last executing test programs:

5m45.053978224s ago: executing program 4 (id=2675):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz1\x00', {0xfff9, 0x2, 0x240, 0x800}, 0x9, [0x6, 0x8, 0x5, 0x9, 0x8, 0x155f, 0x6, 0x5, 0x25cd, 0x1, 0xa4, 0x6, 0xa2b9, 0x6, 0x7, 0xe4, 0x6, 0xfc000000, 0x3, 0xbbf, 0x4a732f64, 0x8, 0x9, 0x80000d, 0x4, 0x12a3, 0x6, 0x1, 0x2, 0x4, 0x7, 0x81, 0x8a, 0x79, 0x2, 0x4, 0x0, 0x8f, 0x4, 0x4, 0x7, 0x2, 0x5, 0x400, 0x7ff7, 0x5, 0xa7, 0x81, 0x9, 0xf9a2, 0x80000001, 0xff, 0x0, 0x2, 0x2, 0x3, 0x1, 0x1, 0x7ff, 0x4, 0x4007f, 0xffffffff, 0x6, 0x6], [0x9, 0x0, 0x6, 0x5f, 0x4, 0xc66, 0xa8a9, 0x73, 0x8e, 0xd50, 0x7, 0x5, 0x2, 0x9, 0x4, 0xa, 0x1000, 0x0, 0x200b398, 0xfffffffc, 0x0, 0x2, 0x1c, 0x7, 0x1, 0x2, 0x54f5bad8, 0x8, 0xfffffffd, 0x400, 0xffff58b9, 0x0, 0x4, 0x0, 0x80000, 0x401, 0x46, 0xf1, 0x4, 0xab00040, 0x5, 0x6, 0x2, 0x5, 0x3ff, 0x1ff, 0x1, 0x7fff, 0x762, 0x1cb, 0x1, 0x4, 0x6, 0x438, 0x2, 0x9, 0x95, 0xfffff50f, 0x4, 0xfffffff7, 0x1, 0x1000, 0xfffff801, 0x5], [0x2, 0x1, 0xffff, 0x3, 0x2, 0x2e6bf783, 0x80000001, 0xe, 0x2, 0x491, 0x6, 0x6, 0x8, 0x3ff, 0x2, 0x400, 0x41, 0x6, 0xee4b, 0x7, 0x5, 0x8000003, 0x5, 0x9, 0x0, 0x3, 0x9, 0x3, 0xc7, 0xffe, 0x100006, 0x8000, 0x400, 0x3e59, 0xff, 0xd3, 0x8, 0x3437, 0x3, 0x9, 0xfd, 0x401, 0x101, 0xdd80, 0x60a2, 0x17fc, 0x3, 0x0, 0x8, 0x2, 0x2, 0x6, 0x8000, 0xf45, 0x3, 0xd500, 0x8, 0x77, 0x8, 0x4, 0x10000, 0x1, 0x8, 0x1], [0xa772, 0x1, 0x5, 0x1afa, 0xbfc, 0x8, 0x7c81, 0x7f, 0x56, 0x40, 0xff, 0x5, 0x7fffffff, 0x7, 0xe, 0x9, 0x81, 0x3, 0x9d86, 0xd, 0xfffffff7, 0x8, 0x40f1, 0x2, 0x3, 0x6, 0x80000001, 0x7777, 0x1, 0x2, 0x100, 0xd8ce, 0x7fffffff, 0x624dfaee, 0xc, 0x7f, 0x1000, 0x1ff, 0x2000003, 0xffffffff, 0x10000, 0x0, 0x8001, 0x7fff, 0x3, 0x6, 0xf, 0xe, 0x5337, 0x26d, 0x6, 0xfffffff9, 0x4, 0xfffffff9, 0x9, 0x4, 0x463f, 0x4, 0xdab, 0x1, 0x8, 0x13ffd, 0x1, 0x1b18]}, 0x45c)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(r5, 0x8208ae63, &(0x7f0000000880)={0x0, 0x0, @pic={0x2c, 0xc0, 0x7, 0x6, 0xfb, 0x2, 0xf, 0x4, 0x3, 0x0, 0x3, 0x58, 0x9e, 0x6, 0x6, 0x7f}})
connect$unix(0xffffffffffffffff, &(0x7f0000000280)=@abs={0x1, 0x0, 0x4e23}, 0x6e)
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0x0, 0x180, 0x4, 0x14, 0xf1, 0x0, 0x7fffffffffffe, 0x7, 0x5, 0x3, 0xfffffffffffffffe, 0x45, 0x4, 0xbdb], 0x1, 0x1c4213})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
r7 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r8 = dup(r7)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r9, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r7, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x94, r2, 0x1, 0x70bd26, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_FRAME={0x71, 0x33, @beacon={{{0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x9}, @device_b, @device_a, @initial, {0xf, 0x1}}, 0xffffffffffffffff, @default, 0x1000, @val={0x0, 0x6, @default_ibss_ssid}, @void, @void, @val={0x4, 0x6, {0x5, 0x7e, 0x2, 0x451}}, @val={0x6, 0x2, 0x1fc}, @val={0x5, 0x3, {0x5, 0x97, 0x5}}, @void, @val={0x2a, 0x1, {0x0, 0x0, 0x1}}, @void, @val={0x2d, 0x1a, {0xc, 0x2, 0x5, 0x0, {0x2, 0xb7b, 0x0, 0x347, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x100, 0x1}}, @void, @val={0x71, 0x7, {0x69, 0x0, 0x1, 0xffffffffffffffff, 0x1, 0x7, 0x20}}, @val={0x76, 0x6, {0x3, 0x0, 0x2f, 0x6}}}}, @NL80211_ATTR_OFFCHANNEL_TX_OK={0x4}]}, 0x94}, 0x1, 0x0, 0x0, 0x400d0}, 0x0)

5m44.145462767s ago: executing program 4 (id=2677):
socket$nl_generic(0x10, 0x3, 0x10)
syz_clone(0x21224200, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
timer_create(0x0, 0x0, 0x0)
r0 = socket(0x2000000015, 0x80005, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x4, @ipv4={'\x00', '\xff\xff', @loopback}, 0x214}, 0x1c)
prlimit64(0x0, 0x3, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x0, 0x880)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0xff2c0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, 0x0)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000300), 0x20042)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r5, 0x40605346, &(0x7f0000000400)={0x0, 0x0, {0x3}, 0x5})
write$sndseq(r5, &(0x7f0000000280)=[{0x1f, 0x0, 0x0, 0x4, @time={0x40, 0x6}, {0x3}, {0x0, 0xb5}, @note={0x4, 0x1, 0x2, 0x3, 0x4}}], 0x1c)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r6 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
ioctl$SOUND_MIXER_READ_RECSRC(r6, 0x80044dff, &(0x7f00000003c0))
socket$inet6_udp(0xa, 0x2, 0x0)
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc)=<r7=>0x0)
timer_settime(r7, 0x1, &(0x7f0000000040)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(0xffffffffffffffff, 0xc02c564a, &(0x7f0000000340)={0x0, 0x30314142, 0x0, @stepwise={0x950000, 0x8, 0x4, 0xe15e, 0x12000, 0x6}})

5m42.837982189s ago: executing program 4 (id=2682):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), r0)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000400)={0x2c, r1, 0x1, 0x70bd2a, 0x25dfdbfe, {}, [@ETHTOOL_A_CHANNELS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x4040)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000480)={'ip6tnl0\x00'})
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f00000004c0)={'wg0\x00'})
r2 = socket$packet(0x11, 0x2, 0x300)
socket$inet6_udplite(0xa, 0x2, 0x88)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x1)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000002140)={{}, 0x2c, {'rootmode', 0x3d, 0x4000}})
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=','])
read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r3, &(0x7f0000000040)={0x50, 0x0, r4, {0x7, 0x1f, 0x0, 0x10400}}, 0x50)
syz_fuse_handle_req(r3, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x20, 0x0, 0x88}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
ppoll(&(0x7f0000000140)=[{r5}], 0x1, 0x0, 0x0, 0x0)
syz_fuse_handle_req(r3, &(0x7f0000004200)="9c7229b3b13ab2edd8ae742153edbde2f2b8580a32318f0e1c0ba0e4830ecd079784690876773e01b68af1b951109b96bc4828e91b62b25578a41a42d456d0ea18599c96460b0e49923f4cf4d70098f8cb469ca8f0e4ecaed1c9047ff044a5f836ad8e1ca353b7444b2cd6283680720472d70610a8d34f7be697a2998b3cfcfbc7200c7a2730c500fb967d434022701b2ef32e4842ffcad78da81fb58dc80e000d2912ce8767e673873193e8b3eee5adc0bc16bf5508a6d1944330a840695932d346300cc4aa91406c021a6c3e428642f2ef1fe24e4563bb788d602fb107d994db1586f4df75811468731cbca31878d1e08641be1317a36e0bacd07a885baee68a78bbe7b980967de4662af4fbc3dda307ec10d5c54a704db53c934883caa2e839ecf0dbc92ad09cb09324879200e68ab8a39f2c3742bf294a6c0f485b1e1f5da8d5459525da76782467bfa74a070f3cbad2961bcdbf1234fa2abfa94eae333f9ec62287832cd5fd71af91a96f4224f5bf7fae5048d5f9b112e756a833e75330487ed5c645cb0e334688abbea680e9d04ba96d73c004fba018c676c92a4dedf581848c2cd130de468b76f0b357d312246e0daa073ae9b477bab55da376a2b383c740b78041e564c954d9c61c4a8c85d3979cc12d8289276d75f902c5bbe4df0e0be90880b4d05f70f07c3027d9227b5d7cdb9780e0cf91a853ff9d8793b1b02323b4336e64f725cb5414edc4a3b849f875ff69de1d67f28cbd036c7804760a6039894b777561c0455a7eff99d9cc462ededae8e34ef61c48b24efcf15f607982ec7b7c30cf9875a10bf05f103e88a77cc3f328b10756966a324621bbe3df7aacaee486475680aceae36e4b12970b9025f7f7d155b8133bf108119414b83d49bb7a288725c886d6af3c03a1a8b8cf7e10797067f129f82186d760ca7f14776a0229e840b47fce4d8ddf65bb4dc9c245b83c1d2d7c10bddfb00f8ff5e1f8fdcc48d1fd2a4e5bf22dffa491de9423e8a6265bce515f5490614a61f672525847884df3a317e85d478a2204f33d43e72b000d0139324b7f7fa8ed181031beefe72289878fa91ee7c74318dae7e85176785f71df3a7388760bc8ba0f84bd2e2dfdea1c3ea60c2d88afa85e8ed86faabb8bb9fc50596b99bdd91d39d2baaeb0a0b360224465cfc759cf0a85bcce0ba009d8325a082e398f477206804ddb6ae76ced6f32f47fdbe2319dd37ad05d3b1d7fc1828198bfba4c92c7cd612776b6cfdd39f4ca12e8d29a8089afeb852d9927159ec7025f1a55be6787b0211c4b4cfcc7d82c26e5bf068dcca07045ee9708158724b325d5c0040d73910347b89f0e09fcfd02e37f5fa5b1a9e6bb5060a13964241cf38bc8804e722454a33fe7fb3a117b7719eea43194972b62c3a7d30cb419d24218d3f76117d7ec58e8a2e87bbc6890d42181918d66037c5ec5336309c48991020c91963296e4089c3ffece388a5ff32afb26b197bbb46edbd41c94d5a007bab3d082b9ffd38eb6af1d1d58909d2b8e9a99c4e658d91f6a1c490db503e287d31b11dcfddbe5b097ea775d855a569e51b9fc560e3b9c9e876d3e5a953b9f0e9fb5e5e5325d5df94a2429917d3cd53f938922bc0ae43630ae520d28df260f909b2368d2a5fbcc20919dd1613a811ef9878f21b47ddb4a2457dc28bb117b5c8a856e54f01a0d700de3620aa38c0f52ebf402d0620a5b075b8d1f7ce7b504b2a6158d23fadb50b55dc4e4d8c461f5b6f1a16dd86db44fa516f8fa04df4388a3f3e0fa87925f0b22be8f4ce89b089e8cc9903d4541bc371596a63ae6c808a4c8862bd58d5e9ebf0977c15b0fd4c258ebbc865e4bde8ec081f1d6359ce38facccae479a5057f403f70f45d02636120727f94f4300c425d0e830d640d2211195d485578ea79bfe18a4589e1209621ee6c2d26ff5a4986ba7facd77db0352456eabcc16b02bdb9081c413a94f284dde5269cc0b8ad2248b3e8ae5a8f282b769ede690ca4c867216757ef309cb8bdfe28ed7b044fc45ac3775c225ef9b228e30452228d1bae92ae2b76b91975d5d76967c62c878f5a1496ff5f0a2abb7dddb00c72dd2ad77836922c4a899225b81a45d6cd48fe0095735e2adea35e673d05df1fb1ccb9069703787090e0d9da91c212b8f856acb0d216c516598ee5fff92d63210b314ed44631a02c0458828aa819e6716adc5842db90cbe4370b25e7dab6f76fcbd0fd87aea135edc33a5467a7483dfcabd48256189f488899a23710878f942c720fa3c6717f8253ca8d489bee3bb9dcefd645978103928641c20b764466c6ce26f54d47b873bcb028c026ab7d9d28acfcd9ff612d7dc734b3633ee7e6bbc237f5a2480dc0c8c235ecd4195c610da480718752b64116ccbef95e91053d840e3c515aacb55d943881d255a1067f9a8e886e374e2cd10f7667f55f2ffd5b7f2b1368a027e5edad4a6cdee3ac6d4485a17d606c15ccf348e4e58f456ec2f8361ca6dfd70b248dcfd30aece7cd3b8d50adf10f4a45ab21dee13d12d66e9c6642d9c871a0bd920fd3b7ac2737c5169a21fe685fca816bea76d760a1bd3a8a49137a219bdc252a727955c73a1349736410d652ced5f7db1e79e6303f22ca04b5ab80c82bd9d42acf3e800aa47296f5aa48098cf90b13782a9d3303bd34e0f6f86eb5f6654283ae7d7aef932dcdd7bc63908c5579ff6b2205915fc4cf46337069b697e577d153a4669cbe06a5a7b0414b47ec34b79aa6781a1315c0b8ea38168e821701c8c6f04d3ff0f846f4834fb19b5f727a59785a070ee45ea82ea9d3514ba3e169453fa240da9a0792b92ff42272296451a03968c5182661331b3972d498cb248fe67d10de2414a04cc4cfe21780f66efa21d416cf8f51472f3d4be17f64606500138c55e44dcffa57f63c4c3473cfbaaff5093007b696d316a651e332e44a3e61458a91f9a27c9321fa43d2f2949efa477a89dcca9dc094247a988a86794320881f87ec8eee86fa7721090d5bc6c854792ec89ab6318454e9899a6290231d7914ce37df59a9cab9375c3fbf8910ded020d2bd856f4f395f26ae53a5a2736af04826778709c33b7f230f13bddac8a7a333c9fa276c33af1547a8dcc847c0ef745e345b6127e79c76e04e01862652485ef6e81e6e7140d2874a08fff98418621da96f96c0027acb948768454540fe7440de333490cfbea1cecb05e817daee34616a03e837399dda6c4e072495d3d24d5b9607492351f4f0d3999b55d51fab9f22c054ce996463b7d31984ee525109e2f8d34751b936e3b427efa72629a7a3aee313501cff1db4f103a1fa52cf37b895c79edd5b578532875222775906db38b135ca1e75be5a8a60db811c37c417e727343fd265330e5dcfc41d5d8fa563aea090d629dc5aaa89f9207c115ea10cc21185c8df4f93b9d0813b5af496ca089c9b006bfcf7d807d894f08939f7c719c359bdcf2e1e429583b97bbe55c9187376497fcf1dae24e69ab3b9c9ca4fd2729fca6c6d6947d38bb51a9024153ef87e85084eb4496bccdbfc3065a517e0bc5d14a4b79798dac8d5a3da9063cd9bc5bf078659b8bf86e9076c7ca87472c6296322ca7918f4aa60414cb3ab25384f4b1465e95f246cf7865342fd47c81cdb17607f1e098c38aed5a858b25ff1c3584f9df4fb4c3e02e9a283c0fb56d11fab489bc10800934cc8e2074416242eeb7d275802ed15ae0bfe398ba9d2c426f2596097c1a7ab67ae25353dbbc19018ccfda728785c2757cc284970de5817ba49a9b42933594095df59e411316d0fd6cdf4818556f082cb536139463663a325aec7896e9786d27af5c9b265d87cc96b11c47e405cf3e1dd471a9d311c7e309cc75324ef3bdac29e97a854567aff9d33643ce0058008df2aa538a17d567e51fc63d4b8095d65391161decb0c054b570408bd933fb814fcee0f1fd49c01130d9f778b668e66aaca13b2d6e31cb681b451414b0dfa429728ad6465c247edb393e926be659d6cb4d03732db78d735ca3740c8166f3fd29cb7792308a14073fd49c84718a93e0245c98f7293b961259fc65cc9277626d03262048b83f28fe1a0643b437150f9a55e731ce72f402e7c7d7c6f8cc7791c36f467f0364799a8f58edb14f71f5eb10b712f6eb9756f3d34f637cee0634167c8267c90a2de779902451f0a299d3c3a1b1e8f5016aaf66bcd98861a7ea5a2b21fdd50e0e0a4244cd6a3fde592e5dc65679123b4328a28faf0e09b8e2c6cc6c38fdca0fc7af252de5f9b6bbe820539a21715c1be7a48f271fe81d946832ddd54945dc1261939d6a3a105c490fbdfc7569975d42b0c51a558458cd153689ffeecd7d679e7b1d7cd8dd0605b8e9123bd9dc4bf0481f537e187628de7b9282f2cfaa5ab7919a2ffb765079b7f5f31847383d49a245043ebde452b145117541cc7a0c46c0e79165b9b25ddce143912f29a98f1494b66beebd54f338cc5ac8a9e95b6e2f472e0047d82931bb445994a9437e83a3070a09f0bffe25b4580ae7d36bd53ac57af22586bf930288bd7476a390f126fc8b9c95994e5bbbf3663fa7740e53f1720bc8b4e4026904e91bf7863ef4d6459bb350f1625d1d00e66cccad34a0e54b18ee8efec8bfaf743089ad537e0860a2cc06280565f03843b5f6239b3139a9092a9d1151fa38f38e591b7781e1c9c74eb76d8b6ffcbafaf107a60e6557a10145a8b432b35a982c1d6762998b69d7f3ab79a651190062e387d7da3bfbb71294d96a3e9a9caa6b53805b48a4b8de0388a5fdebcdae87e0bcca06eaf780cd4c43ba8d17833602887ef6828b3c892ca9b2e5b9e8fb150096851b7922f657420ecdd3019f6bfcc8133b302c775fc5ae03bf26bb33bb5cb8d44b86d53051dafa9c40a74e1b9a3a9405c73efa51dc7b71674cf9975e711c611cd2edffee8907ed06fdf44d1dd354d5c14c76c2371b76bc84a9a9d9a4da3ba9e7e931dbaf14c4fed0b7458c1bb6b46bfcec76ee98bc3da220b19c5d0fda2655bb93fed8ac78b4879485e20a961155ecdf815d95a698bc6ef4db5af21f9f7b0061f5cc16bbc262db0deac523c67c95b241886531e5003cc31ef77b57e3f75a55e9483a2620446058d50ff175896d003e2e48dd3e92c35c4f5234053685253f2bd28b3c9defb0d795b34dcd81104c614bf11acc2750fab57d43b5da18cfc84951580cd7c498c1c6891a77304d57641891d9748b20310b08931cea19c34abebf7ae089640ea809e2b87dad19dd4dcdeb572e25c53eca23692133da8a4a9420d9f8795778830bc61d48ec7392ba7ff0d6d5137aaece427fb830979511880388c21129b585431cffc45f17f2d9f108a42113d218a4763443bd077c535b4d9624a7746922a1cef87f90a9775b7716503560e5e8be1bbb4d231b4479ba826ea62caba4489a74c3d44d0dcbc2e64d66bad4837d6a65dee80e410156b153867873b7def3d0416fd1fd9235dda869106ae6e2bf1a045e78c4d473c269b878dcf79e8ed3f17772fed3622df495f85b5ea348d620771e60e457157092a05d01043b0d7f491b45e3227335b551567f885d8e4a8322e27e7574395d242a9d7cc6f1d69e70647b75604b655b2dc31a28f655585ee6692ace60e5acb360e8e54022aa05abfb55cb13f92caf364bf1b564ed67a2cdca2261776fda03c094f3c7fbd22c7bb595f06d5a2ef3d1c49ac1c7fe6a97b0f4ff50d54d5ae2fda2e2aec81f3eae0dad645cf65f59eed5c70e3e5a4824a176e8d0b9ac3ba81cf2ab74f1f7f571f3d6886c967cb7d5bd0945551121416d079f41fa016cf0be5dacdf4b0a92756bc0f240f57e6b679b418dfcd33fd10ef7dfa12f2822dbe04630078d3b35568f45c71f440c377bad0337253c88fb56ef9b827309f37ab272d407a46c1f9ce970524d7e42c4d7826ceb77a01a774b9f8a2225cab7a3318aa4ab1407747279704efadf4186a5d80c2ab89c947ebe7c00ad6d3c7a449eae93c3529fde28b77c164f2e2cda7e9d123bb50afed45d8af69b320ea4ba520c4746e6df207ca9ebc8346b3e05376a161c7a6e4e3373c5861d0e3e2b1f83dfce27c9e2e64f25dccc2eddb2182de16fb37a315fb1688a07849a2c75391cfbda98bb8b1c2497b9f931307134d26e3696c1c93203b42b27b9c9bcde6b882b73c65e42aaf766a30089fe85a8b652f60b27040c2b22760179aba4ab22844f5dc996620951840c1175d0b9dabc24694575c6d69d8cfe821529871ee4adb1065c1855a4f22039c9bf844957cc74117109299fb497c24de798dbf27aeb5ed0beb90853c64241e84ad386e11ccefdf3119b9882969701cc137c129aaa5021da5e64c62346bfdd6aa27c7007412735798a65da08178f2505c126010c1c4d7471add175b19e15319c9a621445ef2a539d374ab23a9c288d2a08535632fb4147bcc8cd50ba8cf89af0e2889197f0249ad43002bdf444499c2a2e4bab52a0e756d307708cc8d8dd4992445d1ceaef6adb4f203fc8f72f64cf8448d4cd04eae7945f9c743c00b92240a2deb8ebbcad91b7b09703e108b7cc9dd9ea37689a4ac584134e03ea0b77d959850473a45b5a6cca61335c0a2df35968aa72e1d9840e1422e0c6df2d468082d8341a75c19d7815da1fa5dde484eb21aaf5f7d205d95a780ee219104b24a0218881aa937726fc0c61ca90b0f9fed131a9dd29d8d05921eddcf4d2b2cac1a4727748fd1a0a4dcf00df67a27ea8d35bc26de1a2c8b9f9029816d1fcfd6fce83ca02fa0d669321a805bec7bf2b14398820821c143a7c8c918fb575c20101556c27cc383e10c7c8ab6c8f419b0a54f5939823538c76064f14f1d10811aa465ca2d70defc90c7362ceb6368400e2ee29da1493549019baa6e08a9ceaf3db91d53f764aaea4c47eb8cc1e52d365d4de521d34908fd6517d71dabbd0e3d01be2af2f80ae8328101435c828789c4130729d86a8390aee8e7b29f686e2037e2f37a3e97f758c422bda0ab48048f44ffc76ee0fb2868d60422f8a5a5680624b18a343c696181199f75b035f032f61d825374f30cb43ff83233f1cd11e91b02759475c0723b5b6ee9fa88a34de12453a4879a15e3170f95e26a128327db2e5c3bad34cc57bfc36a1261110c577a987db259c23664617e992e9580e0c06d57d80c87eda7bca09ccf09a1c985b8e82c6115b8398ed6ef4dfb550aa7118cd46eda5622e9bb57103c5d0fd7e47774a6b5c6eebb25eecc8ddcf16cb188fb04328e45675938d3f0cb12eb6a55ea9d03427d334a6152efdcca05302fbf679f913da1ba1b58e6a4bb724731768e96e95749000e58d0f26f8ccabdcced362b51c1ffc7f0ccdf84b7bcf3a7d670a786a93d2d5024346266607b803be610f2fc4f149dfe5688bfd3011505565454bfedc1c120718662c205a0f646f03490192a6c9e3167d64c330af2989504773287f99889c80c50c32873bb570ce2897c824b79e56bed925678ef92437668b6f1fc41a3e0c9c57c3a73ebf6e7071f309a6006b89d459c39826493c45efc7c27d0a10541b6ed0662d7ac6500c25a732a5c0f33e8637835478dc1c280b64b6f1fabf9e7a72f834e86c4e35895d2353a68e89f680e08e1c6759ddb93528eec2ea35a9edc0956e0ae80f6aaf1baec128c5683331f03886aaead536fc8255c905df63c9c4a2e589547625f5ab22036e0ab1e91eb7fe60677da1aa2ceab2fe06bb75e94236316c53a4fc62fbf7d35f0f23cb9622b059f430bcc9ddd41b65dd5267a882dfc8fbe2431c45b947de1b64a2e02bb7c3bdd897ecf5d73449db50dbbee797135d365bcf418057add761b65862943ed6ee5175206aa0fef443d570bb2bfd105372d2d938e74b0ed69c569eacabc4c6cd9ea91e71bf6fe87066ea055586810beb65aa606eb83531e8cf767a0889ee4be5bc26e273ac1ef8c075d6ce73c1db96d24e4a271c997dbe9cf27d7a597b5e14179ce8d0f824ddf7a23f9bfa055a5af4cc9f9abcf78916f78df601207b3fd854d48db7fac76beb8bb18e452be6b78e195f85cc8c7fba4cbb4558cfe9f049a9ba300e3bdc6f2c77fad8539161930734daaf67652f49cbc4eb8c5d8ad67adbd5d24001d2e7759537fa72f58836df113dd971f5cb818e1c04f16ff30318327ea569a37959c20fbd5fbdfa48b22ad28816f793a132534d27ecdb654370d41c879bb66b7613537acbc18d24a622dd8593e0fc494f58e548f56de3441aaadc28bee95e208337c32218ccb499d4cd68ef01100911cb7ac63178d7d61491c1fa6ac489ca0c7d0b7344853699f5197ea00458d161736556ae7ef3722b2a47b18c3e41e9735ef605e87eda73a3252beba2b2bf06cd33dbb726dc947ca19fe1fe096a764d639bcd0b2390504dae1dd732460f4302555ee4e1d26898d1190577de51508de933d953c353c4020fc5976181da4ea73aa47ace88add4a314e3480dddef85e6adc264a6e845bd65321dc84693b2c53cc60a7b2ec267557f7e4764211136f707d6a50da3e504073806d9276c7658e2385d0933671b3f4b643384b3a66ab699dd3aff154b9f92bbcac897074ff56fdbd8fc84f9a2a780a71ec823881b7982eca95e761ef9a84d1605bf4bb86080882e90676c3de87f1a073f5d86fb78ef310bcf2dc7cdcfa411b227500b1ff0e19db9525c9c2843d8dab5c4dce47056cfd7039897a750c5db76191ff1666f00b86cb73b523de530cf3ed0cae94a407cc9974d7686d36cddfa28e64c7dec078ae7538fec8139c8452d79dcc682367d94513bd0fe8ee81285c6557f8690928fdb4552132c23bb81247bdfed42c1acb715dcdb55acbb5241639e80d1b29bb623e308e249dfdb7a61fe62e0cfd35cc013ca670ff29d919a98332889d3410a2fd6aa4cf7ed8521362ad93064bf54f44c32f75566a28cf28e176e448b6bc25e0cd84507febdcdb8e9677b7be95d7fb655f49125704ab0aa3c86cb891c15df193b19105158932983d06ce97b376a1af62f3ebb79b306d4f90be696aa8ed767fd57ceada2c2ba21c7c168ff22f1399f02b54f90c5fe245508c7123c9753a67751008a9334556ae394e0f6a8ab236c860236811adce12ba09972c01cf4f2569c7e821e0de5b9995d80979fe6a32ba0bd22917dc984511818b78eb6d3b971fe1360784ffc345593a15f024d69334548f1b2bbda41688494fc9f82b1870dfaba60e6e6d7a3b78e9b5c7aef2df88a7b154e533a9822ec7359974276486d22f3311d817a9746117652f4f3f07e7a069022a45b10a6b4fb9d85d7b9fb89ee2df467ce1a8cadb4d1a30ddc316d5ca01c192e7fa6a719b5348ce56b901d8f50c1384e909d7e9c8744eaad11bb266b4933df9c94267e5d2a46496069cf907351ee837071f41e9bb5145ceb64dd2d7301d5f6f20aecb1fe39633c9ff421dd0d0891ddbc0236090445ffa0d720d9016ababc3e716f9bd91c041520fec85ab2da9ff6c1282bd1bb9602a20b71920cd75a3f36fc31b32379fb0d3ff088c6254d6644f85652f0c942815f663ea374b5dfd28fae6f36dbf7d0cf1fd338ed2b48b0c728e04d643a5821bb92ad1fbfe63a84b381c5ddc4a3aa2763a13a0404212fe6cd282070c7923a5bc47f757c5fdbd00abc75e6ffb9b453ff0ee882e174e1dc067545cf8617b236ebecec070ec9a8923a1f04cd1a37287ad1a18a8f2650c92e72d0fb21eeccc936c98b22987e6bc0e6f21bf230910caa50b049049637883eac535a93d30621a7c3fd28aa2134ce819ffa6aa3b6add864bd2615f01bb6e8def2f59bb78d41b95116c4f60637210a58de885988f1ee5c72582a9b2ab54a50825d60cdf3d7d21e8aaab4e96e5ca8498199c69c55d660db1f5a10760fb5a9df6b9df26d05ce0e642f0bf2279ed0f91250878e4c893531f555a618d2465e8a93ac3cc81c69e255e687dc826403753d1b820b3f58724c4cd46670d93c9874d9c05958faa1a7731b7a4226c935485ad36285b8cfcc7153c12de924b82449d08e95176a87de75e7e512192ca3fc433d1582d4e32a6fa98a1878c96e102c54709b0b692b44c12dfe877a1e0f527559182a83cab95c6b5a76373c2004ceeb7895f215ae372e5f3ee561ae8e25e7f75a7ae92c7b2e2bcd6023f5ab7cb76ab22347a70b877c29e897981e7cf2f06adbe69329921a4c4e96b8d1bbc05ff9307a2b921c8d9a756ed81ac03f7ef9f1f5b2e015625b0ca8c8a901d27466450807df30b7bd1218120c188ad946d2d03df5c58a6ba10dbd9810f443fbc11850e00a2b8bda70ee332d9596de66f2342c5eaa5dd1e735aa6daea683d8a854c48161f886792374067535e6de4f337478a52107dbdea3e56ccc30b33ad8a4a5cf9dbc21d77439e39a87d21f13c4c7a6b1f62ba6178a8874024af63c168de41dc10aeafbc3d07b2b40cb84aa524ff6ee52d0eb2aa3da73308245eedec6870ac32a254573f3af5d1d4bb2b186848bca3eca767cc94d61f4f5cde5b8f3a4463e9f16028e33cf793befcb0982a4709ce63ba8e268a457b932114f9ec29c2eb5b1d047f7c392f56a0de3f2c18c1c4ab7a69e85f729845213a9fedd738d916009abcdeaceaa3af949179ea1075f035b7d07f31b2a4231b20164863fb2137cafcf38b1ab8ff753e6e1405480ffb334c88184b4132f14d71063ace4c8cdbc871d88cdc3658c56fad5121b38b707ce7b9a5aabc6df6f364b66e3226df69f3cd13cb4b00f94d3b698169188835109bf9eb808e608d4db90e4bfa76e4b3322151fa849f6bdfb570efeed75141b203f1313a6f8e2cba59d8d4eff390e97ad4c0add1d9f9cca55c3aa28c217b43389da408f8539a3850550ef7bbc4d83c0a204827df8d84df827ee2ea0131eef890c376c97698b2c50b942a68a770d8fbec3ae33f14dfab45f0416f394f8c8553d7a7ae384c92d3c2cee574938eb0d9490aeab1ef777c0efe2bf8ac515fde805beac15a1ecd0466b5a5b0fb6a2947333431ad0332c637f72b370d394f454faa86f0dbcdcfb1348eeb4a39cfad23a7a0ad36ecc4e49ec9a3d45130c608f02a37f397f3e3b95a1dec84bbc568109daeb75774460cf787c6ccf110be877157b1ea1358608ac545c15fb82e0d1c97b2282329540ea1ab4e1b4caff58b5e5bb6f9a175d7f61b7acfe0f3b2ae95a026ccfd4abbf89cee696eb4f4ca74d079614c822ad140ce332e82d5014147076ca850666fd2000b98e7a672adf7223c272c6eff5311e4875249542bf7ffeef5394462b9b92f2d4037483244ea9ed5ba33e6a5af339d0894859864143e9072ff041966f6cf8d7826859a90bd4f0675234ca3ce8492be0435f32a38342feb9583b531376f1ded3a4650945330ee5815ce943861cd063fe4c9c74a3c94aba1b95d877ebae860bf70ed0580ab0c51835ab672eef3c485efc95fbe998019238c33c3d91b3a2aba15dad0cd09b9e4dabb21a67917a52f289167fa3632bf58460ea3b4e192916e0a4e0e799845c2395c7a612d725af5c63d7b295f31ee3366668dd2f6d8cf51e1c7fe02a3be8d434cbd2a1b74055d87feb0c63c6574a80f197162c168352fdf7ea90a3b449b46f9ddd60a8e7260fe1178fea4f2ac05747834e33b4", 0x2000, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
close(r3)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'veth0_to_bridge\x00', <r6=>0x0})
setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000000)={r6, 0x1, 0x6, @multicast}, 0x10)
setsockopt$packet_add_memb(r2, 0x107, 0x2, &(0x7f00000003c0)={r6, 0x1, 0x4, @remote}, 0x10)
sendmsg$ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000580)={0x0}, 0x1, 0x0, 0x0, 0x1}, 0x804)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030001000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20004000}, 0x4044044)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x64}, 0x1, 0x0, 0x0, 0x94}, 0x24000000)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a70000000090a010400000000000000000a0000040900020073797a310000000008000a40fffffffc0900010073797a3100000000080005400000000b2c00128014000180090001006c6173740000000004000280140001800c000100636f756e746572"], 0x98}, 0x1, 0x0, 0x0, 0x4044050}, 0x40)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r7, 0x0)

