000001c0)=""/95, 0x2)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
epoll_create1(0x80000)
setsockopt$inet6_IPV6_HOPOPTS(r5, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8)
openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000180), 0x40000, 0x0)
ptrace$PTRACE_SECCOMP_GET_FILTER(0x420c, r2, 0x1000, &(0x7f0000000340)=""/239)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="140001"], 0x3c}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@newtaction={0x48, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x34, 0x1, [@m_sample={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x4, {0x7}}}}]}]}, 0x48}}, 0x0)
sendmsg$kcm(r6, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000440)}, 0x20044011)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x4, 0x6, @mcast2, 0x5}, 0x1c)
write(r5, &(0x7f00000000c0)="8f2a0a65bd8c3a2b0304000e0580a7b6070d63e286a5cefe", 0x5ac)

2m15.889691626s ago: executing program 5 (id=2427):
openat$autofs(0xffffffffffffff9c, 0x0, 0x10000, 0x0)
syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x4, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000004340)=""/102376, 0x18fe8)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@newtaction={0x48, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x34, 0x1, [@m_sample={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x4, {0x3}}}}]}]}, 0x48}}, 0x0)
socket$kcm(0x10, 0x2, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)=ANY=[@ANYBLOB="3800000054000100010000000000000007000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="010002006401010000000000000000000000000086dd"], 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(0xffffffffffffffff, 0x10, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000540)=[{0x0}, {0x0}], 0x0, 0x2}, 0x20)
r1 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, 0x0, 0x310)
prctl$PR_SET_NO_NEW_PRIVS(0x43, 0x1)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, 0xffffffffffffffff, 0x0)

2m15.833971994s ago: executing program 2 (id=2428):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x6, 0x10000001, 0x0, 0x0, 0xb49, 0xff, 0x8, 0x0, 0x6}, 0x0)
rseq(&(0x7f0000000400), 0x20, 0x0, 0x0)
io_setup(0x8, &(0x7f0000000000))
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x1, 0x0, &(0x7f0000000480))
syz_open_dev$dri(&(0x7f00000000c0), 0x8000000000000005, 0x2000)
syz_open_procfs(0x0, &(0x7f0000000000)='mountinfo\x00')
r2 = getpid()
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r3, &(0x7f0000004ec0)=[{0x0}], 0x1, 0x8000, 0x0)
r4 = syz_pidfd_open(r2, 0x0)
setns(r4, 0x8020000)
mount_setattr(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', 0x8000, &(0x7f0000001dc0)={0x8, 0x72, 0x80000}, 0x20)
open$dir(0x0, 0x400000, 0x100)
socket$inet(0x2b, 0x800, 0x8)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r5, &(0x7f00000000c0)={0x2, 0x4e20, @broadcast}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
mkdir(&(0x7f0000000140)='./file1\x00', 0x1a0)
mount(0x0, &(0x7f0000000200)='./file1\x00', &(0x7f00000002c0)='tmpfs\x00', 0x8, &(0x7f0000000300)='usrquota')
r6 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r6, 0xffffffff80000800, 0x0, 0x0)

2m15.521917915s ago: executing program 5 (id=2429):
inotify_init()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000300)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000600)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
lsm_get_self_attr(0x65, 0x0, 0xffffffffffffffff, 0x1)

2m15.172702309s ago: executing program 5 (id=2430):
openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4001af83, &(0x7f00000000c0))
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)

2m15.116691484s ago: executing program 5 (id=2431):
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x10)
openat$kvm(0xffffffffffffff9c, 0x0, 0x40400, 0x0)
prlimit64(0x0, 0x4, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x6, 0x50, 0xffffffffffffffff, 0x0)
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x1}, 0x2)
madvise(&(0x7f000072a000/0x4000)=nil, 0x4000, 0x4)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x10)
write$cgroup_int(r2, &(0x7f0000000000)=0x2b00, 0x12)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, 0xffffffffffffffff, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r3, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x100000a, 0x12, 0xffffffffffffffff, 0xffffe000)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0xc, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x10, '\x00', 0x0, @fallback=0x12, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r4 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000cc0), 0x50e140, 0x0)
ioctl$PTP_SYS_OFFSET_PRECISE(r4, 0xc0403d08, 0x0)

2m14.670881056s ago: executing program 4 (id=2432):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000640)={0x0, r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2c}}, 0x10)
sendmmsg$inet(r4, &(0x7f0000003cc0)=[{{&(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000d40)=ANY=[@ANYBLOB="14000000000000000000000007"], 0x18}}], 0x1, 0x44008004)
r5 = socket$inet6(0xa, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r5, 0x89f0, &(0x7f0000001440)={'ip6_vti0\x00', &(0x7f0000000100)=@ethtool_pauseparam={0x13, 0x1000, 0xfff, 0xf}})
write$binfmt_misc(r4, &(0x7f0000000300), 0xfdef)
r6 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000240)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000280)=@newqdisc={0x16c, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r7, {}, {0xffff, 0xffff}, {0x0, 0xfff2}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_FWMARK={0x8, 0x12, 0xffffffff}]}}, @TCA_STAB={0x130, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x2, 0x4, 0x7, 0x4, 0x0, 0x6, 0x3, 0x1}}, {0x6, 0x2, [0x2]}}, {{0x1c, 0x1, {0x1, 0x7, 0x1, 0x7f, 0x1, 0x5, 0xcfc, 0x5}}, {0xe, 0x2, [0x14f4, 0x3571, 0x3, 0xa685, 0x1]}}, {{0x1c, 0x1, {0x3b, 0xb, 0xa1, 0x3, 0x2, 0x3, 0x9, 0x3}}, {0xa, 0x2, [0x4, 0xfe4, 0xffff]}}, {{0x1c, 0x1, {0x5, 0x3, 0x8, 0x7706, 0x0, 0x2, 0xd, 0xa}}, {0x18, 0x2, [0x5, 0x8, 0x4, 0xff7f, 0x9, 0x7, 0xd2a, 0x0, 0x2, 0x8]}}, {{0x1c, 0x1, {0x80, 0x83, 0x4, 0x1, 0x0, 0xeb, 0x445, 0x5}}, {0xe, 0x2, [0x1ff, 0x1, 0x51, 0x5, 0x8]}}, {{0x1c, 0x1, {0x6, 0x8, 0x1, 0x3, 0x1, 0x7, 0x0, 0x7}}, {0x12, 0x2, [0xa, 0x42b, 0x9, 0x5, 0x5, 0x40, 0xa]}}, {{0x1c, 0x1, {0x1, 0xe, 0x800, 0x7623, 0x2, 0xfffffc00, 0x401, 0x1}}, {0x6, 0x2, [0x8]}}]}]}, 0x16c}}, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x300000c, 0x204031, 0xffffffffffffffff, 0xffffd000)
r8 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r8, 0x107, 0x13, &(0x7f00000001c0)=0x1080, 0x4)

2m14.524442161s ago: executing program 2 (id=2433):
openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
r1 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000700)='source', &(0x7f0000000780)='c:::/\x83\xc1\xcfD\xc4AO\x06)\xb03\xfcI\x95w\x96\x9b\xe9\xa6\x1a\x96\xael\x11\xa6\x06\xe3G\xb1\x1d$\xc2;\x8f\xf3\x13\xebB\x93\x94\x01\x8b\x88\xeb\xa3\x01\rx\x86bK&\x13a~\x04/\x18\x14ZM\xcb\xad\x92>\xe5\x01V\xdc\x05#\x13\xe9F\xa0\x1b\xf8\xe12\xe9\x80\x988\xd8?\x86\xe9i\x7f\xa8\xe0c\x94\xc1\xa8\xbf\xff\xfe\xfe!\x7f2\xf1\xc7P\x80A\x1c2k\xf6}P\x19\xee:i|0\x1c\x13u\xb0I\xaa\xe3\x14\x9a\x1f\x9f(\xd1$\x06\xa8&t&A0\xa7\xef\x9cL\x8e1K\x00\x00\x00\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4001af83, &(0x7f00000000c0))
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)

2m14.102358186s ago: executing program 5 (id=2434):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x80, 0x0)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020e0000150000000000000000000000030005000000000002004e24ac1e00010000000000000000030006003c000000020000fc34000000000000000000000001001800000000000800120020000200fcffffff0000000006003300000000000000000000000000fe8000000000000000000000000000aa000000000000000000000000000000000400"], 0xa8}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$MRT6_ADD_MFC(r1, 0x29, 0xcc, &(0x7f0000000480)={{0xa, 0x4e24, 0x6, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x6}, {0xa, 0x4e23, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, 0x5d}, 0x1, {[0x5bb, 0x0, 0xfffff800, 0x70, 0x7, 0x9, 0x6, 0xe2c]}}, 0x5c)
sendmsg$nl_route(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=@setneightbl={0x14, 0x43, 0x1, 0xffff7ffe, 0x0, {0xa}}, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000600)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r4, @ANYBLOB="f5ff0f00252155b21c0012000c000100626f6e64000000000c0002000800010001"], 0x3c}}, 0x40000)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=@newlink={0x3c, 0x10, 0x503, 0x0, 0x700, {0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @vcan={{0x9}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0xc0b0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './bus'}}], [], 0x2c})
chdir(&(0x7f0000000080)='./file0\x00')
symlink(&(0x7f0000002080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000800)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
setsockopt$bt_BT_CHANNEL_POLICY(r1, 0x112, 0xa, &(0x7f0000000200)=0x3, 0x4)
r5 = add_key$keyring(&(0x7f0000000740), &(0x7f0000000780)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
add_key$fscrypt_provisioning(&(0x7f0000000380), &(0x7f0000000500)={'syz', 0x0}, &(0x7f0000000700)={0x1}, 0x8, r5)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000002700)=""/102392, 0x18ff8)
utime(&(0x7f0000000240)='./bus\x00', &(0x7f0000000340)={0x1, 0x100})
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cpuset.effective_cpus\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f00000005c0)={r7, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x20, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "2809e8dbe108598927875397bab22d0000b420a9c81f40f05f819e01177d3d458dac00000000000000000000003b00000000000000000200", "90be8b1c5512406c7f00", [0x4, 0x40000000000000]}})

2m13.759049125s ago: executing program 4 (id=2435):
r0 = syz_clone(0x2008400, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = signalfd4(0xffffffffffffffff, &(0x7f00000008c0), 0x8, 0x800)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x2400, 0x0)
r4 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r5 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r5, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r5, 0x7a0, &(0x7f0000000000)={@local})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r5, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x5e, 0x0, 0xfffffffffffffffe})
ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, &(0x7f0000000240)={@hyper})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r4, 0x7a8, &(0x7f0000000000)={{@hyper}, @my=0x0, 0x0, 0x0, 0x421, 0x0, 0x0, 0x0, 0xdd0})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r4, 0x7a8, &(0x7f0000000080)={{@hyper, 0x2}, @any, 0x0, 0x0, 0x2, 0x6, 0x9a6, 0x10001, 0x8})
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRESHEX, @ANYRES32=r2], 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x20010814)
close(r3)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000040), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="14cc3d8f6fcd82e8ec40572376b4b314e2b04d4b94d0b30a7f26fd3aa2e31634d9b28bc69212ddf9ba7ec8448ae842fc9907e9677c160b869a0f4caeb3f2a0d643c1cb223cb347b9db3e7d12baed9781b488ff6aedf609"])
r7 = gettid()
rt_sigsuspend(&(0x7f0000000040)={[0x3]}, 0x8)
tkill(r7, 0x7)
r8 = syz_open_dev$dri(&(0x7f0000000a40), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r8, 0xc01064bd, &(0x7f0000000040)={0x0})
r9 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
ioctl$TCXONC(r9, 0x540a, 0x0)
fchdir(r9)
mount(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000100)='msdos\x00', 0x189, 0x0)
read$msr(r9, &(0x7f0000000900)=""/4096, 0x1000)
syz_open_procfs(r0, &(0x7f0000000000)='map_files\x00')

2m13.355944482s ago: executing program 1 (id=2436):
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0), 0x141602, 0x0)
openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f00000003c0), 0x101a02, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e020023000b02d25a806f8c6394f90924fc60040f030047000000053582c137153e370248018000f01700d1", 0x2d}], 0x1}, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0xd4600, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000000300)=""/102392, 0x18ff8)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000100)=ANY=[@ANYRESHEX=r2, @ANYRES16=r0], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x6, 0x10, &(0x7f0000019440)=ANY=[@ANYBLOB="1800000021bf0000000000000300000018110000dd1912ae230b174ba633d25c0700b4dc7bc15e9318f2b4944873471d169cdf8801000000000000004f1d504f2c42431cc100e178266d5ff262df2dc436e6d28dd56892383fec26215fd063b4c9b0f4fa73776ae3c38de6acd08dbd7456f6b54902ff48566e4593ed1903360fd1bdbdad2e60d985bebd95d8e90f3923ba60194f0c0a45012fe40c6a23d5941323cf423e136021488f3970c481", @ANYRES32=r4, @ANYRES8=r0], &(0x7f0000000200)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x6, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
socket$nl_route(0x10, 0x3, 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCXONC(r5, 0x4b45, 0x2)
r6 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r6, 0x4048ae9b, &(0x7f0000019300)={0x0, 0x0, [0x40000000004, 0x64f, 0x81, 0x7, 0x3, 0x4ffff, 0x77, 0x1000000000]})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
r7 = syz_io_uring_setup(0x49a, 0x0, &(0x7f0000000500)=<r8=>0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, 0x0, 0x0, 0x4)
r9 = io_uring_register$IORING_REGISTER_PERSONALITY(r7, 0x9, 0x0, 0x0)
syz_io_uring_submit(r8, 0x0, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x9, 0x0, 0x0, 0x0, {0x200}, 0x1, {0x0, r9}})
close_range(r0, r7, 0x2)
syz_io_uring_submit(0x0, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x207a98, 0x0, 0x0, 0x0, 0x0)

2m5.12264421s ago: executing program 1 (id=2437):
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x22401)
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='task\x00')
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0))
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r2=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r2, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
mq_open(&(0x7f0000000180)='$@\x00', 0x1, 0x185, 0x0)
keyctl$dh_compute(0x17, &(0x7f0000000d80), 0x0, 0x0, &(0x7f0000000f00)={&(0x7f0000000ec0)={'cryptd(blake2b-160)\x00'}})
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000000)={'wg2\x00', &(0x7f0000002fc0)=@ethtool_eeprom={0x7, 0x7, 0x7f}})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000080)={0x1, 0x8001}, 0x8)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r5, 0x4048ae9b, &(0x7f00000001c0)={0x70003, 0x0, [0x7, 0xb, 0x2, 0x9, 0x7, 0x6, 0x3000000002, 0x1]})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

1m28.777842638s ago: executing program 33 (id=2425):
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="00222200000096010006010003000000002a90a08538b3"], 0x0}, 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_ep_write(r1, 0x3f, 0x6c, &(0x7f0000000100)="2a729a3b669ca8b0634e3f1c6db665c2117871793b429cdb537d7c0e0629ad4e1d82bc54a89adb3aac2ddb84d1fb8b46b849f57e7e2eeb4a6ddb2bb4319697992ffe4ac6971ce7b953cc6cd5470aa43ab1d8d536044660c8bd283f32132c0b0fcf244fcf44bf1b8cc8861b4e")
read$char_usb(r0, 0x0, 0x0)
read$char_usb(0xffffffffffffffff, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
sendmsg$tipc(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000440), 0x0, 0x0, 0x0, 0x4c001}, 0x240000d5)
recvmsg(r2, 0x0, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff6000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc89e, 0xc000, 0x8, 0xc1})
r3 = syz_init_net_socket$ax25(0x3, 0x2, 0xcb)
bind$ax25(r3, &(0x7f0000000540)={{0x3, @bcast, 0x1}, [@default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48)
connect$ax25(r3, &(0x7f00000001c0)={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x3a)
capget(&(0x7f0000feaff9)={0x20071026}, &(0x7f00000001c0))
syz_usb_ep_write(0xffffffffffffffff, 0x81, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
setreuid(0x0, 0xee00)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r4, 0x29, 0x20, &(0x7f00000000c0)="0bbb268dd6ffa80800030000000000000000210d0000aaa8fa017242ba9380d4", 0x20)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="180500000000040000000000000000008500000067c599e84ffb72373c23942a0956167a0000009500000000000000d4ceddf04a56ed813bf0fc7ba70a6940fa956fe64e9e7620b0d1cd"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r6, 0x1, 0x32, &(0x7f0000000640)=r5, 0x4)
sendmsg$unix(r7, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0xc000090)
socket(0x18, 0x1, 0x61d)

1m25.26840175s ago: executing program 34 (id=2437):
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x22401)
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='task\x00')
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0))
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r2=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r2, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
mq_open(&(0x7f0000000180)='$@\x00', 0x1, 0x185, 0x0)
keyctl$dh_compute(0x17, &(0x7f0000000d80), 0x0, 0x0, &(0x7f0000000f00)={&(0x7f0000000ec0)={'cryptd(blake2b-160)\x00'}})
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000000)={'wg2\x00', &(0x7f0000002fc0)=@ethtool_eeprom={0x7, 0x7, 0x7f}})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000080)={0x1, 0x8001}, 0x8)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r5, 0x4048ae9b, &(0x7f00000001c0)={0x70003, 0x0, [0x7, 0xb, 0x2, 0x9, 0x7, 0x6, 0x3000000002, 0x1]})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

58.735423388s ago: executing program 35 (id=2433):
openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
r1 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000700)='source', &(0x7f0000000780)='c:::/\x83\xc1\xcfD\xc4AO\x06)\xb03\xfcI\x95w\x96\x9b\xe9\xa6\x1a\x96\xael\x11\xa6\x06\xe3G\xb1\x1d$\xc2;\x8f\xf3\x13\xebB\x93\x94\x01\x8b\x88\xeb\xa3\x01\rx\x86bK&\x13a~\x04/\x18\x14ZM\xcb\xad\x92>\xe5\x01V\xdc\x05#\x13\xe9F\xa0\x1b\xf8\xe12\xe9\x80\x988\xd8?\x86\xe9i\x7f\xa8\xe0c\x94\xc1\xa8\xbf\xff\xfe\xfe!\x7f2\xf1\xc7P\x80A\x1c2k\xf6}P\x19\xee:i|0\x1c\x13u\xb0I\xaa\xe3\x14\x9a\x1f\x9f(\xd1$\x06\xa8&t&A0\xa7\xef\x9cL\x8e1K\x00\x00\x00\x00\x00\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4001af83, &(0x7f00000000c0))
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)

