last executing test programs:

4m0.223207978s ago: executing program 4 (id=843):
r0 = creat(&(0x7f0000000000)='./file1\x00', 0x28)
r1 = add_key$fscrypt_v1(&(0x7f0000000440), &(0x7f0000000480)={'fscrypt:', @auto=[0x39, 0x0, 0x0, 0x62, 0x86cc4097e8288a3a, 0x31, 0x66, 0x34, 0x34, 0x30, 0x62, 0x0, 0x0, 0x0, 0x61, 0x3f]}, &(0x7f00000004c0)={0x0, "3e82554dc8ccfbc2e85ec82d4ee9df60f6ae16b1a5f2c848722ba3b132e4fde178c945bd950b0477e801fc8a1be9b4ebbe9c2289a6b0aa00", 0x16}, 0x48, 0xfffffffffffffffe)
pipe2$watch_queue(&(0x7f0000000000)={<r2=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r1, r2, 0x1d)
pipe2$watch_queue(&(0x7f0000000040)={<r3=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r1, r3, 0xb1)
close_range(r0, 0xffffffffffffffff, 0x0)

4m0.079982185s ago: executing program 4 (id=846):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x8000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
vmsplice(0xffffffffffffffff, &(0x7f0000000700)=[{&(0x7f0000000040)="149eb42a9466", 0x6}, {&(0x7f0000000080)="85f304f0d310da2a4d9f49c3", 0xc}], 0x2, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fd7000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3m59.785486398s ago: executing program 4 (id=850):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x1, 0x0, &(0x7f0000000440)=""/53, 0x0, 0xffff1000})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x0, 0x0, &(0x7f0000000300)=""/75, 0x0, 0xeeef0000})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000640))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0xfffffffe)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af04, &(0x7f0000000400))

3m59.731581833s ago: executing program 4 (id=851):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$bind(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000280)='./file0/file0\x00', 0x0, 0x1000, 0x0)
mount$bind(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x80000, 0x0)
mount_setattr(r0, &(0x7f0000000040)='./file0\x00', 0x1100, &(0x7f0000000300)={0x80, 0x2, 0x80000, {r0}}, 0x20)

3m59.674857878s ago: executing program 4 (id=853):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7)
pipe(&(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000001280)=[{&(0x7f0000001180)="83", 0x1}], 0x1, 0x0)
vmsplice(r2, &(0x7f00000005c0)=[{&(0x7f0000000180)="04", 0x1}], 0x1, 0x6)

3m59.098139333s ago: executing program 4 (id=858):
r0 = socket$kcm(0xa, 0x1, 0x0)
r1 = socket$kcm(0xa, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="000000000000000f00e8ffffff0500c400000000", @ANYRES16=r0], 0x48)
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x8916, &(0x7f0000000000)={r1})
r2 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x8916, &(0x7f0000000000)={r2})
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x8936, &(0x7f0000000000)={r1})

3m59.024726821s ago: executing program 32 (id=858):
r0 = socket$kcm(0xa, 0x1, 0x0)
r1 = socket$kcm(0xa, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="000000000000000f00e8ffffff0500c400000000", @ANYRES16=r0], 0x48)
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x8916, &(0x7f0000000000)={r1})
r2 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x8916, &(0x7f0000000000)={r2})
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x8936, &(0x7f0000000000)={r1})

2m32.397722714s ago: executing program 2 (id=1741):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
r1 = syz_io_uring_setup(0xec5, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x3}, &(0x7f0000000080)=<r2=>0x0, &(0x7f0000000340))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r1, 0x95d, 0xfa39, 0xe1, 0x0, 0x0)
io_uring_enter(r1, 0xedd, 0x8acb, 0x41, 0x0, 0x0)
io_uring_enter(r1, 0x47fa, 0x0, 0x0, 0x0, 0x0)

2m31.767642166s ago: executing program 2 (id=1746):
r0 = syz_io_uring_setup(0x487, &(0x7f0000000100)={0x0, 0x59c4, 0x800, 0x1000, 0x5cc}, &(0x7f0000000300)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000740)=[{0x0}], 0x1)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x0, 0x0, 0xffffffffffffffff, 0x0, r0})
io_uring_enter(r0, 0x749f, 0x4, 0x0, 0x0, 0xfffffffffffffef5)

2m31.404809963s ago: executing program 2 (id=1751):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x81)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000480)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='io_uring_file_get\x00', r0, 0x0, 0xf}, 0x18)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000480)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='io_uring_file_get\x00', r1, 0x0, 0xf}, 0x18)
r2 = syz_io_uring_setup(0x1e1e, &(0x7f0000000380)={0x0, 0x86f7, 0x10100, 0x3, 0x38a}, &(0x7f0000002000)=<r3=>0x0, &(0x7f0000000440)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000000c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x6000, @fd_index=0x8, 0xffffffffffffdffd, 0x0, 0x0, 0x22, 0x1})
io_uring_enter(r2, 0x48e9, 0xf2bb, 0x2, 0x0, 0x0)

2m31.192789037s ago: executing program 2 (id=1754):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc13, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x887008, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000006b40)={0x2020}, 0x2020)

2m30.988385441s ago: executing program 2 (id=1756):
r0 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040), 0x10)
listen(r0, 0x0)
r1 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080), 0x10)
setuid(0xee01)
setsockopt$sock_linger(r1, 0x1, 0x3c, &(0x7f0000000180)={0x1, 0x5}, 0x8)
sendmmsg(r1, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="1b", 0x40000}], 0x1}}], 0x1, 0x24008094)

2m30.294082393s ago: executing program 2 (id=1758):
r0 = socket$kcm(0x10, 0x2, 0x10)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x9007}, 0x4)
r2 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x400, 0x1, 0x40000333}, &(0x7f00000006c0)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r2, 0x847ba, 0x0, 0xe, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003f000b05d25a806c8c6394f90324fc60100002000a000300053582c137153e3704020180fc0b09000c00", 0x33fe0}], 0x1}, 0x0)

2m30.130762075s ago: executing program 33 (id=1758):
r0 = socket$kcm(0x10, 0x2, 0x10)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x9007}, 0x4)
r2 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x400, 0x1, 0x40000333}, &(0x7f00000006c0)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r2, 0x847ba, 0x0, 0xe, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003f000b05d25a806c8c6394f90324fc60100002000a000300053582c137153e3704020180fc0b09000c00", 0x33fe0}], 0x1}, 0x0)

27.039112851s ago: executing program 6 (id=3018):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2f00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000006000000850000000700000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10)
r1 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
r2 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x802, 0x0)
getpid()
ioctl$UI_SET_LEDBIT(r2, 0x40045569, 0x800002)
clock_getres(0x0, &(0x7f0000000000))
write$UHID_CREATE(r1, &(0x7f0000000a00)={0x0, {'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000940)=""/3, 0x3, 0x0, 0x4, 0x0, 0x0, 0xc08}}, 0x120)
readv(r1, &(0x7f0000000140)=[{&(0x7f0000000080)=""/144, 0x90}], 0x1)

26.869696104s ago: executing program 6 (id=3019):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0xe8, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f000000d000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, 0x0}], 0x1, 0x52, 0x0, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

26.510190013s ago: executing program 6 (id=3023):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@local})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x2, 0x5e, 0x0, 0xd})
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000240)={@hyper})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r1, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x5e})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

26.417766337s ago: executing program 6 (id=3026):
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000080)={0x18, 0x0, {0x1, @empty, 'ip6tnl0\x00'}}, 0x1e)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000080)={0x18, 0x0, {0x1, @empty, 'ip_vti0\x00'}}, 0x1e)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000200)={'bond0\x00', <r3=>0x0})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000140)={'ip6gretap0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="400d0000000000003000128008000100687372002400028008000200", @ANYRES32=r4, @ANYBLOB="08000100", @ANYRES32=r3], 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x8000)

26.18170509s ago: executing program 6 (id=3032):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f00000003c0)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x100)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x14)
ioctl$AUTOFS_IOC_PROTOSUBVER(r1, 0x40049366, 0x0)

26.083470409s ago: executing program 6 (id=3034):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0xd40, 0xd2)
close(r0)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r1, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r2, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
r3 = socket$phonet_pipe(0x23, 0x5, 0x2)
listen(r3, 0x4)
mount$9p_fd(0x0, &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), 0x200000, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r3}})
sendto$inet(r0, 0x0, 0x60, 0x4000, 0x0, 0x0)

25.249439586s ago: executing program 0 (id=3043):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x100000a, 0x5d032, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000080)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000582000/0x2000)=nil, 0x800000})
r1 = userfaultfd(0x1)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000040))
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$UFFDIO_CONTINUE(r2, 0xc020aa08, &(0x7f00000000c0)={{&(0x7f0000800000/0x800000)=nil, 0x800000}})

25.087909092s ago: executing program 0 (id=3046):
r0 = socket$nl_route(0x10, 0x3, 0x0)
close(0x3)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
sendto$inet(r1, &(0x7f0000000200)="67ac2960dbf834b888a8b0b37d4eacc9fe6105163ea1b370a4bbe1cd8e6ee5c07d084724e724f7c3ce2fd7a2d8bd189d82ab1aa3550b3304a8986ef6ae5e54ef8d9ea6826878f472359e3544ecc507000000000000000000000000000000f6bee8fc8f3d", 0x64, 0x841, 0x0, 0x0)
sendmmsg(r1, &(0x7f0000000640)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000a00)='E', 0x1}], 0x1}}], 0x1, 0x4000045)

24.953582012s ago: executing program 0 (id=3047):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_io_uring_setup(0xbdc, &(0x7f0000000080)={0x0, 0xec21, 0x80, 0x1, 0x373}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd, 0x0, &(0x7f0000000100)=[{0x0}, {0x0}], 0x2, 0x0, 0x1})
ioctl$vim2m_VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f00000000c0)={0x8, 0x0, 0x4, {0xd, @raw_data="9caabff6675469cb6dfbf794dc39e30661d606f228fd60b0e3daa68b5860355979ee2e33254d869293c9b9dbb3ff6a68a7ae5291c699471a10301641209c1ee9fc660900a04c637f2dd1fa3f1ad033b10b30419f044bebea07814fcec8b53e39f04b4c046ce9528e1747ebec03ebd9dc54d0a10e90462b7dcdf14d27a449500df47f11b006f7885ad3fb49b04acdf62e06ef6bdaf94b22beaafacb6acefa3724f100d6cba355d1f09373c99c0054d63cca80254c3ed210b1cb28222c00"}, 0x107})
io_uring_enter(r2, 0x847ba, 0x2000, 0xe, 0x0, 0x0)

24.024765881s ago: executing program 0 (id=3057):
r0 = inotify_init()
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2)
poll(&(0x7f00000002c0)=[{r2, 0x2069}], 0x1, 0x100)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e)
listen(r3, 0x0)
connect$unix(r1, &(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e)
close_range(r0, 0xffffffffffffffff, 0x0)

23.963792096s ago: executing program 0 (id=3058):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000100)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f00000000c0)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x220)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, r0)
setpgid(0x0, r0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0)

23.842511001s ago: executing program 0 (id=3060):
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000200)="0000000000aa303e97380e90231bdbdaf6a4bd866226b7cdb7c26858c4e4fd703be2f51ed6ddc4a47116ec2db75c7042a22491af0ffea4174a9de3350c0a498396b28c7d1784d04aa38922721cb7816094cb82950fd012efd26d", 0x5a}, {&(0x7f0000000900)="0f198d5aa5caa1c55b84b414797cbdd4e8c576a921a070fc828060506683fd1106a961ac55b5b8ea3342ca7de5559ca2c14e05e42aed8ba14b2c78cb540f71a817d80fbf1945a046ebda494a8048a106a4d49d7f214735ada53397db3b203885ce39ee48d69465935eade21ce36e61826c52c82f038341d9bab5687c740ed3c18897094e7e1391eb84a4052e03c0c7c39ae86d454938f65e284620b99481c33d9f5e5b7a6c0d7548723f55b213c76be37f40c850c38e265758ebd8238257a146d6eced16fd658a784c928fea7a841db1a7fd6520442dae5fc0d3a3d3a5f16fcf6fe4f062ecdad7d0f3c6cd339339533c0ef28ad1e2729907094c3de93c1b1b00ad6df89507000000fb7565d3a8e9eaea020ed173c2179fb03e0944460989240a689c7fe795d310be4e7a6b778a903280dbf426b39c3603c49049980767e31edb997f59785184cbd7b9070400000073c745f71db0906cb51780f908fa61634af8ac85d9f04f3dff0a948e81cd3229a59aaeb00995358155343e3239588a0383e4df109d5ca24276d0d83a27d0e9bf681c1bbea12a6f3c20ad50f63430333bb327eb6ae32fe8809065bce26d2dc2fbb2b48d404637d61fd86852e0e1b6ccc6f75b1107aaa5f60ef45f94e953b3f213c3cb4ca4c716565078c666f84e1a99bb4cb5c7190648132f6ff1f6cb79b93f20752753c938da6241607a742361d995188b23cb4b8269e98e822585695962620673433748e476f7cc3e37db88639c525ff3a502c82c283b00aecfe7734ab369e1ed7c75e27a5a333641817baa3ea37844e20e6266c5095abf9d47ca5f8ad93f1a4d8795daec222ada00d65cf91425fae7939ceaa8d94ec1ab5082e1d251c27b3132119b350e81771f3733be232ffb90c03a818bf458aac3314007c3e35d5e4bed6b897608b01e7e26a54433e5f5c74a2ee3c2fc50067be05a677f122b7dba7010830b879a41b579d44158fb89ea05761d2d369853bea84dfb8081ed7b891dcb3bb3361534fdc5252e4964aed936ad2838e7af14fc65c7c1c6d44c6256f2462ae83cfd6a6b2651da607fe79d345e5080098e9e6e7482cc5c267e00d8d09dcde70b60fe6220fe9530547201664db91cf1885ecc2f106b66cd99131523c99f6102ddd7403791b3a7ac59b256cc4c938fe01740ae4f19b5204ca305b1666b0c2a7e5015d6d530995843adfbac3954306d4cd82257d4d2c3283d45dbae43548fed9879328f114f7c8238ac955391b24614d91be1701ae07c170a9c299fcf3d0ac4cea07e88fbf66b697883af17a06ac3f9954eb2fbd20f101802cd023fc48c5d464c16059cc9dce8558c5322ac7612db0e2725427628c2c41a21f0d2f3962e32f710bf9e216ff1694e8d88c8a81328744b36d9ef9f08c0ea3ccd4f8729e2f00a048162834a95", 0x3f1}, {&(0x7f00000003c0)="128b9306006d4810e5ac5040ad9201847839fc378469d5765b9cc241840896c1498194a7197b45d74a8532b82037b02c9e6045c361eb", 0x36}], 0x3}, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000001, 0x32, 0xffffffffffffffff, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
recvmmsg(r0, &(0x7f0000003ec0)=[{{0x0, 0x0, 0x0}, 0x8000}], 0x1, 0x100, 0x0)

10.971506847s ago: executing program 34 (id=3034):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0xd40, 0xd2)
close(r0)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r1, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r2, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
r3 = socket$phonet_pipe(0x23, 0x5, 0x2)
listen(r3, 0x4)
mount$9p_fd(0x0, &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), 0x200000, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r3}})
sendto$inet(r0, 0x0, 0x60, 0x4000, 0x0, 0x0)

9.524866586s ago: executing program 1 (id=3110):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000040)=0x8, 0x4)
bind$inet(r1, &(0x7f0000000280)={0x2, 0x5e21, @local}, 0x10)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x4e24, @local}, 0x10)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000040)=0x8, 0x4)
bind$inet(r2, &(0x7f0000000280)={0x2, 0x5e21, @local}, 0x10)
connect$inet(r2, &(0x7f0000000080)={0x2, 0x4e24, @local}, 0x10)
close_range(r0, 0xffffffffffffffff, 0x0)

9.358003974s ago: executing program 1 (id=3114):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000007c0)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300ea2d010203010902120001000000000904"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000004c0)={0x1c, &(0x7f0000000540)=ANY=[], 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000380)={0x44, &(0x7f0000000680)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000800)={0x44, &(0x7f0000000880)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

8.779360302s ago: executing program 35 (id=3060):
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000200)="0000000000aa303e97380e90231bdbdaf6a4bd866226b7cdb7c26858c4e4fd703be2f51ed6ddc4a47116ec2db75c7042a22491af0ffea4174a9de3350c0a498396b28c7d1784d04aa38922721cb7816094cb82950fd012efd26d", 0x5a}, {&(0x7f0000000900)="0f198d5aa5caa1c55b84b414797cbdd4e8c576a921a070fc828060506683fd1106a961ac55b5b8ea3342ca7de5559ca2c14e05e42aed8ba14b2c78cb540f71a817d80fbf1945a046ebda494a8048a106a4d49d7f214735ada53397db3b203885ce39ee48d69465935eade21ce36e61826c52c82f038341d9bab5687c740ed3c18897094e7e1391eb84a4052e03c0c7c39ae86d454938f65e284620b99481c33d9f5e5b7a6c0d7548723f55b213c76be37f40c850c38e265758ebd8238257a146d6eced16fd658a784c928fea7a841db1a7fd6520442dae5fc0d3a3d3a5f16fcf6fe4f062ecdad7d0f3c6cd339339533c0ef28ad1e2729907094c3de93c1b1b00ad6df89507000000fb7565d3a8e9eaea020ed173c2179fb03e0944460989240a689c7fe795d310be4e7a6b778a903280dbf426b39c3603c49049980767e31edb997f59785184cbd7b9070400000073c745f71db0906cb51780f908fa61634af8ac85d9f04f3dff0a948e81cd3229a59aaeb00995358155343e3239588a0383e4df109d5ca24276d0d83a27d0e9bf681c1bbea12a6f3c20ad50f63430333bb327eb6ae32fe8809065bce26d2dc2fbb2b48d404637d61fd86852e0e1b6ccc6f75b1107aaa5f60ef45f94e953b3f213c3cb4ca4c716565078c666f84e1a99bb4cb5c7190648132f6ff1f6cb79b93f20752753c938da6241607a742361d995188b23cb4b8269e98e822585695962620673433748e476f7cc3e37db88639c525ff3a502c82c283b00aecfe7734ab369e1ed7c75e27a5a333641817baa3ea37844e20e6266c5095abf9d47ca5f8ad93f1a4d8795daec222ada00d65cf91425fae7939ceaa8d94ec1ab5082e1d251c27b3132119b350e81771f3733be232ffb90c03a818bf458aac3314007c3e35d5e4bed6b897608b01e7e26a54433e5f5c74a2ee3c2fc50067be05a677f122b7dba7010830b879a41b579d44158fb89ea05761d2d369853bea84dfb8081ed7b891dcb3bb3361534fdc5252e4964aed936ad2838e7af14fc65c7c1c6d44c6256f2462ae83cfd6a6b2651da607fe79d345e5080098e9e6e7482cc5c267e00d8d09dcde70b60fe6220fe9530547201664db91cf1885ecc2f106b66cd99131523c99f6102ddd7403791b3a7ac59b256cc4c938fe01740ae4f19b5204ca305b1666b0c2a7e5015d6d530995843adfbac3954306d4cd82257d4d2c3283d45dbae43548fed9879328f114f7c8238ac955391b24614d91be1701ae07c170a9c299fcf3d0ac4cea07e88fbf66b697883af17a06ac3f9954eb2fbd20f101802cd023fc48c5d464c16059cc9dce8558c5322ac7612db0e2725427628c2c41a21f0d2f3962e32f710bf9e216ff1694e8d88c8a81328744b36d9ef9f08c0ea3ccd4f8729e2f00a048162834a95", 0x3f1}, {&(0x7f00000003c0)="128b9306006d4810e5ac5040ad9201847839fc378469d5765b9cc241840896c1498194a7197b45d74a8532b82037b02c9e6045c361eb", 0x36}], 0x3}, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000001, 0x32, 0xffffffffffffffff, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
recvmmsg(r0, &(0x7f0000003ec0)=[{{0x0, 0x0, 0x0}, 0x8000}], 0x1, 0x100, 0x0)

6.151978324s ago: executing program 1 (id=3133):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
fchmod(r1, 0x80)
r2 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
ioctl$COMEDI_UNLOCK(0xffffffffffffffff, 0x6406)
bind$nfc_llcp(r2, 0x0, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)