5m42.112787477s ago: executing program 4 (id=2684):
r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000000000040700c0af00000000000010902240001000040b109040000010300010009210101b30122050009058103"], 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000016000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x0, &(0x7f0000000180)=[@cr4={0x1, 0x40002}], 0x1)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f000057a000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000000)={0x3, &(0x7f00000000c0)={0x20, 0x12, 0x4, {0x4, 0x21, "f408"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)

5m39.526861334s ago: executing program 4 (id=2692):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f00000000c0)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x7, 0xfff, 0xfffffe0000000001, 0x2000fa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
openat$vcsa(0xffffffffffffff9c, 0x0, 0x842, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x161642, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000440)='net/if_inet6\x00')
pread64(r2, 0x0, 0x0, 0x3c)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
timer_create(0x0, 0x0, 0x0)
r3 = fsopen(&(0x7f00000000c0)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000700)='source', &(0x7f0000000480)='c:::/\x83\xc1\xcfD\xc4AO\x06)\xb0f\xfcI\x95w\x96\x9b\xe9\xa6\x1a\x96\xael\x11\xa6\x06\xe3G\xb1\x1d$\xc2;\x8f\xf3\x13\xebB\x93\x94\x01\x8b\x88\xeb\xa3\x01\rx\x86bK&\x13a~\x04/\x18\x14ZM\xcb\xad\x92>\xe5\x01V\xdc\x05#\x13\xe9F\xa0\x1b\xf8\xe12\xe9\x80\x988\xd8?\x86\xe9i\x7f\xa8\xe0c\x94\xc1\xa8\xbf\xff\xfe\xfe!\x7f2\xf1\xc7P\x80A\x1c2k\xf6}P\x19\xee:i|0\x1c\x13u\xb0I\xaa\xe3\x14\x9a\x1f\x9f(\xd1$\x06\xa8&t&A0\xa7\xef\x9cL\x8e1K\x00\x00\x00\x00\x00\x00\xa3\xb8ZD\xcb\x18\xc8-\b\x1a\xd9\x98\x8a\xc2CV\xa2\xd4\x91r\xcd.z\xe4\x94\x15\'B\x8c\b\x12d\xc2\xa3k\x90\x81j:{\xb9\v\x1f\xbcq?\xf2Fq=\x15\xb94~\x86\xafB\x9f^{\xff:\xeagJ\xf0\x9cF\xffn\x7f%\x9a%f\xc4\xccu\xf8\xa0Z\xaa\xd3\x02f\x06\xd8h$[x\xf7\xb6\xf8\xb0=/\x8d;\xa7\x90\x80xGi\xbd\x98\xc5\x05\x8f\b7\xfc\x8e\x00\x83\x11`\xcf\xa6x\xb4\xe5e\xd6\x1a\xcb&*P\xc0\x93\x1b\x12)yDgq\xd5\xb7i\xf8\xf4\xb3\xbe\xc7\x93\xdd\xdfC\xf0x\xdc\xea\xe0U\x9ac\xbb\x1a\x06CV\x87T\xef\xc3\xd9\x84,\x1d\x13`4_\xad\vQ\x0f\xe1\x9d\x17\xdcv\xca,\x91\xfd\xee,NIm\x14\x817o\xec\xeaS\xf6\'\xb4\xd0\xfc\xdeE\xbc[[\"S\xff\xb4\xa4\x9d2\x05\x01\xe5m\x12Jm\xd10%Id\xcb\f\x03fp\x9b\xd3\x1f\xd4\xa3\x1eE8;&^\x87\xa2_\x00e\xda\xee\xb2\xfeIB\xc5Q\xcb\xc5\xab\xe6\x0e\xa1\x17\x8f\xbab\x1b\xd3F\xb1{\xda\x1b\xf0\xcf\xe7\xe5\xb2zb|\x9b\xb1\xf2u\xa9\x8c\xcd\xcb\xd7\xb8\xe26\xf9}\xe2\xa8\xc37R\x9a\xba%\x13Y\x05F?\xb6L_\xe9V\xec\xc8\xc7\xc6\x82\x88[r\xd7\xacc\x15\xcd\x97\x1e\x0f\xda3\x0f\x9cw\x16\xb6\xba\xcd\xbb\x81\v\xd1\x1c2A\xec\r5\xb8%\x87R:\xe7u\xdf\x12x\x9cY\xd7n#\xc8\xab\x89\\_t\xa2\np', 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='net/igmp\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='rxrpc_recvmsg\x00', 0xffffffffffffffff, 0x0, 0x1}, 0x18)
r5 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r5, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @loopback}}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000100)="a6", 0xfffffcf4}, {0x0}], 0x2, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x106)
recvmsg$kcm(r5, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x100)

5m37.795375952s ago: executing program 4 (id=2696):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
gettid()
r2 = socket$inet(0x2, 0x2, 0x0)
shutdown(r2, 0x0)
recvmmsg(r2, &(0x7f00000066c0), 0xa0d, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0xfffffffffffffffe, 0x0, 0x3, 0x0)
sendmsg(r4, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r5, 0x84, 0x71, 0x0, 0x0)
fchmod(0xffffffffffffffff, 0x32)
r6 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
ioctl$BLKTRACESETUP(r6, 0xc0481273, &(0x7f0000000b40)={'\x00', 0x0, 0x10000530, 0x4, 0x5, 0x59c})
ioctl$SG_BLKTRACETEARDOWN(r6, 0x1276, 0x20000000)
ioctl$FS_IOC_MEASURE_VERITY(r5, 0xc0046686, &(0x7f0000000380)={0x0, 0xd5, "7b0005143dc5397033fbb9bd9139a2c4522d593f365d0edd03cdd3dda7d9d868af45b6244ede7c290783b7e3efb33481a13da0565eb673c39038342203dc5d7bbdc28a2232a91200342257b764f6d35dd652c684b5acc9cabdcde33eb3b03f8b185a0f9a78641e3b797d89daa9b1006543440474cf31eda07fda13dafad0bacd7a686a95ea446bcad673043134afaf38bba4e401e4fa1a5053b9826bed3a141adb04c6882463079aba7a69ae62820f31c5430142e82bbc7204d5d63cf006af35834c132574b30653b8440ea4f26cbeb220e7101535"})
add_key(&(0x7f0000000100)='rxrpc\x00', 0x0, &(0x7f0000000140)="00000000976670dfe4cee7cb43a4273af7a34880ae099c1ef21dec214cb87413", 0x20, 0xffffffffffffffff)
r7 = openat$kvm(0xffffffffffffff9c, 0x0, 0x400000, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f00000000c0))
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)

5m22.215932832s ago: executing program 32 (id=2696):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
gettid()
r2 = socket$inet(0x2, 0x2, 0x0)
shutdown(r2, 0x0)
recvmmsg(r2, &(0x7f00000066c0), 0xa0d, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0xfffffffffffffffe, 0x0, 0x3, 0x0)
sendmsg(r4, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r5, 0x84, 0x71, 0x0, 0x0)
fchmod(0xffffffffffffffff, 0x32)
r6 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
ioctl$BLKTRACESETUP(r6, 0xc0481273, &(0x7f0000000b40)={'\x00', 0x0, 0x10000530, 0x4, 0x5, 0x59c})
ioctl$SG_BLKTRACETEARDOWN(r6, 0x1276, 0x20000000)
ioctl$FS_IOC_MEASURE_VERITY(r5, 0xc0046686, &(0x7f0000000380)={0x0, 0xd5, "7b0005143dc5397033fbb9bd9139a2c4522d593f365d0edd03cdd3dda7d9d868af45b6244ede7c290783b7e3efb33481a13da0565eb673c39038342203dc5d7bbdc28a2232a91200342257b764f6d35dd652c684b5acc9cabdcde33eb3b03f8b185a0f9a78641e3b797d89daa9b1006543440474cf31eda07fda13dafad0bacd7a686a95ea446bcad673043134afaf38bba4e401e4fa1a5053b9826bed3a141adb04c6882463079aba7a69ae62820f31c5430142e82bbc7204d5d63cf006af35834c132574b30653b8440ea4f26cbeb220e7101535"})
add_key(&(0x7f0000000100)='rxrpc\x00', 0x0, &(0x7f0000000140)="00000000976670dfe4cee7cb43a4273af7a34880ae099c1ef21dec214cb87413", 0x20, 0xffffffffffffffff)
r7 = openat$kvm(0xffffffffffffff9c, 0x0, 0x400000, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f00000000c0))
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)

2m6.875857561s ago: executing program 0 (id=3255):
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'team0\x00'}}, 0x1e)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000180)={@remote, 0x8000000, 0x1, 0xff, 0x1, 0x66}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000180)={@loopback={0xfec0ffff00000000}, 0x8000000, 0x0, 0xff, 0x3, 0x0, 0xc}, 0x20)
signalfd(r2, 0x0, 0x0)
connect$pppl2tp(r2, &(0x7f0000000080)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x1, 0x0, 0x0, 0x0, {0xa, 0x0, 0x6, @private0}}}, 0x3a)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
r5 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000500)=ANY=[@ANYBLOB="12010000000018105704da0700000000000109022400010000ba0009040000090300000009210000000122220009058103096353d61e3e6d2f272d72287c21a8515b9ec0e9d7c7f02f65f18d9ad3f74573c6faa288f5ad1e9a4f831db4838c8b406b638f4d144285b078dcf25ef6348f89d47b6fb22bcb27bc0457ba6c487b008fb17c7a061a052a2f786878d7bcb55586d0997560db343a585a83087943e18636a9934d8e26f8567d290dfed3ea86d83dc82feef3371e4c7ac7eedd7e3222136a8e1f36926ebf013da1caaae27db3379eb0e03dedc1f1b1d01ee731be7a54182f5c8b2631b803851cbc95c17285cbeb04b1083a4cfe9f232f504cd192ec7dfd953d309ddd8743314bd37b721e62bd", @ANYRESDEC, @ANYRESHEX], 0x0)
syz_usb_control_io$hid(r5, 0x0, 0x0)
syz_usb_control_io$hid(r5, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="00222200000049e9b31ce93ee9070c000000290495b9585dde83000000000b09007a15b3"], 0x0}, 0x0)
syz_open_dev$hidraw(&(0x7f0000002300), 0x0, 0x14e040)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000280)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r6 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r6, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r7 = syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0xd806, 0x1000, 0xffdffffe, 0x40001}, &(0x7f00000001c0)=<r8=>0x0, &(0x7f0000000080)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f0000000200)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r7, 0x47ba, 0x3e80, 0x0, 0x0, 0x0)
connect$pppl2tp(r4, &(0x7f0000000140)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @remote}, 0x1, 0x1}}, 0x2e)
r10 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$PPPIOCATTCHAN(r10, 0x40047438, &(0x7f0000000040)=0x4)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$PPPIOCBRIDGECHAN(r10, 0x40047435, &(0x7f0000000000)=0x2)

2m1.578685302s ago: executing program 0 (id=3264):
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
getpgid(0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000000)='devtmpfs\x00', 0x800, 0x0)
mount$overlay(0x0, &(0x7f0000001340)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r1 = openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f0000000080), 0x18)
getdents64(r1, &(0x7f0000000400)=""/159, 0x9f)