58.730351862s ago: executing program 36 (id=2434):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x80, 0x0)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020e0000150000000000000000000000030005000000000002004e24ac1e00010000000000000000030006003c000000020000fc34000000000000000000000001001800000000000800120020000200fcffffff0000000006003300000000000000000000000000fe8000000000000000000000000000aa000000000000000000000000000000000400"], 0xa8}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$MRT6_ADD_MFC(r1, 0x29, 0xcc, &(0x7f0000000480)={{0xa, 0x4e24, 0x6, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x6}, {0xa, 0x4e23, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, 0x5d}, 0x1, {[0x5bb, 0x0, 0xfffff800, 0x70, 0x7, 0x9, 0x6, 0xe2c]}}, 0x5c)
sendmsg$nl_route(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=@setneightbl={0x14, 0x43, 0x1, 0xffff7ffe, 0x0, {0xa}}, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000600)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r4, @ANYBLOB="f5ff0f00252155b21c0012000c000100626f6e64000000000c0002000800010001"], 0x3c}}, 0x40000)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=@newlink={0x3c, 0x10, 0x503, 0x0, 0x700, {0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @vcan={{0x9}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0xc0b0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './bus'}}], [], 0x2c})
chdir(&(0x7f0000000080)='./file0\x00')
symlink(&(0x7f0000002080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000800)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
setsockopt$bt_BT_CHANNEL_POLICY(r1, 0x112, 0xa, &(0x7f0000000200)=0x3, 0x4)
r5 = add_key$keyring(&(0x7f0000000740), &(0x7f0000000780)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
add_key$fscrypt_provisioning(&(0x7f0000000380), &(0x7f0000000500)={'syz', 0x0}, &(0x7f0000000700)={0x1}, 0x8, r5)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000002700)=""/102392, 0x18ff8)
utime(&(0x7f0000000240)='./bus\x00', &(0x7f0000000340)={0x1, 0x100})
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cpuset.effective_cpus\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, &(0x7f00000005c0)={r7, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x20, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09de2b7fb0a0100000000000000000300", "2809e8dbe108598927875397bab22d0000b420a9c81f40f05f819e01177d3d458dac00000000000000000000003b00000000000000000200", "90be8b1c5512406c7f00", [0x4, 0x40000000000000]}})

0s ago: executing program 37 (id=2435):
r0 = syz_clone(0x2008400, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = signalfd4(0xffffffffffffffff, &(0x7f00000008c0), 0x8, 0x800)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x2400, 0x0)
r4 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r5 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r5, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r5, 0x7a0, &(0x7f0000000000)={@local})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r5, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x5e, 0x0, 0xfffffffffffffffe})
ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, &(0x7f0000000240)={@hyper})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r4, 0x7a8, &(0x7f0000000000)={{@hyper}, @my=0x0, 0x0, 0x0, 0x421, 0x0, 0x0, 0x0, 0xdd0})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r4, 0x7a8, &(0x7f0000000080)={{@hyper, 0x2}, @any, 0x0, 0x0, 0x2, 0x6, 0x9a6, 0x10001, 0x8})
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRESHEX, @ANYRES32=r2], 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x20010814)
close(r3)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000040), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="14cc3d8f6fcd82e8ec40572376b4b314e2b04d4b94d0b30a7f26fd3aa2e31634d9b28bc69212ddf9ba7ec8448ae842fc9907e9677c160b869a0f4caeb3f2a0d643c1cb223cb347b9db3e7d12baed9781b488ff6aedf609"])
r7 = gettid()
rt_sigsuspend(&(0x7f0000000040)={[0x3]}, 0x8)
tkill(r7, 0x7)
r8 = syz_open_dev$dri(&(0x7f0000000a40), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r8, 0xc01064bd, &(0x7f0000000040)={0x0})
r9 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
ioctl$TCXONC(r9, 0x540a, 0x0)
fchdir(r9)
mount(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000100)='msdos\x00', 0x189, 0x0)
read$msr(r9, &(0x7f0000000900)=""/4096, 0x1000)
syz_open_procfs(r0, &(0x7f0000000000)='map_files\x00')

kernel console output (not intermixed with test programs):