5.497902297s ago: executing program 1 (id=3137):
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000003c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f00000008c0), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0xc200040, 0x0, 0x8, 0x0, 0x1ff, 0x0, 0x0, 0x8}}, 0x50)
write$FUSE_NOTIFY_STORE(r0, &(0x7f0000000140)={0x29, 0x4, 0x0, {0x1, 0x7f, 0x1, 0x0, [0x0]}}, 0x29)
syz_fuse_handle_req(r0, &(0x7f0000008900)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000bcd4681f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001b2c1ec000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008df76a250000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea21056000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000131a5d9400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)={0x20, 0x0, 0xf098, {0x0, 0x9}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
writev(r2, &(0x7f0000000840)=[{&(0x7f0000000400)='M', 0x1}], 0x1)
syz_fuse_handle_req(r0, &(0x7f0000005040)="f4b3a2fe585c1178043fa6383ab31993651484b0b00d0750034190b88f459c9bf56a4a1dd5abe4fc63b0c5248c161c6ba098a3596aeb7f1024308e621f827b871150b0b853bbd51fee2b6ee73e64631367af5c45c50e50dd20900cf54b7ebd7ca4cf17279aa3cddc87802c1a3dde95ace8b07c0f0cd600497942d9e61a9d59013eb4e6a4d59207618b17385d5de17de513bfd5de1949222a5fb44afa1185b4bfb813b48f2388a9dc7ff120fd142d132da4b49af1d6d2add6ea28d464e11e80e070f80b8b4fa3090dd2d566b348d457cb8e1d7a28b9a54b5577545bd8ee0d98b6384c757387c590adca76aeb76bd484e87783a00433e0422fa33200a6bc3c4cb23dc2eaee1de0166660cfff86c11448c83540660550635812a557af1d2f85d616fca07c140cfff711b99b52dbb6245221c5d59b2d23142cb841351111d33723de297b4690bd645e4bf96f63a71c6e814c73f584362fc1bcf892656e2123ce40acda877b13b9ca57d82d6537fd4358971f81a74024c229b718d3c65d838aece525e76522140d8ee76ca1b76e6fed7454cd8126ee3dd416ada1df040c5168485b0c6d98cc779a75c1cee5b3654a25b6ff1ecf198178b117230a7312e11bec7510411cbdde94deb99e6317ae325f083e3857e8347ae904dbc5d2748963f00b3e93c7aa08de8d8eb32268b9ed5b8fff88fb4092a037d0810e64b792bd28d032669bab8b1fdc55107dc1ca0188e43a48d30c719193bda6117251bbd23d3dcf4440fd1e4ca43b7e46fcdbd42ccd6e9b83c1d0e3d492ac7af93e1c74294d57e02157f3609ab8e8aae6be650e45e0b7cacc4966f21070392d4bfe3708b53ba976b1f363760015f4dd92413ac037389da8d43d61a5c15e382b20c11b5b19bd1ec743dff38c89ccc515cfa7261ac899ebea99a75785bd8abe8cff8c9e0c9c30198df269fb661e31df41f8aa359bcd4deb4bb6cb5bc3bbcadd9285ea53e25ff1a8b1c8e233a4eee6411c1c7ff4ab8b9f2c1ef98222f8f299cdea6ade0217a6f1944cfd6240770bced9507c0b3c50e9ace7c1d18924a6877fe7f8d6b1de821c04e86c14b347b454462f5a592bebe3a9b2bb3dfd4593405f2611b328bd53abf2d5ecc558c8b47d699d1f0c4a1a7f249138f186a49c0b8b3bc6ccf5239252532987a55da81c78092f4a05343f8aebe7ebd805c2b4a53f6be33bbc1b8a28ee09414687730619fca4b4fa5f560d616497d8b5c16a8af9bb99b6661a4540eb53df18e656cd2daa545e463e73442b18d2d4f66c98d5eb9600b86225f9e82afc606750d9abbe22bd858100041a7bf05ed8987bffd835fc73b66e5ba3680e03b4a2c7013b6e0f19f778364b37dd975cddc3804796efeb095f02b54c2e0a0445d398c771e923b70bdea8095d14addb78524ba4cf146182c0522fc19ef90cad6629ad1c55f6fe4f092d96923e54f7826d9880c335824e0e2314d216ced5bfe1727c365ef58acea7b20e87affe3dbaef6cc6216a5a2535f504911f9cb2e48724e80fedf4adf529fdc53763b5941a535ba846fa0c408417a5e5a45c0aa9671a8743a4427ea413a937285051cb8bc090cd984bf3ef912581cf47138a8d3872a170c95f1d36d5168506aa8817073df2e460411cc07fac8682da8efe8d29f0f2b96c83478dfc224e4cba2cdff69b714acfe0a7900ba64708a4780889b096f13a31667928678ed32576892960eab6845080fa4f3d75d9009ee4434d7b9c3a958363fe587838dd3e655e32cafcec8b811144daac6bee60615dd4bd5e626365941ca1ad67175ee7d4e8a253ebbcb84ef37d3b04579bc57b694042b51b65f0525c1ce67c6cc17adfb5de3317f056b9c0fc0ff1db616627c1fd22a8c72ad5077a48cc2825ce6fdec75bee72335744092a6b8b34032f2560d7a195b6fb86e9deea357c122a0c86c8171029f12b592d58b151d9c273b22e87eb316051a77dbc91b0f19c74b88bebf7e6c57eebd997fc91f42a577feb8b4983af6fc79c29a2b61453ce0ae708f2946fe90752e42bf70707bd73f627f9f76f2e78d42710005f6c4bdad62d665a0995994ceccf7cab91042d659051903ec8ddc03f43948f0182e5f9a01d9e95c1e6a31c8dc0576b12eea1d9e37908c88e162a4c2f49d63a4ac8cbb54fb17bfa6fd60cd23f3a0c1cf67be4e4646aaf97920c40afdae7ac1e9fc7a12a14f15b8c3eb9fa63c6b6d8505bac949c3b893ab342593041c175a5c93c77f20c05ef071337aff92e99ab21d9b4a6d2de658ef6a7a1771913aedcbc7033858706a82377399b2ddd41b5cd9fe5c0281d7b1d3e2cfe80c28c4afe995f3714402b43268610bb34f0e88c7d75ff0804b5056c90eeac8ce17fad56510bfa73ef6bb69944d9b27b67fb783d31a498c46161066ca86d21658f4feda0b06e1ef7cacf5312b0258d7e6a9d39edd38c7d5f3951b038d69a67fbffa6fd852b726d9ec3bf1c9265d732c2599ee6149555c99b3a899aed379201ffd7dda623c9144331fa107bcacad632754cd6a3266f7d9591672abf662699815ca1ffe2b21a47df84247f2b7ad59e9b1511ba73ce82ff5e3648ffb158ae647256db7c2fd463659b1c9dd749cf31bfed380bba920d7f26d3d79439637e8e1634e1bfa39e5a90f67fde38170a3873812fa40fb8d501e8967f105bef3ed5fa265f7c9136f358abf610540126196fd83924a96a413c6bffdccd76286bf9eb3f3578ec1c9b17aa8aa01ec732d9bc7fb45c17d15a505e74b23f7d2dcb3475e104d00eb5ab8d5b4fdec75b944b4b3ff0a224804c72151804b0da5f4a51f72705638ae701309825251e33dd24ddf5e2612a730f1f86ea9de34aa95d4736c05110bdbd561d4ea22295835df1f23ef19dedbb417a0af26b4c902a1cf86e280117393dc1fd2b6cbb041cfb968d96f0d375993d5400db6637992e9ee9c38a1528ad900b272fdadeef7ab312178f5fb92ef951754dfa333d7f99bc95bbd0ad0a3eb02c4839887b4f3607c15656601ea060eeb2300910a3b8cb75dd949c1275591cfb6fa22219c2b04f68afe995b51ed7fd1952c756b29e368b99ba0f84466c0095c255f913ec67039a82fde1a4a60aee1b77fedb4749b09b16cab155ac79d26d04b8220eab04b84974640c516fb0b1b3533b1d057c09a9e388cf111d7eac1bbd68c75d2fcf22000eff5f169e1012748a7c3a4e8c74451cf21925a29a1d3be1dae2617250d6fff09f3341efef451d4db2ec5995ea6f39be19c6e053391c215353445e465adda70959df0bfdff4914c23d7c13c85ecb3f67c8a6a8d8a879f6c6e8a10b4c34a44fff8163bcc4a00b88874a31ba13673de98978c4031008dbb3c9e8531b30e4774dd111e3a262d0d8eccbbe86097b027aaed451f35c763fece7c74860c7154cb166b2a29b7e9025742136f58597d10d3e372a7c241eebae47cbfe1e8955c8b739ad8e1a655ffd1faaa0e4434a64f315e64cf72295a80224b57c3b43519a05150f2908533a715aa8d48ab1e9773c2ba33e4f13711e754ca3d07f0ca0f129364364f99ae0d6e07b072dd2ad41d6d79f9654788d414a6b5ff36b873ae084687a84056062b709c3b042b9e46dba976116cf67a85a41fda8f42f6d73e98228ce5e66f824e44b7516be1b94b06d9e9335006ada29191f71e4bcd75f9365b96581775346cd7000edcbc60b859dd3bcca0336bf43c4d6ea1f46076efe53be489c4277d1be5b372c9b59876dfacef1bb8640d7715e81403c5e74cc7ec94615ccd5bf463cffa51b8f560f580dcd83d89bbdf904694d8cccea3bc91c7ae9ff375fa215a2f83d18161af7d730023da6842c17dbcb16b16dea0db322f4b8f058ab22f476ac2d9e629c2e2957fe5884d31d9b3204ca0f26b2e2d4c91706f6ba4ae4cee5e7df4dbc000062d9ce5ee258ef5709ba44f08cf6022f267a90f0ff4e99d343042cd1b383bb7c28c4484d0499767556578343c1cdb5fc7982bb185cbc8c527273b96fc1d320f1cfa509fa63df1e263cbd45d3db6fa2076c1b86343dc7b06dd565f065cf8ddb38197f8882cce9d31ee1f3b40eeb9862bf89269066e4476778b51d3d540cbf34640a2b0e354c8c4b06aba2312ce60a7c74fe0cef93a38f4e223619cc9bb51868db20475b7316938b8492e09e1e127b676ec1382eb8d104946b79a70a2ea9b84c0e2fa7006a280270496819b67de0e2c691da1e07e00cb5078fd74747bf4264827fceaf16f2cda5bb16312b6f7927db73b4908aa096eb3f4c1b7d6247517c75d8557d525a3d7a18f13f6965b6f41d85e77c2481c47da6ad560de05f82fb2a39851d958577b09aa032dd1ea8f842b7ff7bde11d0c66c0380d5b9c7f15d9852ead60936eadc63ede76e75caaf9e5cad11e6921044f1accae3ecbe1865f38938d50a82de4d968d621075f244ad0587b9481a1c8385de7bee5324b3a34a6e38134cfb1ac94dd6d31fc8b5221017340cbcb41a7561b2203ea3bf75cd2e790098250beec8e915cb0a2853fcecb66c1a3776de32874d040333d3a9f845ea1457f164dfeb675c8dfe3a3d6fd750357dddca726e8f362e76ae6e697bc0b8e5ab90873b3c19f22c34a575dbdba7c315181fb91ec3a4bedd427c95bc13bb88ecf172ab79cdf6030a9fe3ae646e17e8d97767b19e0842c391466fd426794f50e27f08ae32359b0174fcb1c7bb4d328225bb2a99ad972393d1b77a30a0f34c55d1945525e0199ca90869cf1ef1d69e70ecccbb6dbe05cdabd24ef0d31e37cc3c5bb18eeb19ae12496cdea3d305ba3bf6785d5680803b0530fc6f3e96dcfce3b9f6717eb80a75c443e1cbd2e31564c87b0b268d2f05c848749c8465338fac1b2795c987f6dfdca6e91a6aac831ec1e6b28b744ddc08c7135be46f4a08d2d8c1d252a6d1eac451174c07d586cf1ca7c8da399e22438ac79e758eecf3e381a4e88d6e73d1ea8aa6d299623dacfbfbb5816c5b17d87791b8b018ff1bc8480529fddedde2b4d4d2869fc40639b6922848984e698b0f8427e03bb83b3958b4b2f8da918fe3a61069eb17726a91b198d697c3b86a98fce990f8c7751f7cdcbe7dc2dc0aca6d7b6dfe2f17f142e8aa47d65c097d81400e7c0053cd2c34a800bb5e3ef21bd3341d37e3975a4afd2c8b6aeb0f7636a211a5ab70002b37ca315b4a815cc71b55fb5981b905599ab6741fd9370ed90261eeb336b88553d613a738d563ea1e8f6c69bee01adcd17f5e79e7531bfd22e5d733263507c66eb62e0c1777670a7fff187ffe86b11249f1a97afdad1848ca057f572e8b32df6e9ad1e6517423405a6b24a7d7358f85e167c264bf13ac37c6f8a5a27f8d9fa41b334c827b4fbb7183b0e55cb0fd827f819a2eca26f09c0215b44af7192ab3050eecc9096c893c218d8362c07c7464134897453a7495248a480f0f6dae187ef82145e819001a139750a963fb203725aaebf4aac5f1b7992586f223e9269a30a2eef434bf7e665b91e4f66ef3ec8749f756d8cc175764297626cc933be5bc40255aec916d00b2e33a6058b5abbfd8e10b029f337cf81697b4dfecd780950618dd982a5131a4c0cc8364ab96b613944f542e5c3fe3c629ac015b0a5b27d77de5e887a4cd4e4c058ae73a7d96651e40e31a0fdb95d2e01d31a200f75c6fff7ec1b6434661e711d9a9fc01c176fe103801f7225065a3c966d9ebbc6692b2d7dcfed8f97eec28974fbfc75e5cc22d985e6a458e369ef9069910a2230e243338b8c595db650a78d3f8c85dd4675a1ce1de7cca5115c250d9883005fbc7218504073b0288d684391df63a0c18b683e05738be509283829515fbcf9504abc13c72b1f0d6c3ea0f720df7e0970363d5d7bef920d067f42deb52a7aef3e04d817e78136885b0921224cc0a5c0308b5b0394b4fa75897c57d4305d749a6f3cbf1b19550d0a981221b103a76d974beaa5952ed93362fcfdb13fb787b1dd500e5eca43314e71d8162043f9e25679f1d2e3f795fba14403285d159b83815011edc8e3c118f410e51da0cf11c6279f9be56f3b6f0b9841a51faba81c048e883fe62af2a34c9be55cd36f79d792c50f77b28d05192f2b9cf5757f7d47bb34de1ac358fe962a024d9fbbd42b6706ea390a13b8d22b9eaca0f8784e00825eb40936353bf88a814bdeb6422fb13c5fcc98b71206ff9bb938c1d6a4a3b444dc92d0104be59026ef6dcda84de06fee5d06c5345ea07713af5317170f1b43562aaf9f64b4e5aee0171fe2fbd31fe9a748fc83c76430efef2dc27b11df6cc86b9f094a51317235e51ca48c99e80df7e5d196f995057c611e9bafbbb9d2be70dc7d49b6067e29380ed1e352424049b9162d40d01cc6fd9d82c7c0c3ef64d7a5ca4c89c8d6bb0692436a0e06f2dc3f2d20c9c737659d3884d14f39a44ad84560508b41658e695d788bc08961c45a22b5f418ccb4c2f9519c3be841eecb10d1abec7252eac01d64fa7ce78da407425a643d9059a875e439bad2945ba34b4919022d3a210a488feaa8ca07aa10e55e86bf1e1cfe84154da52cfc1a90be03bc9c6c47a9ee885f203d247d6b96b869b5773d3940d918c5dc6ebf161d83b6b1022d70c97f6729061691d3f29ff8a0cd77b6a872e2b07cd5da66a3ccd7e3b4f457f81d823a594c30398c912052edfaf88a130e97df4fcad5c96f87a96101bda4c2016f4792dae7444119339c3d991bea5ad9df504a86b9ec33cb952790eef9d1952efed3810c8ed4f4dee51ec9402bdd00971466601cca4431ceab574ddf87835aa07f8a9554366424b851d9ee59d1c66c994917be128d50240e8c51bf23866f8599ea4da5e62cc311b3a4cd8a6a29f4fb64db8e32ec44cda4150af62e3b90dc5457f5f7bef06b964ec7fad3d6b540b0fc082ac844c9ccffa7bb49a452495f20910692c3aca53e7a4040486987ffed917336740f1cb9563adc35565398f89c2de922bee86e1ef3dc2ecb04d9186b1372853d9487a3b8614ccef8cd62af40f1291b78390736ebe6b211c2f13518a699f72409346d4ec3106e3739184a6924b4afac3e67eb3aaf5006bb599667073eba0b8531ffbc4e681f45e4c82ce2ef54b02b05ae3009ffe9eb6ed1e2bbbc3773dacce18ec647d004d3e305e4be12e13451fb39d902b36fba6dfbb667a3c80bca696f91428641119ef93bd085d6fd799a03a484ed65c6516418fb796c0d5e351175d6a94ea0078e7602e3c0bf466c9e4e498ecca12f1817fbc30fd4465864f4252e6d1b8178bfbee66608dec3a93a0d7af029065c58a619ba58265d10371a3dc41db94346fabb80616827cbec8c30ab66cafe631f12e6520779739fd6b23dd14cffee784d505f421684d805d9ada934cba66c9b976aceb8be00e12767b2c51cb0264fbfda965605bb0124573ecf0bc5c6ba46839050ee4bc72240ab6ba683e1118e6a26d977a8b443653c757a7fa3eacdffcc3905fb7f23776e25d7b8cabcdb902227d1ae1112ba7cbfc5d585bf839fec7822c50f00f0a11c451d7f971500f0ec3cdc0e3870d2032a90376b3e1114d9b97f3b70f08a292bf8e34a451422149685746e8e544db05d1b505cc70e83ae4d3ee31b05a82231141d5b07b2a5de0facba2b5a15e1079f24d24004de7fada6348bb8891d8b0c1e13f55a8ac1309d8783df416cb25f7416c8a70a7c24e961e64dc433a3433d94a0a1bd2489db60ba069ad56bc6533ead55d2a6c52d889adcd079721954367e351f4fbdacd3a000ad745e758ca274b66fbf8875ada8ac711c151e7bd0b756429e42fb34255174af98570bb3582d8d079f6d97a1f20e75f1bf4f7c7d4f778cd5b1d5b7a82f94077a43880f0e4084f9cd8daf2784b42d1e952b69fddcc93da00ab5580e912ed198c6bac83a39d39c3c097c5fc3b18a8c4697e17e25a59bd91a7623ab8163314b80f1a5285383b5047d60bcd8813b3ec80271f7116946a08a0cbe6e4d9a387a323f72bacb2217fbd499cbeff245e80060fc70b8bf440ea555331894774992de067c8247a960adeb49cba3dc1dbd1d213b10a82e17219783c65a2825c57ae1a273e83247a707c3aadce1f3352326a4a0e53911cd4854e45428678256b551a5b69973e10fc105a7ef24e5af2df405b5b67b97594abaff4eae82fecd5c7969e09bfac8d38b59e93c35240e410e2ea4636bf13df0d043cdd6b1cb4c9fedf165011591e5283f908c7c5bc7b4ed2503fc4c80356db5138843b57adc1c648c365d3875eb94d16a381a241c79084660bb030fc5860057d2808ef470673c8ce7c816f60225e7ed1bc29fb41fb2b2821ed7fee69fa6c5f0a59fe6434fee0a68dfd05fff611670cd2ed2b18b7e82382dd118ba5a0e4fb7ef065aa79a4ac0e3aacc811e8af570080171a9ab80dab39da3fa9791d9ca39448d971162efe96c3a55cd08169057764f42bcc4ac9606022a97d872d0db3e69826be084e5fadea0850434593071bc638b07217a02704e7a097f117b8791ba85191187444cbe20fcafe1cd41e9503087bc24e0de9a40bb50e272e41510745cc0d43ac9d92e1cdf7861a2e1afebd8ed4751f7f76b29299d0509e9f5c0983a3eae3cb208a902a5c09235fa0c74b1a91030361b29720dd057ef927c1414bc0ae1126cb0f688b3faeb72cba6895bff38613a25a8aede33e711fd7ecbfa7f6a18f47817973c984fdf3bac887467d6802e8a97210988b4ae36c849ab98080765041c8fbbac372caf7ac92e9ced75dfb9e93b971662b740848b3676ca5ffa904299174c17e98fa75f4769e529b15f7bfad3255b3ae9a5fa9527e466ccf72e5e33555869e83654161b5d2002c088e572bb5b0d7dec3d37029cd1cf787c65067a3130d2a8d443c67578b7c57192ade65b1e55a8270750caf7f23807ec907c0f7a5f1a8b512fda3c02662e07058918386f06b2f835031be1c19cc8f9c17ba6c618548cce26692f305c4f7d420497509f47665ec3a28f3c831e40e1caa64163fe022a7814b79980d628c0ac5356bceee58df547f5a9f5f80adfb4e92ee9b3c9d53dcf6b29af3af5fc7ca4f5b25e9d6cbd6f808fbad9a04727b904ab96f099bd7854230063e84c4491dc7a1912e4ae37de654feaffb15125d45150cbf3d164fda888ef8f7f3beee8f3463504f26303a218118654beff3933ac1f6b7efa1c7748994e629a89eb5bd0799c3de515fecfacd78e4da46bd937170915a189df583091a1afdcb9aac56ce297deacd7a2a31348f6150536b0daba45ed61f6436b63158d358834d89eecb4ae623dd7eb9442426d74160ab680da93dc9ee8a86c3021ad618b193a352c7aa0e390c7bc6b797ed5aff0068a00e0592d8a9942cc8df75b73a8dc26e910e3dcb41670dfdc71ee7a980ea5d7626affc0ec7a5f70697c0d45c9910405f25218d9e4bfc138fc9461808ca569b106bca28b9722611596420abc48832d5599bf2de79bb8f03a5ed53ddcea963239fd43409a0375b69facc208a550c25c8a6020fd6c6257ae984c3c3ebf77fe5997c140c994e49db7272d4702612efe21722a8accd69665cbfbee971b8290df2f197ced31baf4e49527d3063ec186d7b43c926a2427756e43b8906aa86c35b6716b990840b12814331c69d35e6cf30dd948ae1c72d8c439fd4cb9503895246509305b6a33d9d65a990755cc42613970cbb77b63107900f7f2aa35c87ef0ba92d4467447b308b7d7e63da98be3e5e3dc2a21476ca9b49cf40001fa91ff99f96a03ea8c8147eb3d8f0e6307d46e8ef69778f4e1fdcc2fab287cc59e7081865e01f00ab8ea871bf5d6815e01e665dd2752bdbe3dc4d30baad78ea092e846920ce7da93a46d51ad242ec7412c297b7f30d8986ca211fada2ae9ae873c0028b584364041d265dae3547d3763717b25f2794d2c1902fafff49ae11a6c1cefa59fcdec5db1f1e5647d1dbe1ed0978587a53009234229d0d57dff86b10f30e5eadcf9554cf417821b854d59bf9474843c1d69de4f60eb08443f9a1b5a68115c46521f1b2f6f9d5d0bac0c604958bba36cafedbdb36bcae5558faa4ff6d6fc7bbb021e00ff096be73c57901a0d94340510bf925c32b0f01f0d1ffb4fb693155c3ef72ee9e12f57f837540a7a65f645660515173ee248c32b6dfc999fbce64eac16a0ec6abd83ab72c8500c4a012521dea23ee7e92b3a4fe555380f96ae3dc97b653b8d176947cf1e1e0096341a4b3e9a33ba3ad91eb3b4983a15b394fea3b30a94138dd6b00ac791e2d7447a5a17f34955f256984c3293eb4fbfa315a623f7d30ba2a7e30e22c5a5768726fbf6a0ae179bfe22fb31f7611fdd00261df87da5d552723b623310956a7ad8f3b6266dd1398b3baf45efad1514ee8decfbe20bc0b333b40bb37600b1a49d38dd514287bf13cd6540308d59ea6a23a201d86c27ffc725fd7f0cc72048fc904a644f67c9ed2b3d31e9c23d8173900ea1c5d3c29e0eec71567603b7cbc940d035342e5c106663b9320508228f3bcad0fb9df7c71f468e0b297a206f4da2f6f5345732a712a2810d5011b82228e6cbebd957fef436eda0cf5cc1cc3faf81f2fe1d1fe5d457b9ad614917a748a0a478d2aaf4963614ed3e243d144ec39b44fc837794c208067821899abaf6cba1f893c18dffc13ff88884cfb40456a2f52d2b0735962473b81a6da0230555913bf7a8b1115ea59c9988e4b9a8d5fd9ee654c2ccf12efd5f14a72144835ad3dee532803495b2a23d626df9ff1f71ef97b212eff842fb145f5386f6a5bd0127dc790ba1992819e7bd6f6764b39b51adf28f3f5ee7416020a8f3bd777c6606a25ee1012e7a9fd1254ea8afc808369726c655139f255c0b857847124af9db34b564a2c41d807a509e967d7cacc5d84d2467cfec4776dd6bd75072b2b32df8d73d8c3a32f886af844e09a38e5d932b5110b19e0023138bf35593283c0e6051b9048d2fce9f12e95cc678e9a3f8a4803308c6a0a8ebdcdd255a8c8b7ae2534b6c068786b6a2f91d0751b856b29ec27605688a6714c0f3cdd7f0e661c73ab3a79d2f80e2ea826306dc34624d237fa93d4a6ead505a05a9574578e0db23ccaef471e4b1437e9ed870961d91121f3b34d25a0aeea687156789000cba30abc3fc45a7be223bad52afab68a138572682994d900f5a922e7228b01410986b870352d696839553af0c5f1d5f589e4ec90fe9b7d849b2e45b7bf77e45f7831fe22b03a78c76d3eb6a021d0247ed8148fa55fef58ebac6264761465ddba32645814a121618da7e523a1fe978b5c80f4049e8b0ad05ae6dd536c342eaeefc17f6cebb9f7ced9e92352e1ec4d95fc5f3a204bd64d66570d046709ed45717b8e6ef5d6d2ab9986598026b79d76ad4ec79d309860bcd6bdb542a7dabe7404fbe645ae7cfeee42e27916123009a4bcccc37d41286878563ccdf02d5d89f72fca09c2bfa94c8b0d4931f41d92cb09ded8b8dce1947f9c333458ff64002067d429e241933a8d5efc925ace73a48a3674a300542b56b77f09c4ab34f66a49845cfec6942b4d6b5aea3313b424aef937755b0aa214030ac28d42579fa166bfd7e0abe6d45701d93348ba72ee5748011ba108359f119d14a85971438e6db62451816a731183f9002f02d6b33c1c7d099504599029daa34e", 0x2000, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000740)={0x18, 0x0, 0x401, {0x1}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