1m57.970566963s ago: executing program 3 (id=3273):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000fdc01a40f30c74933bbc0000000109021b0001000000000904000001a7a00f00090582020002"], 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
socket$netlink(0x10, 0x3, 0x10)
r2 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000400)='\xf0\x891\xb8R\xe6\x8d\x12\xe5\xe3+\xcd24\x01\x80\x1a\xc9A\x93\xb1@\xbf\x89K\xbf\xd2\xc4UFW\xcb\xd0\x86\xd9\x86\x18\xc4:\xc3\xe0\xac\xed~\x97\a\xbe\xfb1d\xbe\xa1\xc1N\xd2p\xf0\xc6\xf3\x8eD\x1b\xc7q\x99?9\xf1\xe6\f\xa9\x90\xec:\x037\xe8\x0f\rX6\xf2\x88\x8d\r\xd2\xfc+\x19\x9a}\x9c\xd9\x1a\xef\xf1\x16d>ah\xa2\xa7\x02U\x06\xe1\xe1PY\x90\x17\xf0p\x01*!I\xd3$\xd00C\x88*NA\xc3\x95`\xb2\xf1\xb1\xed\x91\xe4\x87\xcf_9\x1eIpAfN\x99\xa9\v)\x98p\xea[\xc5&D\xe7\xf3\xba/\xcd\xdb\x9dz\xb2\xbf\xc6\xea?\x13(\x15\xc1\tm\xe7t,[\x14|bM\xfa\xeb\x91\xb0\xdfAR\xf3\xe2\xdf', &(0x7f0000000080)='{\xe0e%m\"\x92\xb5\xcb\x00\x01\x0e!5\xd8\xf2\x92\x97\x86\xf9\xa8\xe7;\xdff3\x83\xb1a\xf2j\x90\x10@\x1chOK\x98\xae\xd6>\xbaN\x1d_N\xcbdIP2$\xbc\xc9\x89\xb5\n\x90-i%\xe2\x94\fH\xf1\xed\r\b\x1c\x81>\t\xc30-\xe2\xb3\xb0<m\x8ePDhx\x04\xd8\x17\xbcP\x8bl\xd5\x00\x00\x00\x00\x00\x00\xa3E\x9a_\x9b\x98#\xb2\x03\x18!V\x1b\xcbk\xf8\xd6JE4,\xdf\x96\x80j#\xf9\xd8\x13,\x89\x10\x90:l/\xb9T\x9a', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
r3 = gettid()
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c1)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f00000002c0)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r4, &(0x7f00000021c0)={0x2020, 0x0, <r5=>0x0, 0x0, <r6=>0x0}, 0x2020)
write$FUSE_INIT(r4, &(0x7f0000000080)={0x50, 0x0, r5, {0x7, 0x29, 0x100009, 0xffffffffc2c4adcc, 0x0, 0x4, 0x0, 0x2000004, 0x0, 0x0, 0x4}}, 0x50)
r7 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x18)
syz_fuse_handle_req(r4, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006380)={0x20, 0x0, 0x0, {0x0, 0x1c}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r4, &(0x7f00000063c0)="99529ca7d265e2dba44891e35e7d5dab7921b730436ecd4e999a25bcf86a25f8f029c0dd50373e90b7cf7779b12ecd4423c5b13cfac186975cd723976f3c747612913029d42517c189364bc59d8ebad53ed1b86f8f66c99b1f9b5b40d78cef1f14f81815d53bdca7fef40607358db69eb8c0b1f6b0942ab4b1ee7ca8deb4eddef06381a3d1c52d6147fc5109c7c607591497a6b2477f60cc881d3219c96bffb34aadec3fa97250713cce17cd536721bf9c40a019531ed0bbad139e26a3d4d39b68ab1bf37cb1a4bd197a8789cb1940cd86d9e56713bc36c7cffd07a311f5bc2e91f16d152eb480645e85ec9b3bf09c7fa140dced0afd55d7b99e90a96e7748e2d0dc09672ac199ce529e631efe1783769819c182ca106f6184bcbb387ed246c43562d74c36ac3a7ec2f0e11f70bad0007c03bb9c0d2dacc2148cce4a4aea327c7319016ad146b52bfae0357f9e892e9bec61a13c93551cfa3d4f4bfa7585c93bb0bef01a9114f3dc54179cf9a57fe88f5cff3403e33c9d09e3e9c2e10f1f16894e1b59e3cad47c1f202cf7b756f2851fc96d09459c9a8d34c19e6a3525cd5001aac5181f57286d0e1e88ce5092c7c76b6abdaebf2c499aa47587b48eb12a2b72548c190b0324ebedb81a63333b6edb25550f859c5ccc404a944ff7f61af8800888192fbd4c8e0e417d1d181b4b335a6f52e0a7dae18397e81e3f747cab7be902ed903bdd6a622f178f9b4244718ee1206237257374d2fd1466ab6135ef7ef4a114ae170eafe9cd78cf9ffc36974cbc4b8003072bed78765a0b9f1240f24dec6a9e46db9bb498d40f727c0cbf8f4a6a49539bd0805caf65d80130d7fb60a69dc7ed890874a17530c042cf33a977d331435d68ef33885f638c777ad49564ca77d8b81ddd853a21cd55d95b627310dd633a4f005853a5506cd8f744c367f3cb6998b0fa97de6bb35b166b0c6408c4e0a38ed26235a88520c38ca97ac8a6dc81e6dc6483d383fa09f198997b8eea1c68c9e3320683c9a02dd89ddc34c241e7294ccc88d6b35762892e8746e558bfbc2251949f2ecb763dad5b975eaf36e2864be6a41d3e20514d32f5d4b6350dc7e3cc3a85428ea98efb3b1edc2a2ec1e618452949cc7e2ba1251990168fee342d4f304b7a7af9162bcbe6b09c75d7420d2c547b4e3cee1836df6eddd5dff73a4e308fcd8eaa7a33e6980a6f8ead03257a37d72d3b265d02fa42f57db877654ed513e31c35e1af0bd28511d6b57cfe07b27cbe9767a534b426dfc3dd257d5899444f34cbf4dc74b9eab2e7e3e1e1a8a6ac5e4359d653506b299a5b7c67b92dc462f1216655f952362a3387ad9966b606d98e8d1b544dc27dc6bc78fd18a446736e25c51143db9886b6c09812d5825b5d9e0932f218ff8bea4d9e1c4df9c9d4eb19336d48163a921c4ff1f0beef26b01b7e8c0d23fb59b84e229eaabb791f2cffc9aa4db75162cbfe4c9ae8d76a5b6bc4bff20e3f8f125b9aadb3e728d7f78d61fd55f46b7f59511b876e6563256686e44f25cf38d393a9b762bada272eba8df28e4086c4cd2fe3c9fab97756fb145373e6ca1991bb1ee6589e49c821ff29f047970819f88f724bd077cd3f0ae463d99b3e53078431e3f9bebabc5289a65479359efe3909186aac60a29f561de8c590988c913c9e693ab8106e8287f6565eee6735f7c88cad7124d1c8d9ff347e97912824088ee954de01c6d8a06447f06899607eadbfd078bc3df506252005749378dbd7399c9eca60b81dc0d88dedec31e5cf6e7b6d6d411958df8f9e0bf4443e8d3bdfe49d05f811d17088024d0629fc8ab8e05e309bf55e8e60d342623765f4e8d2dc4a90291cd4354ff9568c8170e6ea56e028bcf2719595253adb8c84050bb9ce4927a1c1f4560da87d109ceda90bbe45a1717763d8025f1ff40f157185ddf17079da272ae10c4f34162caf4b0d31221a57b3059fd449c87554d968a54b2eebd760dc3263c40d9eedf5905d5699d29706ea6e9e81ff2bf92489a06deffe7e978661f37a88450783e23f107c2bfce000dfc91c5fca49e46d9ea978f215a45984699f0d2503b30a741e13be56b7abe3e5663c0825c3cb04ead44ce97719c4ee6f4cdd3c452775ad7163d5c9034583cc2dbc2b0c04917a3e1aa3d0a8bb6fcf94d7922eb1d543c09185827aeb1b72ae7103ef2c014af2ff4b47fca40fb0e66ddf0264476d7a84e9b8dc551d4c407bdbac6757f7a25bd404b45bec1091696203cc438860131ad5f2fd80e3c45629864dd9f7d302b66fb8fb86735c9a6dcf8b135a273dd2ae9473bc905081be9fcb8f91b1ddba1ac692798dac0b9ccffe0319a779f5e10c65f294b22fe475283b023f9cd890e92c5447b1bc1528255c5af383bc1fb6e72cb9a67215a9e25cde63c89baa8c7125c7e8b748b728d07d9cb66778404f54e6a9e3ae1ae82f3d0ce77199f23f94a01b71b805b476fedbebeb52c83a1b857f23ba438c56a6c4c2a5909f721e6e3d240e4a16455e92220d13022ce7ec0b1365ba4e67aa6ecb324f8826579e12cebdfc0d8af63e83b5e5624d5b791f99093f9a27f7baea9fd10111209c0857a04f07408111063ef34026aee27a3d51b40e53883f9094402534bdd21cc49d7f5593e99cb204cd805bee4add0f82cf4b6dc5da14d6b79fbc68c9ccf7fb5fe774f8879e13079b024a8ad24bf123c420d630837a84ba05abf0ae4dc3fc04f25c7f74ff91d0d609c958642a48551e51b5c0074a56a7da10ce153b08cabea636f8489d8e7b655758a41d7f7474c9d76bf4d54d789bfceaffef139854065de6a94b0275a9626aab99ae838364b1a491e55017e4212b6b01f7a41bc9c215ecd17c49a8610db28c699259c58b81a0e84c45fd8e719c05c48501c49e8a6515044d247f58e4cd0bf22fd6ae31f45339d1f801196d426c52269b1aaffaf18e2a03760bb231cb7cefa6d72f1d7eb6a3bbd65d0914221b8fbf531dbd562eb4a1b28983ac7d83d4813b10b34c9525ba644f61a2c4800d4fe96a7bca63da1041ed73cc57fb9d42f9dfc8ca41d80292bbb311c89b0a0fcee1d88a025a7416863342aea00e6f049cb2ddebd17c5c617ff562a8af0c965cbe8341431a30ea239e4a62aa2b19757a3b0de04229a9907f8610c27b26591405845bf8b5b83706ed18d910c4f68777378366ff565617b19168a04560a32ce5ad64aaef9f4377118c4335b24826cdcde78fb4bdb11498553f56d8dfeb3a482c70cc6580c399b92339cbdb3464fcc7b00e9839fd0d2b8b6db90c56b33593a0048bf7983421f29b1285c81a239045b96a9b0cacd70d6d9853206471f06915efc8d3ec4c50fb13601abc73247a656066fd7b329159b3ce9e3302b4c0d6aec58cb0946a8ee8e7f55f1af604f1edb4d887fa6292dc0ce57705c1a25dc62650c127d11a364b397aefc2fcc3a164bdc53165a461b01de9180c1461b309c75af0911b4cc1b8aa05652b62119c87b4b235c573aa15b1516cddf61efd6a7f8c953fbaaee9c0e800e8f519e1494de850ddb976864088fe0cf90bbc54395078ea2501e8baa84d6807e184105bc2a140b663416496886422643bbf764d406af06e7d086678828defda0b648b25666b7b5ea29e927141740d5be0e61bf25d40b8404ffd3c67bb855b11d4faf82b7b8051615c101c3deb0601a0fa9ecd8b4a95082ccbc8222b0982802dd8430e653d6eea2786dc3a91397135faffdc65a5bae048f5c463b1a6648becce961d39d063d28d1ad6dafcea0b0878379adb16cc0d4cea572abeacd9a168a4fe2e338092b5bc93ecf02ac6ccda03e5b23adf511fdf7a79442093233b79c67d3fdd3c36c96a8f67aa79e4743d99cf963ae6161877f73656eb0314d889f4b8649bbce8a759f90eac6c006197b54b2bbac7c9b237f1e3dc099c62a65481960e6ad697fc66316ac084ba99c60f58bf44ff45f3b2006cbc4196a25f124dfaf247e863a855ef6070deb45219a922dcf2be9bd01c340e1ca5ed7c3ddac9f7a677c5d00610991d21e0751ac8044585b39f3fec5b672a11a9bce32196c2003d01ea50b0f0403e16df188ecbbb74f295f01398363ddfecdb63a49347c912c125670205d7b6be999688df85bb7d5ac12b62b4fdc4eadcc2a9a7897028404f697b007603a0ad588c772952d6670ee870771774ad157c0b9cccd4b2192d835606198ea0c65036ae4e406cdc539ff3aa81fa20b7ab58d6f3abdb69cc1f503d593f7025d2035e7f21db76336efc2843a0dc9bd2eb8794718134ee68fc57d4d2bcc18969d08177f442b87433b48540c661940cf9e2462c53efa310c7e47487deab2ae15b1978ef05aa1e14110943f649d82486f710a39854409e74edcaf06b4a92d3580b9cdabf83c6351657698d3d5af7514f382e75d1c912cded577258603fc9ed002e010747cddf7885d34afc9a84d82696c6660cb5ecafb68b564908fc49c4db6a187d037241a26b1141cf20f2e968a53366db0f60b79cd98cf3c897c50b7b9728e6e7100f99e4d5ed2428dbd285516ca6660777a39b4b2617c1be5b0232d60b9c8099f5daedbf190109439c40b46090985200d6c0501313f3fa4d244864575c275faca47aeff32c7b3e3c59392618562a7c2d4b3af85a37a8847f595352024cb63d3a9085c2a502c6a3248f43c5fc828e636cb634b2d393d853ae2dc9605985cf85c060860a90256c7b574c1e01c320687a2bb0b2d51cc2950c485f2ffa5db0ad7aaf753f543de7f86efb775c6bac2989a33757a28836fd27f9347229a0004bd2e546994c69c678fe5717f613f905d945c072004c3a80e0e54215e19ff9972521890d4e705e429f16fc35fe5a15f2e6b75cd719d38f76b087b62e4b5dcdb35f4baa2bab167150bafb6c69e260ca51004bc826d46b77c3f67eaa08497294868e6d91b7b867e4da62052f4f891677256cfbaf19cf32bad99a7da69d8a66537686f89a58d78c7eeaa99cd38009a1a32582bedc5c718e57b19cd405ae659a89909356a07fcef89384d160fa5ae6683cc379642aea4f0c915f72d679bd521399cb16112f2abdede3001400b4a64d2173e153a68631183679b56b8f389ba889784133453a7e892fd3b092f5040870a3cfd6f982990143e7c0882b4ff4c5d049192d36925a25ae4be441aa30dc7e74398b340c45b52c73ed3b0cd640e3cc9fd4be24e7355f386106f65895f1ee850b2a781d1d1d322ca5a3b0fdb78ce1eda048ece94af25437969c99c58c08f1446ca5541e03987a20fd75283e3e116dc4c9222ab7522e4ccf6da14aef49cac9a6a2cd4aba1c54d49e6da4179a66b84e384cd3da53908579b28c11d525ebdc4dc69074cef8a9ecd3aab98f2858769d656b46141c3a4e69a5ed6c0a732c9ec1fce080eaebf537fa5e17236a44ba9c931f555d193e475ffafd20c53ccbab607c1a15fd06742a64691205eb0d00f7f40e4dd8efb279cf09b2522aac0729a631aacb92d5cfa2ce6bb07385b981890b5916755d5cc3a51c8c36bd2987068cc24fcf73840895469bbb9aff1059601f771afedf0a48d5921103920515b27d7e607951982feba197df8c61600feb3622b9eea13a4db4068728cb98cca76cfae197f6258758490bf41673ee29acd91fd296ec863c646e0ca6a0f0e9de146c663ba13d962964d7c32804fd12a14c1ca7212ad48bdfab469c6570dca562220ecbe7b6b163ed4c9361c5c10bed5c92861b8786ada20a99245d282e4454187ec02adfe354e30647cb10661c85168f7958e3ce69ab48c9455214707a63c9b1167f0845a6bfcce2a96cd53eab430f13cd527f1666290719a47c517cfa22fec2e9916af8aa93c78e567993d7fb8ee60fc4b903b8c67a3658302c5e5f35250c30427e4c055b6c54705bc599861f80b7200d361965ff98c88cc698a2615cadeac4bdfd3d613377cea52d2bbcb7e6b78ac31d4b2c33eaf0b2ed40b963e3cb25c7dfea3ebfe7b4aff2aaaaf184dc80ab649a108e2c830ce7eaea58a263392aa9cd13d7f7bd607dc7c804b19dfa41b3e5a5155201a87311e22062c93896e70f3a5c4b03521300b61cc311ebd5beb9838d0ed207c6bfc99e4392508e95804b10b36024f32e1fe1138e9ee7773f797b2bc6be7416f4e9691ef4c2a8d06af6c8b84bd1e6fd1ba3d3183475ef6c139ccf8dcf37671fbb96a2ab5e0e042f7c4728cf30bcc1a0de28a5024276ceaa194b4926e7f6a97b78bac36e47f832d56a96cd266434d37bcf2c2f57877717d91b1854972f832354acc207a2ee8caace7504e0e6197dd7e64a01c4c67bb2de8acc0cccc6c6bff0b0cbfe345542c5a795dfa48cc0990ab5702574d36494bc44c20f5b324f7c984d986cc8cb40cb2550076d96a069b6688d22171beed2dc5b6ff3ede8fff4c4a9de6d3817357a7ca7d24d87300b4545ebbac8cf7f09ec637a4f4d6bd07673709b6c363a75ccef585610c5f15de7851b5ab53e02a757bfc3caeb9a9a8996beffdc0cfd1201b6cd99cb035584e51a6c15a5d2e17d2f8aa6b41e26809392fac6caed1e02a53dcea8a413203608780dab33315a76eba24d540e4c5b9790420834bc8d4e47bc65ae52a54c0ff308427a8d7aff746aa6589d17514e40fee5d0b3533cf4ad2c5f9d96db9f50bd69ed8c92b860e199a35cf268c66ed13516a3b4b024f62d4b2a656067eece95575bdb4907efc488a9821bc3a9c81dd11b2128b7a01aa7a9ce6e73de3b4e9beced70206f91575baddbcbe5722337953c8016a0f4b62120d776c43b7d1a879b692107954f45acdf8967dcaa994aad4922d4fe093e16c2d0090906f5036af99e50bb09b04e9c9b3b5085abf621297ce203010249cede92e9b66b446b86b43eaaae228dfdd3b4408c12b404bb727f7e969e7da04fc59900112bf8d38af0416dc616e75f167aa1352215f07115a6f4eb6bb5fff6f5c2fc9ab906392036b44090e65fdaf017dc53bc94e0807d679d793df18cc44e6c846d414cef1569530f7692daf91eaaf4ae89fe2522f2c9cf33b6ca508ebcd006bc1a61f0c800553aff9dc7d57200b25ecb83e1e0b8cd29520b63aa649d3f71a62570eee56e03223ddf31f0c04fa686b7f6dd054e7a259d9ba335c2c5b2c508897506c0db7f01878dec1411c33f0af61b81dbcf9ff8bdc0c50044963a79f3ee1462150c6bd03a32dbdfef8d72f0b8b3a395ffb0cc85792e7bc867feb5e312cb64e29e193388e9f173c162f4a1320a6f99ea3795fb77d982605959909a1aa11076fcc779ea6b80ec1bf0edfc2569ec04d15a0bdeebccf3c75393dca5e81663532f8ced12d08e4c2ae6e2954d427c7bf053dc4718f56f453bc88d74045bd2f9747aae9b5298a0de927f1d6b1308f4e1483487f083e71ed09298deb52bb10079b13def7453eb432498069edb5ade70c5c54913684d934a3febf78753ac13300a91f467ff3f6e2f00898f015d08f7739047b321b3eaee5ad8aa7adbf7833f014d8c576a491af9fca6843b327ed513821cb3951b2e67a275225d7af6b382e2f955adaacba5d1fdea2223202dee132b91d5cf381b51da94145255f584a70c5e8d11e06a44afa6599bf3ed0cb61703eba254333af53afac60e54cf6397f9f7302249ab644f0b576c713b15007be1f4f9bb213660bca8a70251472b86669d361ef968f542e81ddbe8f4d2e9cabe8d7bf6a31f14a2cc272963553a424c105e7750437ec5bf316e30ce60b4b0c27ccc1eb27e60f6472fef27654da49905ff9c01b28695310ecd8701aedff25a83da4b7c41995f902bdf249769dcb53a3efa894710dd66ba8745ae2253cc6b75a038183a0bee21226d48239320efad6727093e4f94bbc2fdcc216200d903c32bb9f16dd17d5dac423ae0696f3decc576b8f1fdce63d0532370af7d1e2fa2ca5c5d17bd88f5e3abb4792dac8689ca13752f83d753b06b037bf5a80a3748983790352775685b0414c9d74849fd217e388f904278ddb6b0abdda941b61579c796e2bb77a9bc363b18642c401faa502a31011544111b6eedaa369976c814773d83220a75f31026d6ad0b8b4298ea6062234db232bc435e096e84f740e55bb14d46ae04af0500aa5bb218aff6c76aa8a8e3140a1b0d6638538fd7f30fa8d992e53abf8af2fbc16b9e8a668c1aac72cea1a746ee5f7f3392a4ec8f1d19f2f426b6069b1cd347cbc38bceba96ce5da49198083403143c740c04639cd1089abb34fe812d85921c47437604f684bca44a1eaa965c0a6e1c1fd1f70ee932af3455b36184cc15934cdb3f28959d37d8fc10696f8ec1e4b0c3d1b9ff74a01b796d1bb68954a3768c8bcec741b3b69da892f8922142b16b2cabb469a9906b34216243fac80374c10e178c5fd36440f8d7a8588a9c2510d86ffa8cb68ce8c330d2111c94724e522f04573dad43bce252eb505d29ca9379a6b281519d38b7174f3ae8f185544f3003c936a7e6b23ca97a313aac6a061caa45fda73522f3061767bb4e33dbe4bde390eb0f07225a8aef939cb6ab2ada10c02527281abad394cd4ea9f59467a08b72047cdb75d7b2b98e5b4542554a60f953ac7a4b980f42518eec05ff2c044549cab0cf33eef36dfbabcbc0300009d898862d2194cfcdd9a713c30bbe52291105193656ea5eb830873ac956469d31689cc3c69edb5cb9a6e31ce3e6fb50ddd4e52ef9fdeacfc0db21e1e83e0d8d0a64f17cacb4dc208a893e7fd8ffa86cfc554dfba3d9fd281115eccb4b9d909f2fbf3fbb66bedd7b5db3f6d4f076f5d8fb54f8832896f8ef6f624162f1dd589be7a8e87dd5065708a8b0bfb18a5c2299f5605ac8a11c1add55b2018e6099380a70bee3e0727ca6ec58928fe6eb3147b47401e8d822eebade713b58335787669e5e0de5d328a1067df4cd9124665bb02ee8adfd1b3618374ef167df1f0fe79456f78aee3da4c1bf397e4637b0cf41a0f4a2910efd02b17bf5f3c15b0084b36fa7d4e85a53e5be366b428244eeba7499c3e54397227928e2ff6e583f332d6f7e8cf4d058f379b58a7d03a4bfa454bb4b6d543804b8970e6a9fe8886179eb418a8ce9e509e8433571f7d32378f2e983fa418c8c91760ec9fb20968e7fc23b7c4ac71693b2576ac0f8ce2020ff1e7a7ff24301b48b544fb29a1ca4f2502daded865e488a16dd33ec67b2eee3025cdc5ef90f253c4b5e0a61d51e495b675c5a1d55b4ba3812c5f44cd08487e61d36b0c2dc32d27333a5ee8a0906bfbcd388bd9389d1509912c0471c7b706a5aff880569a3fb11ac5f14d780deb4c1b1afe30fb6b8daf87b27a4ceb869d587a97f2f5af8d819aa47bbf207db68a6ecbbefb1e109ed0bfbbf3b54fba9e79de8fad9c3bcd3e74b8b92ccea3ff5c558c6cd72d78a711fc39df603bd4aa1439dd302258edd2204e52d7f435c6f552b612fbc321bea971195cd4d8bb033e2a779e239164d7eea6d8fd233b0b9b776246564cfcf44b31a83031a2413bf98a398c9f93da243cef9ce73d81bade8ad551fb0ffa75bc874c11d23ac9d7752f22a0f54c3870f3314a83e64332db810da1ebb288e10c4eb9be9ec037317b8f813e68160a887da3f5c0389510a0734b69ef275e19973b169d340610cf2112e9964cc0566b9b690c3feb36c8526491d3a563f0bead2abbcf0665e048aa3f929351b2f89876580633a403250ae3b5244c8c0e996bf888938dfc8920348d88e272e6eadc7c0387ca1dae228bd620ce3975d43b58758d9412d304a227245587065f58c4573ba2557f1d8333ba007709b1239d682f03405b22135757178fb701bbde81d2f8faaa7666c025d8a8bb426dc4b8e61aed79b3b3d3a9b01ee9142772d869677ede166e7a8be8ab84cdd6946b1478ce77ba307213971cfb24c86c344310f279e38d22254bf4caf83c02e715cb0550e615dc9f8dd2400fa749e3527493c15fb454c158e4c0603ae6e962b7890058ec7c10f0618ee274a15bca6ca9fe5bc5f9e7797c0950299912be9c58463c07d667d4bffe8aa590ae43db08512b40f3d265026bef2facdd508984e5f6d2ac7ef573397f14ed2e2ccdcbe5796e60ae64d173814906d1da5a5bfe8a2a4c5d6bb0b3315b878b4877d0c045f6e6cfa0dfc1ea4de7abe26f2b2d8c93299ed1d83f1b7853c756bfa346cd53b008fec169883983fe0f2405777dd85e17b2e4e8b23432c0dc4c386d67b6597184d0b4b95877362304638484cc0951400f66ee8391dd44417c58b3d46a8345a8049fcd70f7b5f4a6f912e2b18760947c74ef2b732b342878d7e7cc99902de87db36469555fbbfe76189f108d6ab31f4727fe4e22d075afaf6cc726ab17a5e1b4ab6c8f29a459da3c4266b5ad8ff55906a190f8b19a3bb92a50df49647c03d5d6106ec07e9300038d059a75b54ac31683ef8e5eee946e1c84d016ee1e7800a92c0a3823b62e0417fe86b191951f65abc0c38c1e0e8f1121a04b62a8a720790560f922804b1b7e7eaa497e1bede6e3d0dcf0312dbf221561958fa1e85a8f99e6fc82f919e78c17d1beda16cfef25fb5d00f7c32df9a51eac76000c988ffdf011564aa0e319764b16a5a7c728a470ff70772fb76c9ada26a0ac073fcbfa12501c2454b19e02d928e3939a40bfff76c002533b3849cdf8016728445131e5f1e292b7d3dc06bb3a3cfff6fabae0b7341694a8938c1d2497cd70b76c337c9a312e96c8f736d7625a535e1906eba53d199221ca60202a65be0f7e530aca10e61fa39c7601d65954e5ed4cab94345c6b89c7f8a0de5c61a7945e1564731b6715331d13263b2961a163382f7c4934d847033860e402f3aadb4f3e6cf47a97a2031401da4d2c8de8c80cdad71b97b4deb2075a02282f958ac6772354e67f097ca693778224b80892490015e7d697fb9107f75cea708178ffec93fb1d44e8493bad1d42c918e661219ea819e0200759037a5a585c0fe074fd407536fe58013f42612c41bfc66e16870d7a9c00ee93a3122b253fecbf5de3837641f4a1376af0f053463413c26c29f9a346318565276856b963da30ba6ab8c4c8ef6cfddc432328586d9d9829895835759bcde0851ae0c838a3927ea63fe5ba793fae94da61cab00fc05f3a265a2da1221bb2b66775ed7ba856b41011652d4984991e56249360ddfc997245ac1547a1c16382d42df383a8d1c852643b24895c422712e79c436fdfffece4ed1c50922d4f25296aaf6b204522086d188bee254f8303b60537ead1195ac5dd301286f0042dd68aa05a70e4beb779aa0b61a316f736b72c9ab7ed860a0908a078f4b8a53f2df0abf993f689de4b02b9138ca5047fb0bfc9ba3b92bff033e36fc9553260b008cef3d147c62d1d3944fd1eaff79bc5a922ec2190907bfda1b51c2c7fb867db1f8e13a37b5e3ae0165e93350b958a239ec1f2b78561cff854b975307b5b5dd23b040602a5a36bd79947ee04c7d0e5e30f9c4c79f7b4e6eada98bfc6c357cdf8939213423f1b21ba26cfc2b2756ea3eb992372db0ab8a7c37d8ae96bf3ed6be873c1891550ef741812032e1ae938326c399ee43a3061602dda006f1b6b620bebb6a5752bee77e8acf9921ebf4d4c8af7eb5e937c65697c0664c594e31a62377a25605051996c474ca322ce8e0e6ef8a7988be", 0x2000, &(0x7f0000001240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)={0xd8, 0x0, 0xfffffffffffffff9, [{{0x5, 0x2, 0x3, 0x200000001, 0x10005, 0x80000001, {0x6, 0x9, 0x1, 0xff, 0x3, 0x0, 0x7fffffff, 0x57, 0x6554b836, 0xc000, 0xc9, 0x0, r6, 0x6c, 0x4}}, {0x20000000000000, 0x537, 0x2b, 0x8, ':-(\\\xc9\x80\x00\x00\x00\xc3\x00\x00\xf39}\xd8mM\x92\x8d$\xd3\xa4a\xb6\x02E\x89\x85V\xc6\x00\x00\x00\x00\x00\x00+\x13;\x00\x00\x00'}}]}, 0x0, 0x0, 0x0})
getdents64(r7, &(0x7f0000000100)=""/134, 0x86)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
readv(r2, &(0x7f0000000e80)=[{&(0x7f0000000500)=""/232, 0xe8}], 0x1)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000880)='\xf5\xfc\xd2\xec]\x95zx8*\xa2d\x11\xb5\xb1\x01\x00\x00\x00\xe49{\x8a{\x81s\xea$\xdfg\xb1\x03DY!\x97\xadM\xd7\xff\x8a\xcd[>\x12e\xc3]d8\xba\x8ec\x00\x00\x00\x00\x00\x00\x00\xa0\xe2\xd5y\xec\x90\x00\x98Y\x91\x19\x16\x89\xd0\x1a\xad\xcd\xd6\xd0\xc6\xb9\xeb\x95\xd3\x9cl\x9cu#\xb4\xee\xe5\x9d\t\fV\xd4\xda\xfc`2?\x15P\xba\x14b\x1c\xcc\xd5\xb9jA$s\xb9g3\x15M\xd9\xb9 \xca[\xc7\xec\xa9;\xee\x01\xc9\xc4\x1f\xc3\xe4\xfa\xd3fU\x0e\x86\xc8\xa7\xaf\xaf\x04p\xa3\x8bb\xbf\\\xdb\x83\x00\x96sy\x14\x1eo\xcc9&\x946\xf9\xf5v\xee\xb5m$;\x01\xb8\xeau\x00\xd1S=\x920H\xc2z\xb5\xbe\x95\xef\xeb\xd1\xc8\xa1\xba\xach\xbef\xa8\x86\xc2\x18\x9cC\x15\x9c^\xcf\xe9\xbcp\xb4Ff\x00\x9d>p\"\x19\xd8}|~\xae\xdb\a59f\xb8?\xba\xf2\x8e\xa5y\\\xf0\fkd??-\x983\xf3\x19\xc7\xc0/\xe9\x1a\x80=\xa72)\xd2\x00'/277, &(0x7f00000002c0)='/\x00\x01\x00H\x98', 0x0)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
tkill(r3, 0xb)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
waitid(0x0, 0x0, &(0x7f0000002ff9), 0x0, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)

1m56.885703628s ago: executing program 5 (id=3276):
socketpair$unix(0x1, 0x3, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000100)={0x1b, 0x5, 0xd})
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prlimit64(0x0, 0xe, 0x0, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000200), 0x100)
readv(r3, &(0x7f0000000300)=[{&(0x7f0000000000)=""/47, 0x2f}], 0x1)

1m56.781750725s ago: executing program 0 (id=3277):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket(0x10, 0x2, 0x0)
write(r1, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c)
recvmmsg(r1, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
r2 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r2, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
pipe(&(0x7f0000000140)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r5, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x36, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
splice(r5, 0x0, r4, 0x0, 0x10000008ebc, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x4e24, @loopback}}, 0x80, 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x200048c0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000140)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x2, @local}}, 0x80, 0x0, 0x0, &(0x7f0000000100)=[{0x18, 0x110, 0x8000, "dc"}], 0x18}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_GET(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="11002bbd700100000000030000005800018044000400200001000a00000000000000fe800000000000000000000000000010f8000000200002000a00000000000005ff01000000000000000000e4ffffff00000000000d0001007564703a73"], 0x6c}}, 0x8000)

1m55.174216822s ago: executing program 3 (id=3279):
epoll_create1(0x0)
r0 = epoll_create1(0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'geneve1\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0x2}, {0xffff, 0xffff}, {0xd}}, [@qdisc_kind_options=@q_pie={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x51}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmmsg$inet(r5, &(0x7f0000005200)=[{{0x0, 0x4b, &(0x7f0000000000), 0x1}}], 0x1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000400)={0xa})
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0, 0xffffffffffffff2c}, 0x68)
syz_clone(0x886000, &(0x7f0000000100)="d37a31db4fd6382388380c7b23503108cb8720223dd164912775dbcb7217da10fdf447cd865bfa9cd8efb0cdad1008", 0x2f, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000200)="93e015f2926ddd1f13a5a78cf0afa8787b82c3653a22435f49ad5c450152552cf1a51ab5c7445c0db92c886f819256f9e868b2eb1f829cd5dc679a8275152fe4cda0e53a3272a91740eb42981816ba97a9c7a3d0258fc5eb23e51ef6f6c9e77d5f04929ba2f6917ffd8a7656d7ae715a30cf4babf437be7c51e64a21535ce94327df1762a3aa7b841d6cc6912ca0fb72263c01d84697b21a1ec4005d816d226447a7bf49ca12e8ec0bb7eaa83a4b566c8e0c4ce58358edf2494a31d39755eb263e076a5712ddc8eaec38f36077eb57801d62856d1bb0b208c6b56dec69434186576894b70c4630411d87")
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r6 = io_uring_setup(0x4fee, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0xa, 0x20002f7})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x800, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}, {0xd}, {0xe, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x40005}, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4)
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r7, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
io_uring_enter(r6, 0x2219, 0x7721, 0x16, 0x0, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)

1m54.903930273s ago: executing program 5 (id=3281):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {0x3010}, 0x1})
io_uring_enter(r2, 0x2ded, 0x4000, 0x4, 0x0, 0x0)
r5 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r5, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r5, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r5, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r5, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000200)="0000000000aa303e97380e90231bdbdaf6a4bd866226b7cdb7c26858c4e4fd703be2f51ed6ddc4a47116ec2db75c7042a22491af0ffea4174a9de3350c0a498396b28c7d1784d04aa38922721cb7816094cb82950fd012efd26d", 0x5a}, {&(0x7f0000000900)="0f198d5aa5caa1c55b84b414797cbdd4e8c576a921a070fc828060506683fd1106a961ac55b5b8ea3342ca7de5559ca2c14e05e42aed8ba14b2c78cb540f71a817d80fbf1945a046ebda494a8048a106a4d49d7f214735ada53397db3b203885ce39ee48d69465935eade21ce36e61826c52c82f038341d9bab5687c740ed3c18897094e7e1391eb84a4052e03c0c7c39ae86d454938f65e284620b99481c33d9f5e5b7a6c0d7548723f55b213c76be37f40c850c38e265758ebd8238257a146d6eced16fd658a784c928fea7a841db1a7fd6520442dae5fc0d3a3d3a5f16fcf6fe4f062ecdad7d0f3c6cd339339533c0ef28ad1e2729907094c3de93c1b1b00ad6df89507000000fb7565d3a8e9eaea020ed173c2179fb03e0944460989240a689c7fe795d310be4e7a6b778a903280dbf426b39c3603c49049980767e31edb997f59785184cbd7b9070400000073c745f71db0906cb51780f908fa61634af8ac85d9f04f3dff0a948e81cd3229a59aaeb00995358155343e3239588a0383e4df109d5ca24276d0d83a27d0e9bf681c1bbea12a6f3c20ad50f63430333bb327eb6ae32fe8809065bce26d2dc2fbb2b48d404637d61fd86852e0e1b6ccc6f75b1107aaa5f60ef45f94e953b3f213c3cb4ca4c716565078c666f84e1a99bb4cb5c7190648132f6ff1f6cb79b93f20752753c938da6241607a742361d995188b23cb4b8269e98e822585695962620673433748e476f7cc3e37db88639c525ff3a502c82c283b00aecfe7734ab369e1ed7c75e27a5a333641817baa3ea37844e20e6266c5095abf9d47ca5f8ad93f1a4d8795daec222ada00d65cf91425fae7939ceaa8d94ec1ab5082e1d251c27b3132119b350e81771f3733be232ffb90c03a818bf458aac3314007c3e35d5e4bed6b897608b01e7e26a54433e5f5c74a2ee3c2fc50067be05a677f122b7dba7010830b879a41b579d44158fb89ea05761d2d369853bea84dfb8081ed7b891dcb3bb3361534fdc5252e4964aed936ad2838e7af14fc65c7c1c6d44c6256f2462ae83cfd6a6b2651da607fe79d345e5080098e9e6e7482cc5c267e00d8d09dcde70b60fe6220fe9530547201664db91cf1885ecc2f106b66cd99131523c99f6102ddd7403791b3a7ac59b256cc4c938fe01740ae4f19b5204ca305b1666b0c2a7e5015d6d530995843adfbac3954306d4cd82257d4d2c3283d45dbae43548fed9879328f114f7c8238ac955391b24614d91be1701ae07c170a9c299fcf3d0ac4cea07e88fbf66b697883af17a06ac3f9954eb2fbd20f101802cd023fc48c5d464c16059cc9dce8558c5322ac7612db0e2725427628c2c41a21f0d2f3962e32f710bf9e216ff1694e8d88c8a81328744b36d9ef9f08c0ea3ccd4f8729e2f00a048162834a95", 0x3f1}, {&(0x7f00000003c0)="128b9306006d4810e5ac5040ad9201847839fc378469d5765b9cc241840896c1498194a7197b45d74a8532b82037b02c9e6045c361eb", 0x36}], 0x3}, 0x0)
sendmsg$nl_route(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000005c0)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

1m54.887357423s ago: executing program 0 (id=3282):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x2000)
r2 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r2, &(0x7f00000001c0)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x20}}}, 0x1c)
setsockopt$sock_linger(r2, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
sendmmsg$inet6(r2, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

1m53.931847576s ago: executing program 1 (id=3283):
prctl$PR_SET_DUMPABLE(0x4, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x80)
mount$afs(0x0, &(0x7f0000002840)='./file0\x00', &(0x7f0000002880), 0x700, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
syz_open_dev$sndctrl(&(0x7f0000000e00), 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000000)='source', &(0x7f0000000100)='::,:/', 0x0)
r4 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0x0, 0x0, 0x40000, 0x0, 0x2, 0x1}})
ioctl$sock_SIOCETHTOOL(r4, 0x8946, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x8914, &(0x7f0000000040)={'veth0_to_team\x00', 0x3fa1dc947ffe4b82})
r5 = socket(0x1, 0x2, 0x0)
utimensat(0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={{}, {0x77359400}}, 0x100)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37}, 0x20)
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[], 0x0, 0x37}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000004440)=ANY=[@ANYBLOB="0900000004000000040000000700000000000000", @ANYRES32=r3, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=r6, @ANYBLOB="02000000010000000000000000000000000000000000000000400000"], 0x50)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r5, 0x5452, &(0x7f0000000380)={'gre0\x00', 0x0})
socket$nl_generic(0x10, 0x3, 0x10)
chdir(&(0x7f00000000c0)='./file0\x00')
rmdir(&(0x7f0000000000)='./file0\x00')

1m53.92758335s ago: executing program 2 (id=3284):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000040)={0x0, 0x63, 0x20000, 0x40000004, 0x0, "5ee691000200000017e0054200", 0x10001020, 0x3})
pipe2(&(0x7f0000001440)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0) (async)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) (async)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) (async)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) (async)
keyctl$set_reqkey_keyring(0xf, 0xfffffffb) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
r6 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r6, &(0x7f0000000340)={0x2, 0x4e21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, 0x1c) (async)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000300)={0x0, 0x0}) (async)
r8 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000100), 0x2101, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r8, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r9=>0x0})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r8, 0x3ba0, &(0x7f00000002c0)={0x48, 0x5, r9, 0x0, <r10=>0x0, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES(r8, 0x3ba0, &(0x7f0000000a40)={0x48, 0x7, r10, 0x0, 0x0, 0x0, 0x7, 0x50})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r7, 0xc0502100, &(0x7f0000000380)) (async)
fcntl$setownex(r5, 0xf, 0x0)
socket$netlink(0x10, 0x3, 0x4) (async)
r11 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
write$FUSE_NOTIFY_DELETE(r11, &(0x7f0000000440)=ANY=[@ANYBLOB="000000818396a41ceadcfa02e500000000000002000000000000000500000000000000"], 0x2a) (async)
splice(r0, 0x0, r1, 0x0, 0xa, 0x0)

1m53.896234735s ago: executing program 5 (id=3285):
r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
recvmmsg(r1, &(0x7f0000001c00)=[{{0x0, 0x0, 0x0}, 0x6}], 0x1, 0x2000, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, r2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
setxattr$security_capability(0x0, &(0x7f0000000280), 0x0, 0x0, 0x0)
lsetxattr$security_capability(0x0, &(0x7f00000000c0), 0x0, 0x0, 0x3)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
utime(&(0x7f0000000000)='.\x00', 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r5 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000040)={0x0, &(0x7f00000002c0)=[<r6=>0x0], 0x0, 0x0, 0xfffffd52, 0x1})
writev(0xffffffffffffffff, 0x0, 0x0)
r7 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r7, 0xc0d05605, &(0x7f0000000280)={0x1, @pix_mp={0x1, 0x93cf, 0x35314152, 0x0, 0x1, [{0x6, 0x5}, {0x9, 0x5}, {0x8, 0x3}, {0x4, 0x9}, {0x0, 0x4}, {0x6, 0x7ff}, {0x3, 0x2}, {0x50ad0a9a}], 0x9, 0x7f, 0x2, 0x2, 0x2}})
ioctl$DRM_IOCTL_MODE_CURSOR(r5, 0xc01c64a3, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR2(r5, 0xc02464bb, &(0x7f0000000080)={0x3, r6, 0x1fc, 0x0, 0x4, 0x800008, 0x0, 0x4, 0x4000})
setsockopt$bt_rfcomm_RFCOMM_LM(r0, 0x12, 0x3, &(0x7f00000006c0)=0x46, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_setup(0x10d, &(0x7f00000003c0)={0x0, 0x0, 0x1}, &(0x7f0000000380), &(0x7f0000000580))

1m53.519075498s ago: executing program 2 (id=3286):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610430000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x8, 0xbb, &(0x7f000000cf3d)=""/187, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x94) (async)
syz_open_dev$dri(&(0x7f0000000000), 0x4, 0x200)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000400)={&(0x7f0000000300)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000380)=[0x0, 0x0, 0x0], &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0], 0x5, 0x4, 0x3, 0x4}) (async)
socket$nl_route(0x10, 0x3, 0x0)
openat$yama_ptrace_scope(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) (async, rerun: 32)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) (rerun: 32)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async, rerun: 64)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (rerun: 64)
r2 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec29, 0x800, 0x1, 0x40000337}, &(0x7f0000000dc0)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r2, 0x847ba, 0x0, 0xe, 0x0, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000040)=<r5=>0x0)
ptrace$setopts(0x4206, r5, 0x4, 0x20) (async)
r6 = socket$netlink(0x10, 0x3, 0x0) (async)
r7 = socket$netlink(0x10, 0x3, 0x0) (async, rerun: 64)
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0) (async, rerun: 64)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r8, 0x0, 0x40, &(0x7f0000001640)=@mangle={'mangle\x00', 0x44, 0x6, 0x410, 0x0, 0x2d8, 0x98, 0x98, 0x0, 0x378, 0x378, 0x378, 0x378, 0x378, 0x6, 0x0, {[{{@ip={@broadcast, @multicast1=0xe0007600, 0x11000000, 0x0, 'geneve1\x00', 'ip6gre0\x00'}, 0x0, 0x70, 0x98}, @inet=@DSCP={0x28, 'DSCP\x00', 0x0, {0xfe}}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x0, 'batadv_slave_1\x00', 'veth1_virt_wifi\x00', {}, {}, 0x11}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @local}}}, {{@uncond, 0x0, 0xb0, 0xd8, 0x0, {}, [@common=@unspec=@connlimit={{0x40}, {[0x0, 0x0, 0xff000000]}}]}, @inet=@DSCP={0x28, 'DSCP\x00', 0x0, {0x33}}}, {{@ip={@loopback, @empty, 0x0, 0x0, 'syzkaller0\x00', 'veth1_to_team\x00'}, 0x0, 0xa0, 0xc8, 0x0, {}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x1, 0x3, 0x1}}]}, @common=@unspec=@NFQUEUE0={0x28, 'NFQUEUE\x00', 0x0, {0x3}}}, {{@ip={@broadcast, @remote, 0x0, 0x0, 'lo\x00', 'batadv_slave_1\x00', {0xff}}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x470)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
fgetxattr(0xffffffffffffffff, &(0x7f0000000240)=@known='security.apparmor\x00', &(0x7f0000001ac0)=""/4096, 0x1000) (async, rerun: 32)
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[], 0x3c}}, 0x0) (async, rerun: 32)
sendmsg$nl_route(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000003c0)=ANY=[@ANYBLOB="5400000010001fff26bd70008000000000000000", @ANYRES32=0x0, @ANYBLOB="05160000102f00002c0012800b00010067726574617000001c00028006000e000100000008000700e0000001060010000100000008000a00", @ANYRES32=r9, @ANYBLOB], 0x54}}, 0x4000) (async)
r10 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0) (async)
madvise(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9)
ioctl$USBDEVFS_GET_CAPABILITIES(r10, 0x8004551a, &(0x7f0000000200))