dm_r:sysadm_t tclass=system permissive=1
[  641.646440][T13098] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  642.281563][T12303] usb 2-1: new high-speed USB device number 63 using dummy_hcd
[  642.441553][T12303] usb 2-1: Using ep0 maxpacket: 8
[  642.455475][T12303] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  642.475296][T12303] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  642.511601][T12303] usb 2-1: config 16 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  642.525040][T12303] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  642.538657][T12303] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  642.566179][T12303] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  642.626848][T12303] usbtmc 2-1:16.0: bulk endpoints not found
[  642.771768][T13109] FAULT_INJECTION: forcing a failure.
[  642.771768][T13109] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  642.784847][T13109] CPU: 0 UID: 0 PID: 13109 Comm: syz.4.1855 Not tainted syzkaller #0 PREEMPT(full) 
[  642.784864][T13109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  642.784870][T13109] Call Trace:
[  642.784874][T13109]  <TASK>
[  642.784878][T13109]  dump_stack_lvl+0x16c/0x1f0
[  642.784895][T13109]  should_fail_ex+0x512/0x640
[  642.784909][T13109]  _copy_from_user+0x2e/0xd0
[  642.784924][T13109]  vhost_vsock_dev_ioctl+0x5f4/0xb30
[  642.784940][T13109]  ? hook_file_ioctl_common+0x145/0x410
[  642.784953][T13109]  ? __pfx_vhost_vsock_dev_ioctl+0x10/0x10
[  642.784970][T13109]  ? selinux_file_ioctl+0xb4/0x270
[  642.784986][T13109]  ? __pfx_vhost_vsock_dev_ioctl+0x10/0x10
[  642.785001][T13109]  __x64_sys_ioctl+0x18b/0x210
[  642.785026][T13109]  do_syscall_64+0xcd/0x4c0
[  642.785047][T13109]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  642.785066][T13109] RIP: 0033:0x7f85dd58ebe9
[  642.785076][T13109] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  642.785087][T13109] RSP: 002b:00007f85de493038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  642.785098][T13109] RAX: ffffffffffffffda RBX: 00007f85dd7b5fa0 RCX: 00007f85dd58ebe9
[  642.785105][T13109] RDX: 0000200000000400 RSI: 000000004008af00 RDI: 0000000000000003
[  642.785112][T13109] RBP: 00007f85de493090 R08: 0000000000000000 R09: 0000000000000000
[  642.785118][T13109] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  642.785125][T13109] R13: 00007f85dd7b6038 R14: 00007f85dd7b5fa0 R15: 00007ffc3bfa5f08
[  642.785138][T13109]  </TASK>
[  643.390560][T13118] kAFS: unable to lookup cell '(0.xlI��|.�(�Wi�2��TY>�1	��'
[  643.715309][   T51] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[  643.776342][   T30] audit: type=1400 audit(1756136271.389:374): avc:  denied  { append } for  pid=13124 comm="syz.3.1859" name="event1" dev="devtmpfs" ino=919 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  644.409776][   T30] audit: type=1400 audit(1756136271.959:375): avc:  denied  { read } for  pid=13124 comm="syz.3.1859" name="btrfs-control" dev="devtmpfs" ino=1316 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  644.434684][   T30] audit: type=1400 audit(1756136271.959:376): avc:  denied  { open } for  pid=13124 comm="syz.3.1859" path="/dev/btrfs-control" dev="devtmpfs" ino=1316 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  644.557689][T13133] SELinux:  Context : is not valid (left unmapped).
[  644.565962][   T30] audit: type=1400 audit(1756136272.179:377): avc:  denied  { relabelto } for  pid=13132 comm="syz.4.1860" name="rdma.current" dev="tmpfs" ino=1948 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon=":"
[  644.595638][   T30] audit: type=1400 audit(1756136272.189:378): avc:  denied  { associate } for  pid=13132 comm="syz.4.1860" name="rdma.current" dev="tmpfs" ino=1948 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon=":"
[  644.625272][   T30] audit: type=1400 audit(1756136272.229:379): avc:  denied  { ioctl } for  pid=13132 comm="syz.4.1860" path="/357/rdma.current" dev="tmpfs" ino=1948 ioctlcmd=0xaf00 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon=":"
[  644.673178][   T30] audit: type=1400 audit(1756136272.289:380): avc:  denied  { unlink } for  pid=5844 comm="syz-executor" name="rdma.current" dev="tmpfs" ino=1948 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon=":"
[  644.730173][T13138] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  644.740973][   T30] audit: type=1400 audit(1756136272.339:381): avc:  denied  { map } for  pid=13134 comm="syz.2.1861" path="socket:[44779]" dev="sockfs" ino=44779 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  644.768716][   T30] audit: type=1400 audit(1756136272.339:382): avc:  denied  { read } for  pid=13134 comm="syz.2.1861" path="socket:[44779]" dev="sockfs" ino=44779 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  645.066183][ T5918] usb 2-1: USB disconnect, device number 63
[  646.314840][T13147] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  646.325287][   T30] audit: type=1400 audit(1756136273.759:383): avc:  denied  { map } for  pid=13145 comm="syz.3.1863" path="/dev/dri/card0" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  646.493494][T13161] IPVS: length: 146 != 8
[  646.561602][T12300] usb 5-1: new high-speed USB device number 58 using dummy_hcd
[  646.568031][T13145] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  646.642715][T13152] kAFS: unable to lookup cell '(0.xlI��|.�(�Wi�2��TY>�1	��'
[  646.734399][T12300] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[  646.744528][T12300] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 0
[  646.850825][T12300] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  646.870753][T12300] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  646.884891][T12300] usb 5-1: New USB device found, idVendor=0451, idProduct=3410, bcdDevice=ef.1e
[  646.894669][T12300] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  646.915184][T12300] usb 5-1: Product: syz
[  646.922789][T12300] usb 5-1: Manufacturer: syz
[  646.927440][T12300] usb 5-1: SerialNumber: syz
[  646.940501][T12300] usb 5-1: config 0 descriptor??
[  646.978893][T12300] ti_usb_3410_5052 5-1:0.0: TI USB 3410 1 port adapter converter detected
[  646.992663][T12300] usb 5-1: TI USB 3410 1 port adapter converter now attached to ttyUSB0
[  647.232397][T13158] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  647.407265][T13158] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  647.682127][T13158] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  647.694986][T13158] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  647.700566][T13184] netlink: 'syz.2.1872': attribute type 6 has an invalid length.
[  647.751636][T12300] usb 2-1: new full-speed USB device number 64 using dummy_hcd
[  647.755029][T13158] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  647.839252][T13158] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  647.942775][T12300] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  647.955350][T12300] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  647.966476][T12300] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  648.019095][T12300] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  648.074012][T13180] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1872'.
[  648.102484][T12300] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  648.111749][T12300] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  648.121558][T12300] usb 2-1: Manufacturer: syz
[  648.185509][T12300] usb 2-1: config 0 descriptor??
[  648.339580][ T5974] usb 5-1: USB disconnect, device number 58
[  648.347726][ T5974] ti_usb_3410_5052_1 ttyUSB0: TI USB 3410 1 port adapter converter now disconnected from ttyUSB0
[  648.376642][ T5974] ti_usb_3410_5052 5-1:0.0: device disconnected
[  648.664104][T12300] rc_core: IR keymap rc-hauppauge not found
[  648.681775][T12300] Registered IR keymap rc-empty
[  648.692536][T12300] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  648.721765][T12300] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  648.762769][T12300] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[  648.789669][T12300] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input82
[  648.820438][T12300] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  648.844797][T12300] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  648.890349][T12300] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  649.035824][T12300] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  649.221832][T12300] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  649.391959][T12300] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  649.462178][T12300] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  649.531782][T12300] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  649.590841][T12300] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  649.725654][T12300] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  649.865128][T12300] mceusb 2-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  649.973440][T13224] QAT: failed to copy from user cfg_data.
[  650.059433][T13227] QAT: failed to copy from user.
[  650.084772][T13228] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  650.116548][T13229] ptrace attach of "./syz-executor exec"[5850] was attempted by "./syz-executor exec"[13229]
[  650.620053][T12300] mceusb 2-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  650.644726][T12300] usb 2-1: USB disconnect, device number 64
[  652.665678][T13246] input: syz1 as /devices/virtual/input/input83
[  652.938347][   T30] kauditd_printk_skb: 8 callbacks suppressed
[  652.938362][   T30] audit: type=1400 audit(1756136280.549:392): avc:  denied  { write } for  pid=13250 comm="syz.0.1889" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  653.291611][T12300] usb 5-1: new full-speed USB device number 59 using dummy_hcd
[  653.316163][T13263] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[  653.324976][T13263] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[  653.333663][T13263] netdevsim netdevsim1: Falling back to sysfs fallback for: .
[  653.605863][T13267] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.1895'.
[  653.671318][T12300] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  653.830822][T12300] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  653.842063][T12300] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  653.851815][T12300] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  653.865716][T12300] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  653.881561][T12300] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  653.899422][T12300] usb 5-1: Manufacturer: syz
[  653.911170][T12300] usb 5-1: config 0 descriptor??
[  654.361783][T12300] rc_core: IR keymap rc-hauppauge not found
[  654.373374][T12300] Registered IR keymap rc-empty
[  654.389443][T12300] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  654.404738][T13273] FAULT_INJECTION: forcing a failure.
[  654.404738][T13273] name failslab, interval 1, probability 0, space 0, times 0
[  654.418050][T13273] CPU: 0 UID: 0 PID: 13273 Comm: syz.1.1897 Not tainted syzkaller #0 PREEMPT(full) 
[  654.418074][T13273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  654.418084][T13273] Call Trace:
[  654.418089][T13273]  <TASK>
[  654.418095][T13273]  dump_stack_lvl+0x16c/0x1f0
[  654.418120][T13273]  should_fail_ex+0x512/0x640
[  654.418143][T13273]  should_failslab+0xc2/0x120
[  654.418163][T13273]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  654.418181][T13273]  ? skb_clone+0x190/0x3f0
[  654.418203][T13273]  skb_clone+0x190/0x3f0
[  654.418222][T13273]  netlink_deliver_tap+0xabd/0xd30
[  654.418247][T13273]  netlink_unicast+0x64c/0x870
[  654.418270][T13273]  ? __pfx_netlink_unicast+0x10/0x10
[  654.418289][T13273]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  654.418316][T13273]  netlink_sendmsg+0x8d1/0xdd0
[  654.418339][T13273]  ? __pfx_netlink_sendmsg+0x10/0x10
[  654.418368][T13273]  ____sys_sendmsg+0xa95/0xc70
[  654.418391][T13273]  ? copy_msghdr_from_user+0x10a/0x160
[  654.418409][T13273]  ? __pfx_____sys_sendmsg+0x10/0x10
[  654.418443][T13273]  ___sys_sendmsg+0x134/0x1d0
[  654.418463][T13273]  ? __pfx____sys_sendmsg+0x10/0x10
[  654.418510][T13273]  __sys_sendmsg+0x16d/0x220
[  654.418529][T13273]  ? __pfx___sys_sendmsg+0x10/0x10
[  654.418563][T13273]  do_syscall_64+0xcd/0x4c0
[  654.418585][T13273]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  654.418603][T13273] RIP: 0033:0x7fa93d58ebe9
[  654.418617][T13273] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  654.418633][T13273] RSP: 002b:00007fa93e330038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  654.418650][T13273] RAX: ffffffffffffffda RBX: 00007fa93d7b5fa0 RCX: 00007fa93d58ebe9
[  654.418660][T13273] RDX: 0000000000004000 RSI: 0000200000004440 RDI: 0000000000000003
[  654.418670][T13273] RBP: 00007fa93e330090 R08: 0000000000000000 R09: 0000000000000000
[  654.418680][T13273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  654.418690][T13273] R13: 00007fa93d7b6038 R14: 00007fa93d7b5fa0 R15: 00007ffebf2e88a8
[  654.418713][T13273]  </TASK>
[  654.626172][    C0] vkms_vblank_simulate: vblank timer overrun
[  654.636839][T12300] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  654.672686][T12300] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  654.722753][T12300] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input84
[  654.893543][T12300] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  656.171637][T12300] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  656.201576][T12300] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  656.283088][T13292] netlink: 212376 bytes leftover after parsing attributes in process `syz.4.1901'.
[  656.521695][T12300] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  656.574944][T12300] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  656.652408][T12300] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  656.792494][T12300] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  656.857492][T12300] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  657.075518][T13299] input: syz1 as /devices/virtual/input/input85
[  657.082311][T12300] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  657.122800][T12300] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  657.212866][T13308] input: syz1 as /devices/virtual/input/input86
[  657.242084][T12300] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  657.303378][T12300] mceusb 5-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  657.410791][T12300] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  657.425150][T12300] usb 5-1: USB disconnect, device number 59
[  658.336722][T13320] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.1908'.
[  659.131269][T13321] kAFS: unable to lookup cell '(0.xlI��|.�(�Wi�2��TY>�1	��'
[  659.537894][T13331] input: syz1 as /devices/virtual/input/input87
[  659.961548][T11793] usb 5-1: new high-speed USB device number 60 using dummy_hcd
[  660.165351][T11793] usb 5-1: config 0 has no interfaces?
[  660.276200][T11793] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  660.308455][T11793] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  660.321990][T11793] usb 5-1: Product: syz
[  660.326303][T11793] usb 5-1: Manufacturer: syz
[  660.331026][T11793] usb 5-1: SerialNumber: syz
[  660.348593][T11793] usb 5-1: config 0 descriptor??
[  660.401574][ T5865] usb 2-1: new high-speed USB device number 65 using dummy_hcd
[  660.495971][   T30] audit: type=1400 audit(1756136288.099:393): avc:  denied  { name_bind } for  pid=13347 comm="syz.0.1916" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=rawip_socket permissive=1
[  660.573836][T13352] netlink: 212408 bytes leftover after parsing attributes in process `syz.0.1918'.
[  660.656049][T13338] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1912'.
[  660.721660][ T5865] usb 2-1: Using ep0 maxpacket: 8
[  660.735273][ T5865] usb 2-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77
[  660.761672][ T5865] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  660.774139][ T5865] usb 2-1: Product: syz
[  660.778473][ T5865] usb 2-1: Manufacturer: syz
[  660.783224][ T5865] usb 2-1: SerialNumber: syz
[  660.789259][ T5865] usb 2-1: config 0 descriptor??
[  660.796111][ T5865] gspca_main: sq905-2.14.0 probing 2770:9120
[  660.931630][T11793] usb 3-1: new full-speed USB device number 60 using dummy_hcd
[  661.094949][T11793] usb 3-1: config 8 has an invalid interface number: 95 but max is 0
[  661.105196][T11793] usb 3-1: config 8 has no interface number 0
[  661.114189][T11793] usb 3-1: New USB device found, idVendor=05ac, idProduct=024a, bcdDevice=29.78
[  661.124051][T11793] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  661.132128][T11793] usb 3-1: Product: syz
[  661.136364][T11793] usb 3-1: Manufacturer: syz
[  661.141271][T11793] usb 3-1: SerialNumber: syz
[  661.199148][ T5865] gspca_sq905: sq905_command: usb_control_msg failed 2 (-32)
[  661.231212][ T5865] sq905 2-1:0.0: probe with driver sq905 failed with error -32
[  661.353219][T13353] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  661.361788][T13353] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  662.246980][T13369] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1921'.
[  662.378756][T13370] overlayfs: failed lookup in lower (newroot/423, name='bus', err=-40): overlapping layers
[  662.913936][T12300] usb 5-1: USB disconnect, device number 60
[  662.954047][T13373] input: syz1 as /devices/virtual/input/input88
[  663.117116][ T5865] usb 2-1: USB disconnect, device number 65
[  663.835538][T11793] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:8.95/input/input89
[  663.863001][ T5204] bcm5974 3-1:8.95: could not read from device
[  663.879402][T13381] kAFS: unable to lookup cell '(0.xlI��|.�(�Wi�2��TY>�1	��'
[  664.021062][ T5204] bcm5974 3-1:8.95: could not read from device
[  664.021888][T11793] usb 3-1: USB disconnect, device number 60
[  664.120200][ T5204] bcm5974 3-1:8.95: could not read from device
[  664.301041][T13395] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.1929'.
[  665.947432][T13414] capability: warning: `syz.4.1926' uses deprecated v2 capabilities in a way that may be insecure
[  666.270799][    T9] usb 4-1: new high-speed USB device number 53 using dummy_hcd
[  666.381986][T13423] tmpfs: Bad value for 'size'
[  666.471687][T11793] usb 3-1: new high-speed USB device number 61 using dummy_hcd
[  666.492680][    T9] usb 4-1: Using ep0 maxpacket: 32
[  666.515475][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  666.535610][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  666.567083][    T9] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  666.576232][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  666.586532][    T9] usb 4-1: config 0 descriptor??
[  666.862989][    T9] hub 4-1:0.0: USB hub found
[  666.875946][T13419] binder: 13418:13419 ioctl 4018620d 0 returned -22
[  666.883576][T13419] binder: 13418:13419 ioctl 40046205 0 returned -22
[  666.932856][T11793] usb 3-1: config 0 has no interfaces?
[  666.948536][T11793] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  666.958416][T11793] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  666.979095][T11793] usb 3-1: Product: syz
[  667.079501][    T9] hub 4-1:0.0: 1 port detected
[  667.091511][T11793] usb 3-1: Manufacturer: syz
[  667.098187][T11793] usb 3-1: SerialNumber: syz
[  667.107204][T11793] usb 3-1: config 0 descriptor??
[  667.661915][T13417] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1933'.
[  668.045688][T13446] netlink: 212376 bytes leftover after parsing attributes in process `syz.4.1942'.
[  668.260081][T11793] hub 4-1:0.0: activate --> -90
[  668.899081][T12300] usb 3-1: USB disconnect, device number 61
[  669.088620][ T5974] usb 4-1: USB disconnect, device number 53
[  670.799011][T13469] binder: 13466:13469 ioctl 4018620d 0 returned -22
[  671.422016][T11793] usb 3-1: new high-speed USB device number 62 using dummy_hcd
[  671.439743][    T9] usb 2-1: new high-speed USB device number 66 using dummy_hcd
[  671.653439][T11793] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  671.662185][T11793] usb 3-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  671.672423][T11793] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[  671.681522][ T5974] usb 4-1: new high-speed USB device number 54 using dummy_hcd
[  671.681951][T11793] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  671.700114][T11793] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  671.713751][T11793] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  671.722873][T11793] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  671.730833][T11793] usb 3-1: Product: syz
[  671.735102][T11793] usb 3-1: Manufacturer: syz
[  671.740720][    T9] usb 2-1: config 36 has an invalid descriptor of length 0, skipping remainder of the config
[  671.751217][    T9] usb 2-1: config 36 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  671.767025][T11793] cdc_wdm 3-1:1.0: skipping garbage
[  671.772585][T11793] cdc_wdm 3-1:1.0: skipping garbage
[  671.778855][    T9] usb 2-1: New USB device found, idVendor=6993, idProduct=b001, bcdDevice= 0.06