4.589094364s ago: executing program 5 (id=3140):
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0)
keyctl$clear(0x7, 0x0)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, &(0x7f0000000040), &(0x7f0000048000), 0x0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
exit(0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r1, &(0x7f0000000400)={0xa})
epoll_pwait(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x80000000, 0x0, 0x0)
ioprio_set$pid(0x1, r0, 0x6000)

3.700345141s ago: executing program 5 (id=3141):
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_io_uring_setup(0x497, &(0x7f00000000c0)={0x0, 0x7079, 0x400, 0x3, 0x288}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x2007, @fd=r2, 0x0, 0x0})
io_uring_enter(r2, 0x351a, 0x100, 0x0, 0x0, 0x0)

2.274509472s ago: executing program 3 (id=3145):
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c8", 0xb)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r0, 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x8)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$FUSE_DIRENTPLUS(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="10000000feff5366"], 0x10)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r3, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x0, 0x1}}, 0x40)

2.273796424s ago: executing program 5 (id=3146):
bind$unix(0xffffffffffffffff, 0x0, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x400000bce)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x8, 0x4, 0x4, 0x4, 0x0, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000025000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000540)='sys_exit\x00', r1}, 0x18)
syz_open_dev$MSR(0x0, 0x0, 0x0)
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x40000)
shmat(0x0, &(0x7f0000ff9000/0x1000)=nil, 0x4000)

2.178111171s ago: executing program 5 (id=3147):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_io_uring_setup(0x497, &(0x7f00000000c0)={0x0, 0x79af, 0x8, 0x0, 0x272}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
r5 = socket$inet6_sctp(0xa, 0x801, 0x84)
syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r5, 0x0, &(0x7f0000000200)='(', 0x1, 0x10, 0x1})
io_uring_enter(r2, 0x627, 0x4c1, 0x43, 0x0, 0x0)

2.095858578s ago: executing program 3 (id=3148):
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000017c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[@ip_ttl={{0x14, 0x0, 0x2, 0x7}}], 0x18}}], 0x1, 0x0)
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r1 = socket$netlink(0x10, 0x3, 0x0)
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r1, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000080)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027f"], 0x57)
setsockopt$inet_mreqsrc(r0, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)

1.783884013s ago: executing program 3 (id=3149):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x47)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000100)=0x1d11, 0x5e)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000340)=[@sack_perm, @window={0x3, 0x6, 0x7}, @mss={0x2, 0x7}, @window={0x3, 0x0, 0x4}, @window={0x3, 0x8, 0x6}, @timestamp, @window={0x3, 0xfffe}, @sack_perm], 0x200000000000005e)
sendto$inet(r0, &(0x7f00000001c0)="d33dd4edc9ee576551234edcd9c29e0ee1279915798e9582c47f", 0x1a, 0x8011, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000), 0x4)
sendto$inet(r0, &(0x7f00000004c0)='<', 0x381, 0x805, 0x0, 0x0)

1.772944988s ago: executing program 1 (id=3150):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_genetlink_get_family_id$wireguard(0x0, 0xffffffffffffffff)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x92)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)

1.582152985s ago: executing program 3 (id=3151):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x103a, 0x1000, 0x103a, 0xfffffffc, 0xff, 0x80000000}, 0x1c)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3, 0x0, 0x8}, 0x18)
ppoll(&(0x7f0000000500)=[{r1}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0x8000000000, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x3, 0x0, 0x0, 0x7fffffff, 0xfffffffffffffffc}, 0x0, 0x0)

818.677068ms ago: executing program 7 (id=3102):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000200)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_io_uring_setup(0x10d, &(0x7f0000000540)={0x0, 0xd4bb, 0x0, 0xfffffffd}, &(0x7f0000000380)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0x10000, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x12, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x80800})
io_uring_enter(r2, 0x3517, 0xc2de, 0x9, 0x0, 0x0)

571.603055ms ago: executing program 8 (id=3119):
timer_create(0x0, 0x0, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x42, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x80042, 0x50)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x180)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
setxattr$security_capability(&(0x7f0000000240)='./file0/file1\x00', &(0x7f0000000280), 0x0, 0x0, 0x0)

523.697982ms ago: executing program 5 (id=3152):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {0xfff1, 0xffff}, {0xcaae85abad719c99, 0xf}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)=@newqdisc={0x24, 0x28, 0x4ee4e6a52ff56541, 0x5001, 0xfffffdfc, {0x0, 0x0, 0x0, r6, {0xc}, {0x0, 0xfff1}, {0x2, 0x9}}}, 0x24}, 0x1, 0x0, 0x0, 0x40098}, 0x4000000)

375.45311ms ago: executing program 3 (id=3153):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x4d, 0xfffffffb, 0x7fffffff}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084)
sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001740)=@newqdisc={0x434, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdf8, {0x0, 0x0, 0x0, r4, {0x10}, {}, {0xa, 0x3}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x408, 0x2, [@TCA_TBF_RTAB={0x404, 0x2, [0x1, 0x1, 0x9, 0x8000, 0x3, 0x5, 0x5, 0xb762, 0x6, 0x7, 0x8, 0xf, 0x2, 0x80000001, 0x400, 0x7fc, 0xffff8000, 0x6, 0x401, 0x9, 0xb89, 0xffffe4f5, 0xd6, 0x4, 0xffff, 0x7, 0x0, 0x2, 0x101, 0x1, 0xfffffffc, 0x4, 0x1, 0x1, 0x9, 0xc, 0x20001000, 0x4, 0x2, 0x7, 0x4, 0x99, 0x9, 0x5, 0x6, 0x7, 0xfffffff7, 0x1, 0x2, 0x9, 0x9, 0x44, 0x8, 0x8, 0x1, 0x4, 0x7ff, 0x8, 0x7, 0x80000001, 0x400, 0x8, 0xfffffa72, 0xcd, 0xffffff80, 0x80000000, 0xc, 0x4, 0x65, 0x91, 0x659, 0x9, 0xf, 0x9, 0xc28, 0x9, 0x7, 0x3, 0x401, 0x3, 0x2, 0xfffffffa, 0x1, 0x10001, 0x3, 0x1, 0x4, 0x8, 0x8, 0x7, 0x1, 0x1, 0x1, 0x7, 0x40, 0x7, 0x12, 0x8000, 0x1, 0x4dc, 0x80, 0x3, 0x7fffffff, 0xff, 0x9, 0xa7, 0xf, 0x2, 0x0, 0x3, 0x1000, 0x4, 0x401, 0x7, 0x80000000, 0xffff, 0x6, 0x5, 0x4, 0xffffffff, 0x80000000, 0x1966f9ab, 0x200, 0x20200, 0xed5, 0xfffffc00, 0x6, 0x4, 0x8, 0x485e, 0xa85, 0x80000040, 0x2, 0x7, 0x7, 0x102, 0x2d5421e8, 0x7, 0x10000, 0xffffffff, 0x6, 0x3ff, 0xf04, 0x0, 0x2, 0x5, 0xfffffc00, 0x5, 0x8d, 0x4, 0x401, 0x4, 0x9, 0x3, 0xfffffffb, 0x1, 0x0, 0x0, 0x2, 0x5, 0x8, 0x3, 0x0, 0x800, 0x2, 0x8, 0x7ff, 0x1, 0x9, 0x6, 0x5, 0x5, 0x4d15, 0x1ff, 0xfffff060, 0x3, 0x469, 0x3, 0x0, 0x200, 0x10000005, 0x7, 0x1, 0x8, 0x42ba, 0x4, 0x9, 0x3, 0x8, 0x8, 0x53, 0x6, 0x4, 0x400, 0x8000, 0x0, 0x2c310b18, 0xfff, 0x0, 0x3, 0xcd34, 0x9, 0x81, 0xdf3, 0x2, 0x7, 0x8, 0xfff, 0x1ff, 0x8000, 0x3, 0x8, 0x3, 0x9, 0x9a6, 0xe4cb, 0x402, 0x1, 0x1ff, 0x3e, 0x9b4, 0x1, 0x8, 0x0, 0x8, 0x0, 0x9, 0x0, 0x4, 0x10, 0x901, 0x5, 0x2, 0x7b, 0xfffffeff, 0x6, 0x6, 0xc, 0x1000, 0x9, 0x9, 0xe6, 0xab, 0x400, 0x7fffffff, 0xed, 0x7ff, 0xd83, 0x68, 0x80000001, 0x4, 0x1, 0x6, 0x200, 0x2]}]}}]}, 0x434}, 0x1, 0x0, 0x0, 0x40098}, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

337.688715ms ago: executing program 8 (id=3154):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000f000000850000007500000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), r3)
getsockname$packet(r3, &(0x7f00000002c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x4000800)
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)=@delchain={0x48, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0xfff3}, {0xfff3, 0xffff}, {0xa, 0x1b}}, [@filter_kind_options=@f_flower={{0x15}, {0x18, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x14, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0xffffffffffffffa1, 0x1, 0x1}]}, @TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x4}]}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x40044}, 0x4804)

90.20686ms ago: executing program 5 (id=3155):
syz_emit_ethernet(0x2a, &(0x7f0000000100)=ANY=[@ANYBLOB="bbbbbbc3bbbb8a0a63cdec5908060001080006040001aaaacdaaaaaa16bb"], 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xe, 0x4, 0x4, 0x3}, 0x48)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, r1, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x18, 0x1c, &(0x7f0000000d80)=ANY=[@ANYBLOB="1808000000000000000000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bf0900000000000035090100000000009500000000070000b7020000000000007b9a00fe000000006609000003000000dbaaf0fff1000000bf8600000000000007080000f8ffffffbfa400000000000007040000f0ffffff670000000800000018290000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7050000080000004608f0ff760000005e92f4ff0000000056080000010000008500000007000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @fallback=0xd, 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

38.069114ms ago: executing program 1 (id=3156):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
close(r1)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x0)
writev(r0, &(0x7f0000000800)=[{&(0x7f0000000480)="89e7ee2c78dad9b4b473e4c988ca", 0xe}, {&(0x7f0000000640)="a41ca6", 0x3}], 0x2)

0s ago: executing program 3 (id=3157):
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0xd, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x18, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r0}, 0x10)
unshare(0x68040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0xfffff000)
ioctl$BTRFS_IOC_SCRUB(0xffffffffffffffff, 0xc400941b, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x1022002, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="480000000906010200000000000000000200ffff200007800c00018008000140a2fd4ebc08000a400000000205000300020000000900020073797a310000000005000100"], 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)

kernel console output (not intermixed with test programs):