1m52.97088714s ago: executing program 3 (id=3287):
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000100)={0x1b, "5660359c3245d1c42317afad7d48ed51000000000000000100"})
r1 = syz_io_uring_setup(0x3989, &(0x7f0000000640)={0x0, 0xa696, 0x2, 0xfffffffd, 0x15f}, &(0x7f00000006c0)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x4004, @fd_index=0x4, 0x0, 0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x3c, r6, 0x1, 0x0, 0xffffffff, {{}, {@void, @val={0xc, 0x99, {0x2001, 0x56}}}}, [@NL80211_ATTR_TX_RATES={0x1c, 0x10d, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x18, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x11, 0x2, [{0x2, 0x6}, {0x1, 0x1}, {0x7, 0x7}, {0x3}, {0x1, 0x19}, {0x3, 0x2}, {0x5, 0x6}, {0x2, 0x6}, {0x2, 0x7}, {0x2, 0x4}, {0x3, 0x2}, {0x3, 0x2}, {0x1}]}]}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000065}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_UPDATE_FT_IES(r4, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x40, r6, 0x400, 0x70bd25, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_IE={0x23, 0x2a, [@gcr_ga={0xbd, 0x6, @broadcast}, @rann={0x7e, 0x15, {{0x1}, 0xfe, 0x0, @device_a, 0x3, 0xbf4, 0x80000000}}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x10)
io_uring_enter(r1, 0x847ba, 0x0, 0xe, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

1m52.83526549s ago: executing program 1 (id=3288):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000002380)=ANY=[@ANYBLOB="44120000", @ANYRES16=r1, @ANYBLOB="21032cbd7000fedbdf25"], 0x1244}, 0x1, 0x0, 0x0, 0x8004}, 0x14000)

1m52.573577738s ago: executing program 1 (id=3289):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000340)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x1, 0x0, 0x4, 0x0, 0x0, 0x0, 'syz1\x00', 0x0})
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85513, &(0x7f0000000540)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0x0, 0x3, 0x6c4ba42, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x5, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0xcd, 0x0, 0x0, 0x400, 0x0, 0x0, 0x3, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x9, 0x0, 0xfffffffffffffffb, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80003, 0x0, 0x0, 0x0, 0x200, 0x0, 0x40000000000, 0x801, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3, 0x0, 0x100000001]})
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000000)={0x1f, 0xffff, 0x2}, 0x6)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x80, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCFLSH(r3, 0x400455c8, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000340)=0x7)
ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$inet_sctp_SCTP_AUTO_ASCONF(0xffffffffffffffff, 0x84, 0x1e, 0x0, &(0x7f0000000080))
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(sm4)\x00'}, 0x58)
r7 = accept4(r6, 0x0, 0x0, 0x80000)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), r7)

1m52.288023434s ago: executing program 3 (id=3290):
socket$nl_generic(0x10, 0x3, 0x10)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000480)={'wlan1\x00'})
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f00000001c0)=0x1, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0x3, &(0x7f00000000c0)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f000001b700)=""/102392, 0x18ff8)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x8004)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000240)=ANY=[@ANYBLOB="020000000100000000"], 0x24, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e24, @loopback}, 0x10)
sendmmsg$inet(r0, &(0x7f0000004980)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000340)="b9cd14c222ee", 0x4b}], 0x1}}], 0x1, 0x20008000)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) (fail_nth: 3)
read$FUSE(r2, &(0x7f00000021c0)={0x2020, 0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f0000000040)={0x50, 0x0, r3, {0x7, 0x1f, 0xdfffffff, 0x5e490420, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88}}, 0x50)
syz_fuse_handle_req(r2, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20, 0x0, 0x3731, {0x0, 0x7f69ff17f1e1ab77}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff})
select(0x0, 0x0, 0x0, 0x0, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x10, 0xffffffffffffffff, 0x0)

1m52.235099857s ago: executing program 2 (id=3291):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {0x3010}, 0x1})
io_uring_enter(r2, 0x2ded, 0x4000, 0x4, 0x0, 0x0)
r5 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r5, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r5, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r5, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000400)='sched_switch\x00', r6}, 0x18)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffed850000006d000000a50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x5, 0x1, 0x8e, 0xe7c9, 0x1}, 0x48)
bpf$MAP_DELETE_BATCH(0x18, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0xe30a, r8}, 0x38)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x24000, 0x0)
bind$inet(r5, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000200)="0000000000aa303e97380e90231bdbdaf6a4bd866226b7cdb7c26858c4e4fd703be2f51ed6ddc4a47116ec2db75c7042a22491af0ffea4174a9de3350c0a498396b28c7d1784d04aa38922721cb7816094cb82950fd012efd26d", 0x5a}, {&(0x7f0000000900)="0f198d5aa5caa1c55b84b414797cbdd4e8c576a921a070fc828060506683fd1106a961ac55b5b8ea3342ca7de5559ca2c14e05e42aed8ba14b2c78cb540f71a817d80fbf1945a046ebda494a8048a106a4d49d7f214735ada53397db3b203885ce39ee48d69465935eade21ce36e61826c52c82f038341d9bab5687c740ed3c18897094e7e1391eb84a4052e03c0c7c39ae86d454938f65e284620b99481c33d9f5e5b7a6c0d7548723f55b213c76be37f40c850c38e265758ebd8238257a146d6eced16fd658a784c928fea7a841db1a7fd6520442dae5fc0d3a3d3a5f16fcf6fe4f062ecdad7d0f3c6cd339339533c0ef28ad1e2729907094c3de93c1b1b00ad6df89507000000fb7565d3a8e9eaea020ed173c2179fb03e0944460989240a689c7fe795d310be4e7a6b778a903280dbf426b39c3603c49049980767e31edb997f59785184cbd7b9070400000073c745f71db0906cb51780f908fa61634af8ac85d9f04f3dff0a948e81cd3229a59aaeb00995358155343e3239588a0383e4df109d5ca24276d0d83a27d0e9bf681c1bbea12a6f3c20ad50f63430333bb327eb6ae32fe8809065bce26d2dc2fbb2b48d404637d61fd86852e0e1b6ccc6f75b1107aaa5f60ef45f94e953b3f213c3cb4ca4c716565078c666f84e1a99bb4cb5c7190648132f6ff1f6cb79b93f20752753c938da6241607a742361d995188b23cb4b8269e98e822585695962620673433748e476f7cc3e37db88639c525ff3a502c82c283b00aecfe7734ab369e1ed7c75e27a5a333641817baa3ea37844e20e6266c5095abf9d47ca5f8ad93f1a4d8795daec222ada00d65cf91425fae7939ceaa8d94ec1ab5082e1d251c27b3132119b350e81771f3733be232ffb90c03a818bf458aac3314007c3e35d5e4bed6b897608b01e7e26a54433e5f5c74a2ee3c2fc50067be05a677f122b7dba7010830b879a41b579d44158fb89ea05761d2d369853bea84dfb8081ed7b891dcb3bb3361534fdc5252e4964aed936ad2838e7af14fc65c7c1c6d44c6256f2462ae83cfd6a6b2651da607fe79d345e5080098e9e6e7482cc5c267e00d8d09dcde70b60fe6220fe9530547201664db91cf1885ecc2f106b66cd99131523c99f6102ddd7403791b3a7ac59b256cc4c938fe01740ae4f19b5204ca305b1666b0c2a7e5015d6d530995843adfbac3954306d4cd82257d4d2c3283d45dbae43548fed9879328f114f7c8238ac955391b24614d91be1701ae07c170a9c299fcf3d0ac4cea07e88fbf66b697883af17a06ac3f9954eb2fbd20f101802cd023fc48c5d464c16059cc9dce8558c5322ac7612db0e2725427628c2c41a21f0d2f3962e32f710bf9e216ff1694e8d88c8a81328744b36d9ef9f08c0ea3ccd4f8729e2f00a048162834a95", 0x3f1}, {&(0x7f00000003c0)="128b9306006d4810e5ac5040ad9201847839fc378469d5765b9cc241840896c1498194a7197b45d74a8532b82037b02c9e6045c361eb", 0x36}], 0x3}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000240)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000100)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000001dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
rename(&(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000040)='./bus\x00')
sendmsg$nl_route(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000005c0)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

1m51.650031458s ago: executing program 5 (id=3292):
socketpair$unix(0x1, 0x3, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000100)={0x1b, 0x5, 0xd})
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prlimit64(0x0, 0xe, 0x0, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000200), 0x100)
readv(r3, &(0x7f0000000300)=[{&(0x7f0000000000)=""/47, 0x2f}], 0x1)

1m50.568911631s ago: executing program 5 (id=3293):
prctl$PR_SET_DUMPABLE(0x4, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x80)
mount$afs(0x0, &(0x7f0000002840)='./file0\x00', &(0x7f0000002880), 0x700, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
syz_open_dev$sndctrl(&(0x7f0000000e00), 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, 0x0, &(0x7f0000000100)='::,:/', 0x0)
r4 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0x0, 0x0, 0x40000, 0x0, 0x2, 0x1}})
ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x8914, &(0x7f0000000040)={'veth0_to_team\x00', 0x3fa1dc947ffe4b82})
utimensat(0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={{}, {0x77359400}}, 0x100)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[], 0x0, 0x37}, 0x20)
socket$nl_generic(0x10, 0x3, 0x10)
chdir(&(0x7f00000000c0)='./file0\x00')
rmdir(&(0x7f0000000000)='./file0\x00')

1m50.519337773s ago: executing program 2 (id=3294):
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f00000006c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x40, 0x40, 0x2, [@const={0x0, 0x0, 0x0, 0x9, 0x3}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x8}, @func_proto, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x1, 0x2}}]}}, 0x0, 0x5a}, 0x20)
syz_io_uring_setup(0x49f, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = getpid()
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
ioctl$UFFDIO_WRITEPROTECT(0xffffffffffffffff, 0xc018aa06, 0x0)
syz_open_procfs(0x0, &(0x7f0000000380)='status\x00')
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_DELDEST(r1, 0x6, 0x9, &(0x7f0000000080)={{0x3c, @loopback, 0x4e20, 0x5, 'wlc\x00', 0x0, 0x7ff, 0x1}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4e22, 0x3, 0xaf, 0x0, 0x42}}, 0x44)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x15)

1m50.393598145s ago: executing program 0 (id=3295):
syz_usb_connect(0x5, 0x24, &(0x7f0000002040)=ANY=[@ANYBLOB="12010000fe76181004160780a6af011703010902120001000000000904"], 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f00000007c0)=ANY=[@ANYBLOB], 0x119)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$BLKSECDISCARD(0xffffffffffffffff, 0x127d, &(0x7f0000000040)=0x6)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x4002)
bind$bt_hci(r2, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r2, &(0x7f0000000340), 0x0)
syz_open_dev$hidraw(0x0, 0x0, 0x81)
r3 = syz_open_dev$sndctrl(&(0x7f0000000380), 0x40000000000008, 0xbc81)
ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r3, 0x80dc5521, &(0x7f0000000180)=""/135)

1m50.217583865s ago: executing program 1 (id=3296):
socket$alg(0x26, 0x5, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
syz_open_dev$dri(0x0, 0x100000000000009, 0xa0883)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_open_dev$MSR(&(0x7f0000000040), 0x9ea, 0x0)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="60000000020601010000000000000000000000001c0007800500140007000400080012400005000008000840000000000900020073797a300000002005000100070000000c000300686173683a697000050005000a000000050004"], 0x60}, 0x1, 0x0, 0x0, 0x4}, 0x0)

1m49.429805672s ago: executing program 5 (id=3297):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff})
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000))
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000380)={'vxcan0\x00', <r4=>0x0})
bind$can_j1939(r3, &(0x7f0000000100)={0x1d, r4, 0x0, {0x0, 0xff, 0x2}, 0x6621350e9d60fd79}, 0x18)
connect$can_j1939(r3, &(0x7f0000000080)={0x1d, r4, 0x0, {0x1, 0xf0}, 0x1}, 0x18)
sendmsg$can_j1939(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000000)={@local, @local, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "76cd8a", 0x18, 0x0, 0x0, @rand_addr=' \x01\x00', @private0={0xfc, 0x0, '\x00', 0x1}, {[@hopopts={0x0, 0x2, '\x00', [@calipso={0x7, 0x8, {0x0, 0x0, 0x0, 0xd600}}, @pad1, @padn={0x1, 0x1, [0x0]}]}]}}}}}, 0x0)
unshare(0x6a040000)

1m48.173407448s ago: executing program 1 (id=3298):
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBENT(r0, 0x4b47, &(0x7f00000000c0)={0xfe, 0x7d, 0x210})

1m48.131889083s ago: executing program 2 (id=3299):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000002380)=ANY=[@ANYBLOB="44120000", @ANYRES16=r1, @ANYBLOB="21032cbd7000fedbdf25"], 0x1244}, 0x1, 0x0, 0x0, 0x8004}, 0x14000)

1m47.990195647s ago: executing program 1 (id=3300):
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
getpgid(0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000000)='devtmpfs\x00', 0x800, 0x0)
mount$overlay(0x0, &(0x7f0000001340)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r1 = openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
getdents64(r1, &(0x7f0000000400)=""/159, 0x9f)

1m47.867394025s ago: executing program 3 (id=3301):
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000100)={0x1b, "5660359c3245d1c42317afad7d48ed51000000000000000100"})
close_range(r0, 0xffffffffffffffff, 0x0)

1m46.997462944s ago: executing program 2 (id=3302):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)={0x14, 0x14, 0x1, 0x800000, 0x0, "", [@nested={0x4}]}, 0x14}], 0x1}, 0x0)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x38, r1, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}]}, 0x38}}, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r2)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r6 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
r8 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000600)=@newtfilter={0x50, 0x2c, 0xd27, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r7, {0x0, 0xfff2}, {}, {0x7}}, [@filter_kind_options=@f_flower={{0xb}, {0x20, 0x2, [@TCA_FLOWER_KEY_CT_STATE={0x6, 0x5b, 0x2}, @TCA_FLOWER_KEY_CT_STATE_MASK={0x6, 0x5c, 0x8}, @TCA_FLOWER_KEY_ETH_SRC={0xa, 0x6, @multicast}]}}]}, 0x50}, 0x1, 0x0, 0x0, 0x10}, 0x4)
r9 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r9, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r10, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x30, r11, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}]}, 0x30}}, 0x0)
r12 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r12, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x34004811)
r13 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r13, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08061cdc030ec080fffffffe0000000100e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120800030006010000bdad446b9bbc7a46e3988285dcdf12f2130809d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff000000000000000000", 0x89}], 0x1}, 0x0)
ioctl$SNDRV_TIMER_IOCTL_CREATE(0xffffffffffffffff, 0xc02054a5, &(0x7f00000000c0)={0xeba, <r14=>0xffffffffffffffff, 'id1\x00'})
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r14, 0xc018937a, &(0x7f0000000040)={{0x1, 0x1, 0x18, r13, {0x3}}, './file0\x00'})

1m46.94550042s ago: executing program 3 (id=3303):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = shmget$private(0x0, 0x800000, 0x54003f00, &(0x7f0000800000/0x800000)=nil)
shmat(r1, &(0x7f0000000000/0x4000)=nil, 0xbbdccba4532b703b)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r2 = userfaultfd(0x801)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x5})
ioctl$UFFDIO_CONTINUE(r2, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
readv(r0, &(0x7f0000000400)=[{&(0x7f0000000180)=""/107, 0x6b}], 0x1)
bind$bt_hci(r0, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)

1m29.09501518s ago: executing program 0 (id=3304):
socketpair$unix(0x1, 0x3, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000100)={0x1b, 0x5, 0xd})
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prlimit64(0x0, 0xe, 0x0, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000200), 0x100)
readv(r3, &(0x7f0000000300)=[{&(0x7f0000000000)=""/47, 0x2f}], 0x1)

0s ago: executing program 33 (id=3300):
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
getpgid(0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000000)='devtmpfs\x00', 0x800, 0x0)
mount$overlay(0x0, &(0x7f0000001340)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r1 = openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
getdents64(r1, &(0x7f0000000400)=""/159, 0x9f)

kernel console output (not intermixed with test programs):