[  671.789512][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=16
[  671.798702][T11793] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[  671.804755][T11793] cdc_wdm 3-1:1.0: Unknown control protocol
[  671.813975][    T9] usb 2-1: SerialNumber: syz
[  671.862877][ T5974] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  671.873773][ T5974] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  671.886790][ T5974] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  671.898281][ T5974] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  671.911740][ T5974] usb 4-1: config 0 descriptor??
[  671.919624][ T5974] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  672.009546][T13488] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.1955'.
[  672.365613][T11793] usb 3-1: USB disconnect, device number 62
[  672.373674][    T9] usbhid 2-1:36.0: couldn't find an input interrupt endpoint
[  672.392497][    T9] usb 2-1: USB disconnect, device number 66
[  672.415001][T12300] usb 4-1: USB disconnect, device number 54
[  672.798885][T13497] input: syz1 as /devices/virtual/input/input90
[  672.831569][T11793] usb 5-1: new high-speed USB device number 61 using dummy_hcd
[  672.957253][    T9] usb 4-1: new high-speed USB device number 55 using dummy_hcd
[  673.205050][T11793] usb 5-1: config 0 has no interfaces?
[  673.234268][T11793] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  673.273122][T11793] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  673.342341][    T9] usb 4-1: Using ep0 maxpacket: 32
[  673.347501][T11793] usb 5-1: Product: syz
[  673.351803][T11793] usb 5-1: Manufacturer: syz
[  673.356496][T11793] usb 5-1: SerialNumber: syz
[  673.364765][    T9] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  673.379137][T11793] usb 5-1: config 0 descriptor??
[  673.384329][    T9] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  673.622651][T13494] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1956'.
[  673.680269][T13505] kAFS: unable to lookup cell '(0.xlI��|.�(�Wi�2��TY>�1	��'
[  673.857777][    T9] usb 4-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40
[  673.866967][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  673.876300][    T9] usb 4-1: config 0 descriptor??
[  673.882898][    T9] ldusb 4-1:0.0: Interrupt in endpoint not found
[  673.897584][    T9] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  674.101198][ T5974] usb 4-1: USB disconnect, device number 55
[  675.291529][T11793] usb 2-1: new high-speed USB device number 67 using dummy_hcd
[  675.834598][    T9] usb 5-1: USB disconnect, device number 61
[  675.926407][T11793] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  676.106473][T11793] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 8
[  676.306757][T11793] usb 2-1: New USB device found, idVendor=0499, idProduct=103e, bcdDevice=4e.18
[  676.703943][T11793] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  676.744522][T11793] usb 2-1: Product: syz
[  676.767209][T11793] usb 2-1: Manufacturer: syz
[  676.799921][T11793] usb 2-1: SerialNumber: syz
[  676.877203][T11793] usb 2-1: config 0 descriptor??
[  677.323762][T11793] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  677.451233][T11793] usb 2-1: USB disconnect, device number 67
[  678.748500][ T5974] usb 2-1: new full-speed USB device number 68 using dummy_hcd
[  678.863953][T13557] kAFS: unable to lookup cell '(0.xlI��|.�(�Wi�2��TY>�1	��'
[  678.942659][ T5974] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  679.012084][ T5974] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  679.097060][ T5974] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[  679.113301][ T5974] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  679.165047][ T5974] usb 2-1: SerialNumber: syz
[  679.175836][ T5974] usb 2-1: 0:2 : does not exist
[  679.828641][   T30] audit: type=1400 audit(1756136307.439:394): avc:  denied  { map } for  pid=13554 comm="syz.1.1974" path="socket:[46876]" dev="sockfs" ino=46876 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[  679.930414][T13571] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1978'.
[  680.054520][T13574] overlayfs: failed lookup in lower (newroot/376, name='bus', err=-40): overlapping layers
[  680.067324][T13573] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1979'.
[  680.161287][T11793] usb 2-1: USB disconnect, device number 68
[  680.229895][T13578] overlayfs: failed lookup in lower (newroot/380, name='bus', err=-40): overlapping layers
[  680.481651][    T9] usb 4-1: new high-speed USB device number 56 using dummy_hcd
[  680.661939][    T9] usb 4-1: config 0 has no interfaces?
[  680.688448][    T9] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  680.701084][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  680.709529][    T9] usb 4-1: Product: syz
[  680.715419][    T9] usb 4-1: Manufacturer: syz
[  680.722272][    T9] usb 4-1: SerialNumber: syz
[  680.740183][    T9] usb 4-1: config 0 descriptor??
[  680.956664][T13579] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1980'.
[  680.978384][T13587] CUSE: info not properly terminated
[  681.762170][   T30] audit: type=1326 audit(1756136308.959:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13591 comm="syz.1.1984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa93d58ebe9 code=0x7ffc0000
[  681.936011][   T30] audit: type=1326 audit(1756136308.959:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13591 comm="syz.1.1984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa93d58ebe9 code=0x7ffc0000
[  682.297623][   T30] audit: type=1326 audit(1756136308.969:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13591 comm="syz.1.1984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa93d58ebe9 code=0x7ffc0000
[  682.333164][   T30] audit: type=1326 audit(1756136308.969:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13591 comm="syz.1.1984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa93d58ebe9 code=0x7ffc0000
[  682.365142][   T30] audit: type=1326 audit(1756136308.969:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13591 comm="syz.1.1984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa93d58ebe9 code=0x7ffc0000
[  682.394329][   T30] audit: type=1326 audit(1756136308.969:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13591 comm="syz.1.1984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa93d58ebe9 code=0x7ffc0000
[  682.438513][   T30] audit: type=1326 audit(1756136308.979:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13591 comm="syz.1.1984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa93d58ebe9 code=0x7ffc0000
[  682.494968][   T30] audit: type=1326 audit(1756136308.979:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13591 comm="syz.1.1984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa93d58ebe9 code=0x7ffc0000
[  682.542364][T12301] usb 2-1: new high-speed USB device number 69 using dummy_hcd
[  682.635239][   T30] audit: type=1326 audit(1756136308.979:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13591 comm="syz.1.1984" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fa93d58ebe9 code=0x7ffc0000
[  682.711786][T12301] usb 2-1: Using ep0 maxpacket: 8
[  682.728360][T12301] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  682.738225][T12301] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  682.751424][T12301] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  682.769438][T12301] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  682.818014][T12301] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  682.828862][T12301] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  682.921597][    T9] usb 3-1: new high-speed USB device number 63 using dummy_hcd
[  684.141206][    T9] usb 3-1: Using ep0 maxpacket: 16
[  684.367318][    T9] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  684.376026][    T9] usb 3-1: config 0 has no interface number 0
[  684.382334][    T9] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  684.393365][    T9] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  684.394721][T12301] usb 2-1: usb_control_msg returned -32
[  684.403231][    T9] usb 3-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[  684.403256][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  684.405159][    T9] usb 3-1: config 0 descriptor??
[  684.429339][T12301] usbtmc 2-1:16.0: can't read capabilities
[  684.450542][T12301] usb 2-1: USB disconnect, device number 69
[  684.523444][T12300] usb 4-1: USB disconnect, device number 56
[  684.679640][T13615] QAT: failed to copy from user cfg_data.
[  685.069493][    T9] uclogic 0003:28BD:0071.0005: pen parameters not found
[  685.327334][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  685.334091][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  685.453101][    T9] uclogic 0003:28BD:0071.0005: interface is invalid, ignoring
[  685.482922][    T9] usb 3-1: USB disconnect, device number 63
[  685.593220][T13625] netlink: 'syz.4.1993': attribute type 1 has an invalid length.
[  685.598813][   T30] kauditd_printk_skb: 42 callbacks suppressed
[  685.598827][   T30] audit: type=1400 audit(1756136313.209:446): avc:  denied  { write } for  pid=13624 comm="syz.4.1993" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[  685.814773][T13625] bond12: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  685.835236][T13625] bond12: (slave ipvlan2): The slave device specified does not support setting the MAC address
[  686.084094][T13625] bond12: (slave ipvlan2): Setting fail_over_mac to active for active-backup mode
[  687.512430][T11793] libceph: connect (1)[c::]:6789 error -101
[  687.531107][T11793] libceph: mon0 (1)[c::]:6789 connect error
[  687.561861][T11793] libceph: connect (1)[c::]:6789 error -101
[  687.567928][T11793] libceph: mon0 (1)[c::]:6789 connect error
[  687.641319][ T5865] libceph: connect (1)[c::]:6789 error -101
[  687.647830][ T5865] libceph: mon0 (1)[c::]:6789 connect error
[  687.801573][ T5918] usb 3-1: new high-speed USB device number 64 using dummy_hcd
[  687.892628][T13638] ceph: No mds server is up or the cluster is laggy
[  687.901788][T13644] ceph: No mds server is up or the cluster is laggy
[  687.972351][ T5918] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  687.991533][ T5918] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  688.218253][ T5918] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[  688.242559][ T5918] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  688.823123][ T5918] usb 3-1: config 0 descriptor??
[  689.249539][ T5918] kovaplus 0003:1E7D:2D50.0006: unknown main item tag 0x0
[  689.259751][ T5918] kovaplus 0003:1E7D:2D50.0006: unknown main item tag 0x0
[  689.266937][ T5865] usb 5-1: new high-speed USB device number 62 using dummy_hcd
[  689.284117][T13677] input: syz1 as /devices/virtual/input/input91
[  689.315170][ T5918] kovaplus 0003:1E7D:2D50.0006: unknown main item tag 0x0
[  689.324273][ T5918] kovaplus 0003:1E7D:2D50.0006: unknown main item tag 0x0
[  689.332401][ T5918] kovaplus 0003:1E7D:2D50.0006: unknown main item tag 0x0
[  689.347044][ T5918] kovaplus 0003:1E7D:2D50.0006: hidraw0: USB HID v0.00 Device [HID 1e7d:2d50] on usb-dummy_hcd.2-1/input0
[  689.471710][ T5865] usb 5-1: Using ep0 maxpacket: 8
[  689.487730][ T5865] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  689.497742][ T5865] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  689.509411][ T5865] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  689.519567][ T5865] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  689.535845][ T5865] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  689.545197][ T5865] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  689.674277][ T5918] kovaplus 0003:1E7D:2D50.0006: couldn't init struct kovaplus_device
[  689.698152][ T5918] kovaplus 0003:1E7D:2D50.0006: couldn't install mouse
[  689.707871][ T5918] kovaplus 0003:1E7D:2D50.0006: probe with driver kovaplus failed with error -5
[  689.763877][ T5865] usb 5-1: usb_control_msg returned -32
[  689.786094][ T5865] usbtmc 5-1:16.0: can't read capabilities
[  689.796976][ T5865] usb 5-1: USB disconnect, device number 62
[  689.983539][ T5974] usb 3-1: USB disconnect, device number 64
[  690.375556][   T30] audit: type=1400 audit(1756136317.989:447): avc:  denied  { listen } for  pid=13684 comm="syz.1.2008" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  690.509370][   T30] audit: type=1400 audit(1756136317.989:448): avc:  denied  { accept } for  pid=13684 comm="syz.1.2008" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  690.521814][T13687] bridge0: entered promiscuous mode
[  690.542296][T13687] macsec1: entered promiscuous mode
[  690.618507][   T30] audit: type=1400 audit(1756136318.189:449): avc:  denied  { read } for  pid=13684 comm="syz.1.2008" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  690.651628][   T30] audit: type=1400 audit(1756136318.189:450): avc:  denied  { open } for  pid=13684 comm="syz.1.2008" path="/dev/autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  690.695802][   T30] audit: type=1400 audit(1756136318.189:451): avc:  denied  { ioctl } for  pid=13684 comm="syz.1.2008" path="/dev/autofs" dev="devtmpfs" ino=98 ioctlcmd=0x937e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  691.111778][T12301] usb 3-1: new high-speed USB device number 65 using dummy_hcd
[  691.561958][T12301] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  691.571823][T12301] usb 3-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  691.571847][T12301] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[  691.571888][T12301] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  691.571913][T12301] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  691.589410][T13695] binder: 13694:13695 ioctl 4018620d 0 returned -22
[  691.589485][T12301] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  691.589509][T12301] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  691.589527][T12301] usb 3-1: Product: syz
[  691.589548][T12301] usb 3-1: Manufacturer: syz
[  691.610174][T13695] binder: 13694:13695 ioctl 40046205 0 returned -22
[  691.758084][T12301] cdc_wdm 3-1:1.0: skipping garbage
[  691.763393][T12301] cdc_wdm 3-1:1.0: skipping garbage
[  691.825679][T13691] kAFS: unable to lookup cell '(0.xlI��|.�(�Wi�2��TY>�1	��'
[  691.960380][T12301] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[  692.526083][T12301] cdc_wdm 3-1:1.0: Unknown control protocol
[  692.623297][ T5865] usb 3-1: USB disconnect, device number 65
[  692.973333][T13715] binder: 13711:13715 ioctl 4018620d 0 returned -22
[  692.990338][T13715] binder: 13711:13715 ioctl 40046205 0 returned -22
[  693.941777][ T5865] usb 3-1: new high-speed USB device number 66 using dummy_hcd
[  694.091713][   T30] audit: type=1326 audit(1756136321.619:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13728 comm="syz.3.2022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340998ebe9 code=0x7ffc0000
[  694.121278][T13732] 9pnet_fd: Insufficient options for proto=fd
[  694.281551][ T5865] usb 3-1: Using ep0 maxpacket: 8
[  694.395326][ T5865] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  694.508181][T13738] 8021q: adding VLAN 0 to HW filter on device bond0
[  694.516450][ T5865] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  694.536468][   T30] audit: type=1326 audit(1756136321.619:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13728 comm="syz.3.2022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340998ebe9 code=0x7ffc0000
[  694.540115][T13738] bond0: (slave rose0): Enslaving as an active interface with an up link
[  694.573665][ T5865] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  694.646325][ T5865] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  694.861865][   T30] audit: type=1326 audit(1756136321.619:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13728 comm="syz.3.2022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f340998ebe9 code=0x7ffc0000
[  694.893080][ T5865] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  694.903948][ T5865] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  694.978545][T13748] QAT: failed to copy from user cfg_data.
[  695.128809][   T30] audit: type=1326 audit(1756136321.619:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13728 comm="syz.3.2022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340998ebe9 code=0x7ffc0000
[  695.735285][   T30] audit: type=1326 audit(1756136321.619:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13728 comm="syz.3.2022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340998ebe9 code=0x7ffc0000
[  695.810827][ T5865] usb 3-1: usb_control_msg returned -32
[  695.845771][ T5865] usbtmc 3-1:16.0: can't read capabilities
[  695.934090][ T5865] usb 3-1: USB disconnect, device number 66
[  695.968448][   T30] audit: type=1326 audit(1756136321.619:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13728 comm="syz.3.2022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f340998ebe9 code=0x7ffc0000
[  696.001260][   T30] audit: type=1326 audit(1756136321.619:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13728 comm="syz.3.2022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340998ebe9 code=0x7ffc0000
[  696.060860][   T30] audit: type=1326 audit(1756136321.629:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13728 comm="syz.3.2022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340998ebe9 code=0x7ffc0000
[  696.084444][   T30] audit: type=1326 audit(1756136321.629:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13728 comm="syz.3.2022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f340998ebe9 code=0x7ffc0000
[  696.108028][   T30] audit: type=1326 audit(1756136321.629:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13728 comm="syz.3.2022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340998ebe9 code=0x7ffc0000
[  696.133851][   T30] audit: type=1326 audit(1756136321.629:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13728 comm="syz.3.2022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340998ebe9 code=0x7ffc0000
[  696.165984][   T30] audit: type=1326 audit(1756136321.629:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13728 comm="syz.3.2022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f340998ebe9 code=0x7ffc0000
[  696.217220][   T30] audit: type=1326 audit(1756136321.629:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13728 comm="syz.3.2022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340998ebe9 code=0x7ffc0000
[  696.564142][T13763] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.2026'.
[  696.912134][   T30] audit: type=1326 audit(1756136321.629:465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13728 comm="syz.3.2022" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340998ebe9 code=0x7ffc0000
[  697.587912][T13771] capability: warning: `syz.4.2027' uses 32-bit capabilities (legacy support in use)
[  699.620192][T13784] kAFS: unable to lookup cell '(0.xlI��|.�(�Wi�2��TY>�1	��'
[  701.621718][    T9] usb 4-1: new high-speed USB device number 57 using dummy_hcd
[  702.141653][    T9] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  702.157350][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[  702.350506][    T9] usb 4-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  702.408876][    T9] usb 4-1: New USB device found, idVendor=2294, idProduct=425a, bcdDevice=d1.41
[  702.418413][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  702.427759][    T9] usb 4-1: Product: syz
[  702.439721][    T9] usb 4-1: Manufacturer: syz
[  702.506346][    T9] usb 4-1: SerialNumber: syz
[  702.592073][    T9] usb 4-1: config 0 descriptor??
[  703.559349][    T9] usb 4-1: can't set config #0, error -71
[  703.582753][    T9] usb 4-1: USB disconnect, device number 57
[  703.635862][T13865] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  703.785895][T13870] netlink: 212376 bytes leftover after parsing attributes in process `syz.4.2046'.
[  704.023238][T13872] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2047'.
[  704.141241][T13872] overlayfs: failed to resolve './bus': -2
[  706.748566][   T30] kauditd_printk_skb: 52 callbacks suppressed
[  706.748582][   T30] audit: type=1400 audit(1756136334.329:518): avc:  denied  { ioctl } for  pid=13884 comm="syz.4.2050" path="socket:[48652]" dev="sockfs" ino=48652 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  707.533365][T13912] befs: (nbd3): No write support. Marking filesystem read-only
[  707.552257][T13912] block nbd3: Attempted send on invalid socket
[  707.569365][T13912] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  708.001753][T13926] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2061'.
[  708.375750][T13930] overlayfs: failed to resolve './bus': -2
[  708.981023][T13928] kAFS: unable to lookup cell '(0.xlI��|.�(�Wi�2��TY>�1	��'
[  709.855373][T13968] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2067'.
[  710.261106][T13968] gretap1: entered promiscuous mode
[  710.276617][T13968] bond8: (slave gretap1): Enslaving as an active interface with an up link
[  711.030637][T13977] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.2070'.