dm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  246.953677][ T2953] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  246.972816][   T30] audit: type=1400 audit(1766313866.253:548): avc:  denied  { read } for  pid=11332 comm="syz.5.1982" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  247.135476][ T2953] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  247.191827][ T2953] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  247.553316][ T2953] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  247.554279][T11346] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1985'.
[  247.612572][ T2953] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  247.737423][T11348] netlink: 'syz.6.1986': attribute type 10 has an invalid length.
[  247.812002][ T2953] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  247.858648][ T2953] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  248.001063][   T30] audit: type=1400 audit(1766313867.323:549): avc:  denied  { ioctl } for  pid=11351 comm="syz.0.1987" path="pid:[4026532794]" dev="nsfs" ino=4026532794 ioctlcmd=0x9409 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  248.432220][ T5941] usb 1-1: new full-speed USB device number 28 using dummy_hcd
[  248.507854][ T2953] bridge_slave_1: left allmulticast mode
[  248.544686][ T2953] bridge_slave_1: left promiscuous mode
[  248.555824][ T2953] bridge0: port 2(bridge_slave_1) entered disabled state
[  248.616376][ T5941] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  248.649990][ T2953] bridge_slave_0: left allmulticast mode
[  248.667318][ T5941] usb 1-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  248.687484][ T5941] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  248.700838][ T2953] bridge_slave_0: left promiscuous mode
[  248.711817][ T5941] usb 1-1: config 0 descriptor??
[  248.735082][ T2953] bridge0: port 1(bridge_slave_0) entered disabled state
[  248.735704][T11354] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  249.342240][ T5941] elan 0003:04F3:0755.0032: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.0-1/input0
[  249.599039][   T49] usb 1-1: USB disconnect, device number 28
[  249.692182][ T5819] SELinux: failure in sel_netif_sid_slow(), invalid network interface (83)
[  249.728383][   T30] audit: type=1400 audit(1766313869.063:550): avc:  denied  { setopt } for  pid=11402 comm="syz.6.2001" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  249.818066][ T5819] SELinux: failure in sel_netif_sid_slow(), invalid network interface (82)
[  249.903841][ T2953] bond1 (unregistering): (slave geneve2): Releasing active interface
[  250.148334][ T2953] bond3 (unregistering): (slave bridge1): Releasing active interface
[  250.226431][ T2953] bond4 (unregistering): (slave bridge2): Releasing active interface
[  250.351952][T11422] netlink: 'syz.0.2008': attribute type 1 has an invalid length.
[  250.890273][T11433] GUP no longer grows the stack in syz.1.2010 (11433): 200000011000-200000018000 (20000000e000)
[  250.940677][T11433] CPU: 0 UID: 0 PID: 11433 Comm: syz.1.2010 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  250.940707][T11433] Tainted: [L]=SOFTLOCKUP
[  250.940712][T11433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  250.940723][T11433] Call Trace:
[  250.940728][T11433]  <TASK>
[  250.940735][T11433]  dump_stack_lvl+0x16c/0x1f0
[  250.940762][T11433]  gup_vma_lookup+0x1d2/0x220
[  250.940785][T11433]  __get_user_pages+0x241/0x3590
[  250.940815][T11433]  ? find_held_lock+0x2b/0x80
[  250.940842][T11433]  ? __pfx___get_user_pages+0x10/0x10
[  250.940871][T11433]  get_user_pages_remote+0x243/0xab0
[  250.940896][T11433]  ? mas_new_root+0x690/0x6e0
[  250.940921][T11433]  ? __pfx_get_user_pages_remote+0x10/0x10
[  250.940946][T11433]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  250.940973][T11433]  __access_remote_vm+0x24d/0x850
[  250.940998][T11433]  ? do_raw_spin_lock+0x12c/0x2b0
[  250.941022][T11433]  ? __pfx___access_remote_vm+0x10/0x10
[  250.941050][T11433]  proc_pid_cmdline_read+0x4de/0x8e0
[  250.941072][T11433]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  250.941091][T11433]  ? rw_verify_area+0xcf/0x6c0
[  250.941111][T11433]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  250.941128][T11433]  vfs_readv+0x5c1/0x8b0
[  250.941156][T11433]  ? __pfx_vfs_readv+0x10/0x10
[  250.941198][T11433]  ? __fget_files+0x20e/0x3c0
[  250.941230][T11433]  ? do_preadv+0x1a6/0x270
[  250.941248][T11433]  do_preadv+0x1a6/0x270
[  250.941269][T11433]  ? __pfx_do_preadv+0x10/0x10
[  250.941295][T11433]  do_syscall_64+0xcd/0xf80
[  250.941320][T11433]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.941338][T11433] RIP: 0033:0x7ff88f98f749
[  250.941353][T11433] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  250.941369][T11433] RSP: 002b:00007ff8907d8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  250.941386][T11433] RAX: ffffffffffffffda RBX: 00007ff88fbe5fa0 RCX: 00007ff88f98f749
[  250.941398][T11433] RDX: 0000000000000001 RSI: 0000200000001200 RDI: 0000000000000005
[  250.941409][T11433] RBP: 00007ff88fa13f91 R08: 0000000000006a76 R09: 0000000000000000
[  250.941419][T11433] R10: 0000000000000009 R11: 0000000000000246 R12: 0000000000000000
[  250.941429][T11433] R13: 00007ff88fbe6038 R14: 00007ff88fbe5fa0 R15: 00007ffff6376b18
[  250.941455][T11433]  </TASK>
[  251.232356][ T2953] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  251.259403][ T2953] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  251.285353][ T2953] bond0 (unregistering): Released all slaves
[  251.401467][T11446] binder: 11445:11446 ioctl c0306201 200000000640 returned -22
[  251.429770][ T2953] bond1 (unregistering): Released all slaves
[  251.458642][ T2953] bond2 (unregistering): (slave vxcan3): Releasing backup interface
[  251.472242][ T2953] bond2 (unregistering): Released all slaves
[  251.511605][ T2953] bond3 (unregistering): Released all slaves
[  251.564709][T11452] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2020'.
[  251.576847][ T2953] bond4 (unregistering): Released all slaves
[  251.583411][T11451] netlink: 277 bytes leftover after parsing attributes in process `syz.5.2019'.
[  251.621581][T11422] workqueue: Failed to create a rescuer kthread for wq "bond3": -EINTR
[  251.702877][T11426] mac80211_hwsim hwsim6 wlan0: entered promiscuous mode
[  251.730953][   T30] audit: type=1400 audit(1766313871.063:551): avc:  denied  { setopt } for  pid=11458 comm="syz.6.2022" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  251.914209][T11467] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2025'.
[  252.007477][T11469] sch_tbf: burst 88 is lower than device veth5 mtu (1514) !
[  252.166315][T11484] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2030'.
[  252.398572][ T2953] hsr_slave_0: left promiscuous mode
[  252.428981][ T2953] hsr_slave_1: left promiscuous mode
[  252.441186][ T2953] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  252.458763][ T2953] batman_adv: batadv0: Removing interface: batadv_slave_0
[  252.476816][ T2953] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  252.484512][ T2953] batman_adv: batadv0: Removing interface: batadv_slave_1
[  252.503653][ T2953] veth1_macvtap: left promiscuous mode
[  252.518899][ T2953] veth0_macvtap: left promiscuous mode
[  252.711070][T11507] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2035'.
[  252.920404][   T30] audit: type=1400 audit(1766313872.253:552): avc:  denied  { mounton } for  pid=11513 comm="syz.3.2038" path="/415/file0" dev="tmpfs" ino=2207 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1
[  253.006270][T11516] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2039'.
[  253.012241][ T5940] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  253.060847][    C1] vcan0: j1939_tp_rxtimer: 0xffff88807c19dc00: rx timeout, send abort
[  253.074653][   T30] audit: type=1400 audit(1766313872.413:553): avc:  denied  { read } for  pid=5170 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[  253.103453][   T30] audit: type=1400 audit(1766313872.413:554): avc:  denied  { search } for  pid=5170 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  253.129230][   T30] audit: type=1400 audit(1766313872.413:555): avc:  denied  { search } for  pid=5170 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  253.152536][   T30] audit: type=1400 audit(1766313872.413:556): avc:  denied  { add_name } for  pid=5170 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  253.174552][   T30] audit: type=1400 audit(1766313872.413:557): avc:  denied  { create } for  pid=5170 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  253.174666][ T2953] team0 (unregistering): Port device team_slave_1 removed
[  253.195459][   T30] audit: type=1400 audit(1766313872.413:558): avc:  denied  { append open } for  pid=5170 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  253.225798][ T5940] usb 1-1: Using ep0 maxpacket: 8
[  253.236597][   T30] audit: type=1400 audit(1766313872.413:559): avc:  denied  { getattr } for  pid=5170 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  253.259906][ T5940] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  253.269206][ T5940] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  253.282128][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  253.299080][ T5940] pvrusb2: Hardware description: Terratec Grabster AV400
[  253.299253][ T2953] team0 (unregistering): Port device team_slave_0 removed
[  253.309385][ T5940] pvrusb2: **********
[  253.317849][ T5940] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  253.328368][ T5940] pvrusb2: Important functionality might not be entirely working.
[  253.336405][ T5940] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  253.348468][ T5940] pvrusb2: **********
[  253.498900][ T2337] pvrusb2: Invalid write control endpoint
[  253.569712][    C1] vcan0: j1939_tp_rxtimer: 0xffff88807c19dc00: abort rx timeout. Force session deactivation
[  253.588296][ T2337] pvrusb2: Invalid write control endpoint
[  253.595761][ T2337] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  253.611955][ T2337] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  253.629702][ T2337] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  253.651946][ T2337] pvrusb2: Device being rendered inoperable
[  253.664060][ T2337] cx25840 1-0044: Unable to detect h/w, assuming cx23887
[  253.684620][ T2337] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  253.699756][ T2337] pvrusb2: Attached sub-driver cx25840
[  253.726277][ T2337] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  253.755705][ T2337] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  253.770007][   T49] usb 1-1: USB disconnect, device number 29
[  255.255965][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  255.762380][ T5819] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  255.942117][ T5819] usb 2-1: Using ep0 maxpacket: 16
[  255.955167][ T5819] usb 2-1: New USB device found, idVendor=2001, idProduct=4002, bcdDevice=df.bf
[  255.974987][ T5819] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  256.026920][ T2953] IPVS: stop unused estimator thread 0...
[  256.037084][ T5819] usb 2-1: config 0 descriptor??
[  256.087161][   T30] audit: type=1400 audit(1766313875.423:560): avc:  denied  { setopt } for  pid=11587 comm="syz.3.2056" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  256.102157][T11589] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2056'.
[  257.375459][ T5829] Bluetooth: hci0: command 0x0405 tx timeout
[  257.412889][   T49] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  257.578139][   T49] usb 1-1: config 0 interface 0 altsetting 3 endpoint 0x81 has invalid wMaxPacketSize 0
[  257.609295][   T49] usb 1-1: config 0 interface 0 altsetting 3 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  257.629471][   T49] usb 1-1: config 0 interface 0 has no altsetting 0
[  257.636273][   T49] usb 1-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[  257.645634][   T49] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  257.662759][   T49] usb 1-1: config 0 descriptor??
[  257.710593][ T5819] pegasus 2-1:0.0: can't locate MII phy, using default
[  257.752252][ T5819] pegasus 2-1:0.0: eth9, D-Link DSB-650TX, ea:6b:ed:e2:71:4b
[  257.796904][ T5819] usb 2-1: USB disconnect, device number 25
[  258.301587][   T49] hid-led 0003:0FC5:B080.0033: probe with driver hid-led failed with error -71
[  258.310661][ T5940] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  258.353178][   T49] usb 1-1: USB disconnect, device number 30
[  258.484126][ T5940] usb 6-1: Using ep0 maxpacket: 32
[  258.513608][ T5940] usb 6-1: config index 0 descriptor too short (expected 29220, got 36)
[  258.532467][ T5940] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  258.535433][T11659] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  258.551250][ T5940] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81
[  258.578575][ T5940] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  258.592562][ T5940] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  258.612067][ T5940] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 14385, setting to 1024
[  258.645702][ T5940] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024
[  258.658015][ T5940] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  258.681828][ T5940] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  258.713459][T11663] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  258.723783][ T5940] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  258.730569][T11667] overlayfs: failed to clone upperpath
[  258.740370][ T5940] usb 6-1: config 0 descriptor??
[  258.757447][T11636] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  258.916546][ T1206] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  258.918887][T11678] netlink: 'syz.3.2078': attribute type 1 has an invalid length.
[  258.945701][T11678] netlink: 'syz.3.2078': attribute type 4 has an invalid length.
[  258.964359][T11678] netlink: 9462 bytes leftover after parsing attributes in process `syz.3.2078'.
[  258.978037][T11684] netlink: 'syz.3.2078': attribute type 1 has an invalid length.
[  258.988544][T11684] netlink: 'syz.3.2078': attribute type 4 has an invalid length.
[  258.997095][T11684] netlink: 9462 bytes leftover after parsing attributes in process `syz.3.2078'.
[  259.035623][ T5940] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 21 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  259.092134][ T1206] usb 2-1: Using ep0 maxpacket: 16
[  259.099151][ T5940] usb 6-1: USB disconnect, device number 21
[  259.113492][ T1206] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  259.119003][ T5940] usblp0: removed
[  259.147859][ T1206] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  259.186564][ T1206] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 18
[  259.212981][T11695] netlink: 'syz.0.2081': attribute type 4 has an invalid length.
[  259.221789][ T1206] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  259.244905][ T1206] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  259.260550][ T1206] usb 2-1: SerialNumber: syz
[  259.283825][T11695] netlink: 'syz.0.2081': attribute type 4 has an invalid length.
[  259.312898][ T1206] cdc_ether 2-1:1.0: probe with driver cdc_ether failed with error -22
[  259.476998][   T30] audit: type=1400 audit(1766313878.813:561): avc:  denied  { connect } for  pid=11703 comm="syz.3.2085" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  259.569230][ T5940] usb 2-1: USB disconnect, device number 26
[  259.830100][T11716] overlayfs: failed to clone lowerpath
[  259.963189][ T5940] usb 6-1: new full-speed USB device number 22 using dummy_hcd
[  260.114160][ T5940] usb 6-1: config 7 has an invalid interface number: 2 but max is 0
[  260.124815][ T5940] usb 6-1: config 7 has no interface number 0
[  260.135456][ T5940] usb 6-1: config 7 interface 2 altsetting 3 endpoint 0xB has invalid maxpacket 512, setting to 64
[  260.147918][ T5940] usb 6-1: config 7 interface 2 altsetting 3 endpoint 0x9 has invalid maxpacket 512, setting to 64
[  260.168281][ T5940] usb 6-1: config 7 interface 2 has no altsetting 0
[  260.183683][ T5940] usb 6-1: New USB device found, idVendor=0bb4, idProduct=4922, bcdDevice=d0.13
[  260.198224][ T5940] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  260.207976][ T5940] usb 6-1: Product: syz
[  260.213604][ T5940] usb 6-1: Manufacturer: syz
[  260.218315][ T5940] usb 6-1: SerialNumber: syz
[  260.224785][T11712] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  260.232218][T11712] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  260.349487][T11733] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2096'.
[  260.480047][ T5940] usb 6-1: USB disconnect, device number 22
[  260.796054][   T30] audit: type=1400 audit(1766313880.133:562): avc:  denied  { getopt } for  pid=11748 comm="syz.1.2103" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  260.883854][   T30] audit: type=1400 audit(1766313880.223:563): avc:  denied  { setopt } for  pid=11758 comm="syz.0.2107" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  260.980767][T11764] overlayfs: failed to clone upperpath
[  261.072813][T11770] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2112'.
[  261.126461][   T30] audit: type=1400 audit(1766313880.463:564): avc:  denied  { unlink } for  pid=11765 comm="syz.0.2110" name="file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  261.331956][ T5875] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  261.459656][ T5830] Bluetooth: hci2: unexpected event 0x03 length: 1 < 11
[  261.513875][ T5875] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  261.553783][ T5875] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  261.566302][   T30] audit: type=1400 audit(1766313880.903:565): avc:  denied  { map } for  pid=11794 comm="syz.0.2122" path="socket:[41084]" dev="sockfs" ino=41084 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  261.582192][ T5875] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  261.590190][   T30] audit: type=1400 audit(1766313880.923:566): avc:  denied  { read accept } for  pid=11794 comm="syz.0.2122" path="socket:[41084]" dev="sockfs" ino=41084 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  261.618598][ T5875] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  261.649989][T11773] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  261.697173][ T5875] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  261.806287][   T30] audit: type=1400 audit(1766313881.143:567): avc:  denied  { read write } for  pid=11802 comm="syz.0.2124" name="mouse0" dev="devtmpfs" ino=1000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  261.851038][   T30] audit: type=1400 audit(1766313881.173:568): avc:  denied  { open } for  pid=11802 comm="syz.0.2124" path="/dev/input/mouse0" dev="devtmpfs" ino=1000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  262.000041][T11779] overlayfs: statfs failed on './file0'
[  262.052795][ T5890] usb 2-1: USB disconnect, device number 27
[  262.461994][ T5890] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  262.481994][ T5875] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[  262.611933][ T5890] usb 7-1: Using ep0 maxpacket: 8
[  262.620018][ T5890] usb 7-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d
[  262.629375][ T5890] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  262.637551][ T5890] usb 7-1: Product: syz
[  262.641782][ T5890] usb 7-1: Manufacturer: syz
[  262.643854][ T5875] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  262.649822][ T5890] usb 7-1: SerialNumber: syz
[  262.673679][ T5875] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  262.674581][ T5890] usb 7-1: config 0 descriptor??
[  262.691480][ T5890] gspca_main: sonixj-2.14.0 probing 0c45:613a
[  262.692889][ T5875] usb 6-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  262.729512][ T5875] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  262.740792][ T5875] usb 6-1: config 0 descriptor??
[  262.882096][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  263.065269][T11836] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2135'.
[  263.156727][ T5875] cp2112 0003:10C4:EA90.0034: unknown main item tag 0x0
[  263.180463][   T30] audit: type=1400 audit(1766313882.513:569): avc:  denied  { name_bind 0x1000000 } for  pid=11838 comm="syz.0.2137" path="socket:[41201]" dev="sockfs" ino=41201 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[  263.181491][ T5875] cp2112 0003:10C4:EA90.0034: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.5-1/input0
[  263.353259][ T5875] cp2112 0003:10C4:EA90.0034: Part Number: 0x82 Device Version: 0xFE
[  263.965607][T11819] cp2112 0003:10C4:EA90.0034: Unsupported transaction 0
[  263.973451][ T5875] cp2112 0003:10C4:EA90.0034: error reading lock byte: -71
[  264.005265][ T5875] usb 6-1: USB disconnect, device number 23
[  264.212022][ T5890] gspca_sonixj: i2c_w8 err -71
[  264.221945][ T1206] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[  264.292743][ T5890] sonixj 7-1:0.0: probe with driver sonixj failed with error -71
[  264.322230][ T5890] usb 7-1: USB disconnect, device number 7
[  264.397697][ T1206] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  264.410092][ T1206] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  264.420272][ T1206] usb 1-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  264.429425][ T1206] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  264.451359][ T1206] usb 1-1: config 0 descriptor??
[  264.873360][ T5875] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0
[  264.885119][ T1206] cp2112 0003:10C4:EA90.0036: unknown main item tag 0x0
[  264.904659][ T5875] hid-generic 0000:0000:0000.0035: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  264.918742][ T1206] cp2112 0003:10C4:EA90.0036: hidraw1: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.0-1/input0
[  265.081612][ T1206] cp2112 0003:10C4:EA90.0036: Part Number: 0x82 Device Version: 0xFE
[  265.693619][T11869] cp2112 0003:10C4:EA90.0036: Error starting transaction: -38
[  265.710630][ T1206] cp2112 0003:10C4:EA90.0036: error reading lock byte: -71
[  265.752359][ T1206] usb 1-1: USB disconnect, device number 31
[  265.800035][ T5830] Bluetooth: hci4: unexpected event for opcode 0x0c12
[  265.970799][ T5890] IPVS: starting estimator thread 0...
[  266.061970][T11922] IPVS: using max 46 ests per chain, 110400 per kthread
[  266.264488][T11942] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2174'.
[  266.331491][   T30] audit: type=1326 audit(1766313885.663:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11946 comm="syz.6.2177" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7feedff8f749 code=0x0
[  267.353904][ T5890] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  267.401938][   T49] usb 6-1: new high-speed USB device number 24 using dummy_hcd
[  267.548513][ T5890] usb 2-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c
[  267.583201][   T49] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  267.598730][ T5890] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  267.640341][   T49] usb 6-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  267.660958][ T5890] usb 2-1: config 0 descriptor??
[  267.668249][   T49] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  267.702708][   T49] usb 6-1: config 0 descriptor??
[  267.724806][   T49] pwc: Askey VC010 type 2 USB webcam detected.
[  268.040519][   T30] audit: type=1400 audit(1766313887.373:571): avc:  denied  { append } for  pid=12002 comm="syz.0.2195" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  268.144583][   T49] pwc: recv_control_msg error -32 req 02 val 2b00
[  268.167753][   T49] pwc: recv_control_msg error -32 req 02 val 2700
[  268.182498][   T49] pwc: recv_control_msg error -32 req 02 val 2c00
[  268.192589][   T49] pwc: recv_control_msg error -32 req 04 val 1000
[  268.207300][T12010] wg2 speed is unknown, defaulting to 1000
[  268.415327][   T49] pwc: recv_control_msg error -71 req 04 val 1400
[  268.425845][   T49] pwc: recv_control_msg error -71 req 02 val 2000
[  268.432406][ T5940] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  268.472662][   T49] pwc: recv_control_msg error -71 req 02 val 2100
[  268.490583][   T49] pwc: recv_control_msg error -71 req 04 val 1500
[  268.514251][   T49] pwc: recv_control_msg error -71 req 02 val 2500
[  268.531269][   T49] pwc: recv_control_msg error -71 req 02 val 2400
[  268.546668][   T49] pwc: recv_control_msg error -71 req 02 val 2600
[  268.557264][   T49] pwc: recv_control_msg error -71 req 02 val 2900
[  268.572302][   T49] pwc: recv_control_msg error -71 req 02 val 2800
[  268.589416][   T49] pwc: recv_control_msg error -71 req 04 val 1100
[  268.599425][   T49] pwc: recv_control_msg error -71 req 04 val 1200
[  268.609190][ T5940] usb 7-1: Using ep0 maxpacket: 32
[  268.649782][   T49] pwc: Registered as video103.
[  268.656639][ T5940] usb 7-1: config 0 has an invalid interface number: 209 but max is 0
[  268.694856][   T49] input: PWC snapshot button as /devices/platform/dummy_hcd.5/usb6/6-1/input/input33
[  268.707870][ T5940] usb 7-1: config 0 has no interface number 0
[  268.734275][ T5940] usb 7-1: config 0 interface 209 has no altsetting 0
[  268.769511][ T5940] usb 7-1: New USB device found, idVendor=1f71, idProduct=3306, bcdDevice=1b.23
[  268.781798][   T49] usb 6-1: USB disconnect, device number 24
[  268.816584][ T5940] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  268.858071][ T5940] usb 7-1: Product: syz
[  268.874720][ T5940] usb 7-1: Manufacturer: syz
[  268.879351][ T5940] usb 7-1: SerialNumber: syz
[  268.922453][ T5940] usb 7-1: config 0 descriptor??
[  269.031938][ T5891] usb 1-1: new full-speed USB device number 32 using dummy_hcd
[  269.188332][T12059] TCP: request_sock_subflow_v6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  269.221660][ T5891] usb 1-1: config 0 has an invalid interface number: 41 but max is 0