RIP: 0033:0x7f214cd8e0dc
[ 1052.525101][T16798] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1052.525118][T16798] RSP: 002b:00007f214dcf4030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1052.525136][T16798] RAX: ffffffffffffffda RBX: 00007f214cfe5fa0 RCX: 00007f214cd8e0dc
[ 1052.525148][T16798] RDX: 000000000000000f RSI: 00007f214dcf40a0 RDI: 0000000000000004
[ 1052.525158][T16798] RBP: 00007f214dcf4090 R08: 0000000000000000 R09: 0000000000000000
[ 1052.525168][T16798] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1052.525179][T16798] R13: 00007f214cfe6038 R14: 00007f214cfe5fa0 R15: 00007ffed96b8518
[ 1052.525206][T16798]  </TASK>
[ 1053.007179][T16806] veth0_to_team: entered promiscuous mode
[ 1053.075629][T16806] veth0_to_team: entered allmulticast mode
[ 1053.237909][ T5936] usb 1-1: new high-speed USB device number 57 using dummy_hcd
[ 1053.588599][ T5936] usb 1-1: Using ep0 maxpacket: 8
[ 1053.613817][ T5936] usb 1-1: config 1 has 0 interfaces, different from the descriptor's value: 7
[ 1053.651066][ T5936] usb 1-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[ 1053.667824][ T5936] usb 1-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[ 1053.675935][ T5936] usb 1-1: Product: syz
[ 1053.717905][ T5936] usb 1-1: Manufacturer: syz
[ 1053.722689][ T5936] usb 1-1: SerialNumber: syz
[ 1053.948433][   T30] audit: type=1400 audit(1762363955.170:686): avc:  denied  { read } for  pid=16818 comm="syz.1.2910" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1054.040253][T16820] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[ 1054.050694][   T30] audit: type=1400 audit(1762363955.260:687): avc:  denied  { read append } for  pid=16803 comm="syz.2.2907" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[ 1054.100830][   T30] audit: type=1400 audit(1762363955.260:688): avc:  denied  { open } for  pid=16803 comm="syz.2.2907" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[ 1054.138595][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1054.144927][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1056.480637][T16835] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1056.488306][T16835] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1056.494891][T16835] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1056.501815][T16835] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[ 1056.949317][   T24] usb 1-1: USB disconnect, device number 57
[ 1057.570432][   T30] audit: type=1400 audit(1762363958.760:689): avc:  denied  { accept } for  pid=16843 comm="syz.1.2916" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1057.613604][T16852] mkiss: ax0: crc mode is auto.
[ 1057.619157][T16854] openvswitch: netlink: IP tunnel dst address not specified
[ 1058.342418][T16865] overlayfs: overlapping lowerdir path
[ 1058.569769][ T5134] Bluetooth: hci6: command 0x0c1a tx timeout
[ 1058.569885][T10768] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1058.577189][T12125] Bluetooth: hci4: command 0x0406 tx timeout
[ 1058.582359][T10768] Bluetooth: hci1: command 0x0406 tx timeout
[ 1060.657618][T10768] Bluetooth: hci6: command 0x0c1a tx timeout
[ 1061.524981][   T24] libceph: connect (1)[c::]:6789 error -22
[ 1061.544809][   T24] libceph: mon0 (1)[c::]:6789 connect error
[ 1061.685075][   T24] libceph: connect (1)[c::]:6789 error -22
[ 1061.693384][   T24] libceph: mon0 (1)[c::]:6789 connect error
[ 1061.980365][ T5809] libceph: connect (1)[c::]:6789 error -22
[ 1062.222896][ T5809] libceph: mon0 (1)[c::]:6789 connect error
[ 1062.329972][T16885] ceph: No mds server is up or the cluster is laggy
[ 1064.992126][T16922] overlayfs: overlapping lowerdir path
[ 1066.307766][ T5809] usb 2-1: new full-speed USB device number 54 using dummy_hcd
[ 1067.138367][ T5809] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1067.248760][ T5809] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[ 1067.303861][ T5809] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 65535, setting to 64
[ 1067.350978][ T5809] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[ 1067.406071][ T5809] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1067.445754][ T5809] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1067.485740][ T5809] usb 2-1: Manufacturer: syz
[ 1067.570764][ T5809] usb 2-1: config 0 descriptor??
[ 1067.717888][ T5134] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1067.728041][ T5134] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1067.756300][ T5134] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1067.780300][ T5134] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1067.798117][ T5134] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1068.036473][T11016] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1068.050039][T16928] Bluetooth: MGMT ver 1.23
[ 1068.083095][ T5809] rc_core: IR keymap rc-hauppauge not found
[ 1068.191411][ T5809] Registered IR keymap rc-empty
[ 1068.217712][ T5809] mceusb 2-1:0.0: Error: mce write urb status = -71
[ 1068.324368][T11016] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1068.330349][ T5809] mceusb 2-1:0.0: Error: mce write urb status = -71
[ 1068.373774][ T5809] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[ 1068.388544][ T5809] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input42
[ 1068.403423][ T5809] mceusb 2-1:0.0: Error: mce write urb status = -71
[ 1068.435105][T11016] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1068.466100][ T5809] mceusb 2-1:0.0: Error: mce write urb status = -71
[ 1068.490679][ T5809] mceusb 2-1:0.0: Error: mce write urb status = -71
[ 1068.519270][ T5809] mceusb 2-1:0.0: Error: mce write urb status = -71
[ 1068.548238][ T5809] mceusb 2-1:0.0: Error: mce write urb status = -71
[ 1068.581072][ T5809] mceusb 2-1:0.0: Error: mce write urb status = -71
[ 1068.621903][ T5809] mceusb 2-1:0.0: Error: mce write urb status = -71
[ 1068.650861][T11016] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1068.682938][ T5809] mceusb 2-1:0.0: Error: mce write urb status = -71
[ 1068.795317][ T5809] mceusb 2-1:0.0: Error: mce write urb status = -71
[ 1069.037793][ T5809] mceusb 2-1:0.0: Error: mce write urb status = -71
[ 1069.101141][ T5809] mceusb 2-1:0.0: Registered 424242424242 with mce emulator interface version 1
[ 1069.308172][ T5809] mceusb 2-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[ 1069.357577][ T5809] usb 2-1: USB disconnect, device number 54
[ 1069.498205][T16945] chnl_net:caif_netlink_parms(): no params data found
[ 1069.837900][ T5134] Bluetooth: hci0: command tx timeout
[ 1070.760660][T16974] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1070.940969][T16987] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=26 sclass=netlink_tcpdiag_socket pid=16987 comm=syz.5.2948
[ 1071.503642][T16974] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1071.518911][T16974] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1071.526728][T16974] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[ 1071.548374][T11016] team0: left allmulticast mode
[ 1071.562530][T11016] team_slave_0: left allmulticast mode
[ 1071.570470][T16974] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1071.577377][T16974] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1071.599794][T11016] team_slave_1: left allmulticast mode
[ 1071.619946][T11016] team0: left promiscuous mode
[ 1071.626608][T16974] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1071.746932][T11016] team_slave_0: left promiscuous mode
[ 1071.762203][   T30] audit: type=1400 audit(1762363972.980:690): avc:  denied  { name_connect } for  pid=16995 comm="syz.1.2951" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[ 1071.788926][T11016] team_slave_1: left promiscuous mode
[ 1071.810162][T11016] bridge0: port 3(team0) entered disabled state
[ 1071.915570][T11016] bridge_slave_1: left allmulticast mode
[ 1072.514494][T11016] bridge_slave_1: left promiscuous mode
[ 1072.534836][T11016] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1072.699928][T11016] bridge_slave_0: left allmulticast mode
[ 1072.798049][ T5134] Bluetooth: hci1: command 0x0406 tx timeout
[ 1073.196307][T11016] bridge_slave_0: left promiscuous mode
[ 1073.207943][T11016] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1073.350357][   T30] audit: type=1400 audit(1762363974.500:691): avc:  denied  { sendto } for  pid=0 comm="swapper/1" saddr=fe80::1c daddr=ff02::2 netif=teql0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1
[ 1073.528482][ T5134] Bluetooth: hci4: command 0x0406 tx timeout
[ 1073.607899][T12125] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1073.614604][T10768] Bluetooth: hci6: command 0x0c1a tx timeout
[ 1073.620871][ T5134] Bluetooth: hci0: command 0x040f tx timeout
[ 1074.547808][ T5822] usb 2-1: new high-speed USB device number 55 using dummy_hcd
[ 1074.737809][ T5822] usb 2-1: Using ep0 maxpacket: 16
[ 1074.764161][ T5822] usb 2-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[ 1074.786696][ T5822] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1074.828050][    C0] vxcan0: j1939_tp_rxtimer: 0xffff8880576cdc00: rx timeout, send abort
[ 1074.836553][    C0] vxcan0: j1939_xtp_rx_abort_one: 0xffff8880576cdc00: 0x0f001: (3) A timeout occurred and this is the connection abort to close the session.
[ 1074.957985][ T5822] usb 2-1: Product: syz
[ 1074.987751][ T5822] usb 2-1: Manufacturer: syz
[ 1074.992489][ T5822] usb 2-1: SerialNumber: syz
[ 1075.007459][ T5822] usb 2-1: config 0 descriptor??
[ 1075.223687][T17021] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1075.233601][T17021] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1075.449315][ T5822] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state.
[ 1075.465516][ T5822] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1075.475487][ T5822] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T)
[ 1075.484290][ T5822] usb 2-1: media controller created
[ 1075.518889][ T5822] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1075.553404][T11016] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1075.565692][T11016] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1075.575900][T11016] bond0 (unregistering): Released all slaves
[ 1075.674630][T11016] bond1 (unregistering): (slave wireguard0): Releasing backup interface
[ 1075.684737][ T5134] Bluetooth: hci0: command 0x040f tx timeout
[ 1075.684993][T11016] wireguard0: left promiscuous mode
[ 1075.697489][T11016] bond1 (unregistering): Released all slaves
[ 1075.790206][T11016] bond2 (unregistering): Released all slaves
[ 1075.816347][T16945] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1075.823571][T16945] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1075.831846][T16945] bridge_slave_0: entered allmulticast mode
[ 1075.839797][T16945] bridge_slave_0: entered promiscuous mode
[ 1075.920267][T16945] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1075.937757][T16945] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1075.944993][T16945] bridge_slave_1: entered allmulticast mode
[ 1075.966885][T16945] bridge_slave_1: entered promiscuous mode
[ 1075.997501][T11016] tipc: Left network mode
[ 1076.069306][T16945] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1076.076840][ T5822] zl10353_read_register: readreg error (reg=127, ret==0)
[ 1076.079079][T17021] dtv5100: wlen = 0, aborting.
[ 1076.086224][ T5822] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T'
[ 1076.096884][T16945] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1076.110455][ T5822] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected.
[ 1076.157042][ T5822] usb 2-1: USB disconnect, device number 55
[ 1076.215307][ T5822] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected.
[ 1076.240987][T16945] team0: Port device team_slave_0 added
[ 1076.259611][T16945] team0: Port device team_slave_1 added
[ 1076.311587][T11016] hsr_slave_0: left promiscuous mode
[ 1076.317410][T11016] hsr_slave_1: left promiscuous mode
[ 1076.323793][T11016] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1076.331368][T11016] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1076.339491][T11016] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1076.346902][T11016] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1076.367342][T11016] veth1_macvtap: left promiscuous mode
[ 1076.373615][T11016] veth0_macvtap: left promiscuous mode
[ 1076.379675][T11016] veth1_vlan: left promiscuous mode
[ 1076.385085][T11016] veth0_vlan: left promiscuous mode
[ 1076.876342][ T5822] libceph: connect (1)[c::]:6789 error -101
[ 1076.883538][ T5822] libceph: mon0 (1)[c::]:6789 connect error
[ 1076.948603][T11016] team0 (unregistering): Port device team_slave_1 removed
[ 1077.069446][T11016] team0 (unregistering): Port device team_slave_0 removed
[ 1077.148112][ T5822] libceph: connect (1)[c::]:6789 error -101
[ 1077.154193][ T5822] libceph: mon0 (1)[c::]:6789 connect error
[ 1077.766551][ T5134] Bluetooth: hci0: command 0x040f tx timeout
[ 1077.912484][ T5936] libceph: connect (1)[c::]:6789 error -101
[ 1077.927017][ T5936] libceph: mon0 (1)[c::]:6789 connect error
[ 1078.038953][T17033] ceph: No mds server is up or the cluster is laggy
[ 1079.245757][T16945] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1079.263473][T16945] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1079.334829][T16945] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1079.371718][T16945] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1079.379462][T16945] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1079.419671][T16945] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1079.580324][   T30] audit: type=1400 audit(1762363980.790:692): avc:  denied  { read } for  pid=17054 comm="syz.3.2962" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[ 1079.838807][ T5134] Bluetooth: hci0: command 0x040f tx timeout
[ 1079.921381][T16945] hsr_slave_0: entered promiscuous mode
[ 1079.931720][T16945] hsr_slave_1: entered promiscuous mode
[ 1079.939871][T16945] debugfs: 'hsr0' already exists in 'hsr'
[ 1079.946305][T16945] Cannot create hsr debugfs directory
[ 1080.018571][ T5822] usb 4-1: new high-speed USB device number 75 using dummy_hcd
[ 1080.477959][ T5822] usb 4-1: Using ep0 maxpacket: 32
[ 1080.492976][ T5822] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[ 1080.510586][ T5822] usb 4-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1080.541605][ T5822] usb 4-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1080.575898][T17070] FAULT_INJECTION: forcing a failure.
[ 1080.575898][T17070] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1080.589468][ T5822] usb 4-1: Product: syz
[ 1080.589492][ T5822] usb 4-1: Manufacturer: syz
[ 1080.589509][ T5822] usb 4-1: SerialNumber: syz
[ 1080.603649][   T24] usb 2-1: new high-speed USB device number 56 using dummy_hcd
[ 1080.608915][ T5822] usb 4-1: config 0 descriptor??
[ 1080.628810][T17056] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1080.665296][T17070] CPU: 1 UID: 0 PID: 17070 Comm: syz.2.2966 Not tainted syzkaller #0 PREEMPT(full) 
[ 1080.665326][T17070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1080.665338][T17070] Call Trace:
[ 1080.665344][T17070]  <TASK>
[ 1080.665351][T17070]  dump_stack_lvl+0x16c/0x1f0
[ 1080.665384][T17070]  should_fail_ex+0x512/0x640
[ 1080.665409][T17070]  _copy_from_user+0x2e/0xd0
[ 1080.665432][T17070]  copy_msghdr_from_user+0x98/0x160
[ 1080.665457][T17070]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1080.665492][T17070]  ___sys_sendmsg+0xfe/0x1d0
[ 1080.665516][T17070]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1080.665537][T17070]  ? __lock_acquire+0x622/0x1c90
[ 1080.665595][T17070]  __sys_sendmsg+0x16d/0x220
[ 1080.665618][T17070]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1080.665658][T17070]  do_syscall_64+0xcd/0xfa0
[ 1080.665686][T17070]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1080.665704][T17070] RIP: 0033:0x7f6af958f6c9
[ 1080.665718][T17070] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1080.665735][T17070] RSP: 002b:00007f6afa4f9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1080.665753][T17070] RAX: ffffffffffffffda RBX: 00007f6af97e5fa0 RCX: 00007f6af958f6c9
[ 1080.665764][T17070] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[ 1080.665774][T17070] RBP: 00007f6afa4f9090 R08: 0000000000000000 R09: 0000000000000000
[ 1080.665784][T17070] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1080.665794][T17070] R13: 00007f6af97e6038 R14: 00007f6af97e5fa0 R15: 00007ffdd20bfbf8
[ 1080.665820][T17070]  </TASK>
[ 1080.667567][ T5822] hub 4-1:0.0: bad descriptor, ignoring hub
[ 1080.833440][   T24] usb 2-1: Using ep0 maxpacket: 8
[ 1081.048196][   T24] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 7
[ 1081.169213][ T5822] hub 4-1:0.0: probe with driver hub failed with error -5
[ 1081.254181][   T24] usb 2-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[ 1081.325747][   T24] usb 2-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[ 1081.374994][   T24] usb 2-1: Product: syz
[ 1081.413313][   T24] usb 2-1: Manufacturer: syz
[ 1081.434432][   T24] usb 2-1: SerialNumber: syz
[ 1081.435389][T11016] IPVS: stop unused estimator thread 0...
[ 1081.558028][ T5809] usb 4-1: USB disconnect, device number 75
[ 1081.746066][   T24] usb 2-1: palm_os_3_probe - error -32 getting connection information
[ 1081.757134][   T24] visor 2-1:1.0: probe with driver visor failed with error -32
[ 1081.772835][   T24] usb 2-1: USB disconnect, device number 56
[ 1081.932397][ T5134] Bluetooth: hci0: command 0x040f tx timeout
[ 1083.774046][T16945] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1083.825083][T16945] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1083.947914][T16945] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1085.108391][T16945] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1085.140355][T17112] FAULT_INJECTION: forcing a failure.
[ 1085.140355][T17112] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1085.164670][ T9425] IPVS: starting estimator thread 0...
[ 1085.187452][T17112] CPU: 0 UID: 0 PID: 17112 Comm: syz.1.2974 Not tainted syzkaller #0 PREEMPT(full) 
[ 1085.187477][T17112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1085.187487][T17112] Call Trace:
[ 1085.187493][T17112]  <TASK>
[ 1085.187500][T17112]  dump_stack_lvl+0x16c/0x1f0
[ 1085.187530][T17112]  should_fail_ex+0x512/0x640
[ 1085.187555][T17112]  _copy_from_user+0x2e/0xd0
[ 1085.187579][T17112]  copy_msghdr_from_user+0x98/0x160
[ 1085.187603][T17112]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1085.187641][T17112]  ___sys_sendmsg+0xfe/0x1d0
[ 1085.187663][T17112]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1085.187682][T17112]  ? __lock_acquire+0x622/0x1c90
[ 1085.187737][T17112]  __sys_sendmsg+0x16d/0x220
[ 1085.187759][T17112]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1085.187797][T17112]  do_syscall_64+0xcd/0xfa0
[ 1085.187826][T17112]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1085.187843][T17112] RIP: 0033:0x7f3a2678f6c9
[ 1085.187858][T17112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1085.187876][T17112] RSP: 002b:00007f3a2770d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1085.187894][T17112] RAX: ffffffffffffffda RBX: 00007f3a269e5fa0 RCX: 00007f3a2678f6c9
[ 1085.187906][T17112] RDX: 0000000000000000 RSI: 0000200000000400 RDI: 0000000000000004
[ 1085.187917][T17112] RBP: 00007f3a2770d090 R08: 0000000000000000 R09: 0000000000000000
[ 1085.187928][T17112] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1085.187938][T17112] R13: 00007f3a269e6038 R14: 00007f3a269e5fa0 R15: 00007ffdbdc0b438
[ 1085.187964][T17112]  </TASK>
[ 1085.407777][T17113] IPVS: using max 75 ests per chain, 180000 per kthread
[ 1085.450975][T17123] CIFS: VFS: Malformed UNC in devname
[ 1085.467244][T17123] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[ 1085.505552][T16945] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1085.522797][T16945] 8021q: adding VLAN 0 to HW filter on device team0
[ 1085.533530][T11016] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1085.540628][T11016] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1085.549589][T17123] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1085.573497][T17108] tipc: Enabling of bearer <udp:s> rejected, already enabled
[ 1085.603999][T11016] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1085.611134][T11016] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1085.828722][T17133] input: syz1 as /devices/virtual/input/input43
[ 1085.936394][T17141] FAULT_INJECTION: forcing a failure.
[ 1085.936394][T17141] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1086.005241][T17141] CPU: 1 UID: 0 PID: 17141 Comm: syz.2.2977 Not tainted syzkaller #0 PREEMPT(full) 
[ 1086.005267][T17141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1086.005278][T17141] Call Trace:
[ 1086.005284][T17141]  <TASK>
[ 1086.005292][T17141]  dump_stack_lvl+0x16c/0x1f0
[ 1086.005328][T17141]  should_fail_ex+0x512/0x640
[ 1086.005352][T17141]  copy_fpstate_to_sigframe+0x854/0xaf0
[ 1086.005381][T17141]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[ 1086.005404][T17141]  ? posixtimer_deliver_signal+0x105/0x6b0
[ 1086.005430][T17141]  ? posixtimer_deliver_signal+0x1c7/0x6b0
[ 1086.005448][T17141]  ? x86_task_fpu+0x5f/0x90
[ 1086.005472][T17141]  get_sigframe+0x4a8/0x9c0
[ 1086.005497][T17141]  ? __pfx_get_sigframe+0x10/0x10
[ 1086.005520][T17141]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1086.005544][T17141]  ? siginfo_layout+0x177/0x290
[ 1086.005569][T17141]  x64_setup_rt_frame+0x12e/0xcf0
[ 1086.005596][T17141]  ? __pfx_x64_setup_rt_frame+0x10/0x10
[ 1086.005625][T17141]  arch_do_signal_or_restart+0x5e4/0x7c0
[ 1086.005645][T17141]  ? __fget_files+0x20e/0x3c0
[ 1086.005663][T17141]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1086.005690][T17141]  ? ksys_write+0x1ac/0x250
[ 1086.005706][T17141]  ? __pfx_ksys_write+0x10/0x10
[ 1086.005726][T17141]  exit_to_user_mode_loop+0x85/0x130
[ 1086.005747][T17141]  do_syscall_64+0x426/0xfa0
[ 1086.005775][T17141]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1086.005793][T17141] RIP: 0033:0x7f6af958e17f
[ 1086.005808][T17141] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 1086.005825][T17141] RSP: 002b:00007f6afa4d8030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1086.005841][T17141] RAX: 0000000000000001 RBX: 0000000000000004 RCX: 00007f6af958e17f
[ 1086.005852][T17141] RDX: 0000000000000001 RSI: 00007f6afa4d8090 RDI: 0000000000000004
[ 1086.005862][T17141] RBP: 00007f6afa4d8090 R08: 0000000000000000 R09: 00007f6afa4d7df7
[ 1086.005873][T17141] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[ 1086.005882][T17141] R13: 00007f6af97e6128 R14: 00007f6af97e6090 R15: 00007ffdd20bfbf8
[ 1086.005908][T17141]  </TASK>
[ 1087.129224][T16945] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1087.207203][T16945] veth0_vlan: entered promiscuous mode
[ 1087.266330][T16945] veth1_vlan: entered promiscuous mode
[ 1087.361952][T16945] veth0_macvtap: entered promiscuous mode
[ 1087.392208][T16945] veth1_macvtap: entered promiscuous mode
[ 1087.459260][T16945] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1087.498699][T16945] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1087.540302][ T6911] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1087.577887][ T6911] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1087.607790][ T6911] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1087.958365][ T6911] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1088.487203][T11023] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1088.505208][T11023] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1088.585894][T11023] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1088.605350][T11023] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1089.593736][T17193] netlink: 72 bytes leftover after parsing attributes in process `syz.3.2984'.
[ 1090.003488][T17196] FAULT_INJECTION: forcing a failure.
[ 1090.003488][T17196] name failslab, interval 1, probability 0, space 0, times 0
[ 1090.016282][T17196] CPU: 0 UID: 0 PID: 17196 Comm: syz.1.2985 Not tainted syzkaller #0 PREEMPT(full) 
[ 1090.016306][T17196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1090.016315][T17196] Call Trace:
[ 1090.016320][T17196]  <TASK>
[ 1090.016327][T17196]  dump_stack_lvl+0x16c/0x1f0
[ 1090.016356][T17196]  should_fail_ex+0x512/0x640
[ 1090.016374][T17196]  ? fs_reclaim_acquire+0xae/0x150
[ 1090.016394][T17196]  should_failslab+0xc2/0x120
[ 1090.016412][T17196]  __kmalloc_noprof+0xdd/0x880
[ 1090.016435][T17196]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1090.016461][T17196]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1090.016480][T17196]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 1090.016501][T17196]  ? tomoyo_profile+0x47/0x60
[ 1090.016524][T17196]  tomoyo_path_number_perm+0x245/0x580
[ 1090.016550][T17196]  ? tomoyo_path_number_perm+0x237/0x580
[ 1090.016579][T17196]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1090.016608][T17196]  ? find_held_lock+0x2b/0x80
[ 1090.016651][T17196]  ? find_held_lock+0x2b/0x80
[ 1090.016673][T17196]  ? hook_file_ioctl_common+0x145/0x410
[ 1090.016702][T17196]  ? __fget_files+0x20e/0x3c0
[ 1090.016723][T17196]  security_file_ioctl+0x9b/0x240
[ 1090.016745][T17196]  __x64_sys_ioctl+0xb7/0x210
[ 1090.016772][T17196]  do_syscall_64+0xcd/0xfa0
[ 1090.016800][T17196]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1090.016819][T17196] RIP: 0033:0x7f3a2678f6c9
[ 1090.016833][T17196] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1090.016850][T17196] RSP: 002b:00007f3a2770d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1090.016868][T17196] RAX: ffffffffffffffda RBX: 00007f3a269e5fa0 RCX: 00007f3a2678f6c9
[ 1090.016879][T17196] RDX: 0000200000000080 RSI: 00000000c0045005 RDI: 0000000000000005
[ 1090.016889][T17196] RBP: 00007f3a2770d090 R08: 0000000000000000 R09: 0000000000000000
[ 1090.016898][T17196] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1090.016908][T17196] R13: 00007f3a269e6038 R14: 00007f3a269e5fa0 R15: 00007ffdbdc0b438
[ 1090.016932][T17196]  </TASK>
[ 1090.016960][T17196] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1090.256674][T17196] netlink: 72 bytes leftover after parsing attributes in process `syz.1.2985'.
[ 1090.718330][T17203] binder: 17200:17203 ioctl c0306201 2000000001c0 returned -14
[ 1090.891238][T10768] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1090.917278][T10768] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1090.925763][T10768] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1090.933599][T10768] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1090.943397][T10768] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1091.123325][T17211] CUSE: info not properly terminated
[ 1091.181551][   T30] audit: type=1400 audit(1762363992.400:693): avc:  denied  { create } for  pid=17210 comm="syz.5.2989" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1091.206265][   T30] audit: type=1400 audit(1762363992.400:694): avc:  denied  { setopt } for  pid=17210 comm="syz.5.2989" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1091.295342][T17208] pim6reg: entered allmulticast mode
[ 1091.319497][T17207] chnl_net:caif_netlink_parms(): no params data found
[ 1091.441687][T17207] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1091.449028][T17207] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1091.457332][T17207] bridge_slave_0: entered allmulticast mode
[ 1091.464751][T17207] bridge_slave_0: entered promiscuous mode
[ 1091.473519][T17207] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1091.481189][T17207] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1091.488749][T17207] bridge_slave_1: entered allmulticast mode
[ 1091.588318][T17225] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2991'.
[ 1091.591136][T17207] bridge_slave_1: entered promiscuous mode
[ 1091.834643][T17205] pim6reg: left allmulticast mode
[ 1092.130339][T17229] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2992'.
[ 1092.319063][T17207] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1092.323788][T17232] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1092.330735][T17207] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1092.350820][T17233] FAULT_INJECTION: forcing a failure.
[ 1092.350820][T17233] name failslab, interval 1, probability 0, space 0, times 0
[ 1092.377523][T17233] CPU: 0 UID: 0 PID: 17233 Comm: syz.0.2993 Not tainted syzkaller #0 PREEMPT(full) 
[ 1092.377547][T17233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1092.377557][T17233] Call Trace:
[ 1092.377563][T17233]  <TASK>
[ 1092.377570][T17233]  dump_stack_lvl+0x16c/0x1f0
[ 1092.377600][T17233]  should_fail_ex+0x512/0x640
[ 1092.377619][T17233]  ? kmem_cache_alloc_noprof+0x62/0x6e0
[ 1092.377650][T17233]  should_failslab+0xc2/0x120
[ 1092.377670][T17233]  kmem_cache_alloc_noprof+0x75/0x6e0
[ 1092.377693][T17233]  ? getname_flags.part.0+0x4c/0x550
[ 1092.377718][T17233]  ? getname_flags.part.0+0x4c/0x550
[ 1092.377737][T17233]  getname_flags.part.0+0x4c/0x550
[ 1092.377763][T17233]  getname_flags+0x93/0xf0
[ 1092.377779][T17233]  __x64_sys_mkdirat+0x76/0xb0
[ 1092.377798][T17233]  do_syscall_64+0xcd/0xfa0
[ 1092.377823][T17233]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1092.377840][T17233] RIP: 0033:0x7fc68878f6c9
[ 1092.377855][T17233] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1092.377873][T17233] RSP: 002b:00007fc68968f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 1092.377890][T17233] RAX: ffffffffffffffda RBX: 00007fc6889e6090 RCX: 00007fc68878f6c9
[ 1092.377902][T17233] RDX: 0000000000000000 RSI: 0000200000001dc0 RDI: ffffffffffffff9c
[ 1092.377912][T17233] RBP: 00007fc68968f090 R08: 0000000000000000 R09: 0000000000000000
[ 1092.377922][T17233] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1092.377933][T17233] R13: 00007fc6889e6128 R14: 00007fc6889e6090 R15: 00007ffeefce5118
[ 1092.377958][T17233]  </TASK>
[ 1092.640799][T17207] team0: Port device team_slave_0 added
[ 1092.649495][T17207] team0: Port device team_slave_1 added
[ 1092.671209][T17207] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1092.678305][T17207] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1092.705122][T17207] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1092.717335][T17207] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1092.724699][T17207] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1092.724707][   T43] usb 2-1: new high-speed USB device number 57 using dummy_hcd
[ 1092.760374][T17207] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1092.792452][T17240] FAULT_INJECTION: forcing a failure.
[ 1092.792452][T17240] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1092.805785][T17240] CPU: 0 UID: 0 PID: 17240 Comm: syz.0.2996 Not tainted syzkaller #0 PREEMPT(full) 
[ 1092.805807][T17240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1092.805817][T17240] Call Trace:
[ 1092.805823][T17240]  <TASK>
[ 1092.805829][T17240]  dump_stack_lvl+0x16c/0x1f0
[ 1092.805858][T17240]  should_fail_ex+0x512/0x640
[ 1092.805880][T17240]  _copy_from_user+0x2e/0xd0
[ 1092.805900][T17240]  __sys_bpf+0x248/0x4980
[ 1092.805928][T17240]  ? __pfx___sys_bpf+0x10/0x10
[ 1092.805954][T17240]  ? find_held_lock+0x2b/0x80
[ 1092.805983][T17240]  ? find_held_lock+0x2b/0x80
[ 1092.806022][T17240]  ? __mutex_unlock_slowpath+0x161/0x7b0
[ 1092.806054][T17240]  ? fput+0x9b/0xd0
[ 1092.806077][T17240]  ? ksys_write+0x1ac/0x250
[ 1092.806093][T17240]  ? __pfx_ksys_write+0x10/0x10
[ 1092.806114][T17240]  __x64_sys_bpf+0x78/0xc0
[ 1092.806139][T17240]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1092.806166][T17240]  do_syscall_64+0xcd/0xfa0
[ 1092.806195][T17240]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1092.806213][T17240] RIP: 0033:0x7fc68878f6c9
[ 1092.806229][T17240] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1092.806246][T17240] RSP: 002b:00007fc68968f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1092.806264][T17240] RAX: ffffffffffffffda RBX: 00007fc6889e6090 RCX: 00007fc68878f6c9
[ 1092.806276][T17240] RDX: 0000000000000094 RSI: 0000200000002e00 RDI: 0000000000000005
[ 1092.806286][T17240] RBP: 00007fc68968f090 R08: 0000000000000000 R09: 0000000000000000
[ 1092.806297][T17240] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1092.806307][T17240] R13: 00007fc6889e6128 R14: 00007fc6889e6090 R15: 00007ffeefce5118
[ 1092.806333][T17240]  </TASK>
[ 1093.038239][T10768] Bluetooth: hci2: command tx timeout
[ 1093.153523][   T43] usb 2-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[ 1093.215947][   T43] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1093.357377][T17207] hsr_slave_0: entered promiscuous mode
[ 1093.363748][T17207] hsr_slave_1: entered promiscuous mode
[ 1093.369912][T17207] debugfs: 'hsr0' already exists in 'hsr'