[  711.626405][   T30] audit: type=1326 audit(1756136339.219:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13985 comm="syz.3.2074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340998ebe9 code=0x7ffc0000
[  712.055240][   T30] audit: type=1326 audit(1756136339.219:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13985 comm="syz.3.2074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340998ebe9 code=0x7ffc0000
[  713.091836][   T30] audit: type=1326 audit(1756136339.229:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13985 comm="syz.3.2074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f340998ebe9 code=0x7ffc0000
[  714.265191][   T30] audit: type=1326 audit(1756136339.229:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13985 comm="syz.3.2074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340998ebe9 code=0x7ffc0000
[  714.291556][   T30] audit: type=1326 audit(1756136339.229:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13985 comm="syz.3.2074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340998ebe9 code=0x7ffc0000
[  714.315311][   T30] audit: type=1326 audit(1756136339.229:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13985 comm="syz.3.2074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f340998ebe9 code=0x7ffc0000
[  714.348946][   T30] audit: type=1326 audit(1756136339.229:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13985 comm="syz.3.2074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340998ebe9 code=0x7ffc0000
[  714.373133][   T30] audit: type=1326 audit(1756136339.229:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13985 comm="syz.3.2074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340998ebe9 code=0x7ffc0000
[  714.398925][T12300] libceph: connect (1)[c::]:6789 error -101
[  714.403038][   T30] audit: type=1326 audit(1756136339.229:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13985 comm="syz.3.2074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f340998ebe9 code=0x7ffc0000
[  714.428566][T12300] libceph: mon0 (1)[c::]:6789 connect error
[  714.444196][   T30] audit: type=1326 audit(1756136339.229:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13985 comm="syz.3.2074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340998ebe9 code=0x7ffc0000
[  714.471727][   T30] audit: type=1326 audit(1756136339.229:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13985 comm="syz.3.2074" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340998ebe9 code=0x7ffc0000
[  714.476517][    T9] libceph: connect (1)[c::]:6789 error -101
[  714.511682][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  714.706590][T12300] libceph: connect (1)[c::]:6789 error -101
[  714.772970][    T9] libceph: connect (1)[c::]:6789 error -101
[  715.467386][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  715.481689][T12300] libceph: mon0 (1)[c::]:6789 connect error
[  715.497793][T14012] ceph: No mds server is up or the cluster is laggy
[  715.497795][T14004] ceph: No mds server is up or the cluster is laggy
[  716.001759][ T5865] libceph: connect (1)[c::]:6789 error -101
[  716.178176][ T5865] libceph: mon0 (1)[c::]:6789 connect error
[  716.192535][T12301] libceph: connect (1)[c::]:6789 error -101
[  716.198538][T12301] libceph: mon0 (1)[c::]:6789 connect error
[  716.556817][T13894] syz.4.2050 (13894): drop_caches: 1
[  717.520397][   T30] kauditd_printk_skb: 35 callbacks suppressed
[  717.520416][   T30] audit: type=1326 audit(1756136344.809:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14037 comm="syz.2.2084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  717.553035][   T30] audit: type=1326 audit(1756136344.829:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14037 comm="syz.2.2084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  717.860583][   T30] audit: type=1326 audit(1756136345.009:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14037 comm="syz.2.2084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  717.901506][   T30] audit: type=1326 audit(1756136345.009:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14037 comm="syz.2.2084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  717.972869][   T30] audit: type=1326 audit(1756136345.009:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14037 comm="syz.2.2084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  718.092282][T14054] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.2089'.
[  718.276366][T14056] binder: 14050:14056 ioctl 40046205 0 returned -22
[  718.737843][   T30] audit: type=1326 audit(1756136345.009:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14037 comm="syz.2.2084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  718.800776][   T30] audit: type=1326 audit(1756136345.009:571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14037 comm="syz.2.2084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  718.974060][T14063] binder: 14060:14063 ioctl 40046205 0 returned -22
[  719.222832][   T30] audit: type=1326 audit(1756136345.009:572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14037 comm="syz.2.2084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  719.251635][   T30] audit: type=1326 audit(1756136345.009:573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14037 comm="syz.2.2084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  719.512927][T14068] block device autoloading is deprecated and will be removed.
[  719.817556][   T30] audit: type=1326 audit(1756136345.009:574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14037 comm="syz.2.2084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  720.371043][T14075] netlink: 212376 bytes leftover after parsing attributes in process `syz.4.2093'.
[  721.351058][T14103] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2100'.
[  721.621376][T14112] warning: `syz.3.2100' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  722.696811][   T30] kauditd_printk_skb: 21 callbacks suppressed
[  722.696830][   T30] audit: type=1400 audit(1756136350.309:596): avc:  denied  { ioctl } for  pid=14125 comm="syz.1.2106" path="socket:[49428]" dev="sockfs" ino=49428 ioctlcmd=0x661b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  723.362829][T14132] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.2107'.
[  724.115480][T14146] netlink: set zone limit has 4 unknown bytes
[  724.402143][T14148] netlink: 5872 bytes leftover after parsing attributes in process `syz.3.2110'.
[  725.887432][   T30] audit: type=1326 audit(1756136353.439:597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14159 comm="syz.2.2114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  726.531772][   T30] audit: type=1326 audit(1756136353.439:598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14159 comm="syz.2.2114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  726.555149][    C0] vkms_vblank_simulate: vblank timer overrun
[  726.713968][   T30] audit: type=1326 audit(1756136353.449:599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14159 comm="syz.2.2114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  726.740483][   T30] audit: type=1326 audit(1756136353.449:600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14159 comm="syz.2.2114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  726.767147][   T30] audit: type=1326 audit(1756136353.449:601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14159 comm="syz.2.2114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  727.611570][   T30] audit: type=1326 audit(1756136353.449:602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14159 comm="syz.2.2114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  727.634866][    C0] vkms_vblank_simulate: vblank timer overrun
[  727.641019][   T30] audit: type=1326 audit(1756136353.449:603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14159 comm="syz.2.2114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  727.664516][   T30] audit: type=1326 audit(1756136353.449:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14159 comm="syz.2.2114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  727.687868][    C0] vkms_vblank_simulate: vblank timer overrun
[  727.800915][   T30] audit: type=1326 audit(1756136353.459:605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14159 comm="syz.2.2114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  727.831942][   T30] audit: type=1326 audit(1756136353.459:606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14159 comm="syz.2.2114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  727.832027][T12300] usb 2-1: new high-speed USB device number 70 using dummy_hcd
[  727.855360][    C0] vkms_vblank_simulate: vblank timer overrun
[  727.855660][   T30] audit: type=1326 audit(1756136353.459:607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14159 comm="syz.2.2114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  728.008357][   T30] audit: type=1326 audit(1756136353.459:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14159 comm="syz.2.2114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  728.076763][   T30] audit: type=1326 audit(1756136353.459:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14159 comm="syz.2.2114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  728.141632][T12300] usb 2-1: Using ep0 maxpacket: 8
[  728.149926][T12300] usb 2-1: config index 0 descriptor too short (expected 30, got 18)
[  728.160073][T12300] usb 2-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  728.169439][   T30] audit: type=1326 audit(1756136353.459:610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14159 comm="syz.2.2114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  728.171874][T12300] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  728.226854][T12300] usb 2-1: Product: syz
[  728.233667][T12300] usb 2-1: Manufacturer: syz
[  728.238400][T12300] usb 2-1: SerialNumber: syz
[  728.303903][T12300] usb 2-1: config 0 descriptor??
[  728.312925][   T30] audit: type=1326 audit(1756136353.469:611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14159 comm="syz.2.2114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  728.336316][    C0] vkms_vblank_simulate: vblank timer overrun
[  728.361154][   T30] audit: type=1326 audit(1756136353.469:612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14159 comm="syz.2.2114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  728.384562][    C0] vkms_vblank_simulate: vblank timer overrun
[  728.495076][   T30] audit: type=1326 audit(1756136353.469:613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14159 comm="syz.2.2114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  728.518516][    C0] vkms_vblank_simulate: vblank timer overrun
[  728.525133][   T30] audit: type=1326 audit(1756136353.479:614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14159 comm="syz.2.2114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  728.533250][T12300] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  728.599071][T12300] usb 2-1: setting power ON
[  728.607579][T12300] dvb-usb: bulk message failed: -22 (2/0)
[  728.808384][T12300] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  728.839537][T14188] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  728.850126][T14188] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  728.903579][T12300] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  728.991179][T14193] netlink: 212376 bytes leftover after parsing attributes in process `syz.4.2122'.
[  729.133233][T12300] usb 2-1: media controller created
[  730.515702][T12300] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  730.630901][T12300] usb 2-1: selecting invalid altsetting 6
[  730.652892][T14209] input: syz1 as /devices/virtual/input/input92
[  730.676555][T12300] usb 2-1: digital interface selection failed (-22)
[  730.697631][T12300] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  731.054870][T12300] usb 2-1: setting power OFF
[  731.087189][T12300] dvb-usb: bulk message failed: -22 (2/0)
[  731.113448][T12300] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  731.141835][T12300] (NULL device *): no alternate interface
[  731.148472][T14209] netlink: 'syz.4.2126': attribute type 4 has an invalid length.
[  731.162586][T14209] netlink: 3657 bytes leftover after parsing attributes in process `syz.4.2126'.
[  731.287863][T12300] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  732.380141][T12303] usb 2-1: USB disconnect, device number 70
[  733.464355][   T30] kauditd_printk_skb: 8 callbacks suppressed
[  733.464388][   T30] audit: type=1326 audit(1756136361.059:623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14250 comm="syz.3.2139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340998ebe9 code=0x7ffc0000
[  733.748661][   T30] audit: type=1326 audit(1756136361.059:624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14250 comm="syz.3.2139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340998ebe9 code=0x7ffc0000
[  733.797923][   T30] audit: type=1326 audit(1756136361.059:625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14250 comm="syz.3.2139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f340998ebe9 code=0x7ffc0000
[  733.822575][   T30] audit: type=1326 audit(1756136361.059:626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14250 comm="syz.3.2139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340998ebe9 code=0x7ffc0000
[  733.846077][   T30] audit: type=1326 audit(1756136361.059:627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14250 comm="syz.3.2139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340998ebe9 code=0x7ffc0000
[  733.870196][   T30] audit: type=1326 audit(1756136361.069:628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14250 comm="syz.3.2139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f340998ebe9 code=0x7ffc0000
[  733.905120][   T30] audit: type=1326 audit(1756136361.069:629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14250 comm="syz.3.2139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340998ebe9 code=0x7ffc0000
[  733.932717][   T30] audit: type=1326 audit(1756136361.069:630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14250 comm="syz.3.2139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340998ebe9 code=0x7ffc0000
[  733.959947][   T30] audit: type=1326 audit(1756136361.069:631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14250 comm="syz.3.2139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f340998ebe9 code=0x7ffc0000
[  733.992099][   T30] audit: type=1326 audit(1756136361.069:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14250 comm="syz.3.2139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f340998ebe9 code=0x7ffc0000
[  735.873049][T14285] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2149'.
[  737.457401][T14311] No control pipe specified
[  737.962124][T11814] Bluetooth: hci5: command 0x1003 tx timeout
[  737.969298][   T51] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  740.358255][   T30] kauditd_printk_skb: 6 callbacks suppressed
[  740.358267][   T30] audit: type=1400 audit(1756136367.969:639): avc:  denied  { unmount } for  pid=5842 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  740.882398][   T30] audit: type=1326 audit(1756136368.079:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14324 comm="syz.2.2158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  740.915069][   T30] audit: type=1326 audit(1756136368.079:641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14324 comm="syz.2.2158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  740.951074][   T30] audit: type=1326 audit(1756136368.089:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14324 comm="syz.2.2158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  740.975668][   T30] audit: type=1326 audit(1756136368.089:643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14324 comm="syz.2.2158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  741.010859][   T30] audit: type=1326 audit(1756136368.089:644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14324 comm="syz.2.2158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  741.036508][   T30] audit: type=1326 audit(1756136368.089:645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14324 comm="syz.2.2158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  741.134524][   T30] audit: type=1326 audit(1756136368.099:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14324 comm="syz.2.2158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  741.159876][   T30] audit: type=1326 audit(1756136368.099:647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14324 comm="syz.2.2158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  741.183683][   T30] audit: type=1326 audit(1756136368.099:648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14324 comm="syz.2.2158" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  741.972217][T14340] FAULT_INJECTION: forcing a failure.
[  741.972217][T14340] name failslab, interval 1, probability 0, space 0, times 0
[  742.030170][T14340] CPU: 0 UID: 0 PID: 14340 Comm: syz.0.2162 Not tainted syzkaller #0 PREEMPT(full) 
[  742.030196][T14340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  742.030206][T14340] Call Trace:
[  742.030212][T14340]  <TASK>
[  742.030219][T14340]  dump_stack_lvl+0x16c/0x1f0
[  742.030243][T14340]  should_fail_ex+0x512/0x640
[  742.030266][T14340]  should_failslab+0xc2/0x120
[  742.030288][T14340]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  742.030306][T14340]  ? skb_clone+0x190/0x3f0
[  742.030328][T14340]  skb_clone+0x190/0x3f0
[  742.030350][T14340]  netlink_deliver_tap+0xabd/0xd30
[  742.030373][T14340]  netlink_unicast+0x64c/0x870
[  742.030395][T14340]  ? __pfx_netlink_unicast+0x10/0x10
[  742.030415][T14340]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  742.030441][T14340]  netlink_sendmsg+0x8d1/0xdd0
[  742.030465][T14340]  ? __pfx_netlink_sendmsg+0x10/0x10
[  742.030494][T14340]  ____sys_sendmsg+0xa95/0xc70
[  742.030519][T14340]  ? copy_msghdr_from_user+0x10a/0x160
[  742.030537][T14340]  ? __pfx_____sys_sendmsg+0x10/0x10
[  742.030572][T14340]  ___sys_sendmsg+0x134/0x1d0
[  742.030593][T14340]  ? __pfx____sys_sendmsg+0x10/0x10
[  742.030649][T14340]  __sys_sendmsg+0x16d/0x220
[  742.030669][T14340]  ? __pfx___sys_sendmsg+0x10/0x10
[  742.030703][T14340]  do_syscall_64+0xcd/0x4c0
[  742.030725][T14340]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  742.030743][T14340] RIP: 0033:0x7f18dcd8ebe9
[  742.030757][T14340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  742.030774][T14340] RSP: 002b:00007f18ddbac038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  742.030792][T14340] RAX: ffffffffffffffda RBX: 00007f18dcfb5fa0 RCX: 00007f18dcd8ebe9
[  742.030802][T14340] RDX: 0000000028000010 RSI: 0000200000000400 RDI: 0000000000000003
[  742.030813][T14340] RBP: 00007f18ddbac090 R08: 0000000000000000 R09: 0000000000000000
[  742.030823][T14340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  742.030834][T14340] R13: 00007f18dcfb6038 R14: 00007f18dcfb5fa0 R15: 00007ffff0c47da8
[  742.030857][T14340]  </TASK>
[  742.487473][ T5842] syz_tun (unregistering): left allmulticast mode
[  743.829145][T12332] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  743.855233][T14360] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2167'.
[  743.909759][T14360] ubi31: attaching mtd0
[  743.947678][T14360] ubi31: scanning is finished
[  743.959449][T14360] ubi31: empty MTD device detected
[  744.001615][T12300] usb 3-1: new high-speed USB device number 67 using dummy_hcd
[  744.062265][T12332] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  744.273528][T14360] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  744.273566][T14360] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  744.273582][T14360] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  744.273596][T14360] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  744.273611][T14360] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  744.273627][T14360] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  744.273643][T14360] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 3361526635
[  744.273660][T14360] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  744.274162][T14366] ubi31: background thread "ubi_bgt31d" started, PID 14366
[  744.390509][T12300] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  744.390563][T12300] usb 3-1: New USB device found, idVendor=046d, idProduct=c294, bcdDevice= 0.00
[  744.390587][T12300] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  744.425868][T12300] usb 3-1: config 0 descriptor??
[  744.447454][T12332] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  744.569934][T12332] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  744.603628][T14374] bridge0: port 4(team0) entered blocking state
[  744.609945][T14374] bridge0: port 4(team0) entered listening state
[  744.616375][T14374] bridge0: port 3(dummy0) entered blocking state
[  744.622790][T14374] bridge0: port 3(dummy0) entered listening state
[  744.629313][T14374] bridge0: port 1(bridge_slave_0) entered blocking state
[  744.636441][T14374] bridge0: port 1(bridge_slave_0) entered listening state