[  269.236060][ T5940] usb 7-1: USB disconnect, device number 8
[  269.253890][ T5891] usb 1-1: config 0 has no interface number 0
[  269.260009][ T5891] usb 1-1: config 0 interface 41 has no altsetting 0
[  269.317308][ T5890] pegasus 2-1:0.0: can't reset MAC
[  269.341231][ T5188] udevd[5188]: worker [6406] terminated by signal 33 (Unknown signal 33)
[  269.350046][ T5890] pegasus 2-1:0.0: probe with driver pegasus failed with error -5
[  269.372503][ T5891] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  269.388211][ T5890] usb 2-1: USB disconnect, device number 28
[  269.394548][ T5188] udevd[5188]: worker [6406] failed while handling '/devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.209'
[  269.442022][ T5891] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  269.514941][ T5891] usb 1-1: Product: syz
[  269.533116][ T5891] usb 1-1: Manufacturer: syz
[  269.543032][ T5891] usb 1-1: SerialNumber: syz
[  269.557117][ T5891] usb 1-1: config 0 descriptor??
[  270.146139][   T30] audit: type=1326 audit(1766313889.483:572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12098 comm="syz.6.2217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feedff8f749 code=0x7fc00000
[  270.231947][   T30] audit: type=1326 audit(1766313889.533:573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12098 comm="syz.6.2217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feedff8f749 code=0x7fc00000
[  270.275828][   T30] audit: type=1326 audit(1766313889.543:574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12098 comm="syz.6.2217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feedff8f749 code=0x7fc00000
[  270.379140][ T5891] CoreChips 1-1:0.41 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffe0
[  270.925945][   T30] audit: type=1326 audit(1766313890.263:575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12098 comm="syz.6.2217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feedff8f749 code=0x7fc00000
[  271.432277][ T5891] CoreChips 1-1:0.41 (unnamed net_device) (uninitialized): Failed to send software reset:ffffffb9
[  271.447930][ T5891] CoreChips 1-1:0.41 (unnamed net_device) (uninitialized): Failed to power up PHY: -71
[  271.462235][ T5891] CoreChips 1-1:0.41: probe with driver CoreChips failed with error -71
[  271.492132][ T5891] usb 1-1: USB disconnect, device number 32
[  271.836312][T12162] netlink: 'syz.3.2241': attribute type 10 has an invalid length.
[  271.925201][T12164] fuse: root generation should be zero
[  271.992048][ T5891] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  272.154540][ T5891] usb 2-1: config 220 has an invalid interface number: 76 but max is 2
[  272.165196][ T5891] usb 2-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  272.174567][ T5891] usb 2-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  272.182494][ T5819] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  272.192474][ T6808] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  272.192716][ T6808] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  272.192821][ T6808] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  272.192906][ T6808] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  272.193352][ T5891] usb 2-1: config 220 has no interface number 2
[  272.238396][ T5891] usb 2-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  272.253935][ T5891] usb 2-1: config 220 interface 0 has no altsetting 0
[  272.273070][ T5891] usb 2-1: config 220 interface 76 has no altsetting 0
[  272.279929][ T5891] usb 2-1: config 220 interface 1 has no altsetting 0
[  272.303963][ T5891] usb 2-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  272.313423][ T5891] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  272.321406][ T5891] usb 2-1: Product: syz
[  272.330670][ T5891] usb 2-1: Manufacturer: syz
[  272.338012][ T5891] usb 2-1: SerialNumber: syz
[  272.392696][ T5819] usb 1-1: Using ep0 maxpacket: 16
[  272.399737][ T5819] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  272.432543][ T5819] usb 1-1: New USB device found, idVendor=04d8, idProduct=c002, bcdDevice= 0.00
[  272.441617][ T5819] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  272.480972][ T5819] usb 1-1: config 0 descriptor??
[  272.585449][ T5891] usb 2-1: selecting invalid altsetting 0
[  272.611856][ T5891] uvcvideo 2-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[  272.635580][ T5891] uvcvideo 2-1:220.0: No valid video chain found.
[  272.668250][ T5891] usb 2-1: selecting invalid altsetting 0
[  272.686896][ T5891] usbtest 2-1:220.1: probe with driver usbtest failed with error -22
[  272.727403][ T5891] usb 2-1: USB disconnect, device number 29
[  272.963083][ T5819] hid-picolcd 0003:04D8:C002.0037: No report with id 0x11 found
[  273.044780][T12196] netlink: 156 bytes leftover after parsing attributes in process `syz.6.2254'.
[  273.069751][T12196] netlink: 56 bytes leftover after parsing attributes in process `syz.6.2254'.
[  273.165089][ T5819] usb 1-1: USB disconnect, device number 33
[  273.407512][   T30] audit: type=1400 audit(1766313892.743:576): avc:  denied  { accept } for  pid=12204 comm="syz.1.2257" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  273.717391][   T30] audit: type=1400 audit(1766313893.053:577): avc:  denied  { read write } for  pid=5811 comm="syz-executor" name="loop1" dev="devtmpfs" ino=648 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  273.783606][   T30] audit: type=1400 audit(1766313893.083:578): avc:  denied  { open } for  pid=5811 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=648 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  273.832381][   T30] audit: type=1400 audit(1766313893.083:579): avc:  denied  { ioctl } for  pid=5811 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=648 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  274.623047][ T5819] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  274.786726][ T5819] usb 1-1: config index 0 descriptor too short (expected 23569, got 27)
[  274.806530][ T5819] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  274.830853][ T5819] usb 1-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  274.851288][ T5819] usb 1-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  274.862325][ T5819] usb 1-1: Manufacturer: syz
[  274.877371][ T5819] usb 1-1: config 0 descriptor??
[  274.982027][ T5819] rc_core: IR keymap rc-hauppauge not found
[  274.987965][ T5819] Registered IR keymap rc-empty
[  274.995331][ T5819] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0
[  275.014268][ T5819] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input34
[  275.085857][ T5875] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  275.136574][ T5940] usb 1-1: USB disconnect, device number 34
[  275.252530][ T5875] usb 7-1: Using ep0 maxpacket: 32
[  275.259402][ T5875] usb 7-1: config 0 has an invalid interface number: 89 but max is 0
[  275.269168][ T5875] usb 7-1: config 0 has no interface number 0
[  275.276022][ T5875] usb 7-1: config 0 interface 89 has no altsetting 0
[  275.286264][ T5875] usb 7-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=38.4e
[  275.297044][ T5875] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  275.308124][ T5875] usb 7-1: Product: syz
[  275.317723][ T5875] usb 7-1: Manufacturer: syz
[  275.325020][ T5875] usb 7-1: SerialNumber: syz
[  275.340423][ T5875] usb 7-1: config 0 descriptor??
[  275.357453][ T5875] em28xx 7-1:0.89: New device syz syz @ 480 Mbps (0ccd:10af, interface 89, class 89)
[  275.369352][ T5875] em28xx 7-1:0.89: Video interface 89 found: bulk
[  276.119195][ T5875] em28xx 7-1:0.89: unknown em28xx chip ID (0)
[  276.646194][T12299] faux_driver vgem: [drm] Unknown color mode 181; guessing buffer size.
[  277.098936][ T5875] em28xx 7-1:0.89: reading from i2c device at 0xa0 failed (error=-5)
[  277.114314][ T5875] em28xx 7-1:0.89: board has no eeprom
[  277.205339][ T5875] em28xx 7-1:0.89: Identified as Terratec Grabby (card=67)
[  277.225045][ T5875] em28xx 7-1:0.89: analog set to bulk mode.
[  277.230994][   T10] em28xx 7-1:0.89: Registering V4L2 extension
[  277.278184][ T5875] usb 7-1: USB disconnect, device number 9
[  277.297513][ T5875] em28xx 7-1:0.89: Disconnecting em28xx
[  277.326348][   T10] em28xx 7-1:0.89: Config register raw data: 0xffffffed
[  277.360890][   T10] em28xx 7-1:0.89: AC97 chip type couldn't be determined
[  277.387302][   T10] em28xx 7-1:0.89: No AC97 audio processor
[  277.412673][   T10] usb 7-1: Decoder not found
[  277.432573][   T10] em28xx 7-1:0.89: failed to create media graph
[  277.452701][   T10] em28xx 7-1:0.89: V4L2 device video103 deregistered
[  277.479991][   T10] em28xx 7-1:0.89: Registering snapshot button...
[  277.523897][   T10] input: em28xx snapshot button as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.89/input/input35
[  277.573960][   T10] em28xx 7-1:0.89: Remote control support is not available for this card.
[  277.617507][ T5875] em28xx 7-1:0.89: Closing input extension
[  277.631215][ T5875] em28xx 7-1:0.89: Deregistering snapshot button
[  277.686654][ T5875] em28xx 7-1:0.89: Freeing device
[  277.812958][T12327] netlink: 'syz.6.2301': attribute type 10 has an invalid length.
[  277.820901][T12327] netlink: 55 bytes leftover after parsing attributes in process `syz.6.2301'.
[  278.307132][T12346] xt_CT: You must specify a L4 protocol and not use inversions on it
[  278.403168][   T30] audit: type=1400 audit(1766313897.733:580): avc:  denied  { create } for  pid=12351 comm="syz.6.2311" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  278.475002][   T30] audit: type=1400 audit(1766313897.803:581): avc:  denied  { ioctl } for  pid=12351 comm="syz.6.2311" path="socket:[42459]" dev="sockfs" ino=42459 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  279.383854][   T30] audit: type=1400 audit(1766313898.723:582): avc:  denied  { remount } for  pid=12375 comm="syz.3.2318" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  280.036049][T12389] fuse: Bad value for 'fd'
[  280.079587][T12391] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2324'.
[  280.238443][   T30] audit: type=1400 audit(1766313899.573:583): avc:  denied  { nlmsg_write } for  pid=12392 comm="syz.6.2325" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[  280.284987][   T30] audit: type=1400 audit(1766313899.573:584): avc:  denied  { audit_write } for  pid=12392 comm="syz.6.2325" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  280.309398][   T30] audit: type=1107 audit(1766313899.573:585): pid=12392 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  280.325461][T12400] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2328'.
[  280.482523][   T10] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  280.642438][   T10] usb 1-1: Using ep0 maxpacket: 32
[  280.654661][   T10] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  280.666780][   T10] usb 1-1: New USB device found, idVendor=9022, idProduct=d662, bcdDevice=b3.0e
[  280.680498][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  280.697033][   T10] usb 1-1: config 0 descriptor??
[  280.721827][   T10] dvb-usb: found a 'TeVii S662' in warm state.
[  280.734047][   T10] dw2102: su3000_power_ctrl: 1, initialized 0
[  280.745615][   T10] dvb-usb: bulk message failed: -22 (2/0)
[  280.756704][T12414] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2332'.
[  280.786321][   T10] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  280.805468][   T10] dvbdev: DVB: registering new adapter (TeVii S662)
[  280.824250][   T10] usb 1-1: media controller created
[  280.838082][   T10] dvb-usb: bulk message failed: -22 (6/0)
[  280.860009][   T10] dw2102: i2c transfer failed.
[  280.900872][   T10] dvb-usb: bulk message failed: -22 (6/0)
[  280.940588][   T10] dw2102: i2c transfer failed.
[  280.952331][T12395] dvb-usb: bulk message failed: -22 (4/0)
[  280.959332][T12395] dw2102: i2c transfer failed.
[  280.976893][   T10] dvb-usb: bulk message failed: -22 (6/0)
[  281.079855][   T10] dw2102: i2c transfer failed.
[  281.107266][T12395] dvb-usb: bulk message failed: -22 (21/0)
[  281.125527][T12395] dw2102: i2c transfer failed.
[  281.148931][   T10] dvb-usb: bulk message failed: -22 (6/0)
[  281.185883][   T30] audit: type=1400 audit(1766313900.523:586): avc:  denied  { write } for  pid=12430 comm="syz.3.2337" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  281.218450][   T10] dw2102: i2c transfer failed.
[  281.246041][   T10] dvb-usb: bulk message failed: -22 (6/0)
[  281.261971][   T30] audit: type=1400 audit(1766313900.543:587): avc:  denied  { setopt } for  pid=12430 comm="syz.3.2337" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  281.300458][   T10] dw2102: i2c transfer failed.
[  281.325606][   T10] dvb-usb: bulk message failed: -22 (6/0)
[  281.356924][   T10] dw2102: i2c transfer failed.
[  281.369333][   T10] dvb-usb: MAC address: 02:02:02:02:02:02
[  281.398521][   T10] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  281.466529][   T10] dvb-usb: bulk message failed: -22 (3/0)
[  281.481670][T12439] netlink: 2028 bytes leftover after parsing attributes in process `syz.1.2338'.
[  281.501168][   T10] dw2102: command 0x0e transfer failed.
[  281.519246][   T10] dvb-usb: bulk message failed: -22 (3/0)
[  281.528202][T12439] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2338'.
[  281.537862][   T10] dw2102: command 0x0e transfer failed.
[  281.724696][T12445] overlayfs: failed to clone upperpath
[  281.749932][T12447] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2344'.
[  281.862544][   T10] dvb-usb: bulk message failed: -22 (3/0)
[  281.878382][   T10] dw2102: command 0x0e transfer failed.
[  281.893186][   T10] dvb-usb: bulk message failed: -22 (3/0)
[  281.899132][   T10] dw2102: command 0x0e transfer failed.
[  281.907335][   T10] dvb-usb: bulk message failed: -22 (1/0)
[  281.917412][   T10] dw2102: command 0x51 transfer failed.
[  281.936736][   T10] dvb-usb: bulk message failed: -22 (5/0)
[  281.949830][   T10] dw2102: i2c probe for address 0x68 failed.
[  281.966581][   T10] dvb-usb: bulk message failed: -22 (5/0)
[  281.984336][   T10] dw2102: i2c probe for address 0x69 failed.
[  282.001761][   T10] dvb-usb: bulk message failed: -22 (5/0)
[  282.008966][   T10] dw2102: i2c probe for address 0x6a failed.
[  282.024306][   T10] dw2102: probing for demodulator failed. Is the external power switched on?
[  282.060071][T12464] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2349'.
[  282.062863][   T10] dvb-usb: no frontend was attached by 'TeVii S662'
[  282.143735][   T10] rc_core: IR keymap rc-tt-1500 not found
[  282.159512][   T10] Registered IR keymap rc-empty
[  282.179820][   T10] rc rc0: TeVii S662 as /devices/platform/dummy_hcd.0/usb1/1-1/rc/rc0
[  282.210306][   T10] input: TeVii S662 as /devices/platform/dummy_hcd.0/usb1/1-1/rc/rc0/input36
[  282.246164][   T10] dvb-usb: schedule remote query interval to 250 msecs.
[  282.281478][   T10] dw2102: su3000_power_ctrl: 0, initialized 1
[  282.308608][   T10] dvb-usb: TeVii S662 successfully initialized and connected.
[  282.341113][   T10] usb 1-1: USB disconnect, device number 35
[  282.439437][   T10] dvb-usb: TeVii S662 successfully deinitialized and disconnected.
[  282.539442][T12475] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd
[  282.734043][T12479] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2355'.
[  282.842514][   T10] usb 1-1: new full-speed USB device number 36 using dummy_hcd
[  282.863179][T12485] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2358'.
[  282.994973][   T10] usb 1-1: config 0 interface 0 altsetting 8 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  283.026360][   T10] usb 1-1: config 0 interface 0 has no altsetting 0
[  283.040461][   T10] usb 1-1: New USB device found, idVendor=0419, idProduct=0600, bcdDevice= 0.00
[  283.064921][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  283.075828][T12495] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2361'.
[  283.102814][   T10] usb 1-1: config 0 descriptor??
[  283.122501][T12451] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  283.463245][   T30] audit: type=1400 audit(1766313902.803:588): avc:  denied  { read } for  pid=12509 comm="syz.3.2368" path="socket:[43270]" dev="sockfs" ino=43270 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  283.652457][ T5875] delete_channel: no stack
[  283.660886][   T10] samsung 0003:0419:0600.0038: hidraw0: USB HID v0.04 Device [HID 0419:0600] on usb-dummy_hcd.0-1/input0
[  283.932887][   T10] usb 1-1: USB disconnect, device number 36
[  284.193177][T12532] overlayfs: failed to clone upperpath
[  284.297819][   T30] audit: type=1400 audit(1766313903.633:589): avc:  denied  { create } for  pid=12535 comm="syz.3.2378" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[  284.362620][   T30] audit: type=1400 audit(1766313903.643:590): avc:  denied  { write } for  pid=12535 comm="syz.3.2378" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[  284.611344][ T5890] IPVS: starting estimator thread 0...
[  284.617380][T12543] IPVS: ip_vs_add_dest(): server weight less than zero
[  284.722288][T12545] IPVS: using max 76 ests per chain, 182400 per kthread
[  284.828190][   T30] audit: type=1400 audit(1766313904.163:591): avc:  denied  { map } for  pid=12551 comm="syz.6.2386" path="socket:[42829]" dev="sockfs" ino=42829 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[  284.876245][T12553] wg2 speed is unknown, defaulting to 1000
[  285.152702][T12570] __nla_validate_parse: 3 callbacks suppressed
[  285.152738][T12570] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2391'.
[  285.173827][T12570] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2391'.
[  285.187184][T12570] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2391'.
[  285.197473][T12570] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2391'.
[  285.246351][T12570] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2391'.
[  285.260451][T12570] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2391'.
[  285.275412][T12570] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2391'.
[  285.286558][T12570] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2391'.
[  285.296297][T12570] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2391'.
[  285.307685][T12570] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2391'.
[  286.872976][T12611] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12611 comm=syz.3.2408
[  289.210119][T12676] ip6gre1: entered promiscuous mode
[  289.243940][T12676] ip6gre1: entered allmulticast mode
[  289.413697][T12683] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  289.558123][T12683] batman_adv: batadv0: Removing interface: batadv_slave_0
[  289.650832][T12686] erspan0: entered promiscuous mode
[  290.291460][T12723] fuse: Bad value for 'fd'
[  290.647721][T12742] __nla_validate_parse: 41 callbacks suppressed
[  290.647737][T12742] netlink: 2028 bytes leftover after parsing attributes in process `syz.3.2457'.
[  290.702955][T12742] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2457'.
[  291.005361][   T30] audit: type=1326 audit(1766313910.343:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12752 comm="syz.6.2461" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7feedff8f749 code=0x0
[  291.145015][T12762] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2464'.
[  291.590699][T12780] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2472'.
[  291.762010][ T5940] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  291.931924][ T5940] usb 2-1: Using ep0 maxpacket: 16
[  291.956003][ T5940] usb 2-1: unable to get BOS descriptor or descriptor too short
[  291.981807][ T5940] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 81, changing to 10
[  292.015548][ T5940] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  292.083091][ T5940] usb 2-1: New USB device found, idVendor=056e, idProduct=011c, bcdDevice= 0.40
[  292.121771][ T5940] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  292.131012][ T5940] usb 2-1: Product: syz
[  292.147081][T12795] wg2 speed is unknown, defaulting to 1000
[  292.150156][ T5940] usb 2-1: Manufacturer: syz
[  292.167992][ T5940] usb 2-1: SerialNumber: syz
[  292.570998][T12804] bridge0: port 2(bridge_slave_1) entered disabled state
[  292.578699][T12804] bridge0: port 1(bridge_slave_0) entered disabled state
[  292.760557][T12804] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  292.799469][T12804] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  292.893987][ T5891] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[  293.002275][ T2993] netdevsim netdevsim6 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  293.011770][ T2993] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  293.052371][ T2993] netdevsim netdevsim6 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  293.061226][ T2993] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  293.071429][ T5940] elecom 0003:056E:011C.0039: unknown main item tag 0x0
[  293.078370][ T5891] usb 1-1: Using ep0 maxpacket: 16
[  293.085013][ T5891] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  293.097480][ T5940] elecom 0003:056E:011C.0039: unknown main item tag 0x0
[  293.104524][ T5940] elecom 0003:056E:011C.0039: unknown main item tag 0x0
[  293.111465][ T5940] elecom 0003:056E:011C.0039: unknown main item tag 0x0
[  293.121989][ T5891] usb 1-1: config 0 interface 0 has no altsetting 0
[  293.130473][ T5891] usb 1-1: New USB device found, idVendor=15c2, idProduct=0041, bcdDevice=1f.20
[  293.143524][ T2993] netdevsim netdevsim6 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  293.153103][ T5891] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  293.161081][ T5891] usb 1-1: Product: syz
[  293.165382][ T5940] elecom 0003:056E:011C.0039: unknown main item tag 0x0
[  293.172421][ T5940] elecom 0003:056E:011C.0039: unknown main item tag 0x0
[  293.172677][ T2993] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  293.179350][ T5940] elecom 0003:056E:011C.0039: unknown main item tag 0x0
[  293.179372][ T5940] elecom 0003:056E:011C.0039: unknown main item tag 0x0
[  293.190387][ T2993] netdevsim netdevsim6 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  293.201920][ T5891] usb 1-1: Manufacturer: syz
[  293.216631][ T5891] usb 1-1: SerialNumber: syz
[  293.221939][ T5940] elecom 0003:056E:011C.0039: unknown main item tag 0x0
[  293.231080][ T5940] elecom 0003:056E:011C.0039: unknown main item tag 0x0
[  293.240549][ T5891] usb 1-1: config 0 descriptor??
[  293.242920][ T2993] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  293.264763][ T5940] elecom 0003:056E:011C.0039: hidraw0: USB HID v80.01 Device [syz syz] on usb-dummy_hcd.1-1/input0
[  293.312271][ T5940] usb 2-1: USB disconnect, device number 30
[  293.421019][T12826] fido_id[12826]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  293.489562][    C1] imon 1-1:0.0: imon usb_rx_callback_intf0: status(-71)
[  293.521228][ T5891] input: iMON Panel, Knob and Mouse(15c2:0041) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input37
[  293.552646][ T5891] imon:send_packet: packet tx failed (-71)
[  293.572310][ T5891] imon 1-1:0.0: panel buttons/knobs setup failed
[  293.652005][ T5891] rc_core: IR keymap rc-imon-pad not found
[  293.663987][ T5891] Registered IR keymap rc-empty
[  293.669128][ T5891] imon 1-1:0.0: Looks like you're trying to use an IR protocol this device does not support
[  293.679535][ T5891] imon 1-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  293.689275][ T5891] imon:send_packet: packet tx failed (-71)
[  293.712017][ T5891] imon 1-1:0.0: remote input dev register failed
[  293.718532][ T5891] imon 1-1:0.0: imon_init_intf0: rc device setup failed
[  293.743631][ T5891] imon 1-1:0.0: unable to initialize intf0, err 0
[  293.753712][ T5891] imon:imon_probe: failed to initialize context!
[  293.760048][ T5891] imon 1-1:0.0: unable to register, err -19
[  293.769684][ T5891] usb 1-1: USB disconnect, device number 37
[  294.010601][T12840] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2496'.
[  294.081944][ T5891] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[  294.242358][ T5891] usb 1-1: Using ep0 maxpacket: 16
[  294.251176][ T5891] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  294.280814][T12840] batman_adv: batadv0: Removing interface: batadv_slave_1
[  294.314209][ T5891] usb 1-1: config 0 interface 0 has no altsetting 0
[  294.406067][ T5891] usb 1-1: New USB device found, idVendor=15c2, idProduct=0041, bcdDevice=1f.20
[  294.426074][ T5891] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  294.446797][ T5891] usb 1-1: Product: syz
[  294.455399][ T5891] usb 1-1: Manufacturer: syz
[  294.594902][ T5891] usb 1-1: SerialNumber: syz
[  294.616778][ T5891] usb 1-1: config 0 descriptor??
[  294.978549][ T5891] input: iMON Panel, Knob and Mouse(15c2:0041) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input39
[  295.118016][T12860] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2501'.
[  295.128088][T12860] hsr_slave_0: left promiscuous mode
[  295.143730][T12860] hsr_slave_1: left promiscuous mode
[  295.262558][ T5891] rc_core: IR keymap rc-imon-pad not found
[  295.268470][ T5891] Registered IR keymap rc-empty
[  295.275138][ T5891] imon 1-1:0.0: Looks like you're trying to use an IR protocol this device does not support
[  295.287157][ T5891] imon 1-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  295.393928][ T5891] rc rc0: iMON Remote (15c2:0041) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0
[  295.405057][ T5891] input: iMON Remote (15c2:0041) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input40
[  295.418609][ T5891] imon 1-1:0.0: iMON device (15c2:0041, intf0) on usb<1:38> initialized
[  295.634463][    C1] imon 1-1:0.0: imon usb_rx_callback_intf0: status(-75): ignored