[ 1093.375646][T17207] Cannot create hsr debugfs directory
[ 1093.387525][   T43] usb 2-1: Product: syz
[ 1093.402303][   T43] usb 2-1: Manufacturer: syz
[ 1093.406930][   T43] usb 2-1: SerialNumber: syz
[ 1093.469860][   T43] usb 2-1: config 0 descriptor??
[ 1093.994685][T17207] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1094.155069][   T43] usb 2-1: Firmware version (0.0) predates our first public release.
[ 1094.164399][   T43] usb 2-1: Please update to version 0.2 or newer
[ 1094.174586][   T43] usb 2-1: Firmware: build 
[ 1094.189474][T17254] binder: 17250:17254 ioctl c0306201 2000000001c0 returned -14
[ 1094.216266][T17207] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1094.263840][T17255] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3000'.
[ 1094.575310][T17207] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1094.600131][   T43] usb 2-1: USB disconnect, device number 57
[ 1094.655991][T17207] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1094.896803][T17260] CUSE: info not properly terminated
[ 1094.926228][T17207] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1094.952758][T17207] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1094.964831][T17207] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1094.978543][T17207] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1095.124136][T17207] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1095.154869][T17207] 8021q: adding VLAN 0 to HW filter on device team0
[ 1095.191133][T11016] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1095.198351][T11016] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1095.242088][T11016] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1095.249319][T11016] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1095.283468][T10768] Bluetooth: hci2: command tx timeout
[ 1096.727778][ T5822] usb 1-1: new high-speed USB device number 58 using dummy_hcd
[ 1096.866099][T17207] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1096.937707][ T5822] usb 1-1: Using ep0 maxpacket: 8
[ 1096.965083][ T5822] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[ 1096.981465][ T5822] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1096.992931][ T5822] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1097.004119][T17207] veth0_vlan: entered promiscuous mode
[ 1097.020613][T17207] veth1_vlan: entered promiscuous mode
[ 1097.026201][ T5822] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1097.040306][ T5822] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1097.073839][ T5822] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1097.084474][T17207] veth0_macvtap: entered promiscuous mode
[ 1097.099852][T17207] veth1_macvtap: entered promiscuous mode
[ 1097.106392][ T5822] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1097.158206][T17207] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1097.242370][T17207] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1097.333450][ T7493] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1097.358185][T10768] Bluetooth: hci2: command tx timeout
[ 1097.363890][ T5822] usb 1-1: usb_control_msg returned -32
[ 1097.378235][ T5822] usbtmc 1-1:16.0: can't read capabilities
[ 1097.401904][ T7493] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1097.483635][ T7493] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1097.532072][ T7493] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1097.669818][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1097.693884][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1097.827502][ T2964] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1097.836585][ T2964] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1097.881894][T17306] binder: 17304:17306 ioctl c0306201 2000000001c0 returned -14
[ 1099.255741][T17317] CUSE: info not properly terminated
[ 1099.437831][T10768] Bluetooth: hci2: command tx timeout
[ 1099.477745][T17247] usb 4-1: new high-speed USB device number 76 using dummy_hcd
[ 1099.486627][ T5935] usb 1-1: USB disconnect, device number 58
[ 1100.260633][T17247] usb 4-1: Using ep0 maxpacket: 8
[ 1100.294283][T17247] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[ 1100.500253][T17339] hub 1-0:1.0: USB hub found
[ 1100.505928][T17339] hub 1-0:1.0: 1 port detected
[ 1100.580727][T17247] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1100.691852][T17340] 9pnet_fd: Insufficient options for proto=fd
[ 1100.726598][T17247] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1100.740734][T17247] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1100.753764][T17247] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1100.770404][T17247] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1100.784853][T17247] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1100.831989][   T30] audit: type=1326 audit(1762364002.050:695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17336 comm="syz.2.3021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6af958f6c9 code=0x7ffc0000
[ 1100.868139][   T30] audit: type=1326 audit(1762364002.050:696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17336 comm="syz.2.3021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6af958f6c9 code=0x7ffc0000
[ 1100.898729][   T30] audit: type=1326 audit(1762364002.050:697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17336 comm="syz.2.3021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f6af958f6c9 code=0x7ffc0000
[ 1100.936433][   T30] audit: type=1326 audit(1762364002.050:698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17336 comm="syz.2.3021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6af958f6c9 code=0x7ffc0000
[ 1100.965680][   T30] audit: type=1326 audit(1762364002.050:699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17336 comm="syz.2.3021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=67 compat=0 ip=0x7f6af958f6c9 code=0x7ffc0000
[ 1101.016698][T17346] overlayfs: overlapping lowerdir path
[ 1101.124858][   T30] audit: type=1326 audit(1762364002.050:700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17336 comm="syz.2.3021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6af958f6c9 code=0x7ffc0000
[ 1101.171864][   T30] audit: type=1326 audit(1762364002.050:701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17336 comm="syz.2.3021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f6af958f6c9 code=0x7ffc0000
[ 1101.202475][   T30] audit: type=1326 audit(1762364002.050:702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17336 comm="syz.2.3021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6af958f6c9 code=0x7ffc0000
[ 1101.229253][   T30] audit: type=1326 audit(1762364002.050:703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17336 comm="syz.2.3021" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6af958f6c9 code=0x7ffc0000
[ 1101.263097][T17247] usb 4-1: usb_control_msg returned -32
[ 1101.269503][T17247] usbtmc 4-1:16.0: can't read capabilities
[ 1101.407421][T17351] binder: 17349:17351 ioctl c0306201 2000000001c0 returned -14
[ 1101.855104][T17358] FAULT_INJECTION: forcing a failure.
[ 1101.855104][T17358] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1101.870145][T17358] CPU: 1 UID: 0 PID: 17358 Comm: syz.0.3026 Not tainted syzkaller #0 PREEMPT(full) 
[ 1101.870170][T17358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1101.870179][T17358] Call Trace:
[ 1101.870185][T17358]  <TASK>
[ 1101.870192][T17358]  dump_stack_lvl+0x16c/0x1f0
[ 1101.870226][T17358]  should_fail_ex+0x512/0x640
[ 1101.870250][T17358]  _copy_from_user+0x2e/0xd0
[ 1101.870270][T17358]  __sys_bpf+0x248/0x4980
[ 1101.870298][T17358]  ? __pfx___sys_bpf+0x10/0x10
[ 1101.870319][T17358]  ? find_held_lock+0x2b/0x80
[ 1101.870345][T17358]  ? find_held_lock+0x2b/0x80
[ 1101.870370][T17358]  ? __mutex_unlock_slowpath+0x161/0x7b0
[ 1101.870400][T17358]  ? fput+0x9b/0xd0
[ 1101.870420][T17358]  ? ksys_write+0x1ac/0x250
[ 1101.870435][T17358]  ? __pfx_ksys_write+0x10/0x10
[ 1101.870454][T17358]  __x64_sys_bpf+0x78/0xc0
[ 1101.870477][T17358]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1101.870500][T17358]  do_syscall_64+0xcd/0xfa0
[ 1101.870524][T17358]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1101.870544][T17358] RIP: 0033:0x7fc68878f6c9
[ 1101.870559][T17358] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1101.870574][T17358] RSP: 002b:00007fc6896b0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1101.870591][T17358] RAX: ffffffffffffffda RBX: 00007fc6889e5fa0 RCX: 00007fc68878f6c9
[ 1101.870603][T17358] RDX: 0000000000000040 RSI: 00002000000012c0 RDI: 000000000000001c
[ 1101.870614][T17358] RBP: 00007fc6896b0090 R08: 0000000000000000 R09: 0000000000000000
[ 1101.870625][T17358] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1101.870635][T17358] R13: 00007fc6889e6038 R14: 00007fc6889e5fa0 R15: 00007ffeefce5118
[ 1101.870659][T17358]  </TASK>
[ 1102.099010][T17359] FAULT_INJECTION: forcing a failure.
[ 1102.099010][T17359] name failslab, interval 1, probability 0, space 0, times 0
[ 1102.176787][T17359] CPU: 0 UID: 0 PID: 17359 Comm: syz.3.3015 Not tainted syzkaller #0 PREEMPT(full) 
[ 1102.176813][T17359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1102.176822][T17359] Call Trace:
[ 1102.176828][T17359]  <TASK>
[ 1102.176835][T17359]  dump_stack_lvl+0x16c/0x1f0
[ 1102.176862][T17359]  should_fail_ex+0x512/0x640
[ 1102.176876][T17359]  ? fs_reclaim_acquire+0xae/0x150
[ 1102.176891][T17359]  should_failslab+0xc2/0x120
[ 1102.176904][T17359]  __kmalloc_noprof+0xdd/0x880
[ 1102.176919][T17359]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1102.176935][T17359]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1102.176947][T17359]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 1102.176966][T17359]  ? tomoyo_profile+0x47/0x60
[ 1102.176981][T17359]  tomoyo_path_number_perm+0x245/0x580
[ 1102.176997][T17359]  ? tomoyo_path_number_perm+0x237/0x580
[ 1102.177016][T17359]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1102.177034][T17359]  ? find_held_lock+0x2b/0x80
[ 1102.177060][T17359]  ? find_held_lock+0x2b/0x80
[ 1102.177073][T17359]  ? hook_file_ioctl_common+0x145/0x410
[ 1102.177090][T17359]  ? __fget_files+0x20e/0x3c0
[ 1102.177103][T17359]  security_file_ioctl+0x9b/0x240
[ 1102.177117][T17359]  __x64_sys_ioctl+0xb7/0x210
[ 1102.177133][T17359]  do_syscall_64+0xcd/0xfa0
[ 1102.177150][T17359]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1102.177161][T17359] RIP: 0033:0x7f7f2f98f6c9
[ 1102.177170][T17359] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1102.177181][T17359] RSP: 002b:00007f7f30792038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1102.177191][T17359] RAX: ffffffffffffffda RBX: 00007f7f2fbe6180 RCX: 00007f7f2f98f6c9
[ 1102.177198][T17359] RDX: 0000000000000000 RSI: 0000000000005b04 RDI: 0000000000000004
[ 1102.177204][T17359] RBP: 00007f7f30792090 R08: 0000000000000000 R09: 0000000000000000
[ 1102.177211][T17359] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1102.177218][T17359] R13: 00007f7f2fbe6218 R14: 00007f7f2fbe6180 R15: 00007ffd1e668ea8
[ 1102.177232][T17359]  </TASK>
[ 1102.177249][T17359] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1102.396871][T17364] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1102.521665][T17366] FAULT_INJECTION: forcing a failure.
[ 1102.521665][T17366] name failslab, interval 1, probability 0, space 0, times 0
[ 1102.534414][T17366] CPU: 0 UID: 0 PID: 17366 Comm: syz.0.3028 Not tainted syzkaller #0 PREEMPT(full) 
[ 1102.534436][T17366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1102.534443][T17366] Call Trace:
[ 1102.534449][T17366]  <TASK>
[ 1102.534454][T17366]  dump_stack_lvl+0x16c/0x1f0
[ 1102.534476][T17366]  should_fail_ex+0x512/0x640
[ 1102.534490][T17366]  ? fs_reclaim_acquire+0xae/0x150
[ 1102.534503][T17366]  should_failslab+0xc2/0x120
[ 1102.534516][T17366]  __kmalloc_noprof+0xdd/0x880
[ 1102.534532][T17366]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1102.534548][T17366]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1102.534560][T17366]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 1102.534573][T17366]  ? tomoyo_profile+0x47/0x60
[ 1102.534589][T17366]  tomoyo_path_number_perm+0x245/0x580
[ 1102.534605][T17366]  ? tomoyo_path_number_perm+0x237/0x580
[ 1102.534624][T17366]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1102.534642][T17366]  ? find_held_lock+0x2b/0x80
[ 1102.534668][T17366]  ? find_held_lock+0x2b/0x80
[ 1102.534681][T17366]  ? hook_file_ioctl_common+0x145/0x410
[ 1102.534698][T17366]  ? __fget_files+0x20e/0x3c0
[ 1102.534712][T17366]  security_file_ioctl+0x9b/0x240
[ 1102.534726][T17366]  __x64_sys_ioctl+0xb7/0x210
[ 1102.534742][T17366]  do_syscall_64+0xcd/0xfa0
[ 1102.534759][T17366]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1102.534770][T17366] RIP: 0033:0x7fc68878f6c9
[ 1102.534779][T17366] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1102.534789][T17366] RSP: 002b:00007fc68968f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1102.534800][T17366] RAX: ffffffffffffffda RBX: 00007fc6889e6090 RCX: 00007fc68878f6c9
[ 1102.534807][T17366] RDX: 0000200000000340 RSI: 0000000000003b80 RDI: 0000000000000003
[ 1102.534813][T17366] RBP: 00007fc68968f090 R08: 0000000000000000 R09: 0000000000000000
[ 1102.534819][T17366] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1102.534825][T17366] R13: 00007fc6889e6128 R14: 00007fc6889e6090 R15: 00007ffeefce5118
[ 1102.534839][T17366]  </TASK>
[ 1102.534859][T17366] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1102.608155][T17359] usbtmc 4-1:16.0: usb_control_msg returned -32
[ 1103.534960][T17370] tipc: Started in network mode
[ 1103.540671][T17370] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711
[ 1103.556933][T17370] tipc: Enabled bearer <udp:s>, priority 10
[ 1104.149369][ T5822] usb 4-1: USB disconnect, device number 76
[ 1104.398522][T17381] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1104.422734][T17381] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1104.430005][T17381] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[ 1104.437240][T17381] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1104.444911][T17381] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1104.452798][T17381] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1105.025691][ T9425] tipc: Node number set to 4269801488
[ 1105.052002][T17381] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1106.325331][T17398] binder: 17391:17398 ioctl c0306201 2000000001c0 returned -14
[ 1106.480174][T10768] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1106.481037][ T5134] Bluetooth: hci0: command 0x040f tx timeout
[ 1106.488004][T10768] Bluetooth: hci6: command 0x0c1a tx timeout
[ 1106.494875][T12125] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1106.498473][ T5810] Bluetooth: hci4: command 0x0406 tx timeout
[ 1107.324374][T17247] IPVS: starting estimator thread 0...
[ 1107.760074][T17405] IPVS: using max 42 ests per chain, 100800 per kthread
[ 1108.293205][T17413] FAULT_INJECTION: forcing a failure.
[ 1108.293205][T17413] name failslab, interval 1, probability 0, space 0, times 0
[ 1108.306155][T17413] CPU: 0 UID: 0 PID: 17413 Comm: syz.1.3042 Not tainted syzkaller #0 PREEMPT(full) 
[ 1108.306179][T17413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1108.306189][T17413] Call Trace:
[ 1108.306194][T17413]  <TASK>
[ 1108.306200][T17413]  dump_stack_lvl+0x16c/0x1f0
[ 1108.306220][T17413]  should_fail_ex+0x512/0x640
[ 1108.306234][T17413]  ? fs_reclaim_acquire+0xae/0x150
[ 1108.306248][T17413]  should_failslab+0xc2/0x120
[ 1108.306261][T17413]  __kmalloc_noprof+0xdd/0x880
[ 1108.306276][T17413]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1108.306291][T17413]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1108.306303][T17413]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 1108.306317][T17413]  ? tomoyo_profile+0x47/0x60
[ 1108.306332][T17413]  tomoyo_path_number_perm+0x245/0x580
[ 1108.306348][T17413]  ? tomoyo_path_number_perm+0x237/0x580
[ 1108.306366][T17413]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1108.306384][T17413]  ? find_held_lock+0x2b/0x80
[ 1108.306410][T17413]  ? find_held_lock+0x2b/0x80
[ 1108.306423][T17413]  ? hook_file_ioctl_common+0x145/0x410
[ 1108.306440][T17413]  ? __fget_files+0x20e/0x3c0
[ 1108.306453][T17413]  security_file_ioctl+0x9b/0x240
[ 1108.306468][T17413]  __x64_sys_ioctl+0xb7/0x210
[ 1108.306484][T17413]  do_syscall_64+0xcd/0xfa0
[ 1108.306501][T17413]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1108.306512][T17413] RIP: 0033:0x7f3a2678f6c9
[ 1108.306521][T17413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1108.306531][T17413] RSP: 002b:00007f3a2770d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1108.306542][T17413] RAX: ffffffffffffffda RBX: 00007f3a269e5fa0 RCX: 00007f3a2678f6c9
[ 1108.306548][T17413] RDX: 00002000001859c0 RSI: 000000008010640b RDI: 0000000000000004
[ 1108.306554][T17413] RBP: 00007f3a2770d090 R08: 0000000000000000 R09: 0000000000000000
[ 1108.306560][T17413] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1108.306566][T17413] R13: 00007f3a269e6038 R14: 00007f3a269e5fa0 R15: 00007ffdbdc0b438
[ 1108.306581][T17413]  </TASK>
[ 1108.306597][T17413] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1108.557718][T10768] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1108.851193][   T30] audit: type=1400 audit(1762364010.070:704): avc:  granted  { setsecparam } for  pid=17417 comm="syz.0.3044" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[ 1109.637857][   T43] usb 1-1: new full-speed USB device number 59 using dummy_hcd
[ 1109.989185][   T43] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1110.475947][   T43] usb 1-1: too many endpoints for config 1 interface 0 altsetting 0: 255, using maximum allowed: 30
[ 1110.528408][   T43] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[ 1110.598636][   T43] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1110.617745][   T43] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1110.625762][   T43] usb 1-1: SerialNumber: syz
[ 1110.667782][T10768] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1112.735415][ T9425] usb 1-1: USB disconnect, device number 59
[ 1113.147093][ T5810] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1113.159075][ T5810] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1113.168468][ T5810] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1113.175896][ T5810] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1113.183307][ T5810] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1113.687331][T17444] chnl_net:caif_netlink_parms(): no params data found
[ 1114.063027][T17444] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1114.070431][T17444] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1114.085241][T17444] bridge_slave_0: entered allmulticast mode
[ 1114.112934][T17444] bridge_slave_0: entered promiscuous mode
[ 1114.136444][T17444] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1114.146735][T17444] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1114.162127][T17444] bridge_slave_1: entered allmulticast mode
[ 1114.219184][T17444] bridge_slave_1: entered promiscuous mode
[ 1114.344572][T17444] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1114.375818][T17444] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1114.547446][T17444] team0: Port device team_slave_0 added
[ 1114.561940][T17444] team0: Port device team_slave_1 added
[ 1114.640201][T17469] FAULT_INJECTION: forcing a failure.
[ 1114.640201][T17469] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1114.653360][T17469] CPU: 1 UID: 0 PID: 17469 Comm: syz.1.3054 Not tainted syzkaller #0 PREEMPT(full) 
[ 1114.653385][T17469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1114.653396][T17469] Call Trace:
[ 1114.653402][T17469]  <TASK>
[ 1114.653409][T17469]  dump_stack_lvl+0x16c/0x1f0
[ 1114.653440][T17469]  should_fail_ex+0x512/0x640
[ 1114.653464][T17469]  _copy_from_user+0x2e/0xd0
[ 1114.653486][T17469]  ucma_write+0x128/0x330
[ 1114.653507][T17469]  ? __pfx_ucma_write+0x10/0x10
[ 1114.653526][T17469]  ? bpf_lsm_file_permission+0x9/0x10
[ 1114.653544][T17469]  ? security_file_permission+0x71/0x210
[ 1114.653565][T17469]  ? rw_verify_area+0xcf/0x6c0
[ 1114.653592][T17469]  ? __pfx_ucma_write+0x10/0x10
[ 1114.653611][T17469]  vfs_write+0x2a0/0x11d0
[ 1114.653633][T17469]  ? __pfx_vfs_write+0x10/0x10
[ 1114.653647][T17469]  ? find_held_lock+0x2b/0x80
[ 1114.653669][T17469]  ? __fget_files+0x204/0x3c0
[ 1114.653691][T17469]  ? __fget_files+0x20e/0x3c0
[ 1114.653706][T17469]  ? fdget_pos+0x60/0x370
[ 1114.653731][T17469]  ksys_write+0x1f8/0x250
[ 1114.653747][T17469]  ? __pfx_ksys_write+0x10/0x10
[ 1114.653778][T17469]  do_syscall_64+0xcd/0xfa0
[ 1114.653807][T17469]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1114.653824][T17469] RIP: 0033:0x7f3a2678f6c9
[ 1114.653839][T17469] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1114.653856][T17469] RSP: 002b:00007f3a276cb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1114.653874][T17469] RAX: ffffffffffffffda RBX: 00007f3a269e6180 RCX: 00007f3a2678f6c9
[ 1114.653886][T17469] RDX: 0000000000000018 RSI: 0000200000000080 RDI: 0000000000000005
[ 1114.653897][T17469] RBP: 00007f3a276cb090 R08: 0000000000000000 R09: 0000000000000000
[ 1114.653908][T17469] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1114.653918][T17469] R13: 00007f3a269e6218 R14: 00007f3a269e6180 R15: 00007ffdbdc0b438
[ 1114.653944][T17469]  </TASK>
[ 1114.891661][T17444] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1114.899045][T17444] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1114.934320][T17444] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1115.026596][T17444] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1115.074491][T17444] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1115.146285][T17444] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1115.211452][ T5810] Bluetooth: hci1: command tx timeout
[ 1115.326816][T17444] hsr_slave_0: entered promiscuous mode
[ 1115.509167][T17444] hsr_slave_1: entered promiscuous mode
[ 1115.522575][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1115.527778][T17444] debugfs: 'hsr0' already exists in 'hsr'
[ 1115.529043][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1115.534714][T17444] Cannot create hsr debugfs directory
[ 1116.777002][T17444] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1116.807833][T17444] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1117.085016][T17493] FAULT_INJECTION: forcing a failure.
[ 1117.085016][T17493] name failslab, interval 1, probability 0, space 0, times 0
[ 1117.097726][T17493] CPU: 0 UID: 0 PID: 17493 Comm: syz.3.3062 Not tainted syzkaller #0 PREEMPT(full) 
[ 1117.097742][T17493] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1117.097748][T17493] Call Trace:
[ 1117.097753][T17493]  <TASK>
[ 1117.097757][T17493]  dump_stack_lvl+0x16c/0x1f0
[ 1117.097778][T17493]  should_fail_ex+0x512/0x640
[ 1117.097792][T17493]  ? __kmalloc_cache_noprof+0x5f/0x780
[ 1117.097810][T17493]  should_failslab+0xc2/0x120
[ 1117.097823][T17493]  __kmalloc_cache_noprof+0x72/0x780
[ 1117.097838][T17493]  ? find_held_lock+0x2b/0x80
[ 1117.097851][T17493]  ? do_shmat+0x696/0x1330
[ 1117.097865][T17493]  ? do_shmat+0x657/0x1330
[ 1117.097879][T17493]  ? do_shmat+0x696/0x1330
[ 1117.097891][T17493]  do_shmat+0x696/0x1330
[ 1117.097907][T17493]  ? __pfx_do_shmat+0x10/0x10
[ 1117.097924][T17493]  __x64_sys_shmat+0xd7/0x170
[ 1117.097937][T17493]  ? __pfx_ksys_write+0x10/0x10
[ 1117.097947][T17493]  ? __pfx___x64_sys_shmat+0x10/0x10
[ 1117.097961][T17493]  ? rcu_is_watching+0x12/0xc0
[ 1117.097975][T17493]  ? do_syscall_64+0x91/0xfa0
[ 1117.097992][T17493]  do_syscall_64+0xcd/0xfa0
[ 1117.098008][T17493]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1117.098019][T17493] RIP: 0033:0x7f7f2f98f6c9
[ 1117.098028][T17493] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1117.098044][T17493] RSP: 002b:00007f7f307d4038 EFLAGS: 00000246 ORIG_RAX: 000000000000001e
[ 1117.098055][T17493] RAX: ffffffffffffffda RBX: 00007f7f2fbe5fa0 RCX: 00007f7f2f98f6c9
[ 1117.098061][T17493] RDX: 000000000000400c RSI: 0000200000ff7000 RDI: 0000000000000000
[ 1117.098068][T17493] RBP: 00007f7f307d4090 R08: 0000000000000000 R09: 0000000000000000
[ 1117.098074][T17493] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1117.098080][T17493] R13: 00007f7f2fbe6038 R14: 00007f7f2fbe5fa0 R15: 00007ffd1e668ea8
[ 1117.098094][T17493]  </TASK>
[ 1117.299491][ T5810] Bluetooth: hci1: command tx timeout
[ 1117.496473][T17444] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1117.506838][T17444] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1117.539319][T17496] veth0_to_team: entered promiscuous mode
[ 1117.545061][T17496] veth0_to_team: entered allmulticast mode
[ 1118.137235][   T13] Bluetooth: hci3: Frame reassembly failed (-84)
[ 1118.790193][T17444] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1118.845730][T17444] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1119.385975][T10768] Bluetooth: hci1: command tx timeout
[ 1119.431888][T17444] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1119.479171][T17444] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1119.750312][T17247] usb 2-1: new high-speed USB device number 58 using dummy_hcd
[ 1119.770499][T17444] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1119.810623][T17444] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1119.832803][T17444] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1119.855220][T17444] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1119.948338][T17247] usb 2-1: Using ep0 maxpacket: 16
[ 1119.963692][T17247] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[ 1119.991170][T17444] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1119.995683][T17247] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[ 1120.016431][T17247] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1120.029069][T17247] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1120.039616][T17247] usb 2-1: Product: syz
[ 1120.045403][T17247] usb 2-1: Manufacturer: syz
[ 1120.054230][T17247] usb 2-1: SerialNumber: syz
[ 1120.070928][T17247] usb 2-1: config 0 descriptor??
[ 1120.109255][T17247] em28xx 2-1:0.0: error: skipping audio endpoint 0x83, because it uses bulk transfers !
[ 1120.120819][T17444] 8021q: adding VLAN 0 to HW filter on device team0
[ 1120.135995][ T3506] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1120.143159][ T3506] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1120.157872][T10768] Bluetooth: hci3: command 0x1003 tx timeout
[ 1120.165885][ T5810] Bluetooth: hci3: Opcode 0x1003 failed: -110
[ 1120.202214][ T3506] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1120.209371][ T3506] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1120.465758][T17444] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1120.517059][T17535] veth0_to_team: entered promiscuous mode
[ 1120.522894][T17535] veth0_to_team: entered allmulticast mode
[ 1120.869844][ T5822] usb 2-1: USB disconnect, device number 58
[ 1121.438021][ T5810] Bluetooth: hci1: command tx timeout
[ 1121.836794][T17444] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1122.247369][T17444] veth0_vlan: entered promiscuous mode
[ 1122.254093][T17444] veth1_vlan: entered promiscuous mode
[ 1122.285694][T17444] veth0_macvtap: entered promiscuous mode
[ 1122.292371][T17444] veth1_macvtap: entered promiscuous mode
[ 1122.441688][T17444] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1122.444985][T17444] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1122.656698][ T6911] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1122.656752][ T6911] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1122.656785][ T6911] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1122.656816][ T6911] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1123.739307][T17568] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1123.791574][ T2964] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1123.800537][ T2964] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1123.831505][T17579] netlink: 92 bytes leftover after parsing attributes in process `syz.3.3078'.
[ 1123.869232][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1123.877060][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1124.919973][   T24] usb 1-1: new high-speed USB device number 60 using dummy_hcd
[ 1125.491295][   T24] usb 1-1: Using ep0 maxpacket: 8
[ 1125.571679][T17612] FAULT_INJECTION: forcing a failure.
[ 1125.571679][T17612] name failslab, interval 1, probability 0, space 0, times 0
[ 1125.584397][T17612] CPU: 0 UID: 0 PID: 17612 Comm: syz.5.3086 Not tainted syzkaller #0 PREEMPT(full) 
[ 1125.584420][T17612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1125.584430][T17612] Call Trace:
[ 1125.584438][T17612]  <TASK>
[ 1125.584446][T17612]  dump_stack_lvl+0x16c/0x1f0
[ 1125.584476][T17612]  should_fail_ex+0x512/0x640
[ 1125.584497][T17612]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[ 1125.584527][T17612]  should_failslab+0xc2/0x120
[ 1125.584548][T17612]  kmem_cache_alloc_node_noprof+0x78/0x770
[ 1125.584574][T17612]  ? __alloc_skb+0x2b2/0x380
[ 1125.584600][T17612]  ? __alloc_skb+0x2b2/0x380
[ 1125.584618][T17612]  ? __pfx_netlink_insert+0x10/0x10
[ 1125.584641][T17612]  __alloc_skb+0x2b2/0x380
[ 1125.584661][T17612]  ? __pfx___alloc_skb+0x10/0x10
[ 1125.584682][T17612]  ? netlink_autobind.isra.0+0x158/0x370
[ 1125.584713][T17612]  netlink_alloc_large_skb+0x69/0x140
[ 1125.584740][T17612]  netlink_sendmsg+0x698/0xdd0
[ 1125.584769][T17612]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1125.584802][T17612]  sock_write_iter+0x566/0x610
[ 1125.584820][T17612]  ? __pfx_sock_write_iter+0x10/0x10
[ 1125.584847][T17612]  ? __pfx_file_has_perm+0x10/0x10
[ 1125.584877][T17612]  do_iter_readv_writev+0x662/0x9e0
[ 1125.584906][T17612]  ? __pfx_do_iter_readv_writev+0x10/0x10
[ 1125.584931][T17612]  ? selinux_file_permission+0x126/0x660
[ 1125.584954][T17612]  ? bpf_lsm_file_permission+0x9/0x10
[ 1125.584971][T17612]  ? security_file_permission+0x71/0x210
[ 1125.584994][T17612]  ? rw_verify_area+0xcf/0x6c0
[ 1125.585021][T17612]  vfs_writev+0x35f/0xde0
[ 1125.585051][T17612]  ? rcu_is_watching+0x12/0xc0
[ 1125.585081][T17612]  ? __pfx_vfs_writev+0x10/0x10
[ 1125.585105][T17612]  ? trace_sched_exit_tp+0xd1/0x120
[ 1125.585143][T17612]  ? __fget_files+0x20e/0x3c0
[ 1125.585160][T17612]  ? __fget_files+0x110/0x3c0
[ 1125.585183][T17612]  ? do_writev+0x28c/0x340
[ 1125.585206][T17612]  do_writev+0x28c/0x340
[ 1125.585232][T17612]  ? __pfx_do_writev+0x10/0x10
[ 1125.585264][T17612]  do_syscall_64+0xcd/0xfa0
[ 1125.585292][T17612]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1125.585310][T17612] RIP: 0033:0x7ffb4b98f6c9
[ 1125.585325][T17612] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1125.585341][T17612] RSP: 002b:00007ffb49bb4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 1125.585359][T17612] RAX: ffffffffffffffda RBX: 00007ffb4bbe6180 RCX: 00007ffb4b98f6c9
[ 1125.585370][T17612] RDX: 0000000000000001 RSI: 0000200000000000 RDI: 0000000000000005
[ 1125.585380][T17612] RBP: 00007ffb49bb4090 R08: 0000000000000000 R09: 0000000000000000
[ 1125.585391][T17612] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1125.585401][T17612] R13: 00007ffb4bbe6218 R14: 00007ffb4bbe6180 R15: 00007ffeb668bbd8
[ 1125.585426][T17612]  </TASK>
[ 1125.884922][T17595] tipc: Started in network mode
[ 1125.889903][T17595] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711
[ 1125.899230][T17595] tipc: Enabled bearer <udp:s>, priority 10
[ 1126.212815][T17617] binder: 17613:17617 ioctl c0306201 2000000001c0 returned -14
[ 1126.786884][   T24] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 7
[ 1126.807252][   T24] usb 1-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[ 1126.816695][   T24] usb 1-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[ 1126.845230][   T24] usb 1-1: Product: syz
[ 1126.917767][T17247] tipc: Node number set to 4269801488
[ 1126.923200][   T24] usb 1-1: Manufacturer: syz
[ 1126.933493][   T24] usb 1-1: SerialNumber: syz
[ 1126.983597][T17622] FAULT_INJECTION: forcing a failure.
[ 1126.983597][T17622] name failslab, interval 1, probability 0, space 0, times 0
[ 1127.012255][T17622] CPU: 0 UID: 0 PID: 17622 Comm: syz.1.3089 Not tainted syzkaller #0 PREEMPT(full) 
[ 1127.012273][T17622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1127.012279][T17622] Call Trace:
[ 1127.012283][T17622]  <TASK>
[ 1127.012288][T17622]  dump_stack_lvl+0x16c/0x1f0
[ 1127.012309][T17622]  should_fail_ex+0x512/0x640
[ 1127.012322][T17622]  ? kmem_cache_alloc_lru_noprof+0x66/0x6e0
[ 1127.012340][T17622]  should_failslab+0xc2/0x120