[  744.809365][T14374] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  745.467767][T14389] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  745.476863][T14389] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  745.520107][T14389] netdevsim netdevsim0: Falling back to sysfs fallback for: .
[  745.555619][T12332] dummy0: left allmulticast mode
[  745.593133][T12332] bridge0: port 3(dummy0) entered disabled state
[  745.621219][T11814] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  745.633950][T11814] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  745.651301][T11814] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  745.672840][T11814] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  745.681713][T11814] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  745.760890][   T30] kauditd_printk_skb: 19 callbacks suppressed
[  745.760908][   T30] audit: type=1400 audit(1756136373.369:668): avc:  denied  { mounton } for  pid=14394 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  745.846939][T12332] bridge_slave_1: left allmulticast mode
[  746.763337][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  746.769660][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  746.905549][T12332] bridge_slave_1: left promiscuous mode
[  746.916367][T12332] bridge0: port 2(bridge_slave_1) entered disabled state
[  746.935214][T12332] bridge_slave_0: left allmulticast mode
[  746.940864][T12332] bridge_slave_0: left promiscuous mode
[  746.954243][T12332] bridge0: port 1(bridge_slave_0) entered disabled state
[  747.205196][T14408] netlink: 'syz.0.2176': attribute type 1 has an invalid length.
[  747.216257][T12303] usb 3-1: USB disconnect, device number 67
[  747.801700][T11814] Bluetooth: hci0: command tx timeout
[  747.856095][T12332] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  747.969905][T12332] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  747.986787][T14416] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  747.997544][T12332] bond0 (unregistering): Released all slaves
[  748.187766][ T5865] libceph: connect (1)[c::]:6789 error -101
[  748.194003][ T5865] libceph: mon0 (1)[c::]:6789 connect error
[  748.251733][T12332] bond1 (unregistering): (slave vcan1): Releasing backup interface
[  748.269727][T12332] vcan1: left promiscuous mode
[  748.345830][T12332] bond1 (unregistering): Released all slaves
[  748.472013][ T5865] libceph: connect (1)[c::]:6789 error -101
[  748.478114][ T5865] libceph: mon0 (1)[c::]:6789 connect error
[  748.593929][T12332] bond2 (unregistering): (slave vcan4): Releasing backup interface
[  748.602275][T12332] vcan4: left promiscuous mode
[  748.610130][T12332] bond2 (unregistering): Released all slaves
[  748.701325][T12332] bond3 (unregistering): (slave vcan5): Releasing backup interface
[  748.709477][T12332] vcan5: left promiscuous mode
[  748.715641][T12332] bond3 (unregistering): Released all slaves
[  748.788507][T12332] bond4 (unregistering): (slave vcan6): Releasing backup interface
[  748.801903][T14417] ceph: No mds server is up or the cluster is laggy
[  748.814725][T12332] vcan6: left promiscuous mode
[  748.822099][T12332] bond4 (unregistering): Released all slaves
[  748.994491][T14425] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.2179'.
[  749.238383][T12332] bond5 (unregistering): (slave vcan7): Releasing backup interface
[  749.246905][T12332] vcan7: left promiscuous mode
[  749.252982][T12332] bond5 (unregistering): Released all slaves
[  749.319368][T12332] bond6 (unregistering): (slave vcan14): Releasing backup interface
[  749.327510][T12332] vcan14: left promiscuous mode
[  749.337228][T12332] bond6 (unregistering): Released all slaves
[  749.408805][T12332] bond7 (unregistering): (slave vcan15): Releasing backup interface
[  749.417572][T12332] vcan15: left promiscuous mode
[  749.424096][T12332] bond7 (unregistering): Released all slaves
[  749.431677][T12301] usb 2-1: new full-speed USB device number 71 using dummy_hcd
[  749.461653][T12303] usb 3-1: new full-speed USB device number 68 using dummy_hcd
[  749.503310][T12332] bond8 (unregistering): (slave vcan16): Releasing backup interface
[  749.511297][T12332] vcan16: left promiscuous mode
[  749.517453][T12332] bond8 (unregistering): Released all slaves
[  749.585138][T12332] bond9 (unregistering): Released all slaves
[  749.595408][T12301] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  749.606757][T12301] usb 2-1: New USB device found, idVendor=1e7d, idProduct=3138, bcdDevice= 0.00
[  749.616087][T12301] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  749.631285][T12303] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  749.644759][T14408] workqueue: Failed to create a rescuer kthread for wq "bond9": -EINTR
[  749.658191][T12301] usb 2-1: config 0 descriptor??
[  749.671902][T12303] usb 3-1: New USB device found, idVendor=1e7d, idProduct=3138, bcdDevice= 0.00
[  749.680999][T12303] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  749.712635][T14427] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  749.735642][T12303] usb 3-1: config 0 descriptor??
[  749.741299][T14429] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  749.764617][T12332] tipc: Disabling bearer <udp:syz0>
[  749.772930][T12332] tipc: Left network mode
[  749.882496][T11814] Bluetooth: hci0: command tx timeout
[  749.897779][T14437] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2182'.
[  750.270288][T12301] ryos 0003:1E7D:3138.0007: unknown main item tag 0x0
[  750.278136][T12301] ryos 0003:1E7D:3138.0007: unknown main item tag 0x1
[  750.285142][T12301] ryos 0003:1E7D:3138.0007: unknown main item tag 0x0
[  750.339553][T12301] ryos 0003:1E7D:3138.0007: hidraw0: USB HID v1.01 Device [HID 1e7d:3138] on usb-dummy_hcd.1-1/input0
[  750.351854][T12303] ryos 0003:1E7D:3138.0008: unknown main item tag 0x0
[  750.360237][T12303] ryos 0003:1E7D:3138.0008: unknown main item tag 0x1
[  750.393593][T12303] ryos 0003:1E7D:3138.0008: unknown main item tag 0x0
[  750.419975][T14427] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2180'.
[  750.490281][T12303] ryos 0003:1E7D:3138.0008: hidraw1: USB HID v1.01 Device [HID 1e7d:3138] on usb-dummy_hcd.2-1/input0
[  750.505785][T14429] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2181'.
[  750.606808][T12301] usb 2-1: USB disconnect, device number 71
[  750.735433][T12303] usb 3-1: USB disconnect, device number 68
[  750.784532][T14440] kAFS: unable to lookup cell '(0.xlI��|.�(�Wi�2��TY>�1	��'
[  750.839611][T14394] chnl_net:caif_netlink_parms(): no params data found
[  750.895004][T12332] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  750.903371][T12332] batman_adv: batadv0: Removing interface: batadv_slave_0
[  750.917176][T12332] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  750.925409][T12332] batman_adv: batadv0: Removing interface: batadv_slave_1
[  751.005782][T12332] veth1_macvtap: left promiscuous mode
[  751.011663][T12332] veth0_macvtap: left allmulticast mode
[  751.022022][T12332] veth0_macvtap: left promiscuous mode
[  751.027683][T12332] veth1_vlan: left promiscuous mode
[  751.037718][T12332] veth0_vlan: left promiscuous mode
[  751.961677][T11814] Bluetooth: hci0: command tx timeout
[  752.046166][T12332] team0 (unregistering): Port device team_slave_1 removed
[  752.082590][T12332] team0 (unregistering): Port device team_slave_0 removed
[  752.341841][   T30] audit: type=1400 audit(1756136379.949:669): avc:  denied  { load_policy } for  pid=14465 comm="syz.2.2189" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  752.363905][T14467] SELinux:  policydb magic number 0x3 does not match expected magic number 0xf97cff8c
[  752.376333][T14467] SELinux: failed to load policy
[  752.657471][T14478] netlink: 212376 bytes leftover after parsing attributes in process `syz.4.2191'.
[  752.905735][T14394] bridge0: port 1(bridge_slave_0) entered blocking state
[  752.931932][T14394] bridge0: port 1(bridge_slave_0) entered disabled state
[  752.948149][T14394] bridge_slave_0: entered allmulticast mode
[  752.960699][T14394] bridge_slave_0: entered promiscuous mode
[  752.985300][T14394] bridge0: port 2(bridge_slave_1) entered blocking state
[  753.002867][T14394] bridge0: port 2(bridge_slave_1) entered disabled state
[  753.022003][T14394] bridge_slave_1: entered allmulticast mode
[  753.037118][T14394] bridge_slave_1: entered promiscuous mode
[  753.088213][   T30] audit: type=1400 audit(1756136380.689:670): avc:  denied  { setopt } for  pid=14475 comm="syz.2.2192" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  753.232571][T14394] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  753.278013][T14394] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  753.311985][ T5865] usb 2-1: new full-speed USB device number 72 using dummy_hcd
[  753.342058][T14394] team0: Port device team_slave_0 added
[  753.362071][T14394] team0: Port device team_slave_1 added
[  753.422529][T14394] batman_adv: batadv0: Adding interface: batadv_slave_0
[  753.433273][T14394] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  753.459163][    C0] vkms_vblank_simulate: vblank timer overrun
[  753.481743][ T5865] usb 2-1: device descriptor read/64, error -71
[  753.521796][T14394] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  753.543247][T14394] batman_adv: batadv0: Adding interface: batadv_slave_1
[  753.554320][T14394] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  753.587609][    C0] vkms_vblank_simulate: vblank timer overrun
[  753.594766][T14394] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  753.822729][ T5865] usb 2-1: new full-speed USB device number 73 using dummy_hcd
[  753.882418][   T30] audit: type=1326 audit(1756136381.489:671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14489 comm="syz.2.2196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  753.905819][    C0] vkms_vblank_simulate: vblank timer overrun
[  753.971585][ T5865] usb 2-1: device descriptor read/64, error -71
[  754.231362][T11814] Bluetooth: hci0: command tx timeout
[  754.237015][   T30] audit: type=1326 audit(1756136381.489:672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14489 comm="syz.2.2196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  754.278148][   T30] audit: type=1326 audit(1756136381.489:673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14489 comm="syz.2.2196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=459 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  754.305176][   T30] audit: type=1326 audit(1756136381.489:674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14489 comm="syz.2.2196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  754.329058][   T30] audit: type=1326 audit(1756136381.489:675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14489 comm="syz.2.2196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec04b8ebe9 code=0x7ffc0000
[  754.337367][T14394] hsr_slave_0: entered promiscuous mode
[  754.353150][ T5865] usb usb2-port1: attempt power cycle
[  754.371800][T14394] hsr_slave_1: entered promiscuous mode
[  754.638497][T14394] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  754.888901][T14394] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  754.908164][T14394] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  754.941585][ T5865] usb 2-1: new full-speed USB device number 74 using dummy_hcd
[  754.943530][T14394] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  754.962164][ T5865] usb 2-1: device descriptor read/8, error -71
[  755.299268][ T5865] usb 2-1: new full-speed USB device number 75 using dummy_hcd
[  755.520177][ T5865] usb 2-1: device descriptor read/8, error -71
[  755.553598][T14394] 8021q: adding VLAN 0 to HW filter on device bond0
[  755.571248][T14394] 8021q: adding VLAN 0 to HW filter on device team0
[  755.648422][ T5865] usb usb2-port1: unable to enumerate USB device
[  755.667407][T12340] bridge0: port 1(bridge_slave_0) entered blocking state
[  755.674556][T12340] bridge0: port 1(bridge_slave_0) entered forwarding state
[  755.705167][T14500] binder: 14498:14500 ioctl 40046205 0 returned -22
[  756.148950][T12340] bridge0: port 2(bridge_slave_1) entered blocking state
[  756.156222][T12340] bridge0: port 2(bridge_slave_1) entered forwarding state
[  756.318341][T14517] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  756.326794][T14517] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  756.335462][T14517] netdevsim netdevsim0: Falling back to sysfs fallback for: .
[  757.331051][T14394] 8021q: adding VLAN 0 to HW filter on device batadv0
[  757.760930][T14537] QAT: failed to copy from user cfg_data.
[  758.453003][T14543] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2208'.
[  759.060613][   T30] audit: type=1400 audit(1756136386.579:676): avc:  denied  { setopt } for  pid=14546 comm="syz.1.2210" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  759.323536][T14551] lo speed is unknown, defaulting to 1000
[  759.329575][T14551] lo speed is unknown, defaulting to 1000
[  759.337706][T14551] lo speed is unknown, defaulting to 1000
[  759.349259][T14551] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  759.363012][T14551] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  759.404754][T14551] lo speed is unknown, defaulting to 1000
[  759.411410][T14551] lo speed is unknown, defaulting to 1000
[  759.419270][T14551] lo speed is unknown, defaulting to 1000
[  759.425825][T14551] lo speed is unknown, defaulting to 1000
[  759.432249][T14551] lo speed is unknown, defaulting to 1000
[  759.514943][   T30] audit: type=1400 audit(1756136386.669:677): avc:  denied  { connect } for  pid=14546 comm="syz.1.2210" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  759.763586][T14394] veth0_vlan: entered promiscuous mode
[  759.927606][T14569] Bluetooth: MGMT ver 1.23
[  761.177908][T14394] veth1_vlan: entered promiscuous mode
[  761.280871][T14577] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2216'.
[  761.333118][T14394] veth0_macvtap: entered promiscuous mode
[  761.359173][T14394] veth1_macvtap: entered promiscuous mode
[  761.455652][T14580] overlayfs: failed lookup in lower (newroot/430, name='bus', err=-40): overlapping layers
[  761.892835][T14567] kAFS: unable to lookup cell '(0.xlI��|.�(�Wi�2��TY>�1	��'
[  762.153010][T14394] batman_adv: batadv0: Interface activated: batadv_slave_0
[  762.162711][T14394] batman_adv: batadv0: Interface activated: batadv_slave_1
[  762.180547][   T36] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  762.211197][   T36] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  762.224106][ T7236] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  762.311544][   T59] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  762.418210][ T7236] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  762.446261][ T7236] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  762.502526][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  762.537900][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  762.672393][   T30] audit: type=1400 audit(1756136390.259:678): avc:  denied  { mount } for  pid=14394 comm="syz-executor" name="/" dev="gadgetfs" ino=7634 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  762.705917][T14589] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2218'.
[  763.838373][T11793] libceph: connect (1)[c::]:6789 error -101
[  763.887837][T11793] libceph: mon0 (1)[c::]:6789 connect error
[  764.354875][ T5865] libceph: connect (1)[c::]:6789 error -101
[  764.361616][ T5865] libceph: mon0 (1)[c::]:6789 connect error
[  764.378157][ T5865] libceph: connect (1)[c::]:6789 error -101
[  764.382862][   T30] audit: type=1400 audit(1756136391.999:679): avc:  denied  { append } for  pid=14616 comm="syz.2.2223" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  764.386117][ T5865] libceph: mon0 (1)[c::]:6789 connect error
[  764.480164][ T5963] usb 5-1: new high-speed USB device number 63 using dummy_hcd
[  764.510167][T14620] : entered promiscuous mode
[  764.626800][T14604] ceph: No mds server is up or the cluster is laggy
[  764.653726][T14605] ceph: No mds server is up or the cluster is laggy
[  764.661952][ T5865] libceph: connect (1)[c::]:6789 error -101
[  764.668291][ T5865] libceph: mon0 (1)[c::]:6789 connect error
[  764.696284][ T5963] usb 5-1: Using ep0 maxpacket: 16
[  764.730922][ T5963] usb 5-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[  764.755115][ T5963] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  764.767639][ T5963] usb 5-1: Product: syz
[  764.771274][T14623] (unnamed net_device) (uninitialized): option all_slaves_active: invalid value (14)
[  764.772254][ T5963] usb 5-1: Manufacturer: syz
[  764.891025][ T5963] usb 5-1: SerialNumber: syz
[  764.946862][ T5963] usb 5-1: config 0 descriptor??
[  764.985780][ T5963] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected
[  765.028907][ T5963] usb 5-1: Detected FT232H
[  767.033094][ T5963] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  767.074778][ T5963] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  767.123797][ T5963] ftdi_sio 5-1:0.0: GPIO initialisation failed: -71
[  767.281601][T14636] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.2228'.
[  767.670727][ T5963] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  767.763255][T14643] netlink: 'syz.1.2230': attribute type 1 has an invalid length.
[  767.771042][T14643] netlink: 'syz.1.2230': attribute type 4 has an invalid length.
[  768.031647][T11793] usb 2-1: new high-speed USB device number 76 using dummy_hcd
[  768.142311][ T5963] usb 5-1: USB disconnect, device number 63
[  768.163049][ T5963] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  768.179640][ T5963] ftdi_sio 5-1:0.0: device disconnected
[  768.302714][T11793] usb 2-1: Using ep0 maxpacket: 16
[  768.321080][T11793] usb 2-1: config 0 has an invalid interface number: 237 but max is 0
[  768.349406][T11793] usb 2-1: config 0 has no interface number 0
[  768.356725][T11793] usb 2-1: config 0 interface 237 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 8
[  768.377835][T11793] usb 2-1: config 0 interface 237 altsetting 0 endpoint 0x3 has invalid maxpacket 943, setting to 64
[  768.518124][T14648] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.2231'.
[  768.638538][T11793] usb 2-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice=72.aa
[  768.651462][T11793] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  768.671539][T11793] usb 2-1: Product: syz
[  768.675793][T11793] usb 2-1: Manufacturer: syz
[  768.685744][T11793] usb 2-1: SerialNumber: syz
[  768.709787][T11793] usb 2-1: config 0 descriptor??
[  768.723630][T14643] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  769.647506][T14660] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  770.116722][T14678] netlink: 212376 bytes leftover after parsing attributes in process `syz.4.2238'.
[  770.605050][    T9] usb 2-1: USB disconnect, device number 76
[  771.710580][T14706] FAULT_INJECTION: forcing a failure.
[  771.710580][T14706] name failslab, interval 1, probability 0, space 0, times 0
[  771.759943][T14706] CPU: 0 UID: 0 PID: 14706 Comm: syz.2.2244 Not tainted syzkaller #0 PREEMPT(full) 
[  771.759970][T14706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  771.759981][T14706] Call Trace:
[  771.759987][T14706]  <TASK>
[  771.759994][T14706]  dump_stack_lvl+0x16c/0x1f0
[  771.760020][T14706]  should_fail_ex+0x512/0x640
[  771.760040][T14706]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  771.760063][T14706]  should_failslab+0xc2/0x120
[  771.760085][T14706]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  771.760105][T14706]  ? __d_alloc+0x32/0xae0
[  771.760131][T14706]  __d_alloc+0x32/0xae0
[  771.760152][T14706]  ? __pfx_idr_alloc_u32+0x10/0x10
[  771.760172][T14706]  d_alloc_pseudo+0x1c/0xc0
[  771.760198][T14706]  alloc_file_pseudo+0xcf/0x230
[  771.760228][T14706]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  771.760255][T14706]  ? find_held_lock+0x2b/0x80
[  771.760281][T14706]  __anon_inode_getfile+0xe8/0x280
[  771.760308][T14706]  bpf_link_prime+0x10f/0x290
[  771.760335][T14706]  bpf_xdp_link_attach+0x27a/0x930
[  771.760358][T14706]  ? __pfx_bpf_xdp_link_attach+0x10/0x10
[  771.760377][T14706]  ? find_held_lock+0x2b/0x80
[  771.760399][T14706]  ? __fget_files+0x204/0x3c0
[  771.760430][T14706]  ? fput+0x9b/0xd0
[  771.760448][T14706]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  771.760473][T14706]  __sys_bpf+0x2926/0x4de0
[  771.760499][T14706]  ? __pfx___sys_bpf+0x10/0x10
[  771.760529][T14706]  ? ksys_write+0x190/0x250
[  771.760551][T14706]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  771.760589][T14706]  ? fput+0x9b/0xd0
[  771.760611][T14706]  ? ksys_write+0x1ac/0x250
[  771.760629][T14706]  ? __pfx_ksys_write+0x10/0x10
[  771.760653][T14706]  __x64_sys_bpf+0x78/0xc0
[  771.760676][T14706]  ? lockdep_hardirqs_on+0x7c/0x110
[  771.760695][T14706]  do_syscall_64+0xcd/0x4c0
[  771.760717][T14706]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  771.760735][T14706] RIP: 0033:0x7fec04b8ebe9
[  771.760751][T14706] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  771.760768][T14706] RSP: 002b:00007fec05a70038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  771.760785][T14706] RAX: ffffffffffffffda RBX: 00007fec04db5fa0 RCX: 00007fec04b8ebe9