[  295.692860][T12881] netlink: 128124 bytes leftover after parsing attributes in process `syz.5.2510'.
[  295.804969][T12885] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3303861288 (422894244864 ns) > initial count (241705619456 ns). Using initial count to start timer.
[  295.836904][    C1] imon 1-1:0.0: imon imon_incoming_packet: invalid incoming packet size (len = 0, intf0)
[  295.881419][   T30] audit: type=1400 audit(1766313915.213:593): avc:  denied  { mounton } for  pid=12886 comm="syz.5.2513" path="/bus" dev="ramfs" ino=45157 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=dir permissive=1
[  295.904985][T12887] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  295.914512][T12887] overlayfs: failed to set xattr on upper
[  295.920257][T12887] overlayfs: ...falling back to redirect_dir=nofollow.
[  295.928845][T12887] overlayfs: ...falling back to metacopy=off.
[  295.935049][T12887] overlayfs: ...falling back to index=off.
[  295.940991][T12887] overlayfs: ...falling back to uuid=null.
[  296.037993][    C1] imon 1-1:0.0: imon usb_rx_callback_intf0: status(-71)
[  296.045388][ T5891] usb 1-1: USB disconnect, device number 38
[  296.760304][T12934] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2533'.
[  296.776035][T12934] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2533'.
[  296.787431][T12934] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2533'.
[  296.797043][T12934] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2533'.
[  296.806972][T12934] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2533'.
[  296.817943][T12934] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2533'.
[  296.827705][T12934] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2533'.
[  296.837246][T12936] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2533'.
[  296.849520][T12934] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2533'.
[  296.948274][T12940] veth0: entered promiscuous mode
[  296.954824][T12940] batadv_slave_1: entered promiscuous mode
[  296.978772][T12940] veth0 (unregistering): left promiscuous mode
[  297.023705][T12939] batadv_slave_1: left promiscuous mode
[  297.427095][T12949] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  298.203202][T12975] overlayfs: failed to clone upperpath
[  299.226693][T13019] syz_tun: entered allmulticast mode
[  299.256142][T13019] SELinux: failure in sel_netif_sid_slow(), invalid network interface (0)
[  299.264887][T13019] mroute: pending queue full, dropping entries
[  299.577526][T13030] overlayfs: failed to clone upperpath
[  299.647557][T13032] overlayfs: failed to clone upperpath
[  300.437122][   T30] audit: type=1400 audit(1766313919.773:594): avc:  denied  { create } for  pid=13055 comm="syz.1.2575" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  300.459609][   T30] audit: type=1400 audit(1766313919.793:595): avc:  denied  { write } for  pid=13055 comm="syz.1.2575" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  300.530038][   T30] audit: type=1326 audit(1766313919.863:596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13058 comm="syz.1.2576" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff88f98f749 code=0x0
[  300.754263][T13065] fuse: Bad value for 'fd'
[  300.822392][ T5875] usb 2-1: new full-speed USB device number 31 using dummy_hcd
[  300.974328][ T5875] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  300.984957][ T5875] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  300.996507][ T5875] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0003, bcdDevice= 0.00
[  301.006291][ T5875] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  301.014762][ T5875] usb 2-1: SerialNumber: syz
[  301.024887][ T5875] usb 2-1: 0:2 : does not exist
[  302.279506][   T30] audit: type=1804 audit(1766313921.613:597): pid=13086 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.6.2584" name="/newroot/142/file0" dev="tmpfs" ino=785 res=1 errno=0
[  302.870081][   T30] audit: type=1400 audit(1766313922.203:598): avc:  denied  { getopt } for  pid=13096 comm="syz.0.2588" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  303.574659][ T5875] usb 2-1: USB disconnect, device number 31
[  303.649244][T11372] udevd[11372]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  305.214183][T13160] xt_hashlimit: max too large, truncated to 1048576
[  305.610282][   T30] audit: type=1400 audit(1766313924.943:599): avc:  denied  { listen } for  pid=13164 comm="syz.1.2615" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  305.653502][   T30] audit: type=1400 audit(1766313924.963:600): avc:  denied  { accept } for  pid=13164 comm="syz.1.2615" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  307.281741][T13227] __nla_validate_parse: 36 callbacks suppressed
[  307.281758][T13227] netlink: 2028 bytes leftover after parsing attributes in process `syz.5.2639'.
[  307.331582][T13227] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2639'.
[  307.339897][T13229] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  307.386950][   T30] audit: type=1400 audit(1766313926.723:601): avc:  denied  { ioctl } for  pid=13208 comm="syz.3.2634" path="socket:[45815]" dev="sockfs" ino=45815 ioctlcmd=0x4943 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  307.412776][T13208] delete_channel: no stack
[  307.512091][ T5891] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  307.689487][ T5891] usb 2-1: Using ep0 maxpacket: 16
[  307.699588][ T5891] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  307.728546][ T5891] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  307.746723][ T5891] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  307.782184][ T5891] usb 2-1: Product: syz
[  307.786361][ T5891] usb 2-1: Manufacturer: syz
[  307.817096][ T5891] usb 2-1: SerialNumber: syz
[  307.832396][ T5891] usb 2-1: config 0 descriptor??
[  307.849586][ T5891] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  307.867252][ T5891] em28xx 2-1:0.0: DVB interface 0 found: bulk
[  308.456705][ T5891] em28xx 2-1:0.0: unknown em28xx chip ID (0)
[  308.988180][T13265] bridge0: port 2(bridge_slave_1) entered disabled state
[  309.085107][ T5891] em28xx 2-1:0.0: read from i2c device at 0xa0 failed with unknown error (status=65)
[  309.108157][ T5891] em28xx 2-1:0.0: board has no eeprom
[  309.138096][   T30] audit: type=1400 audit(1766313928.473:602): avc:  denied  { listen } for  pid=13271 comm="syz.5.2659" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  309.343035][ T5891] em28xx 2-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  309.351509][ T5891] em28xx 2-1:0.0: dvb set to bulk mode.
[  309.357413][ T5941] em28xx 2-1:0.0: Binding DVB extension
[  309.376882][ T5891] usb 2-1: USB disconnect, device number 32
[  309.409636][ T5891] em28xx 2-1:0.0: Disconnecting em28xx
[  309.480678][ T5941] em28xx 2-1:0.0: Registering input extension
[  309.523333][ T5891] em28xx 2-1:0.0: Closing input extension
[  309.537018][ T5891] em28xx 2-1:0.0: Freeing device
[  309.708922][   T30] audit: type=1400 audit(1766313929.043:603): avc:  denied  { write } for  pid=13289 comm="syz.0.2665" name="file0" dev="tmpfs" ino=2731 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  309.735976][   T30] audit: type=1400 audit(1766313929.043:604): avc:  denied  { open } for  pid=13289 comm="syz.0.2665" path="/506/file0" dev="tmpfs" ino=2731 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  309.778294][   T30] audit: type=1400 audit(1766313929.043:605): avc:  denied  { ioctl } for  pid=13289 comm="syz.0.2665" path="/506/file0" dev="tmpfs" ino=2731 ioctlcmd=0x1273 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  309.910327][   T30] audit: type=1400 audit(1766313929.243:606): avc:  denied  { bind } for  pid=13299 comm="syz.1.2670" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  310.062551][ T9745] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[  310.302752][ T9745] usb 1-1: Using ep0 maxpacket: 16
[  310.310180][ T9745] usb 1-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  310.327769][ T9745] usb 1-1: config 0 interface 0 has no altsetting 0
[  310.336462][ T9745] usb 1-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  310.349154][ T9745] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  310.370310][ T9745] usb 1-1: config 0 descriptor??
[  310.521771][T13318] netlink: 96 bytes leftover after parsing attributes in process `syz.3.2677'.
[  310.848364][ T9745] nzxt-smart2 0003:1E71:2009.003A: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.0-1/input0
[  311.281470][ T9745] usb 1-1: USB disconnect, device number 39
[  311.505610][   T30] audit: type=1400 audit(1766313930.843:607): avc:  denied  { write } for  pid=13335 comm="syz.3.2684" path="socket:[46478]" dev="sockfs" ino=46478 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  311.831833][T13352] overlayfs: failed to clone upperpath
[  312.251346][T13370] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  312.609490][T13375] Set syz1 is full, maxelem 65536 reached
[  313.637499][   T30] audit: type=1326 audit(1766313932.973:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13409 comm="syz.0.2711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd31d8f749 code=0x7fc00000
[  313.795393][   T30] audit: type=1326 audit(1766313932.973:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13409 comm="syz.0.2711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fdd31d8f749 code=0x7fc00000
[  313.911923][   T30] audit: type=1326 audit(1766313932.973:610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13409 comm="syz.0.2711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd31d8f749 code=0x7fc00000
[  314.056687][   T30] audit: type=1326 audit(1766313932.973:611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13409 comm="syz.0.2711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd31d8f749 code=0x7fc00000
[  314.123661][   T30] audit: type=1326 audit(1766313932.973:612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13409 comm="syz.0.2711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd31d8f749 code=0x7fc00000
[  314.171978][   T30] audit: type=1326 audit(1766313932.973:613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13409 comm="syz.0.2711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd31d8f749 code=0x7fc00000
[  314.196225][   T30] audit: type=1326 audit(1766313932.973:614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13409 comm="syz.0.2711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd31d8f749 code=0x7fc00000
[  314.220277][   T30] audit: type=1326 audit(1766313932.973:615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13409 comm="syz.0.2711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd31d8f749 code=0x7fc00000
[  314.249986][   T30] audit: type=1326 audit(1766313932.973:616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13409 comm="syz.0.2711" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd31d8f749 code=0x7fc00000
[  314.252424][ T9745] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  314.343966][T13424] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2716'.
[  314.453805][ T9745] usb 2-1: New USB device found, idVendor=046d, idProduct=08b7, bcdDevice=ca.8e
[  314.482882][ T9745] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  314.500223][T13432] netlink: 'syz.6.2720': attribute type 39 has an invalid length.
[  314.541142][T13432] hsr_slave_1 (unregistering): left promiscuous mode
[  314.546102][ T9745] pwc: Logitech ViewPort AV 100 webcam detected.
[  315.362995][ T9745] pwc: recv_control_msg error -71 req 02 val 2b00
[  315.387750][ T9745] pwc: recv_control_msg error -71 req 02 val 2700
[  315.421453][ T9745] pwc: recv_control_msg error -71 req 04 val 1600
[  315.555275][ T9745] pwc: recv_control_msg error -71 req 02 val 2c00
[  315.582891][ T9745] pwc: recv_control_msg error -71 req 04 val 1000
[  315.595417][ T9745] pwc: recv_control_msg error -71 req 04 val 1300
[  315.619454][ T9745] pwc: recv_control_msg error -71 req 04 val 1400
[  315.661033][ T9745] pwc: recv_control_msg error -71 req 02 val 2000
[  315.677387][ T9745] pwc: recv_control_msg error -71 req 02 val 2100
[  315.711753][ T9745] pwc: recv_control_msg error -71 req 06 val 0600
[  315.749486][ T9745] pwc: recv_control_msg error -71 req 04 val 1500
[  315.779921][ T9745] pwc: recv_control_msg error -71 req 02 val 2500
[  316.031960][ T5891] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  316.272662][ T9745] pwc: recv_control_msg error -71 req 02 val 2400
[  316.279352][ T9745] pwc: recv_control_msg error -71 req 02 val 2600
[  316.302742][ T9745] pwc: recv_control_msg error -71 req 02 val 2900
[  316.454630][ T9745] pwc: recv_control_msg error -71 req 02 val 2800
[  316.513313][ T5891] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  316.519489][ T9745] pwc: recv_control_msg error -71 req 04 val 1100
[  316.596872][ T5891] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  316.598070][ T9745] pwc: recv_control_msg error -71 req 04 val 1200
[  316.654952][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  316.666792][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  316.678769][ T9745] pwc: Registered as video103.
[  316.681907][ T5891] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  316.718042][ T5891] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  316.742191][ T5891] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  316.754025][ T9745] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input43
[  316.796975][ T5891] usb 7-1: config 0 descriptor??
[  316.827327][ T9745] usb 2-1: USB disconnect, device number 33
[  317.342446][ T5891] plantronics 0003:047F:FFFF.003B: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0
[  317.444012][T13479] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2735'.
[  317.483336][T13479] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2735'.
[  317.963055][   T30] kauditd_printk_skb: 60 callbacks suppressed
[  317.963071][   T30] audit: type=1400 audit(1766313937.303:677): avc:  denied  { create } for  pid=13493 comm="syz.1.2741" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  318.942975][ T9745] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[  319.112649][ T9745] usb 1-1: Using ep0 maxpacket: 32
[  319.132612][ T9745] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  319.162142][ T9745] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  319.182480][ T9745] usb 1-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  319.191537][ T9745] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  319.225290][ T9745] usb 1-1: config 0 descriptor??
[  319.495604][ T5891] usb 7-1: USB disconnect, device number 10
[  319.661038][ T9745] hid_parser_main: 1788 callbacks suppressed
[  319.661058][ T9745] ft260 0003:0403:6030.003C: unknown main item tag 0x7
[  319.860133][ T9745] ft260 0003:0403:6030.003C: chip code: 0000 0000
[  320.070242][ T9745] ft260 0003:0403:6030.003C: USB HID v0.00 Device [HID 0403:6030] on usb-dummy_hcd.0-1/input0
[  320.258381][   T30] audit: type=1400 audit(1766313939.593:678): avc:  denied  { create } for  pid=13561 comm="syz.5.2766" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  320.271261][ T9745] ft260 0003:0403:6030.003C: failed to retrieve status: -32, no wakeup
[  320.355685][   T30] audit: type=1400 audit(1766313939.693:679): avc:  denied  { create } for  pid=13563 comm="syz.5.2767" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  320.559607][T13507] ft260 0003:0403:6030.003C: ft260_hid_output_report_check_status: failed to start transfer, ret -38
[  320.782738][T13507] ft260 0003:0403:6030.003C: failed to reset I2C controller: -108
[  320.878004][T13571] overlayfs: failed to clone upperpath
[  320.998625][T13573] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2771'.
[  321.019215][T13573] veth0_macvtap: left promiscuous mode
[  321.137282][T13575] overlayfs: failed to clone upperpath
[  321.287634][   T30] audit: type=1400 audit(1766313940.623:680): avc:  denied  { accept } for  pid=13578 comm="syz.5.2775" path=000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[  321.378992][T13583] bridge: RTM_NEWNEIGH with invalid ether address
[  321.553665][ T5941] usb 1-1: USB disconnect, device number 40
[  322.263075][T13607] overlayfs: failed to clone upperpath
[  322.487369][T13618] netlink: 'syz.3.2791': attribute type 12 has an invalid length.
[  323.079304][   T30] audit: type=1400 audit(1766313942.413:681): avc:  denied  { write } for  pid=13642 comm="syz.6.2801" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  323.122717][T13645] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2800'.
[  323.383933][   T30] audit: type=1804 audit(1766313942.723:682): pid=13664 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.5.2810" name="file0" dev="tmpfs" ino=2112 res=1 errno=0
[  323.410945][   T30] audit: type=1400 audit(1766313942.723:683): avc:  denied  { read write } for  pid=13665 comm="syz.1.2811" name="nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  323.462977][   T30] audit: type=1400 audit(1766313942.723:684): avc:  denied  { open } for  pid=13665 comm="syz.1.2811" path="/dev/nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  323.502946][ T5940] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  323.662046][ T5940] usb 7-1: Using ep0 maxpacket: 16
[  323.737664][ T5940] usb 7-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[  323.791190][ T5940] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  323.854257][T13686] netlink: 'syz.1.2818': attribute type 1 has an invalid length.
[  323.933329][ T5940] usb 7-1: config 0 descriptor??
[  324.024409][ T5940] gspca_main: sonixj-2.14.0 probing 0471:0327
[  325.489115][T13710] overlayfs: failed to clone upperpath
[  326.071923][ T5940] gspca_sonixj: i2c_w8 err -71
[  326.100472][ T5940] sonixj 7-1:0.0: probe with driver sonixj failed with error -71
[  326.119833][ T5940] usb 7-1: USB disconnect, device number 11
[  326.292678][   T30] audit: type=1400 audit(1766313945.623:685): avc:  denied  { unmount } for  pid=13730 comm="syz.5.2836" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=filesystem permissive=1
[  326.427368][T13737] overlayfs: failed to clone upperpath
[  326.867215][   T49] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[  327.351929][   T49] usb 1-1: Using ep0 maxpacket: 16
[  327.358587][   T49] usb 1-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  327.367687][   T49] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  327.384729][   T49] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  327.403865][   T49] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  327.413930][   T49] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  327.423305][   T49] usb 1-1: Product: syz
[  327.427890][   T49] usb 1-1: Manufacturer: syz
[  327.438016][   T49] usb 1-1: SerialNumber: syz
[  327.564441][   T30] audit: type=1400 audit(1766313946.903:686): avc:  denied  { prog_load } for  pid=13755 comm="syz.6.2846" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  327.624246][T13756] netlink: 96 bytes leftover after parsing attributes in process `syz.6.2846'.
[  327.640129][   T30] audit: type=1400 audit(1766313946.903:687): avc:  denied  { bpf } for  pid=13755 comm="syz.6.2846" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  327.723163][   T30] audit: type=1400 audit(1766313946.943:688): avc:  denied  { map_create } for  pid=13755 comm="syz.6.2846" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  327.809674][   T30] audit: type=1400 audit(1766313946.943:689): avc:  denied  { map_read map_write } for  pid=13755 comm="syz.6.2846" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  327.854775][   T30] audit: type=1400 audit(1766313946.953:690): avc:  denied  { perfmon } for  pid=13755 comm="syz.6.2846" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  327.921578][   T49] usb 1-1: 0:2 : does not exist
[  328.423695][T13774] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  328.788466][T13781] bridge0: port 3(veth0_to_bridge) entered blocking state
[  328.822425][T13781] bridge0: port 3(veth0_to_bridge) entered disabled state
[  328.834100][T13781] veth0_to_bridge: entered allmulticast mode
[  328.854734][T13781] veth0_to_bridge: entered promiscuous mode
[  328.872223][T13781] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  328.907466][T13781] bridge0: port 3(veth0_to_bridge) entered blocking state
[  328.914888][T13781] bridge0: port 3(veth0_to_bridge) entered forwarding state
[  329.447530][   T49] usb 1-1: 1:0: cannot get min/max values for control 6 (id 1)
[  329.478221][   T49] usb 1-1: USB disconnect, device number 41
[  329.508213][T11372] udevd[11372]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  329.855471][T13809] 9pnet: p9_errstr2errno: server reported unknown error 0x0000000
[  329.882270][   T49] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  330.062363][   T49] usb 2-1: Using ep0 maxpacket: 8
[  330.077009][   T49] usb 2-1: New USB device found, idVendor=04a5, idProduct=3035, bcdDevice=3a.b2
[  330.103290][   T49] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  330.111306][   T49] usb 2-1: Product: syz
[  330.123141][   T49] usb 2-1: Manufacturer: syz
[  330.127748][   T49] usb 2-1: SerialNumber: syz
[  330.673950][   T49] gspca_main: benq-2.14.0 probing 04a5:3035
[  330.697388][   T49] usb 2-1: USB disconnect, device number 34
[  331.381391][   T30] kauditd_printk_skb: 1 callbacks suppressed
[  331.381406][   T30] audit: type=1400 audit(1766313950.713:692): avc:  denied  { bind } for  pid=13835 comm="syz.1.2879" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  331.834483][   T30] audit: type=1400 audit(1766313951.173:693): avc:  denied  { connect } for  pid=13841 comm="syz.3.2882" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  332.090415][T13850] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2884'.
[  332.286088][   T30] audit: type=1400 audit(1766313951.623:694): avc:  denied  { setopt } for  pid=13855 comm="syz.1.2887" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  332.701591][T13867] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2891'.
[  332.826473][T13867] bond5: (slave geneve0): Opening slave failed
[  333.226485][T13881] xt_connbytes: Forcing CT accounting to be enabled
[  333.241095][T13880] wg2 speed is unknown, defaulting to 1000
[  333.772601][ T5875] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  333.860505][T13897] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2900'.
[  333.952794][ T5875] usb 2-1: Using ep0 maxpacket: 16
[  333.966426][ T5875] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  333.978940][ T5875] usb 2-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  333.988572][ T5875] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  334.005315][ T5875] usb 2-1: config 0 descriptor??
[  334.473024][ T5875] mcp2221 0003:04D8:00DD.003D: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0
[  334.703586][ T5875] usb 2-1: USB disconnect, device number 35
[  334.768168][   T30] audit: type=1400 audit(1766313954.093:695): avc:  denied  { connect } for  pid=13915 comm="syz.5.2908" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  335.827465][T13959] netlink: 60 bytes leftover after parsing attributes in process `syz.5.2923'.
[  335.850552][T13959] unsupported nlmsg_type 40
[  335.855689][   T30] audit: type=1804 audit(1766313955.183:696): pid=13958 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.6.2924" name="file0" dev="ramfs" ino=48791 res=1 errno=0
[  336.927297][   T30] audit: type=1400 audit(1766313956.263:697): avc:  denied  { mount } for  pid=13989 comm="syz.3.2937" name="/" dev="hugetlbfs" ino=49335 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  336.954410][T13990] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  336.963766][T13990] overlayfs: failed to set xattr on upper
[  336.969494][T13990] overlayfs: ...falling back to redirect_dir=nofollow.
[  336.978180][T13990] overlayfs: ...falling back to index=off.
[  336.985417][T13990] overlayfs: ...falling back to uuid=null.
[  336.992055][T13990] overlayfs: NFS export requires "index=on", falling back to nfs_export=off.
[  337.001030][T13990] overlayfs: maximum fs stacking depth exceeded
[  337.122884][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  337.398907][T13999] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2139632632 (8558530528 ns) > initial count (4400489236 ns). Using initial count to start timer.
[  338.592633][ T9745] usb 1-1: new full-speed USB device number 42 using dummy_hcd
[  338.764914][ T9745] usb 1-1: config 0 has an invalid interface number: 133 but max is 0
[  338.779225][ T9745] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  338.844210][ T9745] usb 1-1: config 0 has no interface number 0
[  338.879938][ T9745] usb 1-1: New USB device found, idVendor=06cd, idProduct=0121, bcdDevice=dd.3d
[  338.914547][ T9745] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  338.965502][ T9745] usb 1-1: Product: syz
[  338.983752][ T9745] usb 1-1: Manufacturer: syz
[  338.998438][ T9745] usb 1-1: SerialNumber: syz
[  339.014597][ T9745] usb 1-1: config 0 descriptor??
[  339.040516][   T30] audit: type=1400 audit(1766313958.373:698): avc:  denied  { write } for  pid=14103 comm="syz.6.2953" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=socket permissive=1
[  339.165206][   T30] audit: type=1400 audit(1766313958.393:699): avc:  denied  { read } for  pid=14103 comm="syz.6.2953" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=socket permissive=1
[  339.250996][ T9745] keyspan 1-1:0.133: Keyspan 1 port adapter converter detected
[  339.276247][ T9745] keyspan 1-1:0.133: found no endpoint descriptor for endpoint 82
[  339.330112][ T9745] keyspan 1-1:0.133: found no endpoint descriptor for endpoint 81
[  339.373128][ T9745] keyspan 1-1:0.133: found no endpoint descriptor for endpoint 1
[  339.398028][ T9745] keyspan 1-1:0.133: found no endpoint descriptor for endpoint 2