[ 1127.012354][T17622]  kmem_cache_alloc_lru_noprof+0x79/0x6e0
[ 1127.012370][T17622]  ? sock_alloc_inode+0x25/0x1c0
[ 1127.012389][T17622]  ? __pfx_sock_alloc_inode+0x10/0x10
[ 1127.012404][T17622]  ? sock_alloc_inode+0x25/0x1c0
[ 1127.012419][T17622]  sock_alloc_inode+0x25/0x1c0
[ 1127.012434][T17622]  alloc_inode+0x64/0x240
[ 1127.012450][T17622]  sock_alloc+0x40/0x280
[ 1127.012465][T17622]  do_accept+0xf7/0x530
[ 1127.012476][T17622]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1127.012489][T17622]  ? __pfx_do_accept+0x10/0x10
[ 1127.012509][T17622]  __sys_accept4+0x100/0x1c0
[ 1127.012521][T17622]  ? __pfx___sys_accept4+0x10/0x10
[ 1127.012531][T17622]  ? ksys_write+0x1ac/0x250
[ 1127.012541][T17622]  ? __pfx_ksys_write+0x10/0x10
[ 1127.012553][T17622]  __x64_sys_accept+0x74/0xb0
[ 1127.012564][T17622]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1127.012580][T17622]  do_syscall_64+0xcd/0xfa0
[ 1127.012597][T17622]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1127.012608][T17622] RIP: 0033:0x7f3a2678f6c9
[ 1127.012617][T17622] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1127.012627][T17622] RSP: 002b:00007f3a2770d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002b
[ 1127.012638][T17622] RAX: ffffffffffffffda RBX: 00007f3a269e5fa0 RCX: 00007f3a2678f6c9
[ 1127.012644][T17622] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[ 1127.012650][T17622] RBP: 00007f3a2770d090 R08: 0000000000000000 R09: 0000000000000000
[ 1127.012656][T17622] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1127.012662][T17622] R13: 00007f3a269e6038 R14: 00007f3a269e5fa0 R15: 00007ffdbdc0b438
[ 1127.012676][T17622]  </TASK>
[ 1127.567917][   T24] usb 1-1: palm_os_3_probe - error -110 getting connection information
[ 1127.576453][   T24] visor 1-1:1.0: probe with driver visor failed with error -110
[ 1128.405428][   T24] usb 1-1: USB disconnect, device number 60
[ 1128.812147][T17651] binder: 17648:17651 ioctl c0306201 2000000001c0 returned -14
[ 1129.277733][   T24] usb 1-1: new high-speed USB device number 61 using dummy_hcd
[ 1129.568224][   T24] usb 1-1: Using ep0 maxpacket: 32
[ 1129.594117][   T24] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0080, bcdDevice=67.fe
[ 1129.624374][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1129.644062][   T24] usb 1-1: Product: syz
[ 1129.672738][   T24] usb 1-1: Manufacturer: syz
[ 1129.694564][   T24] usb 1-1: SerialNumber: syz
[ 1129.714477][T17655] overlayfs: failed to resolve './file1': -2
[ 1129.722319][   T24] usb 1-1: config 0 descriptor??
[ 1129.943298][   T24] snd-usb-6fire 1-1:0.0: unable to receive device firmware state.
[ 1129.955294][   T24] snd-usb-6fire 1-1:0.0: probe with driver snd-usb-6fire failed with error -121
[ 1130.017761][T17247] usb 2-1: new high-speed USB device number 59 using dummy_hcd
[ 1130.062082][T17661] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1130.069509][T17661] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1130.077284][T17661] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1130.084833][T17661] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1130.188936][T17247] usb 2-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x33, changing to 0x3
[ 1130.200760][T17247] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 206, changing to 11
[ 1130.213135][T17247] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 8205, setting to 1024
[ 1130.224843][T17247] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1130.239985][T17666] overlayfs: missing 'lowerdir'
[ 1130.262741][T17247] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1130.275406][T17247] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1130.284900][T17247] usb 2-1: Product: syz
[ 1130.289426][T17247] usb 2-1: Manufacturer: syz
[ 1130.299601][T17247] usb 2-1: SerialNumber: syz
[ 1130.356146][T17247] hub 2-1:1.0: bad descriptor, ignoring hub
[ 1130.369396][T17247] hub 2-1:1.0: probe with driver hub failed with error -5
[ 1130.408721][T17665] fuse: Bad value for 'fd'
[ 1131.733841][T17672] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1131.751184][T17672] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[ 1131.757342][T17672] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1131.763908][T17672] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1131.770260][T17672] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1131.776379][T17672] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1131.788708][T17672] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1131.828391][ T5822] usb 2-1: USB disconnect, device number 59
[ 1131.946105][T17247] usb 1-1: USB disconnect, device number 61
[ 1131.984557][   T30] audit: type=1400 audit(1762364033.200:705): avc:  denied  { unmount } for  pid=16945 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[ 1132.357922][T17247] usb 1-1: new high-speed USB device number 62 using dummy_hcd
[ 1132.787682][T17247] usb 1-1: Using ep0 maxpacket: 8
[ 1132.826630][T17247] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 7
[ 1132.855857][T17247] usb 1-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[ 1132.869261][T17247] usb 1-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[ 1132.877480][T17247] usb 1-1: Product: syz
[ 1132.882642][T17247] usb 1-1: Manufacturer: syz
[ 1132.888244][T17247] usb 1-1: SerialNumber: syz
[ 1133.118194][T17247] usb 1-1: Invalid connection information received from device
[ 1133.275759][   T30] audit: type=1400 audit(1762364034.490:706): avc:  denied  { append } for  pid=17689 comm="syz.3.3109" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[ 1133.275864][T17693] random: crng reseeded on system resumption
[ 1133.487707][ T5822] usb 1-1: USB disconnect, device number 62
[ 1133.757846][T10598] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1133.764274][T10768] Bluetooth: hci6: command 0x0c1a tx timeout
[ 1133.771853][ T5810] Bluetooth: hci0: command 0x040f tx timeout
[ 1133.790020][T17704] binder: 17696:17704 ioctl c0306201 2000000001c0 returned -14
[ 1133.838450][ T5810] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1133.845006][T10768] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1134.411428][T17708] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3114'.
[ 1134.785160][T17711] No control pipe specified
[ 1134.808612][T17711] overlayfs: overlapping lowerdir path
[ 1135.365635][T17721] overlayfs: missing 'lowerdir'
[ 1135.945463][ T5810] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1137.328224][T17741] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3123'.
[ 1137.998668][ T5810] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1138.024911][T17753] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3127'.
[ 1138.041262][T17753] bridge0: port 3(macvlan2) entered blocking state
[ 1138.049878][T17753] bridge0: port 3(macvlan2) entered disabled state
[ 1138.056577][T17753] macvlan2: entered allmulticast mode
[ 1138.062144][T17753] bridge0: entered allmulticast mode
[ 1138.135370][T17754] FAULT_INJECTION: forcing a failure.
[ 1138.135370][T17754] name failslab, interval 1, probability 0, space 0, times 0
[ 1138.168408][T17753] macvlan2: left allmulticast mode
[ 1138.173558][T17753] bridge0: left allmulticast mode
[ 1138.185955][   T43] IPVS: starting estimator thread 0...
[ 1138.201803][T17754] CPU: 1 UID: 0 PID: 17754 Comm: syz.0.3125 Not tainted syzkaller #0 PREEMPT(full) 
[ 1138.201828][T17754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1138.201839][T17754] Call Trace:
[ 1138.201845][T17754]  <TASK>
[ 1138.201852][T17754]  dump_stack_lvl+0x16c/0x1f0
[ 1138.201883][T17754]  should_fail_ex+0x512/0x640
[ 1138.201904][T17754]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[ 1138.201935][T17754]  should_failslab+0xc2/0x120
[ 1138.201956][T17754]  kmem_cache_alloc_node_noprof+0x78/0x770
[ 1138.201986][T17754]  ? __alloc_skb+0x2b2/0x380
[ 1138.202013][T17754]  ? __alloc_skb+0x2b2/0x380
[ 1138.202032][T17754]  ? __pfx_netlink_insert+0x10/0x10
[ 1138.202056][T17754]  __alloc_skb+0x2b2/0x380
[ 1138.202077][T17754]  ? __pfx___alloc_skb+0x10/0x10
[ 1138.202100][T17754]  ? netlink_autobind.isra.0+0x158/0x370
[ 1138.202132][T17754]  netlink_alloc_large_skb+0x69/0x140
[ 1138.202159][T17754]  netlink_sendmsg+0x698/0xdd0
[ 1138.202189][T17754]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1138.202225][T17754]  sock_write_iter+0x566/0x610
[ 1138.202244][T17754]  ? __pfx_sock_write_iter+0x10/0x10
[ 1138.202271][T17754]  ? __pfx_file_has_perm+0x10/0x10
[ 1138.202302][T17754]  do_iter_readv_writev+0x662/0x9e0
[ 1138.202331][T17754]  ? __pfx_do_iter_readv_writev+0x10/0x10
[ 1138.202355][T17754]  ? selinux_file_permission+0x126/0x660
[ 1138.202378][T17754]  ? bpf_lsm_file_permission+0x9/0x10
[ 1138.202396][T17754]  ? security_file_permission+0x71/0x210
[ 1138.202418][T17754]  ? rw_verify_area+0xcf/0x6c0
[ 1138.202445][T17754]  vfs_writev+0x35f/0xde0
[ 1138.202479][T17754]  ? __pfx_vfs_writev+0x10/0x10
[ 1138.202524][T17754]  ? __fget_files+0x20e/0x3c0
[ 1138.202540][T17754]  ? __fget_files+0x110/0x3c0
[ 1138.202564][T17754]  ? do_writev+0x28c/0x340
[ 1138.202588][T17754]  do_writev+0x28c/0x340
[ 1138.202614][T17754]  ? __pfx_do_writev+0x10/0x10
[ 1138.202653][T17754]  do_syscall_64+0xcd/0xfa0
[ 1138.202681][T17754]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1138.202699][T17754] RIP: 0033:0x7fc68878f6c9
[ 1138.202714][T17754] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1138.202731][T17754] RSP: 002b:00007fc68968f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 1138.202750][T17754] RAX: ffffffffffffffda RBX: 00007fc6889e6090 RCX: 00007fc68878f6c9
[ 1138.202762][T17754] RDX: 0000000000000001 RSI: 0000200000000000 RDI: 0000000000000005
[ 1138.202773][T17754] RBP: 00007fc68968f090 R08: 0000000000000000 R09: 0000000000000000
[ 1138.202784][T17754] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1138.202795][T17754] R13: 00007fc6889e6128 R14: 00007fc6889e6090 R15: 00007ffeefce5118
[ 1138.202820][T17754]  </TASK>
[ 1138.667164][T17755] IPVS: using max 48 ests per chain, 115200 per kthread
[ 1138.761646][   T30] audit: type=1326 audit(1762364039.970:707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17757 comm="syz.1.3130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a2678f6c9 code=0x7ffc0000
[ 1138.899620][T17765] netlink: 88 bytes leftover after parsing attributes in process `syz.1.3130'.
[ 1138.910283][   T30] audit: type=1326 audit(1762364039.970:708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17757 comm="syz.1.3130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a2678f6c9 code=0x7ffc0000
[ 1138.939696][T17766] FAULT_INJECTION: forcing a failure.
[ 1138.939696][T17766] name failslab, interval 1, probability 0, space 0, times 0
[ 1138.968117][T17766] CPU: 0 UID: 0 PID: 17766 Comm: syz.5.3132 Not tainted syzkaller #0 PREEMPT(full) 
[ 1138.968142][T17766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1138.968153][T17766] Call Trace:
[ 1138.968160][T17766]  <TASK>
[ 1138.968167][T17766]  dump_stack_lvl+0x16c/0x1f0
[ 1138.968198][T17766]  should_fail_ex+0x512/0x640
[ 1138.968219][T17766]  ? fs_reclaim_acquire+0xae/0x150
[ 1138.968241][T17766]  should_failslab+0xc2/0x120
[ 1138.968261][T17766]  __kmalloc_noprof+0xdd/0x880
[ 1138.968286][T17766]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1138.968312][T17766]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 1138.968331][T17766]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 1138.968353][T17766]  ? tomoyo_profile+0x47/0x60
[ 1138.968378][T17766]  tomoyo_path_number_perm+0x245/0x580
[ 1138.968404][T17766]  ? tomoyo_path_number_perm+0x237/0x580
[ 1138.968434][T17766]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1138.968462][T17766]  ? find_held_lock+0x2b/0x80
[ 1138.968507][T17766]  ? find_held_lock+0x2b/0x80
[ 1138.968526][T17766]  ? hook_file_ioctl_common+0x145/0x410
[ 1138.968555][T17766]  ? __fget_files+0x20e/0x3c0
[ 1138.968577][T17766]  security_file_ioctl+0x9b/0x240
[ 1138.968599][T17766]  __x64_sys_ioctl+0xb7/0x210
[ 1138.968625][T17766]  do_syscall_64+0xcd/0xfa0
[ 1138.968652][T17766]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1138.968668][T17766] RIP: 0033:0x7ffb4b98f6c9
[ 1138.968683][T17766] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1138.968699][T17766] RSP: 002b:00007ffb49bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1138.968715][T17766] RAX: ffffffffffffffda RBX: 00007ffb4bbe5fa0 RCX: 00007ffb4b98f6c9
[ 1138.968725][T17766] RDX: 0000200000000180 RSI: 00000000c03864bc RDI: 0000000000000003
[ 1138.968734][T17766] RBP: 00007ffb49bf6090 R08: 0000000000000000 R09: 0000000000000000
[ 1138.968744][T17766] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1138.968752][T17766] R13: 00007ffb4bbe6038 R14: 00007ffb4bbe5fa0 R15: 00007ffeb668bbd8
[ 1138.968778][T17766]  </TASK>
[ 1138.968786][T17766] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1139.276210][   T30] audit: type=1326 audit(1762364039.970:709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17757 comm="syz.1.3130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7f3a2678f6c9 code=0x7ffc0000
[ 1139.308298][   T30] audit: type=1326 audit(1762364039.970:710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17757 comm="syz.1.3130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a2678f6c9 code=0x7ffc0000
[ 1139.984276][   T30] audit: type=1326 audit(1762364039.970:711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17757 comm="syz.1.3130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a2678f6c9 code=0x7ffc0000
[ 1140.009879][   T30] audit: type=1326 audit(1762364039.970:712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17757 comm="syz.1.3130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3a2678f6c9 code=0x7ffc0000
[ 1140.165190][   T30] audit: type=1326 audit(1762364039.970:713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17757 comm="syz.1.3130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a2678f6c9 code=0x7ffc0000
[ 1140.272614][T17783] overlayfs: missing 'lowerdir'
[ 1140.290546][   T30] audit: type=1326 audit(1762364039.970:714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17757 comm="syz.1.3130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3a2678f6c9 code=0x7ffc0000
[ 1140.338091][T17784] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3139'.
[ 1140.349146][   T30] audit: type=1326 audit(1762364039.970:715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17757 comm="syz.1.3130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3a2678f6c9 code=0x7ffc0000
[ 1140.418034][   T30] audit: type=1326 audit(1762364039.970:716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17757 comm="syz.1.3130" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f3a2678f6c9 code=0x7ffc0000
[ 1141.349459][T17792] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1141.604605][T17792] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[ 1141.651396][T17792] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1141.677739][T17792] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1141.688003][T17792] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1142.526664][T17811] FAULT_INJECTION: forcing a failure.
[ 1142.526664][T17811] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1142.545401][T17811] CPU: 0 UID: 0 PID: 17811 Comm: syz.1.3145 Not tainted syzkaller #0 PREEMPT(full) 
[ 1142.545417][T17811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1142.545424][T17811] Call Trace:
[ 1142.545428][T17811]  <TASK>
[ 1142.545432][T17811]  dump_stack_lvl+0x16c/0x1f0
[ 1142.545453][T17811]  should_fail_ex+0x512/0x640
[ 1142.545468][T17811]  _copy_from_user+0x2e/0xd0
[ 1142.545483][T17811]  copy_msghdr_from_user+0x98/0x160
[ 1142.545498][T17811]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1142.545518][T17811]  ___sys_sendmsg+0xfe/0x1d0
[ 1142.545532][T17811]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1142.545545][T17811]  ? __lock_acquire+0x622/0x1c90
[ 1142.545578][T17811]  __sys_sendmsg+0x16d/0x220
[ 1142.545592][T17811]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1142.545614][T17811]  do_syscall_64+0xcd/0xfa0
[ 1142.545637][T17811]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1142.545648][T17811] RIP: 0033:0x7f3a2678f6c9
[ 1142.545657][T17811] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1142.545667][T17811] RSP: 002b:00007f3a2770d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1142.545677][T17811] RAX: ffffffffffffffda RBX: 00007f3a269e5fa0 RCX: 00007f3a2678f6c9
[ 1142.545684][T17811] RDX: 0000000004004002 RSI: 0000200000000400 RDI: 0000000000000003
[ 1142.545690][T17811] RBP: 00007f3a2770d090 R08: 0000000000000000 R09: 0000000000000000
[ 1142.545697][T17811] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1142.545703][T17811] R13: 00007f3a269e6038 R14: 00007f3a269e5fa0 R15: 00007ffdbdc0b438
[ 1142.545716][T17811]  </TASK>
[ 1143.364325][ T5810] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1143.682461][ T5810] Bluetooth: hci0: command 0x040f tx timeout
[ 1143.688593][ T5810] Bluetooth: hci6: command 0x0c1a tx timeout
[ 1143.740312][ T5822] usb 4-1: new high-speed USB device number 77 using dummy_hcd
[ 1143.763675][ T5810] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1143.770361][T10768] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1143.936124][ T5822] usb 4-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x33, changing to 0x3
[ 1143.970246][ T5822] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 206, changing to 11
[ 1144.004139][T17829] mmap: syz.2.3149 (17829): VmData 37597184 exceed data ulimit 2047. Update limits or use boot option ignore_rlimit_data.
[ 1144.023142][ T5822] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 8205, setting to 1024
[ 1144.102784][ T5822] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1144.130183][T17830] bridge1: entered allmulticast mode
[ 1144.245039][ T5822] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1144.295627][ T5822] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1144.368944][ T5822] usb 4-1: Product: syz
[ 1144.406948][ T5822] usb 4-1: Manufacturer: syz
[ 1144.445148][ T5822] usb 4-1: SerialNumber: syz
[ 1144.609937][ T5822] hub 4-1:1.0: bad descriptor, ignoring hub
[ 1144.645216][ T5822] hub 4-1:1.0: probe with driver hub failed with error -5
[ 1144.962779][T17831] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1145.014557][ T5822] usb 4-1: USB disconnect, device number 77
[ 1145.034884][T17831] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[ 1145.053522][T17831] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1145.413800][T17831] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1145.480440][T17844] FAULT_INJECTION: forcing a failure.
[ 1145.480440][T17844] name failslab, interval 1, probability 0, space 0, times 0
[ 1145.510319][T17844] CPU: 1 UID: 0 PID: 17844 Comm: syz.2.3154 Not tainted syzkaller #0 PREEMPT(full) 
[ 1145.510345][T17844] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1145.510355][T17844] Call Trace:
[ 1145.510361][T17844]  <TASK>
[ 1145.510369][T17844]  dump_stack_lvl+0x16c/0x1f0
[ 1145.510399][T17844]  should_fail_ex+0x512/0x640
[ 1145.510419][T17844]  ? __kmalloc_noprof+0xca/0x880
[ 1145.510445][T17844]  should_failslab+0xc2/0x120
[ 1145.510467][T17844]  __kmalloc_noprof+0xdd/0x880
[ 1145.510487][T17844]  ? unwind_get_return_address+0x59/0xa0
[ 1145.510519][T17844]  ? io_cache_alloc_new+0x45/0xf0
[ 1145.510539][T17844]  ? io_cache_alloc_new+0x45/0xf0
[ 1145.510552][T17844]  io_cache_alloc_new+0x45/0xf0
[ 1145.510570][T17844]  io_rsrc_node_alloc+0x221/0x2b0
[ 1145.510589][T17844]  io_sqe_buffer_register+0x104/0x2010
[ 1145.510609][T17844]  ? __lock_acquire+0xb8a/0x1c90
[ 1145.510649][T17844]  ? __pfx_io_sqe_buffer_register+0x10/0x10
[ 1145.510665][T17844]  ? __might_fault+0xe3/0x190
[ 1145.510689][T17844]  ? __might_fault+0xe3/0x190
[ 1145.510723][T17844]  __io_register_rsrc_update+0x449/0x1110
[ 1145.510751][T17844]  ? __pfx___io_register_rsrc_update+0x10/0x10
[ 1145.510780][T17844]  ? find_held_lock+0x2b/0x80
[ 1145.510800][T17844]  ? __might_fault+0xe3/0x190
[ 1145.510823][T17844]  ? __might_fault+0xe3/0x190
[ 1145.510844][T17844]  ? __might_fault+0x13b/0x190
[ 1145.510876][T17844]  io_register_rsrc_update+0x11b/0x180
[ 1145.510897][T17844]  ? __pfx_io_register_rsrc_update+0x10/0x10
[ 1145.510918][T17844]  ? __mutex_lock+0x1c5/0x1060
[ 1145.510940][T17844]  __io_uring_register+0x1111/0x2170
[ 1145.510960][T17844]  ? __pfx___io_uring_register+0x10/0x10
[ 1145.510979][T17844]  ? __fget_files+0x20e/0x3c0
[ 1145.511003][T17844]  __x64_sys_io_uring_register+0x169/0x280
[ 1145.511024][T17844]  do_syscall_64+0xcd/0xfa0
[ 1145.511051][T17844]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1145.511068][T17844] RIP: 0033:0x7f9efbb8f6c9
[ 1145.511084][T17844] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1145.511099][T17844] RSP: 002b:00007f9efca5c038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab
[ 1145.511116][T17844] RAX: ffffffffffffffda RBX: 00007f9efbde5fa0 RCX: 00007f9efbb8f6c9
[ 1145.511127][T17844] RDX: 0000200000000240 RSI: 0000000000000010 RDI: 0000000000000005
[ 1145.511137][T17844] RBP: 00007f9efca5c090 R08: 0000000000000000 R09: 0000000000000000
[ 1145.511147][T17844] R10: 0000000000000020 R11: 0000000000000246 R12: 0000000000000001
[ 1145.511158][T17844] R13: 00007f9efbde6038 R14: 00007f9efbde5fa0 R15: 00007ffd03d100a8
[ 1145.511183][T17844]  </TASK>
[ 1145.557919][T17831] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1146.077937][ T5810] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1147.117889][ T5810] Bluetooth: hci0: command 0x040f tx timeout
[ 1147.118049][T10768] Bluetooth: hci6: command 0x0c1a tx timeout
[ 1147.216983][T17857] usb usb1: usbfs: interface 0 claimed by hub while 'syz.3.3159' sets config #0
[ 1147.372136][   T43] usb 1-1: new high-speed USB device number 63 using dummy_hcd
[ 1147.452963][T10768] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1147.607702][T10768] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1147.627705][   T43] usb 1-1: Using ep0 maxpacket: 8
[ 1148.271828][   T43] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1148.313538][   T43] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1148.337123][   T43] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1148.356249][   T30] kauditd_printk_skb: 16 callbacks suppressed
[ 1148.356266][   T30] audit: type=1400 audit(1762364049.570:733): avc:  denied  { append } for  pid=17868 comm="syz.5.3162" name="usbmon0" dev="devtmpfs" ino=716 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[ 1148.391145][T17869] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3162'.
[ 1148.404428][   T43] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1148.408564][T17869] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3162'.
[ 1148.434150][T17869] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3162'.
[ 1148.435635][   T43] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1148.443851][T17869] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3162'.
[ 1148.452419][   T43] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1148.516017][T17873] overlay: Unknown parameter '/'
[ 1148.711405][   T43] usb 1-1: GET_CAPABILITIES returned 0
[ 1148.716882][   T43] usbtmc 1-1:16.0: can't read capabilities
[ 1148.800100][T17857] usb usb1: usbfs: interface 0 claimed by hub while 'syz.3.3159' sets config #1734553390
[ 1148.916627][    C1] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1148.928899][T17853] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1148.937878][T17853] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1148.954692][   T43] usb 1-1: USB disconnect, device number 63
[ 1149.032902][T17880] netlink: 176 bytes leftover after parsing attributes in process `syz.3.3166'.
[ 1149.997712][ T5822] usb 4-1: new high-speed USB device number 78 using dummy_hcd
[ 1150.147742][ T5822] usb 4-1: Using ep0 maxpacket: 8
[ 1150.154920][ T5822] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 7
[ 1150.167336][ T5822] usb 4-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[ 1150.177425][ T5822] usb 4-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[ 1150.688738][ T5822] usb 4-1: Product: syz
[ 1150.693322][ T5822] usb 4-1: Manufacturer: syz
[ 1150.698279][ T5822] usb 4-1: SerialNumber: syz
[ 1151.533176][ T5822] usb 4-1: Handspring Visor / Palm OS: No valid connect info available
[ 1151.542097][ T5822] usb 4-1: Handspring Visor / Palm OS: port 0, is for unknown use
[ 1151.550741][ T5822] usb 4-1: Handspring Visor / Palm OS: port 0, is for Generic use
[ 1151.559308][ T5822] usb 4-1: Handspring Visor / Palm OS: Number of ports: 2
[ 1151.573933][ T5822] usb 4-1: palm_os_3_probe - error -71 getting bytes available request
[ 1151.638959][ T5822] visor 4-1:1.0: Handspring Visor / Palm OS converter detected
[ 1151.653857][ T5822] usb 4-1: Handspring Visor / Palm OS converter now attached to ttyUSB0
[ 1151.666438][ T5822] usb 4-1: Handspring Visor / Palm OS converter now attached to ttyUSB1
[ 1151.683676][ T5822] usb 4-1: USB disconnect, device number 78
[ 1151.707380][ T5822] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0
[ 1151.763797][ T5822] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1
[ 1151.775548][ T5822] visor 4-1:1.0: device disconnected
[ 1152.434874][T17902] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3171'.
[ 1152.973280][T17912] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3174'.
[ 1153.337284][T17916] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3178'.
[ 1153.872085][T17926] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3180'.
[ 1153.977733][ T9425] usb 4-1: new high-speed USB device number 79 using dummy_hcd
[ 1154.133776][ T9425] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1154.729378][ T9425] usb 4-1: New USB device found, idVendor=06cb, idProduct=73f4, bcdDevice= 0.00
[ 1154.729408][ T9425] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1154.737274][ T9425] usb 4-1: config 0 descriptor??
[ 1155.037392][T17942] veth0_to_team: entered promiscuous mode
[ 1155.037463][T17942] veth0_to_team: entered allmulticast mode
[ 1155.592575][ T9425] hid_parser_main: 8 callbacks suppressed
[ 1155.592596][ T9425] itetech 0003:06CB:73F4.0010: unknown main item tag 0x0
[ 1155.605907][ T9425] itetech 0003:06CB:73F4.0010: unknown main item tag 0x0
[ 1155.621595][ T9425] itetech 0003:06CB:73F4.0010: unknown main item tag 0x0
[ 1155.662412][T17946] overlay: Unknown parameter '/'
[ 1155.680616][ T9425] itetech 0003:06CB:73F4.0010: unknown main item tag 0x0
[ 1155.689013][ T9425] itetech 0003:06CB:73F4.0010: unknown main item tag 0x0
[ 1155.728235][ T9425] itetech 0003:06CB:73F4.0010: unknown main item tag 0x0
[ 1155.748406][ T9425] itetech 0003:06CB:73F4.0010: unknown main item tag 0x0
[ 1155.788767][ T9425] itetech 0003:06CB:73F4.0010: unknown main item tag 0x0
[ 1155.796300][ T9425] itetech 0003:06CB:73F4.0010: unknown main item tag 0x0
[ 1155.804749][ T9425] itetech 0003:06CB:73F4.0010: unknown main item tag 0x0
[ 1155.946006][ T9425] itetech 0003:06CB:73F4.0010: hidraw0: USB HID v0.00 Device [HID 06cb:73f4] on usb-dummy_hcd.3-1/input0
[ 1156.530413][ T9425] usb 4-1: USB disconnect, device number 79
[ 1156.699398][T17956] fido_id[17956]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[ 1156.985361][   T30] audit: type=1400 audit(1762364058.200:734): avc:  denied  { add_name } for  pid=17957 comm="syz.2.3189" name="memory.current" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[ 1157.041643][   T30] audit: type=1400 audit(1762364058.240:735): avc:  denied  { create } for  pid=17957 comm="syz.2.3189" name="memory.current" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:configfs_t tclass=file permissive=1
[ 1157.313972][T17965] IPVS: dh: FWM 3 0x00000003 - no destination available
[ 1157.327692][ T9425] usb 6-1: new full-speed USB device number 5 using dummy_hcd
[ 1157.545396][ T9425] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1157.559638][ T9425] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1157.576164][ T9425] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1157.585754][ T9425] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1157.614204][T17970] FAULT_INJECTION: forcing a failure.
[ 1157.614204][T17970] name failslab, interval 1, probability 0, space 0, times 0
[ 1157.634821][T17970] CPU: 0 UID: 0 PID: 17970 Comm: syz.0.3193 Not tainted syzkaller #0 PREEMPT(full) 
[ 1157.634845][T17970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1157.634859][T17970] Call Trace:
[ 1157.634864][T17970]  <TASK>
[ 1157.634870][T17970]  dump_stack_lvl+0x16c/0x1f0
[ 1157.634901][T17970]  should_fail_ex+0x512/0x640
[ 1157.634921][T17970]  ? kmem_cache_alloc_noprof+0x62/0x6e0
[ 1157.634950][T17970]  should_failslab+0xc2/0x120
[ 1157.634970][T17970]  kmem_cache_alloc_noprof+0x75/0x6e0
[ 1157.634995][T17970]  ? alloc_empty_file+0x55/0x1e0
[ 1157.635020][T17970]  ? alloc_empty_file+0x55/0x1e0
[ 1157.635039][T17970]  alloc_empty_file+0x55/0x1e0
[ 1157.635062][T17970]  path_openat+0xda/0x2cb0
[ 1157.635087][T17970]  ? __pfx_path_openat+0x10/0x10
[ 1157.635106][T17970]  ? __lock_acquire+0xb8a/0x1c90
[ 1157.635137][T17970]  do_filp_open+0x20b/0x470
[ 1157.635154][T17970]  ? __pfx_do_filp_open+0x10/0x10
[ 1157.635189][T17970]  ? alloc_fd+0x471/0x7d0
[ 1157.635213][T17970]  do_sys_openat2+0x11b/0x1d0
[ 1157.635235][T17970]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1157.635259][T17970]  ? __fget_files+0x20e/0x3c0
[ 1157.635281][T17970]  __x64_sys_openat+0x174/0x210
[ 1157.635301][T17970]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1157.635320][T17970]  ? ksys_write+0x1ac/0x250
[ 1157.635345][T17970]  do_syscall_64+0xcd/0xfa0
[ 1157.635372][T17970]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1157.635389][T17970] RIP: 0033:0x7fc68878f6c9
[ 1157.635403][T17970] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1157.635420][T17970] RSP: 002b:00007fc68968f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1157.635436][T17970] RAX: ffffffffffffffda RBX: 00007fc6889e6090 RCX: 00007fc68878f6c9
[ 1157.635447][T17970] RDX: 000000000004a300 RSI: 0000200000000640 RDI: ffffffffffffff9c
[ 1157.635458][T17970] RBP: 00007fc68968f090 R08: 0000000000000000 R09: 0000000000000000
[ 1157.635469][T17970] R10: 00000000000000cd R11: 0000000000000246 R12: 0000000000000001
[ 1157.635479][T17970] R13: 00007fc6889e6128 R14: 00007fc6889e6090 R15: 00007ffeefce5118
[ 1157.635505][T17970]  </TASK>
[ 1157.850527][ T9425] usb 6-1: usb_control_msg returned -32
[ 1157.859991][ T9425] usbtmc 6-1:16.0: can't read capabilities
[ 1158.204517][T17974] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1158.230795][T17974] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1158.331828][   T30] audit: type=1400 audit(1762364059.550:736): avc:  denied  { remount } for  pid=17972 comm="syz.2.3194" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[ 1159.297942][T17543] usb 3-1: new high-speed USB device number 63 using dummy_hcd
[ 1159.589326][T17543] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[ 1159.631964][T17543] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1159.698654][T17543] usb 3-1: config 0 descriptor??
[ 1160.120018][   T43] usb 6-1: USB disconnect, device number 5
[ 1160.180640][T17997] syzkaller0: entered promiscuous mode
[ 1160.186182][T17997] syzkaller0: entered allmulticast mode
[ 1160.290728][   T30] audit: type=1400 audit(1762364061.490:737): avc:  denied  { bind } for  pid=17980 comm="syz.2.3197" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1160.516411][ T5860] libceph: connect (1)[c::]:6789 error -101
[ 1160.542830][ T5860] libceph: mon0 (1)[c::]:6789 connect error
[ 1160.682163][T17981] ceph: No mds server is up or the cluster is laggy
[ 1160.890987][ T5860] libceph: connect (1)[c::]:6789 error -101
[ 1160.902310][ T5860] libceph: mon0 (1)[c::]:6789 connect error
[ 1161.569457][T17543] ath6kl: Failed to submit usb control message: -110
[ 1161.576260][T17543] ath6kl: unable to send the bmi data to the device: -110
[ 1161.583507][T17543] ath6kl: Unable to send get target info: -110
[ 1161.657256][ T5860] libceph: connect (1)[c::]:6789 error -101
[ 1161.663674][ T5860] libceph: mon0 (1)[c::]:6789 connect error
[ 1161.690031][T17543] ath6kl: Failed to init ath6kl core: -110
[ 1161.706946][T17543] ath6kl_usb 3-1:0.0: probe with driver ath6kl_usb failed with error -110
[ 1161.771130][T17543] usb 3-1: USB disconnect, device number 63
[ 1161.868670][T18007] overlayfs: failed to resolve './file0': -2
[ 1162.096709][T18022] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3207'.
[ 1163.813733][T18044] netlink: 'syz.2.3212': attribute type 4 has an invalid length.
[ 1163.837548][T18044] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18044 comm=syz.2.3212
[ 1164.946669][T17543] kernel read not supported for file /248/maps (pid: 17543 comm: kworker/0:0)