[  771.760798][T14706] RDX: 0000000000000010 RSI: 00002000000000c0 RDI: 000000000000001c
[  771.760809][T14706] RBP: 00007fec05a70090 R08: 0000000000000000 R09: 0000000000000000
[  771.760819][T14706] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  771.760830][T14706] R13: 00007fec04db6038 R14: 00007fec04db5fa0 R15: 00007fff114fe5d8
[  771.760856][T14706]  </TASK>
[  772.115456][   T30] audit: type=1400 audit(1756136399.659:680): avc:  denied  { create } for  pid=14690 comm="syz.1.2241" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmsvc_socket permissive=1
[  772.240508][T14714] vivid-000: =================  START STATUS  =================
[  772.249069][T14714] vivid-000: Radio HW Seek Mode: Bounded
[  772.256646][T14714] vivid-000: Radio Programmable HW Seek: false
[  772.263069][T14714] vivid-000: RDS Rx I/O Mode: Block I/O
[  772.268795][T14714] vivid-000: Generate RBDS Instead of RDS: false
[  772.278811][T14714] vivid-000: RDS Reception: true
[  772.285482][T14714] vivid-000: RDS Program Type: 0 inactive
[  772.291579][T14714] vivid-000: RDS PS Name:  inactive
[  772.296816][T14714] vivid-000: RDS Radio Text:  inactive
[  772.303548][T14714] vivid-000: RDS Traffic Announcement: false inactive
[  772.310377][T14714] vivid-000: RDS Traffic Program: false inactive
[  772.317029][T14714] vivid-000: RDS Music: false inactive
[  772.324329][T14714] vivid-000: ==================  END STATUS  ==================
[  773.392420][T14713] QAT: failed to copy from user cfg_data.
[  774.746432][T14731] netlink: 216 bytes leftover after parsing attributes in process `syz.2.2250'.
[  774.755680][T14731] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2250'.
[  774.768401][T14731] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2250'.
[  774.922411][    C0] bridge0: port 1(bridge_slave_0) entered learning state
[  774.931438][    C0] bridge0: port 3(dummy0) entered learning state
[  774.938619][    C0] bridge0: port 4(team0) entered learning state
[  774.961533][T14732] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.2252'.
[  775.360913][T14741] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2256'.
[  775.382173][T11793] usb 6-1: new full-speed USB device number 2 using dummy_hcd
[  775.544656][T11793] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  776.511592][T11793] usb 6-1: New USB device found, idVendor=1e7d, idProduct=3138, bcdDevice= 0.00
[  776.525255][T11793] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  776.535543][T11793] usb 6-1: config 0 descriptor??
[  776.540860][T14743] binder: 14742:14743 ioctl 40046205 0 returned -22
[  776.548661][T14730] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  776.606593][T14751] FAULT_INJECTION: forcing a failure.
[  776.606593][T14751] name failslab, interval 1, probability 0, space 0, times 0
[  776.629504][T14751] CPU: 0 UID: 0 PID: 14751 Comm: syz.0.2258 Not tainted syzkaller #0 PREEMPT(full) 
[  776.629537][T14751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  776.629548][T14751] Call Trace:
[  776.629554][T14751]  <TASK>
[  776.629564][T14751]  dump_stack_lvl+0x16c/0x1f0
[  776.629589][T14751]  should_fail_ex+0x512/0x640
[  776.629609][T14751]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  776.629639][T14751]  should_failslab+0xc2/0x120
[  776.629660][T14751]  __kmalloc_cache_noprof+0x6a/0x3e0
[  776.629687][T14751]  ? ubifs_init_fs_context+0x49/0x3a0
[  776.629713][T14751]  ubifs_init_fs_context+0x49/0x3a0
[  776.629733][T14751]  ? __pfx_ubifs_init_fs_context+0x10/0x10
[  776.629754][T14751]  alloc_fs_context+0x54d/0x9c0
[  776.629782][T14751]  __x64_sys_fsopen+0xeb/0x240
[  776.629808][T14751]  do_syscall_64+0xcd/0x4c0
[  776.629831][T14751]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  776.629849][T14751] RIP: 0033:0x7f18dcd8ebe9
[  776.629864][T14751] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  776.629880][T14751] RSP: 002b:00007f18ddbac038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae
[  776.629898][T14751] RAX: ffffffffffffffda RBX: 00007f18dcfb5fa0 RCX: 00007f18dcd8ebe9
[  776.629910][T14751] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000280
[  776.629921][T14751] RBP: 00007f18ddbac090 R08: 0000000000000000 R09: 0000000000000000
[  776.629932][T14751] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  776.629942][T14751] R13: 00007f18dcfb6038 R14: 00007f18dcfb5fa0 R15: 00007ffff0c47da8
[  776.629968][T14751]  </TASK>
[  777.226530][T11793] ryos 0003:1E7D:3138.0009: unknown main item tag 0x0
[  777.715404][T14730] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2251'.
[  777.731571][T11793] ryos 0003:1E7D:3138.0009: unknown main item tag 0x1
[  777.741219][T11793] ryos 0003:1E7D:3138.0009: unknown main item tag 0x0
[  777.744037][T11793] ryos 0003:1E7D:3138.0009: hidraw0: USB HID v1.01 Device [HID 1e7d:3138] on usb-dummy_hcd.5-1/input0
[  777.850983][T14768] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[  777.851388][T14768] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[  777.851468][T14768] netdevsim netdevsim1: Falling back to sysfs fallback for: .
[  778.285061][   T30] audit: type=1400 audit(1756136405.899:681): avc:  denied  { append } for  pid=14773 comm="syz.1.2264" name="fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  778.302650][   T30] audit: type=1400 audit(1756136405.919:682): avc:  denied  { read } for  pid=14753 comm="syz.2.2261" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  778.303071][   T30] audit: type=1400 audit(1756136405.919:683): avc:  denied  { open } for  pid=14753 comm="syz.2.2261" path="/dev/snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  778.407928][T14779] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2264'.
[  779.281523][    T9] usb 6-1: USB disconnect, device number 2
[  780.203400][T14756] 9pnet_fd: Insufficient options for proto=fd
[  780.226251][T14777] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  780.281538][   T51] Bluetooth: hci0: command 0x0405 tx timeout
[  780.291229][T14777] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  780.453140][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[  781.351141][T14777] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  781.362568][T14777] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  781.369372][T14777] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  781.400898][   T30] audit: type=1400 audit(1756136409.009:684): avc:  denied  { read } for  pid=14796 comm="syz.5.2270" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  781.489502][T14777] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  781.520515][T14777] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  781.530208][T14777] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  781.538330][T14777] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  781.550072][T14777] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  781.727840][T14777] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  781.772842][T14777] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  781.790923][T14777] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  781.811002][T14777] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  781.867395][T14777] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  781.875091][T14777] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  781.883681][T14777] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  782.519641][   T30] audit: type=1400 audit(1756136410.119:685): avc:  denied  { write } for  pid=14812 comm="syz.2.2275" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  782.549224][T11814] Bluetooth: hci1: command 0x0406 tx timeout
[  782.679784][T14819] netlink: 'syz.2.2277': attribute type 1 has an invalid length.
[  782.732260][T14821] overlayfs: failed to resolve './bus': -2
[  782.844448][T14819] bond6: entered promiscuous mode
[  782.850320][T14819] 8021q: adding VLAN 0 to HW filter on device bond6
[  783.381608][ T5963] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  783.401663][T11814] Bluetooth: hci2: command 0x0406 tx timeout
[  783.604653][ T5963] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  783.635781][ T5963] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  783.645619][T11814] Bluetooth: hci3: command 0x0406 tx timeout
[  783.693714][T14834] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2281'.
[  783.702777][T14834] netlink: 43 bytes leftover after parsing attributes in process `syz.4.2281'.
[  783.711816][T14834] netlink: 'syz.4.2281': attribute type 5 has an invalid length.
[  783.719938][T14834] netlink: 43 bytes leftover after parsing attributes in process `syz.4.2281'.
[  784.756788][T11814] Bluetooth: hci4: command 0x0c1a tx timeout
[  784.756792][   T51] Bluetooth: hci0: command 0x0405 tx timeout
[  784.756839][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[  784.776711][   T30] audit: type=1400 audit(1756136411.359:686): avc:  denied  { connect } for  pid=14830 comm="syz.4.2281" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  784.875644][ T5963] usb 6-1: New USB device found, idVendor=1532, idProduct=010e, bcdDevice= 0.00
[  784.902102][ T5963] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  784.914585][ T5963] usb 6-1: config 0 descriptor??
[  784.935336][T14831] svc: failed to register nfsdv3 RPC service (errno 512).
[  785.298118][T14831] svc: failed to register nfsaclv3 RPC service (errno 111).
[  785.454092][ T5963] razer 0003:1532:010E.000A: unknown main item tag 0x0
[  785.470872][ T5963] razer 0003:1532:010E.000A: unknown main item tag 0x0
[  785.481557][   T51] Bluetooth: hci2: command 0x0406 tx timeout
[  785.483218][ T5963] razer 0003:1532:010E.000A: unknown main item tag 0x0
[  785.669348][T14824] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  785.677928][T14824] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  785.721752][   T51] Bluetooth: hci3: command 0x0406 tx timeout
[  785.887205][ T5963] razer 0003:1532:010E.000A: unknown main item tag 0x0
[  785.964858][ T5963] razer 0003:1532:010E.000A: unknown main item tag 0x0
[  786.100643][ T5963] razer 0003:1532:010E.000A: hidraw0: USB HID v0.00 Device [HID 1532:010e] on usb-dummy_hcd.5-1/input0
[  786.610836][    T9] usb 6-1: USB disconnect, device number 3
[  786.843026][T14860] FAULT_INJECTION: forcing a failure.
[  786.843026][T14860] name failslab, interval 1, probability 0, space 0, times 0
[  786.855872][ T5859] Bluetooth: hci0: command 0x0405 tx timeout
[  786.861986][   T51] Bluetooth: hci4: command 0x0c1a tx timeout
[  786.871496][ T5963] usb 5-1: new full-speed USB device number 64 using dummy_hcd
[  786.871647][T14860] CPU: 1 UID: 0 PID: 14860 Comm: syz.1.2289 Not tainted syzkaller #0 PREEMPT(full) 
[  786.871668][T14860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  786.871677][T14860] Call Trace:
[  786.871683][T14860]  <TASK>
[  786.871690][T14860]  dump_stack_lvl+0x16c/0x1f0
[  786.871712][T14860]  should_fail_ex+0x512/0x640
[  786.871730][T14860]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  786.871749][T14860]  should_failslab+0xc2/0x120
[  786.871768][T14860]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  786.871785][T14860]  ? __alloc_skb+0x2b2/0x380
[  786.871804][T14860]  __alloc_skb+0x2b2/0x380
[  786.871819][T14860]  ? __pfx___alloc_skb+0x10/0x10
[  786.871837][T14860]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  786.871860][T14860]  netlink_alloc_large_skb+0x69/0x130
[  786.871880][T14860]  netlink_sendmsg+0x6a1/0xdd0
[  786.871902][T14860]  ? __pfx_netlink_sendmsg+0x10/0x10
[  786.871928][T14860]  ____sys_sendmsg+0xa95/0xc70
[  786.871949][T14860]  ? copy_msghdr_from_user+0x10a/0x160
[  786.871966][T14860]  ? __pfx_____sys_sendmsg+0x10/0x10
[  786.871997][T14860]  ___sys_sendmsg+0x134/0x1d0
[  786.872014][T14860]  ? __pfx____sys_sendmsg+0x10/0x10
[  786.872058][T14860]  __sys_sendmsg+0x16d/0x220
[  786.872075][T14860]  ? __pfx___sys_sendmsg+0x10/0x10
[  786.872106][T14860]  do_syscall_64+0xcd/0x4c0
[  786.872132][T14860]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  786.872148][T14860] RIP: 0033:0x7fa93d58ebe9
[  786.872161][T14860] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  786.872176][T14860] RSP: 002b:00007fa93e330038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  786.872191][T14860] RAX: ffffffffffffffda RBX: 00007fa93d7b5fa0 RCX: 00007fa93d58ebe9
[  786.872202][T14860] RDX: 0000000000000000 RSI: 0000200000000500 RDI: 0000000000000003
[  786.872212][T14860] RBP: 00007fa93e330090 R08: 0000000000000000 R09: 0000000000000000
[  786.872222][T14860] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  786.872232][T14860] R13: 00007fa93d7b6038 R14: 00007fa93d7b5fa0 R15: 00007ffebf2e88a8
[  786.872253][T14860]  </TASK>
[  787.141547][T12303] usb 2-1: new high-speed USB device number 77 using dummy_hcd
[  787.293260][T12303] usb 2-1: Using ep0 maxpacket: 32
[  787.300183][ T5963] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  787.310974][ T5963] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  787.315095][T12303] usb 2-1: config 0 has an invalid interface number: 184 but max is 0
[  787.330854][T12303] usb 2-1: config 0 has no interface number 0
[  787.341321][T12303] usb 2-1: config 0 interface 184 has no altsetting 0
[  787.346053][ T5963] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  787.354331][T12303] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  787.481812][ T5963] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  787.496164][T14874] binder: 14870:14874 ioctl 40046205 0 returned -22
[  787.512525][T12303] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  787.521515][ T5963] usb 5-1: Manufacturer: syz
[  787.542302][T12303] usb 2-1: Product: syz
[  787.562980][   T51] Bluetooth: hci2: command 0x0406 tx timeout
[  787.581692][T12301] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  787.606051][T12303] usb 2-1: Manufacturer: syz
[  787.630288][T12303] usb 2-1: SerialNumber: syz
[  787.713617][ T5963] usb 5-1: config 0 descriptor??
[  787.719461][T12303] usb 2-1: config 0 descriptor??
[  787.734160][T12303] smsc75xx v1.0.0
[  787.754245][T12301] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  787.765514][T12301] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  787.778797][T12301] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  787.806024][   T51] Bluetooth: hci3: command 0x0406 tx timeout
[  787.852805][T12301] usb 6-1: config 0 descriptor??
[  788.359938][T12301] usbhid 6-1:0.0: can't add hid device: -71
[  788.366209][T12301] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  788.379416][T12301] usb 6-1: USB disconnect, device number 4
[  788.758724][T14885] mmap: syz.1.2290 (14885) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  788.896624][   T30] audit: type=1400 audit(1756136416.509:687): avc:  denied  { bind } for  pid=14889 comm="syz.2.2298" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  788.921681][   T51] Bluetooth: hci4: command 0x0c1a tx timeout
[  788.921732][ T5963] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  788.927748][   T51] Bluetooth: hci0: command 0x0405 tx timeout
[  788.948783][T14892] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  788.963837][T14892] mac80211_hwsim hwsim11 syzkaller0: entered promiscuous mode
[  788.971613][T14892] mac80211_hwsim hwsim11 syzkaller0: entered allmulticast mode
[  788.997256][T14892] tipc: Resetting bearer <eth:syzkaller0>
[  789.135368][ T5963] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  789.147824][ T5963] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  789.158969][ T5963] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  789.168742][ T5963] usb 6-1: config 0 descriptor??
[  789.578567][T11793] usb 5-1: USB disconnect, device number 64
[  789.605033][ T5963] usbhid 6-1:0.0: can't add hid device: -71
[  789.641571][T11814] Bluetooth: hci2: command 0x0406 tx timeout
[  789.650772][ T5963] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  789.668487][ T5963] usb 6-1: USB disconnect, device number 5
[  789.680788][T14895] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2299'.
[  791.136396][T11814] Bluetooth: hci4: command 0x0c1a tx timeout
[  793.437509][T12303] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -110
[  793.821066][T12303] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -110
[  793.830969][T12303] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_bind
[  793.842943][T12303] smsc75xx 2-1:0.184: probe with driver smsc75xx failed with error -110
[  793.882451][ T5963] usb 2-1: USB disconnect, device number 77
[  794.733695][   T30] audit: type=1400 audit(1756136422.349:688): avc:  denied  { mounton } for  pid=14911 comm="syz.1.2304" path="/proc/1567/task" dev="proc" ino=52909 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  795.321552][   T30] audit: type=1400 audit(1756136422.919:689): avc:  denied  { associate } for  pid=14911 comm="syz.1.2304" name="file0" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  795.430859][T14927] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.2306'.
[  795.741552][T14932] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.2308'.
[  795.946312][T14931] pim6reg: entered allmulticast mode
[  796.128669][T14942] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.2310'.
[  796.440473][T14948] binder: 14940:14948 ioctl 40046205 0 returned -22
[  796.925229][T11793] libceph: connect (1)[c::]:6789 error -101
[  796.932143][T11793] libceph: mon0 (1)[c::]:6789 connect error
[  797.008427][T14962] netlink: 'syz.1.2313': attribute type 10 has an invalid length.
[  797.488092][T14962] team0: Failed to send port change of device netdevsim0 via netlink (err -105)
[  797.503161][T14962] team0: Failed to send options change via netlink (err -105)
[  797.510747][T14962] team0: Port device netdevsim0 added
[  797.530981][T12340] team0: Failed to send port change of device netdevsim0 via netlink (err -105)
[  797.607665][T11793] libceph: connect (1)[c::]:6789 error -101
[  797.613763][T11793] libceph: mon0 (1)[c::]:6789 connect error
[  797.704120][T14960] ceph: No mds server is up or the cluster is laggy
[  797.730973][T14955] ceph: No mds server is up or the cluster is laggy
[  797.768478][T14972] QAT: failed to copy from user cfg_data.
[  797.802411][T11793] libceph: connect (1)[c::]:6789 error -101
[  797.809195][T11793] libceph: mon0 (1)[c::]:6789 connect error
[  797.882323][ T5865] libceph: connect (1)[c::]:6789 error -101
[  798.831241][ T5865] libceph: mon0 (1)[c::]:6789 connect error
[  800.066480][T14991] netlink: 'syz.1.2320': attribute type 1 has an invalid length.
[  800.131808][T14991] bond9: entered promiscuous mode
[  800.167134][T14991] 8021q: adding VLAN 0 to HW filter on device bond9
[  800.205481][T14991] overlayfs: failed to resolve './bus': -2
[  800.681446][T14996] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.2321'.
[  801.042174][T12301] libceph: connect (1)[c::]:6789 error -101
[  801.048290][T12301] libceph: mon0 (1)[c::]:6789 connect error
[  801.495608][T15001] ceph: No mds server is up or the cluster is laggy
[  801.742268][T12300] libceph: connect (1)[c::]:6789 error -101
[  801.784728][T12300] libceph: mon0 (1)[c::]:6789 connect error
[  802.208373][T15011] kAFS: unable to lookup cell '(0.xlI��|.�(�Wi�2��TY>�1	��'
[  802.479675][T12301] libceph: connect (1)[c::]:6789 error -101
[  802.485945][T12301] libceph: mon0 (1)[c::]:6789 connect error
[  802.735456][T15036] QAT: failed to copy from user cfg_data.
[  802.764336][T12301] libceph: connect (1)[c::]:6789 error -101
[  805.002798][    C0] bridge0: port 4(team0) entered forwarding state
[  805.009271][    C0] bridge0: topology change detected, propagating
[  805.015924][    C0] bridge0: port 3(dummy0) entered forwarding state
[  805.022447][    C0] bridge0: topology change detected, propagating
[  805.028913][    C0] bridge0: port 1(bridge_slave_0) entered forwarding state
[  805.036135][    C0] bridge0: topology change detected, propagating
[  805.803065][T12301] libceph: mon0 (1)[c::]:6789 connect error
[  805.824960][T15025] ceph: No mds server is up or the cluster is laggy
[  805.855484][T12303] libceph: connect (1)[c::]:6789 error -101
[  805.867921][   T30] audit: type=1400 audit(1756136433.479:690): avc:  denied  { module_request } for  pid=15040 comm="syz.1.2331" kmod="net-pf-2-proto-2-type-1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  805.899913][T12303] libceph: mon0 (1)[c::]:6789 connect error
[  806.542631][T15053] netlink: 212376 bytes leftover after parsing attributes in process `syz.5.2335'.
[  807.299710][T12300] usb 5-1: new full-speed USB device number 65 using dummy_hcd
[  807.555476][T12300] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  807.566647][T12300] usb 5-1: New USB device found, idVendor=1e7d, idProduct=3138, bcdDevice= 0.00
[  807.577577][T12300] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  807.587011][T12300] usb 5-1: config 0 descriptor??
[  807.594029][T15055] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  808.222542][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  808.228941][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  808.318890][T12300] ryos 0003:1E7D:3138.000B: unknown main item tag 0x0
[  808.326379][T12300] ryos 0003:1E7D:3138.000B: unknown main item tag 0x1