[  339.431418][ T9745] usb 1-1: Keyspan 1 port adapter converter now attached to ttyUSB0
[  339.463821][T14916] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2956'.
[  339.491709][ T9745] usb 1-1: USB disconnect, device number 42
[  339.591352][ T9745] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0
[  339.643805][ T9745] keyspan 1-1:0.133: device disconnected
[  340.056118][   T30] audit: type=1326 audit(1766313959.393:700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14929 comm="syz.1.2961" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff88f98f749 code=0x0
[  340.238147][   T30] audit: type=1400 audit(1766313959.573:701): avc:  denied  { bind } for  pid=14935 comm="syz.0.2963" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  340.461042][   T30] audit: type=1400 audit(1766313959.793:702): avc:  denied  { link } for  pid=14946 comm="syz.0.2966" name="file1" dev="overlay" ino=2975 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  341.210303][T14977] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  341.238003][T14977] CIFS mount error: No usable UNC path provided in device string!
[  341.238003][T14977] 
[  341.249961][T14977] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  342.398195][T14999] netlink: 'syz.6.2984': attribute type 1 has an invalid length.
[  342.883984][T15015] bridge0: port 1(bridge_slave_0) entered disabled state
[  343.160104][T15015] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  343.198897][T15015] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  343.392872][T15015] mac80211_hwsim hwsim6 wlan0: left promiscuous mode
[  343.664322][T15015] geneve3: left promiscuous mode
[  343.796464][T15015] ip6gre1: left promiscuous mode
[  343.816732][T15015] ip6gre1: left allmulticast mode
[  343.916008][T15015] bond2: left promiscuous mode
[  343.987282][ T3442] netdevsim netdevsim0 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  344.021179][ T3442] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  344.056314][ T3442] netdevsim netdevsim0 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  344.090040][ T3442] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  344.111522][ T3442] netdevsim netdevsim0 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  344.145071][ T3442] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  344.185466][T15049] input: syz0 as /devices/virtual/input/input44
[  344.197525][   T60] netdevsim netdevsim0 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  344.252238][   T60] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  344.564512][T15055] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  344.901897][   T30] audit: type=1400 audit(1766313964.213:703): avc:  denied  { bind } for  pid=15071 comm="syz.0.3013" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  344.948670][T15070] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  345.474806][   T30] audit: type=1400 audit(1766313964.813:704): avc:  denied  { create } for  pid=15076 comm="syz.0.3015" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmsvc_socket permissive=1
[  345.481576][T15077] lec:lec_vcc_attach: copy from user failed for 28 bytes
[  345.539779][   T30] audit: type=1400 audit(1766313964.813:705): avc:  denied  { ioctl } for  pid=15076 comm="syz.0.3015" path="socket:[51070]" dev="sockfs" ino=51070 ioctlcmd=0x61d1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmsvc_socket permissive=1
[  345.762021][ T5890] hid-generic 0000:0004:0000.003E: unknown main item tag 0x0
[  345.769444][ T5890] hid-generic 0000:0004:0000.003E: unknown main item tag 0x0
[  345.791918][ T5890] hid-generic 0000:0004:0000.003E: unknown main item tag 0x0
[  345.817539][ T5890] hid-generic 0000:0004:0000.003E: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  345.944351][T15091] fido_id[15091]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  345.976655][   T30] audit: type=1400 audit(1766313965.313:706): avc:  denied  { listen } for  pid=15076 comm="syz.0.3015" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmsvc_socket permissive=1
[  346.093847][   T30] audit: type=1400 audit(1766313965.433:707): avc:  denied  { read } for  pid=15092 comm="syz.6.3019" name="btrfs-control" dev="devtmpfs" ino=1316 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  346.142803][   T30] audit: type=1400 audit(1766313965.453:708): avc:  denied  { open } for  pid=15092 comm="syz.6.3019" path="/dev/btrfs-control" dev="devtmpfs" ino=1316 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  346.410498][T15114] netlink: 16 bytes leftover after parsing attributes in process `syz.6.3026'.
[  346.427132][T15114] bond0: entered promiscuous mode
[  346.433685][T15114] bond_slave_0: entered promiscuous mode
[  346.439580][T15114] bond_slave_1: entered promiscuous mode
[  346.450690][   T30] audit: type=1400 audit(1766313965.783:709): avc:  denied  { connect } for  pid=15115 comm="syz.5.3028" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  346.483361][T15114] ip6gretap0: entered promiscuous mode
[  346.496990][T15114] hsr1: entered promiscuous mode
[  346.871749][   T30] audit: type=1400 audit(1766313966.203:710): avc:  denied  { ioctl } for  pid=15135 comm="syz.1.3037" path="/dev/nullb0" dev="devtmpfs" ino=696 ioctlcmd=0x1269 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  347.242375][   T30] audit: type=1400 audit(1766313966.573:711): avc:  denied  { setattr } for  pid=15109 comm="syz.0.3027" name="/" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  347.446894][T15146] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  348.976908][T15202] 9p: Bad value for 'rfdno'
[  349.073467][   T30] audit: type=1400 audit(1766313968.413:712): avc:  denied  { write } for  pid=15205 comm="syz.1.3063" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  350.760361][   T30] kauditd_printk_skb: 1 callbacks suppressed
[  350.760375][   T30] audit: type=1400 audit(1766313970.093:714): avc:  denied  { append } for  pid=15237 comm="syz.1.3073" name="loop6" dev="devtmpfs" ino=653 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  350.843475][T15238] loop6: detected capacity change from 0 to 2640
[  350.850197][T15238] buffer_io_error: 138 callbacks suppressed
[  350.850211][T15238] Buffer I/O error on dev loop6, logical block 0, async page read
[  350.865120][T15238] Buffer I/O error on dev loop6, logical block 0, async page read
[  350.873504][T15238] Buffer I/O error on dev loop6, logical block 0, async page read
[  350.881331][T15238] Buffer I/O error on dev loop6, logical block 0, async page read
[  350.889791][T15238] Buffer I/O error on dev loop6, logical block 0, async page read
[  350.901991][T15238] Buffer I/O error on dev loop6, logical block 0, async page read
[  350.909846][T15238] Buffer I/O error on dev loop6, logical block 0, async page read
[  350.921079][T15238] Buffer I/O error on dev loop6, logical block 0, async page read
[  350.929470][T15238] ldm_validate_partition_table(): Disk read failed.
[  350.936956][T15238] Buffer I/O error on dev loop6, logical block 0, async page read
[  350.945463][T15238] Buffer I/O error on dev loop6, logical block 0, async page read
[  350.947253][T15240] blk_print_req_error: 137 callbacks suppressed
[  350.947265][T15240] I/O error, dev loop6, sector 0 op 0x1:(WRITE) flags 0xc800 phys_seg 128 prio class 2
[  350.953789][T15238] Dev loop6: unable to read RDB block 0
[  350.976299][T15238]  loop6: unable to read partition table
[  350.982550][T15238] loop_reread_partitions: partition scan of loop6 (3„¾‚³˜) failed (rc=-5)
[  351.031904][T15240] I/O error, dev loop6, sector 0 op 0x1:(WRITE) flags 0xc800 phys_seg 128 prio class 2
[  351.062482][T15240] I/O error, dev loop6, sector 1008 op 0x1:(WRITE) flags 0xc800 phys_seg 128 prio class 2
[  351.097977][T15240] I/O error, dev loop6, sector 1008 op 0x1:(WRITE) flags 0xc800 phys_seg 128 prio class 2
[  351.117928][T15240] I/O error, dev loop6, sector 2016 op 0x1:(WRITE) flags 0x8800 phys_seg 3 prio class 2
[  351.141677][T15240] I/O error, dev loop6, sector 2016 op 0x1:(WRITE) flags 0x8800 phys_seg 3 prio class 2
[  351.161922][T15240] I/O error, dev loop6, sector 2032 op 0x1:(WRITE) flags 0x8800 phys_seg 77 prio class 2
[  351.171764][T15240] I/O error, dev loop6, sector 2032 op 0x1:(WRITE) flags 0x8800 phys_seg 77 prio class 2
[  351.518850][T15258] overlayfs: failed to clone upperpath
[  351.542739][ T5875] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[  351.702553][ T5875] usb 2-1: Using ep0 maxpacket: 32
[  351.709466][ T5875] usb 2-1: config 0 has an invalid interface number: 132 but max is 0
[  351.718187][ T5875] usb 2-1: config 0 has no interface number 0
[  351.724712][ T5875] usb 2-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  351.737221][ T5875] usb 2-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[  351.746791][ T5875] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  351.755352][ T5875] usb 2-1: Product: syz
[  351.759717][ T5875] usb 2-1: Manufacturer: syz
[  351.764851][ T5875] usb 2-1: SerialNumber: syz
[  351.771070][ T5875] usb 2-1: config 0 descriptor??
[  351.783507][ T5875] em28xx 2-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132)
[  351.793600][ T5875] em28xx 2-1:0.132: Video interface 132 found:
[  352.187224][ T5875] em28xx 2-1:0.132: unknown em28xx chip ID (0)
[  353.282729][ T5875] em28xx 2-1:0.132: failed to trigger read from i2c address 0xa0 (error=-5)
[  353.291457][ T5875] em28xx 2-1:0.132: board has no eeprom
[  353.352247][ T5875] em28xx 2-1:0.132: Identified as Leadtek Winfast USB II (card=7)
[  353.360087][ T5875] em28xx 2-1:0.132: analog set to bulk mode.
[  353.366858][ T9745] em28xx 2-1:0.132: Registering V4L2 extension
[  353.378043][ T5875] usb 2-1: USB disconnect, device number 36
[  353.393589][ T5875] em28xx 2-1:0.132: Disconnecting em28xx
[  353.454584][ T9745] em28xx 2-1:0.132: Config register raw data: 0xffffffed
[  353.461612][ T9745] em28xx 2-1:0.132: AC97 chip type couldn't be determined
[  353.474156][ T9745] em28xx 2-1:0.132: No AC97 audio processor
[  353.480870][ T9745] usb 2-1: Decoder not found
[  353.486889][ T9745] em28xx 2-1:0.132: failed to create media graph
[  353.493676][ T9745] em28xx 2-1:0.132: V4L2 device video103 deregistered
[  353.501416][ T9745] em28xx 2-1:0.132: Remote control support is not available for this card.
[  353.510461][ T5875] em28xx 2-1:0.132: Closing input extension
[  353.518893][ T5875] em28xx 2-1:0.132: Freeing device
[  354.567454][   T30] audit: type=1400 audit(1766313973.903:715): avc:  denied  { recv } for  pid=15265 comm="syz.1.3082" saddr=10.128.0.169 src=35384 daddr=10.128.0.9 dest=22 netif=eth0 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1
[  354.841507][T15289] netlink: 156 bytes leftover after parsing attributes in process `syz.5.3089'.
[  354.922778][T15290] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3089'.
[  355.097007][T15295] overlayfs: failed to clone upperpath
[  355.103128][   T30] audit: type=1400 audit(1766313974.433:716): avc:  denied  { bind } for  pid=15296 comm="syz.1.3091" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  355.507629][T15316] netlink: 1363 bytes leftover after parsing attributes in process `syz.5.3099'.
[  361.996843][ T5829] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  362.007741][ T5829] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  362.016898][ T5829] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  362.027857][ T5829] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  362.035903][ T5829] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  362.064629][T15334] netlink: 'syz.5.3106': attribute type 1 has an invalid length.
[  362.101025][T15339] overlayfs: failed to clone upperpath
[  362.141274][T15334] bond3: entered promiscuous mode
[  362.164455][T15334] 8021q: adding VLAN 0 to HW filter on device bond3
[  362.181371][T15331] wg2 speed is unknown, defaulting to 1000
[  362.250571][T15334] bond3: (slave bridge5): making interface the new active one
[  362.281345][T15334] bridge5: entered promiscuous mode
[  362.351276][T15334] bond3: (slave bridge5): Enslaving as an active interface with an up link
[  362.770654][T15352] lo: entered allmulticast mode
[  363.044048][T15357] ref_ctr increment failed for inode: 0xe6c offset: 0x5 ref_ctr_offset: 0x1000 of mm: 0xffff888078bca4c0
[  363.144574][T15331] chnl_net:caif_netlink_parms(): no params data found
[  363.434334][T15365] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  363.591535][T15371] No control pipe specified
[  363.650933][T15331] bridge0: port 1(bridge_slave_0) entered blocking state
[  363.678359][T15331] bridge0: port 1(bridge_slave_0) entered disabled state
[  363.702578][T15331] bridge_slave_0: entered allmulticast mode
[  363.712511][ T9745] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[  363.720170][T15331] bridge_slave_0: entered promiscuous mode
[  363.739766][T15375] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3118'.
[  363.779390][T15331] bridge0: port 2(bridge_slave_1) entered blocking state
[  363.799593][T15331] bridge0: port 2(bridge_slave_1) entered disabled state
[  363.812025][T15331] bridge_slave_1: entered allmulticast mode
[  363.829859][T15331] bridge_slave_1: entered promiscuous mode
[  363.865504][ T9745] usb 2-1: Using ep0 maxpacket: 8
[  363.875566][ T9745] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  363.884869][ T9745] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  363.899162][ T9745] usb 2-1: Product: syz
[  363.903837][ T9745] usb 2-1: Manufacturer: syz
[  363.908502][ T9745] usb 2-1: SerialNumber: syz
[  363.929288][ T9745] usb 2-1: config 0 descriptor??
[  364.044748][T15331] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  364.094680][ T5830] Bluetooth: hci5: command tx timeout
[  364.119089][T15331] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  364.158159][ T9745] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  364.264304][T15331] team0: Port device team_slave_0 added
[  364.271358][T15383] netlink: 'syz.5.3122': attribute type 2 has an invalid length.
[  364.284657][T15331] team0: Port device team_slave_1 added
[  364.303879][T15383] netlink: 'syz.5.3122': attribute type 2 has an invalid length.
[  364.311665][T15383] netlink: 'syz.5.3122': attribute type 2 has an invalid length.
[  364.338239][ T5829] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  364.354439][ T5829] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  364.365320][ T5829] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  364.374304][ T5829] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  364.383671][ T5829] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  364.419293][   T30] audit: type=1400 audit(1766313983.753:717): avc:  denied  { allowed } for  pid=15386 comm="syz.3.3123" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  364.596099][T15331] batman_adv: batadv0: Adding interface: batadv_slave_0
[  364.622142][T15331] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  364.671935][T15331] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  364.734457][T15331] batman_adv: batadv0: Adding interface: batadv_slave_1
[  364.751589][T15331] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  364.811960][T15331] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  364.838992][T15384] wg2 speed is unknown, defaulting to 1000
[  364.979284][ T9317] bridge_slave_1: left allmulticast mode
[  364.993318][ T9317] bridge_slave_1: left promiscuous mode
[  364.999492][ T9317] bridge0: port 2(bridge_slave_1) entered disabled state
[  365.033195][ T9317] bridge_slave_0: left allmulticast mode
[  365.038924][ T9317] bridge_slave_0: left promiscuous mode
[  365.049296][ T9317] bridge0: port 1(bridge_slave_0) entered disabled state
[  365.677928][ T9317] ip6gretap0 (unregistering): left promiscuous mode
[  365.876083][ T9745] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  365.895949][ T9745] usb 2-1: USB disconnect, device number 37
[  366.201974][ T5829] Bluetooth: hci5: command tx timeout
[  366.296644][ T9317] bond0 (unregistering): left promiscuous mode
[  366.346297][ T9317] bond_slave_0: left promiscuous mode
[  366.482294][ T5829] Bluetooth: hci3: command tx timeout
[  366.509057][ T9317] bond_slave_1: left promiscuous mode
[  366.522027][ T9317] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  366.531459][ T9317] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  366.540742][ T9317] bond0 (unregistering): Released all slaves
[  366.554503][T15331] hsr_slave_0: entered promiscuous mode
[  366.560631][T15331] hsr_slave_1: entered promiscuous mode
[  366.654869][   T30] audit: type=1400 audit(1766313985.993:718): avc:  denied  { setattr } for  pid=15417 comm="syz.1.3133" name="NETLINK" dev="sockfs" ino=52545 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  366.679336][   T30] audit: type=1400 audit(1766313986.003:719): avc:  denied  { create } for  pid=15417 comm="syz.1.3133" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  366.699348][   T30] audit: type=1400 audit(1766313986.003:720): avc:  denied  { bind } for  pid=15417 comm="syz.1.3133" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  366.898282][T15421] 8021q: adding VLAN 0 to HW filter on device bond4
[  366.936175][T15421] bond4: (slave macvlan2): Opening slave failed
[  367.261568][ T9317] hsr_slave_0: left promiscuous mode
[  367.278507][ T9317] batman_adv: batadv0: Removing interface: batadv_slave_0
[  367.937353][ T9317] team0 (unregistering): Port device team_slave_1 removed
[  368.045602][ T9317] team0 (unregistering): Port device team_slave_0 removed
[  368.251987][ T5829] Bluetooth: hci5: command tx timeout
[  368.421236][T15331] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  368.436954][T15384] chnl_net:caif_netlink_parms(): no params data found
[  368.447767][T15331] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  368.477953][T15331] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  368.500502][T15331] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  368.575388][ T5829] Bluetooth: hci3: command tx timeout
[  368.615079][T15384] bridge0: port 1(bridge_slave_0) entered blocking state
[  368.622446][T15384] bridge0: port 1(bridge_slave_0) entered disabled state
[  368.629588][T15384] bridge_slave_0: entered allmulticast mode
[  368.637536][T15384] bridge_slave_0: entered promiscuous mode
[  368.646887][T15384] bridge0: port 2(bridge_slave_1) entered blocking state
[  368.654366][T15384] bridge0: port 2(bridge_slave_1) entered disabled state
[  368.661573][T15384] bridge_slave_1: entered allmulticast mode
[  368.668443][T15384] bridge_slave_1: entered promiscuous mode
[  368.696921][T15384] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  368.709103][T15384] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  368.741257][T15384] team0: Port device team_slave_0 added
[  368.749038][T15384] team0: Port device team_slave_1 added
[  368.773886][T15384] batman_adv: batadv0: Adding interface: batadv_slave_0
[  368.781017][T15384] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  368.811378][T15384] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  368.824131][T15384] batman_adv: batadv0: Adding interface: batadv_slave_1
[  368.831068][T15384] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  368.858164][T15384] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  368.898835][T15384] hsr_slave_0: entered promiscuous mode
[  368.905314][T15384] hsr_slave_1: entered promiscuous mode
[  368.911186][T15384] debugfs: 'hsr0' already exists in 'hsr'
[  368.917667][T15384] Cannot create hsr debugfs directory
[  369.010177][T15331] 8021q: adding VLAN 0 to HW filter on device bond0
[  369.030040][T15331] 8021q: adding VLAN 0 to HW filter on device team0
[  369.095920][ T2993] bridge0: port 1(bridge_slave_0) entered blocking state
[  369.103006][ T2993] bridge0: port 1(bridge_slave_0) entered forwarding state
[  369.141604][T15384] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  369.172718][T15384] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  369.202255][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  369.209335][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  369.247956][T15384] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  369.277464][T15384] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  369.679349][T15384] 8021q: adding VLAN 0 to HW filter on device bond0
[  369.752962][T15384] 8021q: adding VLAN 0 to HW filter on device team0
[  369.778747][ T2993] bridge0: port 1(bridge_slave_0) entered blocking state
[  369.785843][ T2993] bridge0: port 1(bridge_slave_0) entered forwarding state
[  369.821221][ T2993] bridge0: port 2(bridge_slave_1) entered blocking state
[  369.828332][ T2993] bridge0: port 2(bridge_slave_1) entered forwarding state
[  370.023230][T15331] 8021q: adding VLAN 0 to HW filter on device batadv0
[  370.316890][T15384] 8021q: adding VLAN 0 to HW filter on device batadv0
[  370.323802][ T5829] Bluetooth: hci5: command tx timeout
[  370.643843][ T5829] Bluetooth: hci3: command tx timeout
[  370.723895][T15331] veth0_vlan: entered promiscuous mode
[  370.760838][T15331] veth1_vlan: entered promiscuous mode
[  370.791325][T15499] netlink: 'syz.3.3148': attribute type 4 has an invalid length.
[  370.846626][T15500] netlink: 'syz.3.3148': attribute type 4 has an invalid length.
[  370.877607][T15331] veth0_macvtap: entered promiscuous mode
[  370.907814][T15384] veth0_vlan: entered promiscuous mode
[  370.917856][T15331] veth1_macvtap: entered promiscuous mode
[  370.952617][T15384] veth1_vlan: entered promiscuous mode
[  371.009036][T15331] batman_adv: batadv0: Interface activated: batadv_slave_0
[  371.045597][T15331] batman_adv: batadv0: Interface activated: batadv_slave_1
[  371.095712][ T2942] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  371.107604][ T2942] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  371.120012][ T2942] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  371.131614][ T2942] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  371.165843][T15384] veth0_macvtap: entered promiscuous mode
[  371.195115][T15384] veth1_macvtap: entered promiscuous mode
[  371.306811][T15384] batman_adv: batadv0: Interface activated: batadv_slave_0
[  371.361421][T15384] batman_adv: batadv0: Interface activated: batadv_slave_1
[  371.425159][ T4859] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  371.460371][ T2069] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  371.472073][ T4859] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  371.491765][ T2069] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  371.533935][ T4859] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  371.550484][ T4859] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  371.669206][ T3554] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  371.725484][ T3554] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  371.817413][   T30] audit: type=1400 audit(1766313991.133:721): avc:  denied  { mounton } for  pid=15331 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  371.869560][ T2942] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  371.879011][ T2942] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  371.984006][ T2942] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  371.996702][ T2942] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  372.608530][T15531] netlink: 24 bytes leftover after parsing attributes in process `syz.8.3154'.
[  372.677785][T15531] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3154'.
[  372.725966][ T5829] Bluetooth: hci3: command tx timeout
[  373.419436][T15536] syz.5.3155 invoked oom-killer: gfp_mask=0x400cc0(GFP_KERNEL_ACCOUNT), order=3, oom_score_adj=0
[  373.430273][T15536] CPU: 1 UID: 0 PID: 15536 Comm: syz.5.3155 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  373.430302][T15536] Tainted: [L]=SOFTLOCKUP
[  373.430308][T15536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  373.430323][T15536] Call Trace:
[  373.430330][T15536]  <TASK>
[  373.430337][T15536]  dump_stack_lvl+0x16c/0x1f0
[  373.430364][T15536]  dump_header+0x101/0x960
[  373.430395][T15536]  oom_kill_process+0x176/0x910
[  373.430425][T15536]  out_of_memory+0x350/0x1700
[  373.430453][T15536]  ? __lock_acquire+0x436/0x2890
[  373.430477][T15536]  ? __pfx_out_of_memory+0x10/0x10
[  373.430511][T15536]  mem_cgroup_out_of_memory+0x118/0x130
[  373.430529][T15536]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  373.430552][T15536]  ? do_raw_spin_unlock+0x172/0x230
[  373.430580][T15536]  try_charge_memcg+0x695/0xd30
[  373.430608][T15536]  ? __pfx_try_charge_memcg+0x10/0x10
[  373.430631][T15536]  ? peak_open+0x1/0x50
[  373.430660][T15536]  ? get_mem_cgroup_from_objcg+0xd3/0x330
[  373.430682][T15536]  obj_cgroup_charge_account+0x336/0x670
[  373.430710][T15536]  __memcg_slab_post_alloc_hook+0x2e3/0x880
[  373.430743][T15536]  __kmalloc_node_track_caller_noprof+0x6e3/0x930
[  373.430765][T15536]  ? copy_array.constprop.0+0x93/0x120
[  373.430790][T15536]  ? krealloc_node_align_noprof+0x2ea/0x3d0
[  373.430809][T15536]  krealloc_node_align_noprof+0x2ea/0x3d0
[  373.430833][T15536]  copy_array.constprop.0+0x93/0x120
[  373.430854][T15536]  copy_verifier_state+0xaf6/0x1030
[  373.430878][T15536]  ? kasan_save_track+0x14/0x30
[  373.430900][T15536]  do_check_common+0x5859/0xc640
[  373.430938][T15536]  ? __pfx_tp_prog_func_proto+0x10/0x10
[  373.430963][T15536]  ? __pfx_do_check_common+0x10/0x10
[  373.430996][T15536]  bpf_check+0x8b63/0xcb70
[  373.431026][T15536]  ? __pfx_bpf_check+0x10/0x10
[  373.431043][T15536]  ? rcu_is_watching+0x12/0xc0
[  373.431055][T15536]  ? trace_kmalloc+0x2b/0xb0
[  373.431070][T15536]  ? __kmalloc_noprof+0x35d/0x910
[  373.431090][T15536]  ? lsm_blob_alloc+0x68/0x90
[  373.431106][T15536]  ? lsm_blob_alloc+0x68/0x90
[  373.431116][T15536]  ? __asan_memset+0x23/0x50
[  373.431129][T15536]  ? selinux_bpf_prog_load+0x67/0x170