[ 1167.751369][T18088] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3224'.
[ 1167.969473][T18079] netlink: 'syz.1.3221': attribute type 2 has an invalid length.
[ 1168.198499][T18096] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3225'.
[ 1168.232053][T18096] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3225'.
[ 1168.746711][  T977] usb 3-1: new high-speed USB device number 64 using dummy_hcd
[ 1169.021392][  T977] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1169.188964][  T977] usb 3-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[ 1169.219878][  T977] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1169.325236][  T977] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[ 1169.802323][  T977] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[ 1169.819174][  T977] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1169.832395][  T977] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1169.843110][  T977] usb 3-1: Product: syz
[ 1169.937368][  T977] usb 3-1: Manufacturer: syz
[ 1169.946235][T18111] CUSE: info not properly terminated
[ 1169.960773][  T977] cdc_wdm 3-1:1.0: skipping garbage
[ 1169.966022][  T977] cdc_wdm 3-1:1.0: skipping garbage
[ 1169.977877][  T977] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[ 1169.992832][  T977] cdc_wdm 3-1:1.0: Unknown control protocol
[ 1170.405271][T18121] syzkaller0: entered promiscuous mode
[ 1170.420145][T18121] syzkaller0: entered allmulticast mode
[ 1170.543004][   T30] audit: type=1400 audit(1762364071.760:738): avc:  denied  { name_bind } for  pid=18090 comm="syz.2.3227" src=160 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1
[ 1170.565018][    C0] wdm_int_callback: 8 callbacks suppressed
[ 1170.565041][    C0] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[ 1171.950100][T17247] usb 3-1: USB disconnect, device number 64
[ 1172.149074][T18133] FAULT_INJECTION: forcing a failure.
[ 1172.149074][T18133] name failslab, interval 1, probability 0, space 0, times 0
[ 1172.203417][T18133] CPU: 1 UID: 0 PID: 18133 Comm: syz.3.3239 Not tainted syzkaller #0 PREEMPT(full) 
[ 1172.203444][T18133] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1172.203454][T18133] Call Trace:
[ 1172.203461][T18133]  <TASK>
[ 1172.203468][T18133]  dump_stack_lvl+0x16c/0x1f0
[ 1172.203500][T18133]  should_fail_ex+0x512/0x640
[ 1172.203521][T18133]  ? __kmalloc_cache_noprof+0x5f/0x780
[ 1172.203549][T18133]  should_failslab+0xc2/0x120
[ 1172.203576][T18133]  __kmalloc_cache_noprof+0x72/0x780
[ 1172.203599][T18133]  ? rcu_is_watching+0x12/0xc0
[ 1172.203622][T18133]  ? kasan_quarantine_put+0x10a/0x240
[ 1172.203638][T18133]  ? alloc_fs_context+0x57/0x9c0
[ 1172.203663][T18133]  ? alloc_fs_context+0x57/0x9c0
[ 1172.203681][T18133]  ? __x64_sys_fsopen+0xd3/0x240
[ 1172.203704][T18133]  alloc_fs_context+0x57/0x9c0
[ 1172.203730][T18133]  __x64_sys_fsopen+0xeb/0x240
[ 1172.203754][T18133]  do_syscall_64+0xcd/0xfa0
[ 1172.203783][T18133]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1172.203801][T18133] RIP: 0033:0x7f7f2f98f6c9
[ 1172.203815][T18133] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1172.203832][T18133] RSP: 002b:00007f7f307d4038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae
[ 1172.203850][T18133] RAX: ffffffffffffffda RBX: 00007f7f2fbe5fa0 RCX: 00007f7f2f98f6c9
[ 1172.203862][T18133] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 00002000000000c0
[ 1172.203872][T18133] RBP: 00007f7f307d4090 R08: 0000000000000000 R09: 0000000000000000
[ 1172.203883][T18133] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1172.203893][T18133] R13: 00007f7f2fbe6038 R14: 00007f7f2fbe5fa0 R15: 00007ffd1e668ea8
[ 1172.203918][T18133]  </TASK>
[ 1174.399898][T18155] fuse: Bad value for 'group_id'
[ 1174.404966][T18155] fuse: Bad value for 'group_id'
[ 1174.412066][T17247] usb 1-1: new low-speed USB device number 64 using dummy_hcd
[ 1174.626337][T17247] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[ 1175.518328][T17247] usb 1-1: config 0 has no interface number 0
[ 1175.526035][T17247] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[ 1175.537130][T17247] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[ 1175.547893][T17247] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1175.556935][T17247] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1175.590016][T18161] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3245'.
[ 1175.607910][   T30] audit: type=1400 audit(1762364076.810:739): avc:  denied  { append } for  pid=18160 comm="syz.5.3245" name="nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[ 1175.647446][T17247] usb 1-1: config 0 descriptor??
[ 1175.653012][T18144] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1175.662949][T17247] iowarrior 1-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[ 1175.984946][   T30] audit: type=1400 audit(1762364077.200:740): avc:  denied  { add_name } for  pid=18165 comm="syz.2.3246" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 1175.986658][T18170] o2cb: This node has not been configured.
[ 1176.011947][T18170] o2cb: Cluster check failed. Fix errors before retrying.
[ 1176.019117][T18170] (syz.2.3246,18170,0):user_dlm_register:674 ERROR: status = -22
[ 1176.026844][T18170] (syz.2.3246,18170,0):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "file0"
[ 1176.055182][   T30] audit: type=1400 audit(1762364077.200:741): avc:  denied  { create } for  pid=18165 comm="syz.2.3246" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[ 1176.094418][   T30] audit: type=1400 audit(1762364077.200:742): avc:  denied  { associate } for  pid=18165 comm="syz.2.3246" name="file0" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[ 1176.367733][  T977] usb 2-1: new high-speed USB device number 60 using dummy_hcd
[ 1176.521430][  T977] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1176.532531][  T977] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[ 1176.543328][  T977] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1176.553452][  T977] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[ 1176.584257][  T977] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[ 1176.599919][  T977] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1176.612681][  T977] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1176.620933][  T977] usb 2-1: Product: syz
[ 1176.625500][  T977] usb 2-1: Manufacturer: syz
[ 1176.636948][  T977] cdc_wdm 2-1:1.0: skipping garbage
[ 1176.656904][  T977] cdc_wdm 2-1:1.0: skipping garbage
[ 1176.673171][  T977] cdc_wdm 2-1:1.0: cdc-wdm1: USB WDM device
[ 1176.691963][  T977] cdc_wdm 2-1:1.0: Unknown control protocol
[ 1176.960900][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1176.967436][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1177.126962][T18184] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3251'.
[ 1177.141437][ T5809] usb 1-1: USB disconnect, device number 64
[ 1177.181652][   T30] audit: type=1400 audit(1762364078.390:743): avc:  denied  { write } for  pid=18183 comm="syz.2.3251" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[ 1178.188232][T18198] veth0_to_team: entered promiscuous mode
[ 1178.194068][T18198] veth0_to_team: entered allmulticast mode
[ 1178.672866][ T5822] usb 3-1: new high-speed USB device number 65 using dummy_hcd
[ 1178.910671][   T43] usb 1-1: new full-speed USB device number 65 using dummy_hcd
[ 1178.913678][ T5822] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1179.054459][ T5822] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[ 1179.066284][ T5822] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1179.081511][ T5822] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1179.118082][T17247] usb 2-1: USB disconnect, device number 60
[ 1179.126822][ T5822] usb 3-1: Product: syz
[ 1179.132256][   T43] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 25353, setting to 64
[ 1179.152089][ T5822] usb 3-1: Manufacturer: syz
[ 1179.167215][ T5822] usb 3-1: SerialNumber: syz
[ 1179.179129][   T43] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1179.193307][ T5822] usb 3-1: config 0 descriptor??
[ 1179.219076][   T43] usb 1-1: New USB device found, idVendor=0457, idProduct=07da, bcdDevice= 0.00
[ 1179.221374][ T5822] usb 3-1: 0:0 : invalid sync pipe. bmAttributes 00, bLength 9, bSynchAddress 00
[ 1179.245585][   T43] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1179.260087][   T43] usb 1-1: config 0 descriptor??
[ 1179.265930][T18200] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[ 1179.445658][  T977] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[ 1179.450885][   T30] audit: type=1400 audit(1762364080.670:744): avc:  denied  { setattr } for  pid=18183 comm="syz.2.3251" path="socket:[59964]" dev="sockfs" ino=59964 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 1179.577717][T17247] usb 2-1: new high-speed USB device number 61 using dummy_hcd
[ 1179.620126][  T977] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[ 1179.629457][  T977] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1179.639753][  T977] usb 6-1: config 0 descriptor??
[ 1179.697177][   T43] hid-multitouch 0003:0457:07DA.0011: hidraw0: USB HID v0.00 Device [HID 0457:07da] on usb-dummy_hcd.0-1/input0
[ 1179.729277][T17247] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1179.739672][T17247] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1179.750317][T17247] usb 2-1: config 1 has no interface number 0
[ 1179.756485][T17247] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1179.768172][T17247] usb 2-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping
[ 1179.781987][T17247] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1179.791380][T17247] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1179.799452][T17247] usb 2-1: Product: syz
[ 1179.803672][T17247] usb 2-1: Manufacturer: syz
[ 1179.808484][T17247] usb 2-1: SerialNumber: syz
[ 1180.733373][  T977] ath6kl: Failed to submit usb control message: -110
[ 1181.432683][   T43] libceph: connect (1)[c::]:6789 error -101
[ 1181.537817][   T43] libceph: mon0 (1)[c::]:6789 connect error
[ 1181.856425][T17247] cdc_ncm 2-1:1.1: bind() failure
[ 1181.869796][   T43] libceph: connect (1)[c::]:6789 error -101
[ 1181.915148][   T43] libceph: mon0 (1)[c::]:6789 connect error
[ 1181.989147][  T977] ath6kl: unable to send the bmi data to the device: -110
[ 1181.996739][  T977] ath6kl: Unable to send get target info: -110
[ 1182.020508][  T977] ath6kl: Failed to init ath6kl core: -110
[ 1182.039887][  T977] ath6kl_usb 6-1:0.0: probe with driver ath6kl_usb failed with error -110
[ 1182.050009][T17247] usb 2-1: USB disconnect, device number 61
[ 1182.069353][  T977] usb 1-1: USB disconnect, device number 65
[ 1182.348432][ T5822] usb 3-1: USB disconnect, device number 65
[ 1182.452989][T15808] udevd[15808]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1182.469325][T18218] ceph: No mds server is up or the cluster is laggy
[ 1182.702357][  T977] usb 6-1: USB disconnect, device number 6
[ 1187.195933][   T30] audit: type=1326 audit(1762364088.410:745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18271 comm="syz.5.3274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb4b98f6c9 code=0x7ffc0000
[ 1187.251732][T18273] netlink: 'syz.5.3274': attribute type 12 has an invalid length.
[ 1187.299576][   T30] audit: type=1326 audit(1762364088.410:746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18271 comm="syz.5.3274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb4b98f6c9 code=0x7ffc0000
[ 1187.347084][  T977] usb 4-1: new high-speed USB device number 80 using dummy_hcd
[ 1187.385538][   T30] audit: type=1326 audit(1762364088.450:747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18271 comm="syz.5.3274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7ffb4b98f6c9 code=0x7ffc0000
[ 1187.425695][   T30] audit: type=1326 audit(1762364088.460:748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18271 comm="syz.5.3274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb4b98f6c9 code=0x7ffc0000
[ 1187.526556][T17543] libceph: connect (1)[c::]:6789 error -101
[ 1187.533626][T17543] libceph: mon0 (1)[c::]:6789 connect error
[ 1187.546935][   T30] audit: type=1326 audit(1762364088.460:749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18271 comm="syz.5.3274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb4b98f6c9 code=0x7ffc0000
[ 1187.573400][   T30] audit: type=1326 audit(1762364088.460:750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18271 comm="syz.5.3274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ffb4b98f6c9 code=0x7ffc0000
[ 1187.598342][   T30] audit: type=1326 audit(1762364088.460:751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18271 comm="syz.5.3274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb4b98f6c9 code=0x7ffc0000
[ 1187.623075][   T30] audit: type=1326 audit(1762364088.460:752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18271 comm="syz.5.3274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb4b98f6c9 code=0x7ffc0000
[ 1187.649501][   T30] audit: type=1326 audit(1762364088.460:753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18271 comm="syz.5.3274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ffb4b98f6c9 code=0x7ffc0000
[ 1187.675105][   T30] audit: type=1326 audit(1762364088.460:754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18271 comm="syz.5.3274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb4b98f6c9 code=0x7ffc0000
[ 1187.976418][T17543] libceph: connect (1)[c::]:6789 error -101
[ 1187.992837][T18270] ceph: No mds server is up or the cluster is laggy
[ 1188.009754][T17543] libceph: mon0 (1)[c::]:6789 connect error
[ 1188.680837][T18299] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1188.873299][T18299] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[ 1188.879809][T18299] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1188.886694][T18299] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1188.893258][T18299] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1189.745090][T18295] tipc: Enabling of bearer <udp:s> rejected, already enabled
[ 1190.727815][T10768] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1190.887718][T10768] Bluetooth: hci6: command 0x0c1a tx timeout
[ 1190.978791][T10598] Bluetooth: hci0: command 0x040f tx timeout
[ 1190.985671][ T5810] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1190.992390][T10768] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1192.517987][T18346] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1192.555119][T11023] Bluetooth: hci3: Frame reassembly failed (-84)
[ 1192.645528][T11023] Bluetooth: hci3: Frame reassembly failed (-84)
[ 1193.467311][T18352] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1193.654484][T18359] FAULT_INJECTION: forcing a failure.
[ 1193.654484][T18359] name failslab, interval 1, probability 0, space 0, times 0
[ 1193.728898][T18359] CPU: 1 UID: 0 PID: 18359 Comm: syz.3.3290 Not tainted syzkaller #0 PREEMPT(full) 
[ 1193.728922][T18359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1193.728931][T18359] Call Trace:
[ 1193.728937][T18359]  <TASK>
[ 1193.728945][T18359]  dump_stack_lvl+0x16c/0x1f0
[ 1193.728976][T18359]  should_fail_ex+0x512/0x640
[ 1193.728995][T18359]  ? __kmalloc_cache_noprof+0x5f/0x780
[ 1193.729025][T18359]  should_failslab+0xc2/0x120
[ 1193.729044][T18359]  __kmalloc_cache_noprof+0x72/0x780
[ 1193.729069][T18359]  ? copy_mount_options+0x55/0x190
[ 1193.729097][T18359]  ? copy_mount_options+0x55/0x190
[ 1193.729117][T18359]  copy_mount_options+0x55/0x190
[ 1193.729140][T18359]  __x64_sys_mount+0x1ab/0x310
[ 1193.729160][T18359]  ? __pfx___x64_sys_mount+0x10/0x10
[ 1193.729180][T18359]  ? __pfx___rdmsr_safe_on_cpu+0x10/0x10
[ 1193.729205][T18359]  do_syscall_64+0xcd/0xfa0
[ 1193.729232][T18359]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1193.729249][T18359] RIP: 0033:0x7f7f2f98f6c9
[ 1193.729262][T18359] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1193.729276][T18359] RSP: 002b:00007f7f30792038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1193.729293][T18359] RAX: ffffffffffffffda RBX: 00007f7f2fbe6180 RCX: 00007f7f2f98f6c9
[ 1193.729304][T18359] RDX: 0000200000002100 RSI: 00002000000020c0 RDI: 0000000000000000
[ 1193.729313][T18359] RBP: 00007f7f30792090 R08: 0000200000002140 R09: 0000000000000000
[ 1193.729322][T18359] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1193.729331][T18359] R13: 00007f7f2fbe6218 R14: 00007f7f2fbe6180 R15: 00007ffd1e668ea8
[ 1193.729356][T18359]  </TASK>
[ 1193.895604][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1194.557871][ T5810] Bluetooth: hci3: command 0x1003 tx timeout
[ 1194.572221][T10768] Bluetooth: hci3: Opcode 0x1003 failed: -110
[ 1194.867809][T17543] usb 1-1: new high-speed USB device number 66 using dummy_hcd
[ 1195.512741][T17543] usb 1-1: Using ep0 maxpacket: 16
[ 1195.646272][T17543] usb 1-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[ 1195.655432][T17543] usb 1-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[ 1195.685840][T17543] usb 1-1: Product: syz
[ 1195.717780][T17543] usb 1-1: Manufacturer: syz
[ 1195.724109][T17543] usb 1-1: SerialNumber: syz
[ 1196.798370][T17543] usb 1-1: config 0 descriptor??
[ 1197.888554][  T977] usb 1-1: USB disconnect, device number 66
[ 1207.807596][    C0] sched: DL replenish lagged too much
[ 1247.220778][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1247.240099][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1300.085695][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1305.377102][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1363.798288][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[ 1363.818333][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1406.087461][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 1406.094437][    C1] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P18395/1:b..l
[ 1406.103069][    C1] rcu: 	(detected by 1, t=10503 jiffies, g=84809, q=1327440 ncpus=2)
[ 1406.111130][    C1] task:syz.2.3302      state:R  running task     stack:26504 pid:18395 tgid:18392 ppid:17444  task_flags:0x40054c flags:0x00080003
[ 1406.126151][    C1] Call Trace:
[ 1406.129438][    C1]  <TASK>
[ 1406.132371][    C1]  __schedule+0x1190/0x5de0
[ 1406.136881][    C1]  ? exit_to_user_mode_loop+0x85/0x130
[ 1406.142340][    C1]  ? do_syscall_64+0x426/0xfa0
[ 1406.147107][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1406.153185][    C1]  ? __pfx___schedule+0x10/0x10
[ 1406.158048][    C1]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1406.163075][    C1]  ? preempt_schedule_thunk+0x16/0x30
[ 1406.168454][    C1]  preempt_schedule_common+0x44/0xc0
[ 1406.173744][    C1]  preempt_schedule_thunk+0x16/0x30
[ 1406.179037][    C1]  ? nl80211_netlink_notify+0x2fd/0x970
[ 1406.184610][    C1]  __local_bh_enable_ip+0x107/0x120
[ 1406.189814][    C1]  nl80211_netlink_notify+0x2fd/0x970
[ 1406.195196][    C1]  notifier_call_chain+0xbc/0x410
[ 1406.200229][    C1]  ? __pfx_nl80211_netlink_notify+0x10/0x10
[ 1406.206136][    C1]  blocking_notifier_call_chain+0x69/0xa0
[ 1406.211951][    C1]  netlink_release+0x16cf/0x2080
[ 1406.216899][    C1]  ? netlink_release+0x1e4/0x2080
[ 1406.221927][    C1]  ? __pfx_netlink_release+0x10/0x10
[ 1406.227217][    C1]  ? __pfx_locks_remove_file+0x10/0x10
[ 1406.232675][    C1]  __sock_release+0xb3/0x270
[ 1406.237269][    C1]  ? __pfx_sock_close+0x10/0x10
[ 1406.242118][    C1]  sock_close+0x1c/0x30
[ 1406.246298][    C1]  __fput+0x402/0xb70
[ 1406.250285][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1406.255497][    C1]  task_work_run+0x150/0x240
[ 1406.260085][    C1]  ? __pfx_task_work_run+0x10/0x10
[ 1406.265193][    C1]  ? do_raw_spin_unlock+0x172/0x230
[ 1406.270394][    C1]  do_exit+0x86f/0x2bf0
[ 1406.274552][    C1]  ? __pfx___might_resched+0x10/0x10
[ 1406.279841][    C1]  ? __pfx_do_exit+0x10/0x10
[ 1406.284433][    C1]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1406.289452][    C1]  ? find_held_lock+0x2b/0x80
[ 1406.294135][    C1]  do_group_exit+0xd3/0x2a0
[ 1406.298641][    C1]  get_signal+0x2671/0x26d0
[ 1406.303154][    C1]  ? __pfx_get_signal+0x10/0x10
[ 1406.308013][    C1]  arch_do_signal_or_restart+0x8f/0x7c0
[ 1406.313568][    C1]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1406.319743][    C1]  exit_to_user_mode_loop+0x85/0x130
[ 1406.325027][    C1]  do_syscall_64+0x426/0xfa0
[ 1406.329626][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1406.335521][    C1] RIP: 0033:0x7f9efbb8f6c9
[ 1406.339939][    C1] RSP: 002b:00007f9efca3b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1406.348354][    C1] RAX: fffffffffffffe00 RBX: 00007f9efbde6090 RCX: 00007f9efbb8f6c9
[ 1406.356335][    C1] RDX: 0000000034004811 RSI: 0000200000000080 RDI: 000000000000000b
[ 1406.364313][    C1] RBP: 00007f9efbc11f91 R08: 0000000000000000 R09: 0000000000000000
[ 1406.372292][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1406.380271][    C1] R13: 00007f9efbde6128 R14: 00007f9efbde6090 R15: 00007ffd03d100a8
[ 1406.388262][    C1]  </TASK>
[ 1406.391290][    C1] rcu: rcu_preempt kthread starved for 930 jiffies! g84809 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[ 1406.402306][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 1406.412274][    C1] rcu: RCU grace-period kthread stack dump:
[ 1406.418159][    C1] task:rcu_preempt     state:R  running task     stack:28296 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00080000
[ 1406.431657][    C1] Call Trace:
[ 1406.434937][    C1]  <TASK>
[ 1406.437869][    C1]  __schedule+0x1190/0x5de0
[ 1406.442387][    C1]  ? __lock_acquire+0x622/0x1c90
[ 1406.447337][    C1]  ? __pfx___schedule+0x10/0x10
[ 1406.452197][    C1]  ? find_held_lock+0x2b/0x80
[ 1406.456877][    C1]  ? schedule+0x2d7/0x3a0
[ 1406.461211][    C1]  schedule+0xe7/0x3a0
[ 1406.465284][    C1]  schedule_timeout+0x123/0x290
[ 1406.470131][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[ 1406.475508][    C1]  ? __pfx_process_timeout+0x10/0x10
[ 1406.480796][    C1]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1406.486602][    C1]  ? prepare_to_swait_event+0xf5/0x480
[ 1406.492076][    C1]  rcu_gp_fqs_loop+0x1ea/0xaf0
[ 1406.496836][    C1]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[ 1406.502117][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1406.507317][    C1]  ? __pfx_rcu_gp_init+0x10/0x10
[ 1406.512247][    C1]  ? rcu_gp_cleanup+0x7c1/0xd90
[ 1406.517095][    C1]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1406.522903][    C1]  rcu_gp_kthread+0x26d/0x380
[ 1406.527580][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1406.532776][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1406.537538][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1406.542744][    C1]  ? __kthread_parkme+0x19e/0x250
[ 1406.547769][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1406.553048][    C1]  kthread+0x3c5/0x780
[ 1406.557117][    C1]  ? __pfx_kthread+0x10/0x10
[ 1406.561704][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1406.566469][    C1]  ? __pfx_kthread+0x10/0x10
[ 1406.571056][    C1]  ret_from_fork+0x675/0x7d0
[ 1406.575642][    C1]  ? __pfx_kthread+0x10/0x10
[ 1406.580229][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1406.585018][    C1]  </TASK>
[ 1406.588027][    C1] rcu: Stack dump where RCU GP kthread last ran:
[ 1406.594338][    C1] Sending NMI from CPU 1 to CPUs 0:
[ 1406.599548][    C0] NMI backtrace for cpu 0
[ 1406.599562][    C0] CPU: 0 UID: 0 PID: 5478 Comm: dhcpcd Not tainted syzkaller #0 PREEMPT(full) 
[ 1406.599580][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1406.599590][    C0] RIP: 0010:unwind_next_frame+0x576/0x20a0
[ 1406.599612][    C0] Code: c1 ea 03 0f b6 14 02 0f b6 04 06 4c 89 c6 83 e6 07 40 38 f2 40 0f 9e c6 84 d2 0f 95 c2 40 84 d6 0f 85 c8 14 00 00 41 83 e7 07 <44> 38 f8 0f 9e c2 84 c0 0f 95 c0 84 c2 0f 85 b1 14 00 00 4c 89 f2
[ 1406.599626][    C0] RSP: 0018:ffffc90000006ff8 EFLAGS: 00000206
[ 1406.599638][    C0] RAX: 0000000000000000 RBX: 0000000000000001 RCX: ffffffff91c95626
[ 1406.599648][    C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffffffff910a8c6c
[ 1406.599657][    C0] RBP: ffffc900000070b0 R08: ffffffff91c9562a R09: 0000000000000000
[ 1406.599666][    C0] R10: 0000000000000000 R11: 00000000000a632a R12: ffffc900000070b8
[ 1406.599675][    C0] R13: ffffc90000007068 R14: ffffc9000000709d R15: 0000000000000003
[ 1406.599685][    C0] FS:  00007fa1f4550740(0000) GS:ffff888124a08000(0000) knlGS:0000000000000000
[ 1406.599700][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1406.599710][    C0] CR2: 00007f0bed000218 CR3: 000000007504d000 CR4: 00000000003526f0
[ 1406.599720][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1406.599728][    C0] DR3: 000000000000000e DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 1406.599738][    C0] Call Trace:
[ 1406.599743][    C0]  <IRQ>
[ 1406.599748][    C0]  ? _raw_spin_unlock_irqrestore+0x31/0x80
[ 1406.599770][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1406.599791][    C0]  arch_stack_walk+0x94/0x100
[ 1406.599808][    C0]  ? _raw_spin_unlock_irqrestore+0x31/0x80
[ 1406.599829][    C0]  stack_trace_save+0x8e/0xc0
[ 1406.599847][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[ 1406.599866][    C0]  ? is_bpf_text_address+0x94/0x1a0
[ 1406.599885][    C0]  ? kernel_text_address+0x8d/0x100
[ 1406.599901][    C0]  kasan_save_stack+0x33/0x60
[ 1406.599915][    C0]  ? kasan_save_stack+0x33/0x60
[ 1406.599928][    C0]  ? kasan_save_track+0x14/0x30
[ 1406.599940][    C0]  ? __kasan_slab_alloc+0x89/0x90
[ 1406.599954][    C0]  ? kmem_cache_alloc_node_noprof+0x28a/0x770
[ 1406.599974][    C0]  ? __alloc_skb+0x2b2/0x380
[ 1406.599990][    C0]  ? synproxy_send_client_synack+0x1af/0x8f0
[ 1406.600010][    C0]  ? nft_synproxy_do_eval+0xa63/0xd80
[ 1406.600024][    C0]  ? nft_do_chain+0x2e9/0x1920
[ 1406.600036][    C0]  ? nft_do_chain_inet+0x18a/0x340
[ 1406.600056][    C0]  ? nf_hook_slow+0xbe/0x200
[ 1406.600072][    C0]  ? nf_hook.constprop.0+0x424/0x750
[ 1406.600089][    C0]  ? ip_local_deliver+0x169/0x1f0
[ 1406.600106][    C0]  ? ip_rcv+0x2e0/0x600
[ 1406.600122][    C0]  ? __netif_receive_skb_one_core+0x197/0x1e0
[ 1406.600138][    C0]  ? __netif_receive_skb+0x1d/0x160
[ 1406.600153][    C0]  ? process_backlog+0x439/0x15e0
[ 1406.600167][    C0]  ? __napi_poll.constprop.0+0xba/0x550
[ 1406.600182][    C0]  ? net_rx_action+0x97f/0xef0
[ 1406.600197][    C0]  ? handle_softirqs+0x219/0x8e0
[ 1406.600213][    C0]  ? __irq_exit_rcu+0x109/0x170
[ 1406.600228][    C0]  ? irq_exit_rcu+0x9/0x30
[ 1406.600244][    C0]  ? sysvec_apic_timer_interrupt+0xa4/0xc0
[ 1406.600264][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1406.600279][    C0]  ? _raw_spin_unlock_irqrestore+0x31/0x80
[ 1406.600307][    C0]  kasan_save_track+0x14/0x30
[ 1406.600321][    C0]  __kasan_slab_alloc+0x89/0x90
[ 1406.600336][    C0]  kmem_cache_alloc_node_noprof+0x28a/0x770
[ 1406.600362][    C0]  ? __alloc_skb+0x2b2/0x380
[ 1406.600379][    C0]  ? __alloc_skb+0x2b2/0x380
[ 1406.600394][    C0]  __alloc_skb+0x2b2/0x380
[ 1406.600409][    C0]  ? __pfx___alloc_skb+0x10/0x10
[ 1406.600427][    C0]  ? mark_held_locks+0x49/0x80
[ 1406.600448][    C0]  ? kasan_quarantine_put+0x10a/0x240
[ 1406.600463][    C0]  synproxy_send_client_synack+0x1af/0x8f0
[ 1406.600484][    C0]  ? __pfx_synproxy_send_client_synack+0x10/0x10
[ 1406.600504][    C0]  ? nft_tunnel_obj_dump+0x300/0x1590
[ 1406.600525][    C0]  nft_synproxy_do_eval+0xa63/0xd80
[ 1406.600540][    C0]  ? __pfx_nft_synproxy_do_eval+0x10/0x10
[ 1406.600554][    C0]  ? __lock_acquire+0x622/0x1c90
[ 1406.600576][    C0]  ? __lock_acquire+0x622/0x1c90
[ 1406.600597][    C0]  ? __pfx_nft_synproxy_eval+0x10/0x10
[ 1406.600612][    C0]  nft_do_chain+0x2e9/0x1920
[ 1406.600628][    C0]  ? __pfx_nft_do_chain+0x10/0x10
[ 1406.600641][    C0]  ? mark_held_locks+0x49/0x80
[ 1406.600664][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1406.600684][    C0]  ? ipt_do_table+0xd48/0x1ae0
[ 1406.600707][    C0]  nft_do_chain_inet+0x18a/0x340
[ 1406.600727][    C0]  ? __pfx_nft_do_chain_inet+0x10/0x10
[ 1406.600747][    C0]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1406.600764][    C0]  ? __pfx_ipt_do_table+0x10/0x10
[ 1406.600780][    C0]  ? nf_nat_ipv4_local_in+0x181/0x720
[ 1406.600797][    C0]  ? __pfx_nft_do_chain_inet+0x10/0x10
[ 1406.600817][    C0]  nf_hook_slow+0xbe/0x200
[ 1406.600835][    C0]  nf_hook.constprop.0+0x424/0x750
[ 1406.600853][    C0]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[ 1406.600871][    C0]  ? __pfx_nf_hook.constprop.0+0x10/0x10
[ 1406.600888][    C0]  ? __pfx_ip_rcv_finish+0x10/0x10
[ 1406.600907][    C0]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[ 1406.600928][    C0]  ip_local_deliver+0x169/0x1f0
[ 1406.600946][    C0]  ip_rcv+0x2e0/0x600
[ 1406.600963][    C0]  ? __pfx_ip_rcv+0x10/0x10
[ 1406.600979][    C0]  __netif_receive_skb_one_core+0x197/0x1e0
[ 1406.600996][    C0]  ? __pfx___netif_receive_skb_one_core+0x10/0x10
[ 1406.601013][    C0]  ? lock_acquire+0x179/0x350
[ 1406.601028][    C0]  ? process_backlog+0x3e7/0x15e0
[ 1406.601043][    C0]  __netif_receive_skb+0x1d/0x160
[ 1406.601058][    C0]  process_backlog+0x439/0x15e0
[ 1406.601077][    C0]  __napi_poll.constprop.0+0xba/0x550
[ 1406.601092][    C0]  ? skb_defer_free_flush+0x149/0x280
[ 1406.601113][    C0]  net_rx_action+0x97f/0xef0
[ 1406.601131][    C0]  ? __pfx_net_rx_action+0x10/0x10
[ 1406.601147][    C0]  ? mark_held_locks+0x49/0x80
[ 1406.601167][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1406.601187][    C0]  ? tmigr_handle_remote+0x132/0x380
[ 1406.601208][    C0]  ? run_timer_base+0x121/0x190
[ 1406.601221][    C0]  ? __pfx_run_timer_base+0x10/0x10
[ 1406.601236][    C0]  handle_softirqs+0x219/0x8e0
[ 1406.601254][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[ 1406.601273][    C0]  __irq_exit_rcu+0x109/0x170
[ 1406.601288][    C0]  irq_exit_rcu+0x9/0x30
[ 1406.601304][    C0]  sysvec_apic_timer_interrupt+0xa4/0xc0
[ 1406.601323][    C0]  </IRQ>
[ 1406.601328][    C0]  <TASK>
[ 1406.601333][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1406.601349][    C0] RIP: 0010:_raw_spin_unlock_irqrestore+0x31/0x80
[ 1406.601373][    C0] Code: f5 53 48 8b 74 24 10 48 89 fb 48 83 c7 18 e8 36 ba 35 f6 48 89 df e8 1e 0e 36 f6 f7 c5 00 02 00 00 75 23 9c 58 f6 c4 02 75 37 <bf> 01 00 00 00 e8 45 16 26 f6 65 8b 05 7e 55 3e 08 85 c0 74 16 5b
[ 1406.601386][    C0] RSP: 0018:ffffc900039bfaf8 EFLAGS: 00000246
[ 1406.601397][    C0] RAX: 0000000000000002 RBX: ffff88801ea890c0 RCX: 0000000000000007
[ 1406.601406][    C0] RDX: 0000000000000000 RSI: ffffffff8da2b0e0 RDI: ffffffff8bf07040
[ 1406.601416][    C0] RBP: 0000000000000246 R08: 0000000000000001 R09: 0000000000000001
[ 1406.601424][    C0] R10: ffffffff908204d7 R11: 0000000000000001 R12: ffff888041cd4220
[ 1406.601434][    C0] R13: 0000000000000000 R14: ffffc900039bfb48 R15: ffff888041cd2dc0
[ 1406.601449][    C0]  qlist_free_all+0x4d/0x120
[ 1406.601463][    C0]  kasan_quarantine_reduce+0x195/0x1e0
[ 1406.601477][    C0]  __kasan_slab_alloc+0x69/0x90
[ 1406.601492][    C0]  __kmalloc_cache_noprof+0x274/0x780
[ 1406.601511][    C0]  ? __pfx_vma_policy_mof+0x10/0x10
[ 1406.601528][    C0]  ? task_numa_work+0x1001/0x1970
[ 1406.601550][    C0]  ? task_numa_work+0x1001/0x1970
[ 1406.601569][    C0]  task_numa_work+0x1001/0x1970
[ 1406.601593][    C0]  ? __pfx_task_numa_work+0x10/0x10
[ 1406.601613][    C0]  ? lock_acquire+0x179/0x350
[ 1406.601631][    C0]  ? rcu_is_watching+0x12/0xc0
[ 1406.601651][    C0]  task_work_run+0x150/0x240
[ 1406.601666][    C0]  ? __pfx_task_work_run+0x10/0x10
[ 1406.601681][    C0]  ? __pfx_ksys_read+0x10/0x10
[ 1406.601696][    C0]  exit_to_user_mode_loop+0xec/0x130
[ 1406.601712][    C0]  do_syscall_64+0x426/0xfa0
[ 1406.601733][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1406.601747][    C0] RIP: 0033:0x7fa1f465573a
[ 1406.601759][    C0] Code: 48 8b 0d c1 e6 0c 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 49 89 ca b8 35 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 8e e6 0c 00 f7 d8 64 89 01 48
[ 1406.601772][    C0] RSP: 002b:00007ffc08268a68 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[ 1406.601785][    C0] RAX: 0000000000000000 RBX: 000056166bce1b50 RCX: 00007fa1f465573a
[ 1406.601795][    C0] RDX: 0000000000000000 RSI: 0000000000080805 RDI: 0000000000000001
[ 1406.601804][    C0] RBP: 00007ffc08288e90 R08: 0000000000000000 R09: 0000000000000001
[ 1406.601813][    C0] R10: 00007ffc08268a80 R11: 0000000000000246 R12: 00007ffc08268a80
[ 1406.601822][    C0] R13: 0000000000000001 R14: 0000000000000000 R15: 0000561635293ac0
[ 1406.601837][    C0]  </TASK>
[ 1413.142851][   T31] INFO: task kworker/0:2:977 blocked for more than 143 seconds.
[ 1413.165499][   T31]       Not tainted syzkaller #0