[  808.429329][T12300] ryos 0003:1E7D:3138.000B: unknown main item tag 0x0
[  808.596538][T12300] ryos 0003:1E7D:3138.000B: hidraw0: USB HID v1.01 Device [HID 1e7d:3138] on usb-dummy_hcd.4-1/input0
[  808.644078][T12300] usb 5-1: USB disconnect, device number 65
[  809.978666][   T30] audit: type=1400 audit(1756136437.149:691): avc:  denied  { bind } for  pid=15081 comm="syz.5.2344" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  810.032315][T12300] libceph: connect (1)[c::]:6789 error -101
[  810.064604][T12300] libceph: mon0 (1)[c::]:6789 connect error
[  810.079885][T15085] ceph: No mds server is up or the cluster is laggy
[  810.350928][T12300] libceph: connect (1)[c::]:6789 error -101
[  810.384918][T15098] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.2347'.
[  810.592696][T12300] libceph: mon0 (1)[c::]:6789 connect error
[  810.734876][T11814] Bluetooth: hci0: Malformed HCI Event: 0x22
[  810.744778][T15104] netlink: 'syz.5.2350': attribute type 16 has an invalid length.
[  810.752747][T15104] netlink: 'syz.5.2350': attribute type 17 has an invalid length.
[  810.900930][   T30] audit: type=1400 audit(1756136438.509:692): avc:  denied  { write } for  pid=15090 comm="syz.0.2346" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  812.074713][   T30] audit: type=1400 audit(1756136439.519:693): avc:  denied  { create } for  pid=15127 comm="syz.1.2356" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  812.332461][T15141] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.2359'.
[  814.886148][T15176] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=15176 comm=syz.1.2367
[  815.347098][T15169] kAFS: unable to lookup cell '(0.xlI��|.�(�Wi�2��TY>�1	��'
[  815.569677][T15185] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.2371'.
[  818.226141][T15222] vivid-000: =================  START STATUS  =================
[  818.233935][T15222] vivid-000: Radio HW Seek Mode: Bounded
[  818.239720][T15222] vivid-000: Radio Programmable HW Seek: false
[  818.246096][T15222] vivid-000: RDS Rx I/O Mode: Block I/O
[  818.251822][T15222] vivid-000: Generate RBDS Instead of RDS: false
[  818.258229][T15222] vivid-000: RDS Reception: true
[  818.263331][T15222] vivid-000: RDS Program Type: 0 inactive
[  818.269198][T15222] vivid-000: RDS PS Name:  inactive
[  818.274656][T15222] vivid-000: RDS Radio Text:  inactive
[  818.280294][T15222] vivid-000: RDS Traffic Announcement: false inactive
[  818.287365][T15222] vivid-000: RDS Traffic Program: false inactive
[  818.293879][T15222] vivid-000: RDS Music: false inactive
[  818.299591][T15222] vivid-000: ==================  END STATUS  ==================
[  818.784215][T15220] kAFS: unable to lookup cell '(0.xlI��|.�(�Wi�2��TY>�1	��'
[  818.855151][   T30] audit: type=1400 audit(1756136446.459:694): avc:  denied  { execute } for  pid=15226 comm="syz.4.2383" path="/452/cpu.stat" dev="tmpfs" ino=2455 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  818.905696][ T5974] libceph: connect (1)[c::]:6789 error -101
[  818.919870][ T5974] libceph: mon0 (1)[c::]:6789 connect error
[  819.515367][ T5974] libceph: connect (1)[c::]:6789 error -101
[  819.535045][ T5974] libceph: mon0 (1)[c::]:6789 connect error
[  819.742178][T15229] ceph: No mds server is up or the cluster is laggy
[  821.288417][T15262] 9pnet_fd: Insufficient options for proto=fd
[  821.305647][T15272] 9pnet_fd: Insufficient options for proto=fd
[  821.902803][T15278] QAT: failed to copy from user cfg_data.
[  823.469773][T15296] netlink: 212376 bytes leftover after parsing attributes in process `syz.4.2399'.
[  823.682781][T15297] pim6reg: entered allmulticast mode
[  823.688155][   T30] audit: type=1400 audit(1756136451.289:695): avc:  denied  { setopt } for  pid=15289 comm="syz.0.2398" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  823.746602][T15299] process 'syz.5.2400' launched '/dev/fd/4' with NULL argv: empty string added
[  823.769710][   T30] audit: type=1400 audit(1756136451.379:696): avc:  denied  { execute_no_trans } for  pid=15298 comm="syz.5.2400" path=2F6D656D66643A5B0BDB58AE5B1AA9FDFAADD16D64C8854858A9250C1A65E0202864656C6574656429 dev="tmpfs" ino=259 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  823.802213][T15297] pim6reg: left allmulticast mode
[  824.455853][   T30] audit: type=1400 audit(1756136451.439:697): avc:  denied  { watch_mount } for  pid=15298 comm="syz.5.2400" path="/34" dev="tmpfs" ino=201 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  824.752462][ T5865] usb 6-1: new full-speed USB device number 6 using dummy_hcd
[  825.276997][T15328] fuse: Bad value for 'fd'
[  825.334989][ T5865] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  825.445659][ T5865] usb 6-1: New USB device found, idVendor=1e7d, idProduct=3138, bcdDevice= 0.00
[  825.502443][ T5865] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  825.536742][ T5865] usb 6-1: config 0 descriptor??
[  825.564420][T15310] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  826.158896][   T30] audit: type=1400 audit(1756136453.559:698): avc:  denied  { append } for  pid=15333 comm="syz.4.2413" name="loop6" dev="devtmpfs" ino=653 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  826.225100][T15339] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.2412'.
[  826.591577][ T5865] usbhid 6-1:0.0: can't add hid device: -71
[  826.597576][ T5865] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  826.607760][ T5865] usb 6-1: USB disconnect, device number 6
[  827.212273][T15360] binder: 15357:15360 ioctl 40046205 0 returned -22
[  830.184073][T15398] block nbd0: Attempted send on invalid socket
[  830.190479][T15398] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[  830.499605][ T5963] libceph: connect (1)[c::]:6789 error -101
[  830.742013][ T5963] libceph: mon0 (1)[c::]:6789 connect error
[  830.921757][T15412] netlink: 'syz.5.2434': attribute type 1 has an invalid length.
[  830.949327][T15412] bond1: entered promiscuous mode
[  830.959670][T15412] 8021q: adding VLAN 0 to HW filter on device bond1
[  830.992710][T15412] 8021q: adding VLAN 0 to HW filter on device bond1
[  830.999668][T15412] bond1: (slave vcan1): The slave device specified does not support setting the MAC address
[  831.010059][ T5963] libceph: connect (1)[c::]:6789 error -101
[  831.011647][T15412] bond1: (slave vcan1): Setting fail_over_mac to active for active-backup mode
[  831.016209][ T5963] libceph: mon0 (1)[c::]:6789 connect error
[  831.053957][T15414] overlayfs: failed to resolve './bus': -2
[  831.054875][T15412] bond1: (slave vcan1): making interface the new active one
[  831.067477][T15412] vcan1: entered promiscuous mode
[  831.135627][T15412] bond1: (slave vcan1): Enslaving as an active interface with an up link
[  831.316472][T15403] ceph: No mds server is up or the cluster is laggy
[  831.531690][ T5963] libceph: connect (1)[c::]:6789 error -101
[  831.641779][ T5963] libceph: mon0 (1)[c::]:6789 connect error
[  833.901671][ T5963] libceph: connect (1)[c::]:6789 error -101
[  833.907725][ T5963] libceph: mon0 (1)[c::]:6789 connect error
[  860.261408][    C0] sched: DL replenish lagged too much
[  875.934250][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  875.940594][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  961.688154][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  961.694485][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  972.441445][T11814] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[  975.074073][   T51] Bluetooth: hci6: Opcode 0x0c03 failed: -110
[ 1069.991329][    C0] rcu: INFO: rcu_preempt self-detected stall on CPU
[ 1069.997945][    C0] rcu: 	0-...!: (1 GPs behind) idle=9cfc/1/0x4000000000000000 softirq=83050/83052 fqs=7
[ 1070.008560][    C0] rcu: 	(t=10501 jiffies g=70509 q=1504 ncpus=2)
[ 1070.014880][    C0] rcu: rcu_preempt kthread starved for 8195 jiffies! g70509 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[ 1070.025970][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 1070.035924][    C0] rcu: RCU grace-period kthread stack dump:
[ 1070.041796][    C0] task:rcu_preempt     state:R  running task     stack:27784 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00004000
[ 1070.055280][    C0] Call Trace:
[ 1070.058547][    C0]  <TASK>
[ 1070.061468][    C0]  __schedule+0x1190/0x5de0
[ 1070.065975][    C0]  ? __lock_acquire+0x62e/0x1ce0
[ 1070.070914][    C0]  ? __pfx___schedule+0x10/0x10
[ 1070.075757][    C0]  ? find_held_lock+0x2b/0x80
[ 1070.080603][    C0]  ? schedule+0x2d7/0x3a0
[ 1070.084922][    C0]  schedule+0xe7/0x3a0
[ 1070.088978][    C0]  schedule_timeout+0x123/0x290
[ 1070.093822][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[ 1070.099195][    C0]  ? __pfx_process_timeout+0x10/0x10
[ 1070.104566][    C0]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1070.110358][    C0]  ? prepare_to_swait_event+0xf5/0x480
[ 1070.115815][    C0]  rcu_gp_fqs_loop+0x1ea/0xb00
[ 1070.120574][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[ 1070.125847][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1070.131039][    C0]  ? __pfx_rcu_gp_init+0x10/0x10
[ 1070.135961][    C0]  ? rcu_gp_cleanup+0x7c1/0xd90
[ 1070.140804][    C0]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1070.146601][    C0]  rcu_gp_kthread+0x270/0x380
[ 1070.151271][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1070.156454][    C0]  ? rcu_is_watching+0x12/0xc0
[ 1070.161211][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1070.166400][    C0]  ? __kthread_parkme+0x19e/0x250
[ 1070.171424][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1070.176607][    C0]  kthread+0x3c5/0x780
[ 1070.180684][    C0]  ? __pfx_kthread+0x10/0x10
[ 1070.185266][    C0]  ? rcu_is_watching+0x12/0xc0
[ 1070.190021][    C0]  ? __pfx_kthread+0x10/0x10
[ 1070.194599][    C0]  ret_from_fork+0x5d7/0x6f0
[ 1070.199181][    C0]  ? __pfx_kthread+0x10/0x10
[ 1070.203773][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1070.208545][    C0]  </TASK>
[ 1070.211552][    C0] rcu: Stack dump where RCU GP kthread last ran:
[ 1070.217859][    C0] Sending NMI from CPU 0 to CPUs 1:
[ 1070.223057][    C1] NMI backtrace for cpu 1
[ 1070.223070][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted syzkaller #0 PREEMPT(full) 
[ 1070.223086][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1070.223094][    C1] RIP: 0010:__lock_acquire+0x73b/0x1ce0
[ 1070.223117][    C1] Code: 12 0f 85 9a 0f 00 00 48 83 c4 70 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 41 83 bd d4 0a 00 00 01 19 d2 83 e2 02 83 c2 03 <e9> a2 fb ff ff 45 31 f6 e9 6b fb ff ff 8b 0c 24 85 c9 0f 85 4c fc
[ 1070.223130][    C1] RSP: 0000:ffffc90000a07f68 EFLAGS: 00000006
[ 1070.223143][    C1] RAX: 0000000000000000 RBX: ffff88801e2e2f30 RCX: 0000000000000025
[ 1070.223152][    C1] RDX: 0000000000000003 RSI: 0000000000000005 RDI: ffff88801e2e2ff8
[ 1070.223160][    C1] RBP: 0000000000000000 R08: 0000000000080000 R09: 0000000000000001
[ 1070.223169][    C1] R10: 00000000000000c8 R11: 0000000000000001 R12: ffff88801e2e2ff8
[ 1070.223178][    C1] R13: ffff88801e2e2440 R14: 0000000000000000 R15: 0000000000000003
[ 1070.223187][    C1] FS:  0000000000000000(0000) GS:ffff8881247b9000(0000) knlGS:0000000000000000
[ 1070.223201][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1070.223211][    C1] CR2: 00007f6e66eaa060 CR3: 000000004525b000 CR4: 00000000003526f0
[ 1070.223220][    C1] Call Trace:
[ 1070.223226][    C1]  <IRQ>
[ 1070.223236][    C1]  lock_acquire+0x179/0x350
[ 1070.223259][    C1]  ? get_random_u16+0xdb/0x7e0
[ 1070.223284][    C1]  get_random_u16+0x102/0x7e0
[ 1070.223301][    C1]  ? get_random_u16+0xdb/0x7e0
[ 1070.223318][    C1]  ? __pfx_get_random_u16+0x10/0x10
[ 1070.223336][    C1]  ? get_random_u16+0x59c/0x7e0
[ 1070.223353][    C1]  cake_get_flow_quantum+0xd9/0x290
[ 1070.223381][    C1]  cake_dequeue+0x1be7/0x4830
[ 1070.223401][    C1]  ? dev_hard_start_xmit+0x5f0/0x740
[ 1070.223422][    C1]  ? sch_direct_xmit+0x23f/0xcf0
[ 1070.223437][    C1]  ? __pfx_sch_direct_xmit+0x10/0x10
[ 1070.223450][    C1]  ? __pfx_cake_dequeue+0x10/0x10
[ 1070.223472][    C1]  ? reacquire_held_locks+0xcd/0x1f0
[ 1070.223493][    C1]  __qdisc_run+0x1bd/0x1bf0
[ 1070.223509][    C1]  __dev_queue_xmit+0x2b43/0x4490
[ 1070.223530][    C1]  ? selinux_ip_postroute+0x73a/0xde0
[ 1070.223545][    C1]  ? __pfx___dev_queue_xmit+0x10/0x10
[ 1070.223563][    C1]  ? __pfx_selinux_ip_postroute+0x10/0x10
[ 1070.223580][    C1]  ? __lock_acquire+0xb97/0x1ce0
[ 1070.223602][    C1]  ? lock_acquire+0x179/0x350
[ 1070.223620][    C1]  ? find_held_lock+0x2b/0x80
[ 1070.223642][    C1]  ? mark_held_locks+0x49/0x80
[ 1070.223662][    C1]  ip6_finish_output2+0xe98/0x2020
[ 1070.223679][    C1]  __ip6_finish_output+0x3cd/0x1010
[ 1070.223694][    C1]  ip6_output+0x1ca/0x3e0
[ 1070.223708][    C1]  ip6_local_out+0xd1/0x4d0
[ 1070.223724][    C1]  udp_tunnel6_xmit_skb+0x7f1/0xc50
[ 1070.223744][    C1]  tipc_udp_xmit+0x219/0xdf0
[ 1070.223760][    C1]  ? __pfx_tipc_udp_xmit+0x10/0x10
[ 1070.223772][    C1]  ? __alloc_skb+0x200/0x380
[ 1070.223785][    C1]  ? __pfx___alloc_skb+0x10/0x10
[ 1070.223798][    C1]  ? __asan_memcpy+0x3c/0x60
[ 1070.223818][    C1]  ? __asan_memcpy+0x3c/0x60
[ 1070.223837][    C1]  ? skb_copy_header+0x20/0x2b0
[ 1070.223856][    C1]  ? __pskb_copy_fclone+0x48e/0xb50
[ 1070.223871][    C1]  ? lock_acquire+0x179/0x350
[ 1070.223892][    C1]  tipc_udp_send_msg+0x292/0x4a0
[ 1070.223908][    C1]  tipc_bearer_xmit_skb+0x1bd/0x430
[ 1070.223928][    C1]  ? __pfx_tipc_bearer_xmit_skb+0x10/0x10
[ 1070.223947][    C1]  ? mark_held_locks+0x49/0x80
[ 1070.223965][    C1]  ? __local_bh_enable_ip+0xa4/0x120
[ 1070.223983][    C1]  tipc_disc_timeout+0x5b2/0x850
[ 1070.224002][    C1]  ? __pfx_tipc_disc_timeout+0x10/0x10
[ 1070.224025][    C1]  ? __pfx_tipc_disc_timeout+0x10/0x10
[ 1070.224042][    C1]  call_timer_fn+0x197/0x620
[ 1070.224062][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[ 1070.224083][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1070.224100][    C1]  ? __pfx_tipc_disc_timeout+0x10/0x10
[ 1070.224117][    C1]  __run_timers+0x6ef/0x960
[ 1070.224138][    C1]  ? __pfx___run_timers+0x10/0x10
[ 1070.224162][    C1]  run_timer_base+0x114/0x190
[ 1070.224181][    C1]  ? __pfx_run_timer_base+0x10/0x10
[ 1070.224200][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1070.224216][    C1]  run_timer_softirq+0x1a/0x40
[ 1070.224234][    C1]  handle_softirqs+0x216/0x8e0
[ 1070.224252][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[ 1070.224270][    C1]  __irq_exit_rcu+0x109/0x170
[ 1070.224285][    C1]  irq_exit_rcu+0x9/0x30
[ 1070.224300][    C1]  sysvec_apic_timer_interrupt+0xa4/0xc0
[ 1070.224315][    C1]  </IRQ>
[ 1070.224320][    C1]  <TASK>
[ 1070.224325][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1070.224340][    C1] RIP: 0010:pv_native_safe_halt+0xf/0x20
[ 1070.224354][    C1] Code: 4c 62 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d d3 52 16 00 fb f4 <e9> 4c 09 03 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
[ 1070.224366][    C1] RSP: 0000:ffffc90000197df8 EFLAGS: 000002c2
[ 1070.224377][    C1] RAX: 000000000d7a71a1 RBX: 0000000000000001 RCX: ffffffff8b93bc29
[ 1070.224386][    C1] RDX: 0000000000000000 RSI: ffffffff8de50210 RDI: ffffffff8c162900
[ 1070.224396][    C1] RBP: ffffed1003c5c488 R08: 0000000000000001 R09: ffffed10170a6655
[ 1070.224405][    C1] R10: ffff8880b85332ab R11: 0000000000000000 R12: 0000000000000001
[ 1070.224413][    C1] R13: ffff88801e2e2440 R14: ffffffff90ab4b90 R15: 0000000000000000
[ 1070.224425][    C1]  ? ct_kernel_exit+0x139/0x190
[ 1070.224441][    C1]  default_idle+0x13/0x20
[ 1070.224457][    C1]  default_idle_call+0x6d/0xb0
[ 1070.224472][    C1]  do_idle+0x391/0x510
[ 1070.224489][    C1]  ? __pfx_do_idle+0x10/0x10
[ 1070.224505][    C1]  ? trace_sched_exit_tp+0x2f/0x120
[ 1070.224521][    C1]  cpu_startup_entry+0x4f/0x60
[ 1070.224537][    C1]  start_secondary+0x21d/0x2b0
[ 1070.224556][    C1]  ? __pfx_start_secondary+0x10/0x10
[ 1070.224576][    C1]  common_startup_64+0x13e/0x148
[ 1070.224595][    C1]  </TASK>
[ 1070.225064][    C0] CPU: 0 UID: 0 PID: 12340 Comm: kworker/u8:15 Not tainted syzkaller #0 PREEMPT(full) 
[ 1070.225087][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1070.225099][    C0] Workqueue: wg-kex-wg1 wg_packet_handshake_send_worker
[ 1070.225127][    C0] RIP: 0010:pv_native_safe_halt+0xf/0x20
[ 1070.225146][    C0] Code: 4c 62 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d d3 52 16 00 fb f4 <e9> 4c 09 03 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
[ 1070.225161][    C0] RSP: 0018:ffffc900000070b8 EFLAGS: 00000246
[ 1070.225175][    C0] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 0000000000000002
[ 1070.225186][    C0] RDX: ffff888077f0a440 RSI: ffffffff816a3d21 RDI: ffffffff8c162900
[ 1070.225197][    C0] RBP: ffff8880745a00f0 R08: 0000000000000001 R09: 0000000000000001
[ 1070.225208][    C0] R10: ffffffff90ab4b97 R11: 0000000000000000 R12: 0000000000000003
[ 1070.225218][    C0] R13: 0000000000000003 R14: ffff8880b843b280 R15: ffffed100e8b401e
[ 1070.225229][    C0] FS:  0000000000000000(0000) GS:ffff8881246b9000(0000) knlGS:0000000000000000
[ 1070.225246][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1070.225258][    C0] CR2: 00007f9afabc3430 CR3: 0000000048dea000 CR4: 00000000003526f0
[ 1070.225270][    C0] Call Trace:
[ 1070.225277][    C0]  <IRQ>
[ 1070.225283][    C0]  kvm_wait+0x186/0x1f0
[ 1070.225307][    C0]  __pv_queued_spin_lock_slowpath+0x4e1/0xcf0
[ 1070.225331][    C0]  ? __pfx___pv_queued_spin_lock_slowpath+0x10/0x10
[ 1070.225360][    C0]  do_raw_spin_lock+0x20e/0x2b0
[ 1070.225377][    C0]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1070.225400][    C0]  __dev_queue_xmit+0x20e2/0x4490
[ 1070.225432][    C0]  ? selinux_ip_postroute+0x73a/0xde0
[ 1070.225451][    C0]  ? __pfx___dev_queue_xmit+0x10/0x10
[ 1070.225474][    C0]  ? __pfx_selinux_ip_postroute+0x10/0x10
[ 1070.225499][    C0]  ? __lock_acquire+0xb97/0x1ce0
[ 1070.225534][    C0]  ? lock_acquire+0x179/0x350
[ 1070.225562][    C0]  ? mark_held_locks+0x49/0x80
[ 1070.225589][    C0]  ip6_finish_output2+0xe98/0x2020
[ 1070.225615][    C0]  __ip6_finish_output+0x3cd/0x1010
[ 1070.225632][    C0]  ip6_output+0x1ca/0x3e0
[ 1070.225651][    C0]  ip6_local_out+0xd1/0x4d0
[ 1070.225673][    C0]  ip6_send_skb+0x112/0x460
[ 1070.225692][    C0]  ip6_push_pending_frames+0xe0/0x110
[ 1070.225710][    C0]  icmpv6_push_pending_frames+0x2dc/0x460
[ 1070.225742][    C0]  icmp6_send+0x1ec9/0x2be0
[ 1070.225777][    C0]  ? __pfx_icmp6_send+0x10/0x10
[ 1070.225803][    C0]  ? __lock_acquire+0x62e/0x1ce0
[ 1070.225854][    C0]  ? __udp6_lib_rcv+0x2349/0x3040
[ 1070.225880][    C0]  __udp6_lib_rcv+0x2349/0x3040
[ 1070.225908][    C0]  ? __pfx_udpv6_rcv+0x10/0x10
[ 1070.225930][    C0]  ip6_protocol_deliver_rcu+0x6f0/0x1520
[ 1070.225961][    C0]  ip6_input_finish+0x1e4/0x4b0
[ 1070.225980][    C0]  ip6_input+0x105/0x2f0
[ 1070.225999][    C0]  ipv6_rcv+0x264/0x650
[ 1070.226017][    C0]  ? __pfx_ipv6_rcv+0x10/0x10
[ 1070.226032][    C0]  __netif_receive_skb_one_core+0x12d/0x1e0
[ 1070.226057][    C0]  ? __pfx___netif_receive_skb_one_core+0x10/0x10
[ 1070.226083][    C0]  ? lock_acquire+0x179/0x350
[ 1070.226112][    C0]  ? process_backlog+0x3f0/0x15e0
[ 1070.226135][    C0]  __netif_receive_skb+0x1d/0x160
[ 1070.226159][    C0]  process_backlog+0x442/0x15e0
[ 1070.226190][    C0]  __napi_poll.constprop.0+0xba/0x550
[ 1070.226218][    C0]  net_rx_action+0xa9f/0xfe0
[ 1070.226252][    C0]  ? __pfx_net_rx_action+0x10/0x10
[ 1070.226283][    C0]  ? tmigr_handle_remote+0x132/0x380
[ 1070.226311][    C0]  ? run_timer_base+0x121/0x190
[ 1070.226335][    C0]  ? __pfx_run_timer_base+0x10/0x10
[ 1070.226363][    C0]  handle_softirqs+0x216/0x8e0
[ 1070.226387][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[ 1070.226407][    C0]  ? irqtime_account_irq+0x18d/0x2e0
[ 1070.226431][    C0]  ? wg_socket_send_skb_to_peer+0x145/0x210
[ 1070.226449][    C0]  do_softirq+0xb2/0xf0
[ 1070.226469][    C0]  </IRQ>
[ 1070.226475][    C0]  <TASK>
[ 1070.226481][    C0]  __local_bh_enable_ip+0x100/0x120
[ 1070.226502][    C0]  wg_socket_send_skb_to_peer+0x145/0x210
[ 1070.226523][    C0]  wg_socket_send_buffer_to_peer+0x148/0x1a0
[ 1070.226543][    C0]  wg_packet_send_handshake_initiation+0x225/0x360
[ 1070.226569][    C0]  ? __pfx_wg_packet_send_handshake_initiation+0x10/0x10
[ 1070.226593][    C0]  ? __lock_acquire+0xb97/0x1ce0
[ 1070.226637][    C0]  wg_packet_handshake_send_worker+0x1c/0x30
[ 1070.226662][    C0]  process_one_work+0x9cf/0x1b70
[ 1070.226689][    C0]  ? __pfx_wg_packet_handshake_send_worker+0x10/0x10
[ 1070.226715][    C0]  ? __pfx_process_one_work+0x10/0x10
[ 1070.226741][    C0]  ? assign_work+0x1a0/0x250
[ 1070.226760][    C0]  worker_thread+0x6c8/0xf10
[ 1070.226791][    C0]  ? __pfx_worker_thread+0x10/0x10
[ 1070.226809][    C0]  kthread+0x3c5/0x780
[ 1070.226827][    C0]  ? __pfx_kthread+0x10/0x10
[ 1070.226846][    C0]  ? rcu_is_watching+0x12/0xc0
[ 1070.226872][    C0]  ? __pfx_kthread+0x10/0x10
[ 1070.226890][    C0]  ret_from_fork+0x5d7/0x6f0
[ 1070.226907][    C0]  ? __pfx_kthread+0x10/0x10
[ 1070.226925][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1070.226958][    C0]  </TASK>