[  373.431147][T15536]  ? bpf_lsm_bpf_prog_load+0x9/0x10
[  373.431164][T15536]  bpf_prog_load+0x114e/0x2cc0
[  373.431187][T15536]  ? __pfx_bpf_prog_load+0x10/0x10
[  373.431206][T15536]  ? avc_has_perm_noaudit+0x149/0x3b0
[  373.431230][T15536]  ? avc_has_perm+0x144/0x1f0
[  373.431259][T15536]  ? selinux_bpf+0xdd/0x130
[  373.431278][T15536]  ? bpf_lsm_bpf+0x9/0x10
[  373.431293][T15536]  __sys_bpf+0x3e72/0x4980
[  373.431310][T15536]  ? futex_private_hash_put+0x160/0x1b0
[  373.431335][T15536]  ? __pfx___sys_bpf+0x10/0x10
[  373.431353][T15536]  ? __pfx_futex_wait+0x10/0x10
[  373.431377][T15536]  ? do_futex+0x122/0x350
[  373.431405][T15536]  ? fdget_pos+0x2b8/0x370
[  373.431425][T15536]  ? xfd_validate_state+0x61/0x180
[  373.431438][T15536]  ? __pfx_ksys_read+0x10/0x10
[  373.431458][T15536]  __x64_sys_bpf+0x78/0xc0
[  373.431476][T15536]  ? lockdep_hardirqs_on+0x7c/0x110
[  373.431492][T15536]  do_syscall_64+0xcd/0xf80
[  373.431509][T15536]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  373.431523][T15536] RIP: 0033:0x7fd51dd8f749
[  373.431535][T15536] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  373.431548][T15536] RSP: 002b:00007fd51eb86038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  373.431562][T15536] RAX: ffffffffffffffda RBX: 00007fd51dfe5fa0 RCX: 00007fd51dd8f749
[  373.431570][T15536] RDX: 0000000000000094 RSI: 0000200000000840 RDI: 0000000000000005
[  373.431578][T15536] RBP: 00007fd51de13f91 R08: 0000000000000000 R09: 0000000000000000
[  373.431586][T15536] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  373.431594][T15536] R13: 00007fd51dfe6038 R14: 00007fd51dfe5fa0 R15: 00007ffee9087138
[  373.431614][T15536]  </TASK>
[  373.431621][T15536] memory: usage 307192kB, limit 307200kB, failcnt 186
[  373.864578][T15536] memory+swap: usage 308064kB, limit 9007199254740988kB, failcnt 0
[  373.872530][T15536] kmem: usage 239520kB, limit 9007199254740988kB, failcnt 0
[  373.880081][T15536] Memory cgroup stats for /syz5:
[  373.880482][T15536] cache 69255168
[  373.889067][T15536] rss 12288
[  373.892186][T15536] rss_huge 0
[  373.895371][T15536] shmem 0
[  373.898294][T15536] mapped_file 0
[  373.901738][T15536] dirty 0
[  373.904694][T15536] writeback 0
[  373.907966][T15536] workingset_refault_anon 3039
[  373.912770][T15536] workingset_refault_file 0
[  373.917258][T15536] swap 884736
[  373.920527][T15536] swapcached 45056
[  373.924300][T15536] pgpgin 158478
[  373.927753][T15536] pgpgout 142069
[  373.931282][T15536] pgfault 183976
[  373.934841][T15536] pgmajfault 496
[  373.938370][T15536] inactive_anon 49152
[  373.942348][T15536] active_anon 0
[  373.945790][T15536] inactive_file 0
[  373.949407][T15536] active_file 0
[  373.952868][T15536] unevictable 69255168
[  373.956919][T15536] hierarchical_memory_limit 314572800
[  373.962292][T15536] hierarchical_memsw_limit 9223372036854771712
[  373.968430][T15536] total_cache 69255168
[  373.972519][T15536] total_rss 12288
[  373.976146][T15536] total_rss_huge 0
[  373.980133][T15536] total_shmem 0
[  373.983611][T15536] total_mapped_file 0
[  373.987583][T15536] total_dirty 0
[  373.991031][T15536] total_writeback 0
[  373.994859][T15536] total_workingset_refault_anon 3039
[  374.000128][T15536] total_workingset_refault_file 0
[  374.005173][T15536] total_swap 884736
[  374.008969][T15536] total_swapcached 45056
[  374.013242][T15536] total_pgpgin 158478
[  374.017215][T15536] total_pgpgout 142069
[  374.021271][T15536] total_pgfault 183976
[  374.025397][T15536] total_pgmajfault 496
[  374.029454][T15536] total_inactive_anon 49152
[  374.033978][T15536] total_active_anon 0
[  374.037946][T15536] total_inactive_file 0
[  374.042106][T15536] total_active_file 0
[  374.046068][T15536] total_unevictable 69255168
[  374.050644][T15536] anon_cost 0
[  374.053952][T15536] file_cost 0
[  374.057226][T15536] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.2002,pid=11408,uid=0
[  374.074143][T15536] Memory cgroup out of memory: Killed process 11408 (syz.5.2002) total-vm:104076kB, anon-rss:1172kB, file-rss:20736kB, shmem-rss:0kB, UID:0 pgtables:96kB oom_score_adj:1000
[  374.867117][T15536] syz.5.3155 invoked oom-killer: gfp_mask=0x400cc0(GFP_KERNEL_ACCOUNT), order=3, oom_score_adj=0
[  374.878050][T15536] CPU: 1 UID: 0 PID: 15536 Comm: syz.5.3155 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  374.878087][T15536] Tainted: [L]=SOFTLOCKUP
[  374.878092][T15536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  374.878102][T15536] Call Trace:
[  374.878109][T15536]  <TASK>
[  374.878115][T15536]  dump_stack_lvl+0x16c/0x1f0
[  374.878144][T15536]  dump_header+0x101/0x960
[  374.878173][T15536]  oom_kill_process+0x176/0x910
[  374.878200][T15536]  out_of_memory+0x350/0x1700
[  374.878227][T15536]  ? __lock_acquire+0x436/0x2890
[  374.878251][T15536]  ? __pfx_out_of_memory+0x10/0x10
[  374.878283][T15536]  mem_cgroup_out_of_memory+0x118/0x130
[  374.878301][T15536]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  374.878323][T15536]  ? do_raw_spin_unlock+0x172/0x230
[  374.878350][T15536]  try_charge_memcg+0x695/0xd30
[  374.878378][T15536]  ? __pfx_try_charge_memcg+0x10/0x10
[  374.878401][T15536]  ? peak_open+0x1/0x50
[  374.878428][T15536]  ? get_mem_cgroup_from_objcg+0xd3/0x330
[  374.878450][T15536]  obj_cgroup_charge_account+0x336/0x670
[  374.878478][T15536]  __memcg_slab_post_alloc_hook+0x2e3/0x880
[  374.878511][T15536]  __kmalloc_node_track_caller_noprof+0x6e3/0x930
[  374.878534][T15536]  ? copy_array.constprop.0+0x93/0x120
[  374.878560][T15536]  ? krealloc_node_align_noprof+0x2ea/0x3d0
[  374.878580][T15536]  krealloc_node_align_noprof+0x2ea/0x3d0
[  374.878603][T15536]  copy_array.constprop.0+0x93/0x120
[  374.878625][T15536]  copy_verifier_state+0xaf6/0x1030
[  374.878648][T15536]  ? kasan_save_track+0x14/0x30
[  374.878670][T15536]  push_stack+0x1ca/0x380
[  374.878692][T15536]  check_cond_jmp_op+0xb06/0x7890
[  374.878717][T15536]  ? __kmalloc_node_track_caller_noprof+0x2d6/0x930
[  374.878747][T15536]  ? __pfx_check_cond_jmp_op+0x10/0x10
[  374.878765][T15536]  ? krealloc_node_align_noprof+0x269/0x3d0
[  374.878791][T15536]  ? push_jmp_history+0x303/0x750
[  374.878815][T15536]  do_check_common+0xa4d3/0xc640
[  374.878855][T15536]  ? __pfx_tp_prog_func_proto+0x10/0x10
[  374.878883][T15536]  ? __pfx_do_check_common+0x10/0x10
[  374.878917][T15536]  bpf_check+0x8b63/0xcb70
[  374.878971][T15536]  ? __pfx_bpf_check+0x10/0x10
[  374.878995][T15536]  ? rcu_is_watching+0x12/0xc0
[  374.879012][T15536]  ? trace_kmalloc+0x2b/0xb0
[  374.879033][T15536]  ? __kmalloc_noprof+0x35d/0x910
[  374.879061][T15536]  ? lsm_blob_alloc+0x68/0x90
[  374.879087][T15536]  ? lsm_blob_alloc+0x68/0x90
[  374.879101][T15536]  ? __asan_memset+0x23/0x50
[  374.879116][T15536]  ? selinux_bpf_prog_load+0x67/0x170
[  374.879141][T15536]  ? bpf_lsm_bpf_prog_load+0x9/0x10
[  374.879166][T15536]  bpf_prog_load+0x114e/0x2cc0
[  374.879198][T15536]  ? __pfx_bpf_prog_load+0x10/0x10
[  374.879225][T15536]  ? avc_has_perm_noaudit+0x149/0x3b0
[  374.879257][T15536]  ? avc_has_perm+0x144/0x1f0
[  374.879298][T15536]  ? selinux_bpf+0xdd/0x130
[  374.879321][T15536]  ? bpf_lsm_bpf+0x9/0x10
[  374.879337][T15536]  __sys_bpf+0x3e72/0x4980
[  374.879354][T15536]  ? futex_private_hash_put+0x160/0x1b0
[  374.879374][T15536]  ? __pfx___sys_bpf+0x10/0x10
[  374.879391][T15536]  ? __pfx_futex_wait+0x10/0x10
[  374.879415][T15536]  ? do_futex+0x122/0x350
[  374.879443][T15536]  ? fdget_pos+0x2b8/0x370
[  374.879464][T15536]  ? xfd_validate_state+0x61/0x180
[  374.879477][T15536]  ? __pfx_ksys_read+0x10/0x10
[  374.879497][T15536]  __x64_sys_bpf+0x78/0xc0
[  374.879514][T15536]  ? lockdep_hardirqs_on+0x7c/0x110
[  374.879531][T15536]  do_syscall_64+0xcd/0xf80
[  374.879549][T15536]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  374.879563][T15536] RIP: 0033:0x7fd51dd8f749
[  374.879576][T15536] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  374.879588][T15536] RSP: 002b:00007fd51eb86038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  374.879602][T15536] RAX: ffffffffffffffda RBX: 00007fd51dfe5fa0 RCX: 00007fd51dd8f749
[  374.879610][T15536] RDX: 0000000000000094 RSI: 0000200000000840 RDI: 0000000000000005
[  374.879618][T15536] RBP: 00007fd51de13f91 R08: 0000000000000000 R09: 0000000000000000
[  374.879625][T15536] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  374.879632][T15536] R13: 00007fd51dfe6038 R14: 00007fd51dfe5fa0 R15: 00007ffee9087138
[  374.879651][T15536]  </TASK>
[  374.879660][T15536] memory: usage 307200kB, limit 307200kB, failcnt 2391
[  375.061657][T15540] wg2 speed is unknown, defaulting to 1000
[  375.068621][T15536] memory+swap: usage 307864kB, limit 9007199254740988kB, failcnt 0
[  375.351917][T15536] kmem: usage 239504kB, limit 9007199254740988kB, failcnt 0
[  375.359242][T15536] Memory cgroup stats for /syz5:
[  375.359361][T15536] cache 69255168
[  375.368438][T15536] rss 4096
[  375.371452][T15536] rss_huge 0
[  375.374667][T15536] shmem 0
[  375.377603][T15536] mapped_file 0
[  375.381077][T15536] dirty 0
[  375.384069][T15536] writeback 0
[  375.387347][T15536] workingset_refault_anon 3244
[  375.392131][T15536] workingset_refault_file 0
[  375.396621][T15536] swap 692224
[  375.399894][T15536] swapcached 53248
[  375.403626][T15536] pgpgin 158683
[  375.407074][T15536] pgpgout 142273
[  375.410917][T15536] pgfault 184183
[  375.414496][T15536] pgmajfault 681
[  375.418030][T15536] inactive_anon 53248
[  375.422057][T15536] active_anon 0
[  375.425499][T15536] inactive_file 0
[  375.429116][T15536] active_file 0
[  375.432576][T15536] unevictable 69255168
[  375.436629][T15536] hierarchical_memory_limit 314572800
[  375.442003][T15536] hierarchical_memsw_limit 9223372036854771712
[  375.448140][T15536] total_cache 69255168
[  375.452696][T15536] total_rss 4096
[  375.456232][T15536] total_rss_huge 0
[  375.459935][T15536] total_shmem 0
[  375.463402][T15536] total_mapped_file 0
[  375.467384][T15536] total_dirty 0
[  375.470838][T15536] total_writeback 0
[  375.474687][T15536] total_workingset_refault_anon 3244
[  375.479960][T15536] total_workingset_refault_file 0
[  375.485032][T15536] total_swap 692224
[  375.488833][T15536] total_swapcached 53248
[  375.493082][T15536] total_pgpgin 158683
[  375.497053][T15536] total_pgpgout 142273
[  375.501105][T15536] total_pgfault 184183
[  375.505191][T15536] total_pgmajfault 681
[  375.509246][T15536] total_inactive_anon 53248
[  375.514085][T15536] total_active_anon 0
[  375.518060][T15536] total_inactive_file 0
[  375.522364][T15536] total_active_file 0
[  375.526362][T15536] total_unevictable 69255168
[  375.530939][T15536] anon_cost 0
[  375.534242][T15536] file_cost 0
[  375.537514][T15536] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz5,task_memcg=/syz5,task=syz.5.885,pid=8247,uid=0
[  375.552246][T15536] Memory cgroup out of memory: Killed process 8247 (syz.5.885) total-vm:104008kB, anon-rss:1168kB, file-rss:20736kB, shmem-rss:0kB, UID:0 pgtables:96kB oom_score_adj:1000
[  444.642177][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  480.361806][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  480.368771][    C1] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P15540/1:b..l P15544/3:b..l P15516/1:b..l
[  480.379749][    C1] rcu: 	(detected by 1, t=10503 jiffies, g=66085, q=1143 ncpus=2)
[  480.387545][    C1] task:syz.7.3102      state:R  running task     stack:26568 pid:15516 tgid:15513 ppid:15331  task_flags:0x40054c flags:0x00080004
[  480.402233][    C1] Call Trace:
[  480.405509][    C1]  <TASK>
[  480.408415][    C1]  ? __schedule+0x10b9/0x6150
[  480.413064][    C1]  __schedule+0x1139/0x6150
[  480.417535][    C1]  ? kernel_text_address+0x8d/0x100
[  480.422713][    C1]  ? __pfx___schedule+0x10/0x10
[  480.427536][    C1]  ? preempt_schedule_notrace_thunk+0x16/0x30
[  480.433574][    C1]  preempt_schedule_notrace+0x62/0xe0
[  480.438916][    C1]  preempt_schedule_notrace_thunk+0x16/0x30
[  480.444783][    C1]  rcu_is_watching+0x8e/0xc0
[  480.449342][    C1]  unwind_next_frame+0xa3b/0x20b0
[  480.454342][    C1]  ? do_syscall_64+0x4ee/0xf80
[  480.459082][    C1]  ? bpf_ksym_find+0x127/0x1c0
[  480.463816][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  480.469938][    C1]  arch_stack_walk+0x94/0x100
[  480.474587][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  480.480623][    C1]  stack_trace_save+0x8e/0xc0
[  480.485269][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  480.490611][    C1]  ? stack_trace_save+0x8e/0xc0
[  480.495428][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  480.500767][    C1]  kasan_save_stack+0x33/0x60
[  480.505411][    C1]  ? kasan_save_stack+0x33/0x60
[  480.510228][    C1]  ? kasan_record_aux_stack+0xa7/0xc0
[  480.515569][    C1]  ? task_work_add+0x271/0x380
[  480.520302][    C1]  ? __io_req_task_work_add+0x57e/0x990
[  480.525829][    C1]  ? io_queue_deferred+0x305/0x4c0
[  480.530908][    C1]  ? __io_submit_flush_completions+0x1310/0x1980
[  480.537207][    C1]  ? ctx_flush_and_put.constprop.0+0x9a/0x410
[  480.543238][    C1]  ? io_handle_tw_list+0x429/0x580
[  480.548312][    C1]  ? tctx_task_work_run+0x55/0x2d0
[  480.553387][    C1]  ? tctx_task_work+0x7a/0xd0
[  480.558029][    C1]  ? task_work_run+0x150/0x240
[  480.562761][    C1]  ? do_exit+0x87f/0x2bd0
[  480.567057][    C1]  ? do_group_exit+0xd3/0x2a0
[  480.571699][    C1]  ? get_signal+0x2671/0x26d0
[  480.576350][    C1]  ? arch_do_signal_or_restart+0x8f/0x7e0
[  480.582038][    C1]  ? exit_to_user_mode_loop+0x8c/0x540
[  480.587467][    C1]  ? do_syscall_64+0x4ee/0xf80
[  480.592221][    C1]  kasan_record_aux_stack+0xa7/0xc0
[  480.597390][    C1]  task_work_add+0x271/0x380
[  480.601949][    C1]  ? __pfx_task_work_add+0x10/0x10
[  480.607028][    C1]  ? __call_rcu_common.constprop.0+0x3f0/0xa10
[  480.613152][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  480.618323][    C1]  __io_req_task_work_add+0x57e/0x990
[  480.623669][    C1]  ? __io_req_caches_free+0x2de/0x5c0
[  480.629011][    C1]  ? __pfx___io_req_task_work_add+0x10/0x10
[  480.634878][    C1]  ? __io_req_caches_free+0x2e8/0x5c0
[  480.640221][    C1]  io_queue_deferred+0x305/0x4c0
[  480.645131][    C1]  __io_submit_flush_completions+0x1310/0x1980
[  480.651269][    C1]  ctx_flush_and_put.constprop.0+0x9a/0x410
[  480.657127][    C1]  io_handle_tw_list+0x429/0x580
[  480.662034][    C1]  tctx_task_work_run+0x55/0x2d0
[  480.666937][    C1]  tctx_task_work+0x7a/0xd0
[  480.671405][    C1]  ? __pfx_tctx_task_work+0x10/0x10
[  480.676568][    C1]  ? rcu_is_watching+0x12/0xc0
[  480.681298][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  480.686463][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  480.691630][    C1]  task_work_run+0x150/0x240
[  480.696192][    C1]  ? __pfx_task_work_run+0x10/0x10
[  480.701272][    C1]  ? do_raw_spin_unlock+0x172/0x230
[  480.706443][    C1]  do_exit+0x87f/0x2bd0
[  480.710565][    C1]  ? lock_acquire+0x179/0x330
[  480.715221][    C1]  ? __pfx_do_exit+0x10/0x10
[  480.719791][    C1]  ? find_held_lock+0x2b/0x80
[  480.724444][    C1]  do_group_exit+0xd3/0x2a0
[  480.728918][    C1]  get_signal+0x2671/0x26d0
[  480.733399][    C1]  ? __pfx_get_signal+0x10/0x10
[  480.738228][    C1]  ? do_futex+0x122/0x350
[  480.742533][    C1]  arch_do_signal_or_restart+0x8f/0x7e0
[  480.748055][    C1]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  480.754191][    C1]  ? fput+0x70/0xf0
[  480.757974][    C1]  ? __pfx___x64_sys_futex+0x10/0x10
[  480.763232][    C1]  exit_to_user_mode_loop+0x8c/0x540
[  480.768492][    C1]  do_syscall_64+0x4ee/0xf80
[  480.773054][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  480.778916][    C1] RIP: 0033:0x7fd70998f749
[  480.783301][    C1] RSP: 002b:00007fd70a8be0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  480.791682][    C1] RAX: fffffffffffffe00 RBX: 00007fd709be6188 RCX: 00007fd70998f749
[  480.799622][    C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fd709be6188
[  480.807563][    C1] RBP: 00007fd709be6180 R08: 0000000000000000 R09: 0000000000000000
[  480.815509][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  480.823453][    C1] R13: 00007fd709be6218 R14: 00007ffd627e5ff0 R15: 00007ffd627e60d8
[  480.831404][    C1]  </TASK>
[  480.834394][    C1] task:syz.3.3157      state:R  running task     stack:26176 pid:15544 tgid:15539 ppid:5817   task_flags:0x400040 flags:0x00080000
[  480.847827][    C1] Call Trace:
[  480.851076][    C1]  <TASK>
[  480.853985][    C1]  ? __schedule+0x10b9/0x6150
[  480.858632][    C1]  __schedule+0x1139/0x6150
[  480.863116][    C1]  ? __pfx___schedule+0x10/0x10
[  480.867941][    C1]  ? preempt_schedule_thunk+0x16/0x30
[  480.873283][    C1]  preempt_schedule_common+0x44/0xc0
[  480.878539][    C1]  preempt_schedule_thunk+0x16/0x30
[  480.883708][    C1]  _raw_spin_unlock+0x3e/0x50
[  480.888356][    C1]  filemap_map_pages+0x1194/0x1e00
[  480.893445][    C1]  ? __pfx_filemap_map_pages+0x10/0x10
[  480.898877][    C1]  ? __lock_acquire+0x436/0x2890
[  480.903792][    C1]  ? __pfx_filemap_map_pages+0x10/0x10
[  480.909219][    C1]  do_fault+0x9cd/0x1ad0
[  480.913432][    C1]  ? __pfx_filemap_map_pages+0x10/0x10
[  480.918861][    C1]  __handle_mm_fault+0x1919/0x2bb0
[  480.923950][    C1]  ? __pfx___handle_mm_fault+0x10/0x10
[  480.929381][    C1]  ? __pte_offset_map_lock+0x174/0x310
[  480.934807][    C1]  ? find_held_lock+0x2b/0x80
[  480.939460][    C1]  ? follow_page_pte+0x5cf/0x1390
[  480.944457][    C1]  handle_mm_fault+0x3fe/0xad0
[  480.949193][    C1]  __get_user_pages+0x54e/0x3590
[  480.954108][    C1]  ? __pfx___get_user_pages+0x10/0x10
[  480.959452][    C1]  populate_vma_page_range+0x267/0x3f0
[  480.964882][    C1]  ? __pfx_populate_vma_page_range+0x10/0x10
[  480.970830][    C1]  ? __pfx_find_vma_intersection+0x10/0x10
[  480.976607][    C1]  ? do_mmap+0x69c/0x1210
[  480.980905][    C1]  __mm_populate+0x1d8/0x380
[  480.985467][    C1]  ? __pfx___mm_populate+0x10/0x10
[  480.990550][    C1]  ? up_write+0x282/0x4e0
[  480.994852][    C1]  vm_mmap_pgoff+0x37f/0x470
[  480.999414][    C1]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  481.004495][    C1]  ? count_memcg_events_mm.constprop.0+0xfa/0x2a0
[  481.010877][    C1]  ? count_memcg_events+0x122/0x290
[  481.016045][    C1]  ? find_held_lock+0x2b/0x80
[  481.020695][    C1]  ksys_mmap_pgoff+0x7d/0x5c0
[  481.025343][    C1]  __x64_sys_mmap+0x125/0x190
[  481.029990][    C1]  do_syscall_64+0xcd/0xf80
[  481.034464][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  481.040323][    C1] RIP: 0033:0x7f7f5858f749
[  481.044706][    C1] RSP: 002b:00007f7f5939a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  481.053084][    C1] RAX: ffffffffffffffda RBX: 00007f7f587e6090 RCX: 00007f7f5858f749
[  481.061028][    C1] RDX: 0000000000000003 RSI: 0000000000b36000 RDI: 0000200000000000
[  481.068967][    C1] RBP: 00007f7f58613f91 R08: ffffffffffffffff R09: 00000000fffff000
[  481.076904][    C1] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000000
[  481.084842][    C1] R13: 00007f7f587e6128 R14: 00007f7f587e6090 R15: 00007ffd96277de8
[  481.092788][    C1]  </TASK>
[  481.095778][    C1] task:syz.3.3157      state:R  running task     stack:26856 pid:15540 tgid:15539 ppid:5817   task_flags:0x400140 flags:0x00080000
[  481.109209][    C1] Call Trace:
[  481.112457][    C1]  <TASK>
[  481.115361][    C1]  ? __schedule+0x10b9/0x6150
[  481.120006][    C1]  __schedule+0x1139/0x6150
[  481.124477][    C1]  ? delete_node+0x207/0x8d0
[  481.129041][    C1]  ? __pfx___schedule+0x10/0x10
[  481.133860][    C1]  ? mark_held_locks+0x49/0x80
[  481.138592][    C1]  preempt_schedule_irq+0x51/0x90
[  481.143596][    C1]  irqentry_exit+0x1d8/0x8c0
[  481.148158][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  481.154107][    C1] RIP: 0010:lock_acquire+0x62/0x330
[  481.159283][    C1] Code: b4 18 12 83 f8 07 0f 87 a2 02 00 00 89 c0 48 0f a3 05 72 b8 ee 0e 0f 82 74 02 00 00 8b 35 0a e9 ee 0e 85 f6 0f 85 8d 00 00 00 <48> 8b 44 24 30 65 48 2b 05 89 b4 18 12 0f 85 ad 02 00 00 48 83 c4
[  481.178854][    C1] RSP: 0018:ffffc9000eb776f8 EFLAGS: 00000206
[  481.184884][    C1] RAX: 0000000000000046 RBX: ffffffff8e3c9620 RCX: 00000000e941ec87
[  481.192823][    C1] RDX: 0000000000000000 RSI: ffffffff8daa7dd4 RDI: ffffffff8bf2b380
[  481.200759][    C1] RBP: 0000000000000002 R08: 00000000c3a67e29 R09: 000000009c3a67e2
[  481.208698][    C1] R10: 0000000000000002 R11: ffff888045758b30 R12: 0000000000000000
[  481.216636][    C1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  481.224594][    C1]  ? kernfs_root+0xee/0x2a0
[  481.229083][    C1]  kernfs_root+0x34/0x2a0
[  481.233398][    C1]  ? kernfs_root+0x23/0x2a0
[  481.237874][    C1]  kernfs_link_sibling+0x269/0x770
[  481.242972][    C1]  kernfs_add_one+0x20a/0x840
[  481.247633][    C1]  __kernfs_create_file+0x295/0x350
[  481.252806][    C1]  sysfs_add_file_mode_ns+0x207/0x3c0
[  481.258164][    C1]  internal_create_group+0x597/0xf70
[  481.263422][    C1]  ? __pfx_internal_create_group+0x10/0x10
[  481.269194][    C1]  ? __pfx_kobject_add+0x10/0x10
[  481.274120][    C1]  internal_create_groups+0x9d/0x150
[  481.279387][    C1]  ib_setup_port_attrs+0x41f/0x600
[  481.284477][    C1]  ? __pfx_ib_setup_port_attrs+0x10/0x10
[  481.290094][    C1]  ? __init_waitqueue_head+0xca/0x150
[  481.295447][    C1]  add_one_compat_dev+0x5b3/0x820
[  481.300451][    C1]  rdma_dev_init_net+0x30a/0x590
[  481.305357][    C1]  ? __pfx_rdma_dev_init_net+0x10/0x10
[  481.310784][    C1]  ? ops_init+0x77/0x5f0
[  481.314999][    C1]  ? __pfx_rdma_dev_init_net+0x10/0x10
[  481.320427][    C1]  ops_init+0x1e2/0x5f0
[  481.324552][    C1]  setup_net+0x11d/0x3a0
[  481.328775][    C1]  ? __pfx_setup_net+0x10/0x10
[  481.333515][    C1]  ? lockdep_init_map_type+0x5c/0x270
[  481.338866][    C1]  ? mutex_init_lockep+0x110/0x150
[  481.343949][    C1]  copy_net_ns+0x351/0x7c0
[  481.348338][    C1]  create_new_namespaces+0x3ea/0xab0
[  481.353609][    C1]  unshare_nsproxy_namespaces+0xc0/0x1f0
[  481.359219][    C1]  ksys_unshare+0x45b/0xa40
[  481.363694][    C1]  ? __pfx_ksys_unshare+0x10/0x10
[  481.368691][    C1]  ? xfd_validate_state+0x61/0x180
[  481.373776][    C1]  __x64_sys_unshare+0x31/0x40
[  481.378514][    C1]  do_syscall_64+0xcd/0xf80
[  481.382993][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  481.388865][    C1] RIP: 0033:0x7f7f5858f749
[  481.393252][    C1] RSP: 002b:00007f7f593bb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  481.401642][    C1] RAX: ffffffffffffffda RBX: 00007f7f587e5fa0 RCX: 00007f7f5858f749
[  481.409586][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000068040200
[  481.417526][    C1] RBP: 00007f7f58613f91 R08: 0000000000000000 R09: 0000000000000000
[  481.425466][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  481.433409][    C1] R13: 00007f7f587e6038 R14: 00007f7f587e5fa0 R15: 00007ffd96277de8
[  481.441357][    C1]  </TASK>
[  481.444369][    C1] rcu: rcu_preempt kthread starved for 10506 jiffies! g66085 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[  481.455560][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  481.465523][    C1] rcu: RCU grace-period kthread stack dump:
[  481.471397][    C1] task:rcu_preempt     state:R  running task     stack:28656 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00080000
[  481.484880][    C1] Call Trace:
[  481.488153][    C1]  <TASK>
[  481.491073][    C1]  ? __schedule+0x10b9/0x6150
[  481.495747][    C1]  __schedule+0x1139/0x6150
[  481.500247][    C1]  ? __lock_acquire+0x436/0x2890
[  481.505181][    C1]  ? __mod_timer+0x8f2/0xd30
[  481.509775][    C1]  ? __pfx___schedule+0x10/0x10
[  481.514617][    C1]  ? find_held_lock+0x2b/0x80
[  481.519291][    C1]  ? schedule+0x2d7/0x3a0
[  481.523618][    C1]  schedule+0xe7/0x3a0
[  481.527682][    C1]  schedule_timeout+0x123/0x290
[  481.532521][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[  481.537886][    C1]  ? __pfx_process_timeout+0x10/0x10
[  481.543163][    C1]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  481.548960][    C1]  ? prepare_to_swait_event+0xf5/0x480
[  481.554415][    C1]  rcu_gp_fqs_loop+0x1ea/0xaf0
[  481.559174][    C1]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  481.564454][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  481.569648][    C1]  ? __pfx_rcu_gp_init+0x10/0x10
[  481.574576][    C1]  ? rcu_gp_cleanup+0x7c1/0xe90
[  481.579422][    C1]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  481.585222][    C1]  rcu_gp_kthread+0x26d/0x380
[  481.589892][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  481.595082][    C1]  ? rcu_is_watching+0x12/0xc0
[  481.599844][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  481.605040][    C1]  ? __kthread_parkme+0x19e/0x250
[  481.610059][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  481.615254][    C1]  kthread+0x3c5/0x780
[  481.619319][    C1]  ? __pfx_kthread+0x10/0x10
[  481.623900][    C1]  ? rcu_is_watching+0x12/0xc0
[  481.628653][    C1]  ? __pfx_kthread+0x10/0x10
[  481.633239][    C1]  ret_from_fork+0x983/0xb10
[  481.637820][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  481.642925][    C1]  ? __switch_to+0x7af/0x10d0
[  481.647600][    C1]  ? __pfx_kthread+0x10/0x10
[  481.652181][    C1]  ret_from_fork_asm+0x1a/0x30
[  481.656948][    C1]  </TASK>
[  481.659957][    C1] rcu: Stack dump where RCU GP kthread last ran:
[  481.666264][    C1] Sending NMI from CPU 1 to CPUs 0:
[  481.671457][    C0] NMI backtrace for cpu 0
[  481.671470][    C0] CPU: 0 UID: 0 PID: 15535 Comm: syz.5.3155 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  481.671489][    C0] Tainted: [L]=SOFTLOCKUP
[  481.671493][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  481.671500][    C0] RIP: 0010:__lock_acquire+0x30/0x2890
[  481.671517][    C0] Code: 41 54 55 53 65 4c 8b 25 06 e6 18 12 48 83 ec 70 8b 1d 58 1a ef 0e 48 8b 84 24 a8 00 00 00 48 89 04 24 65 48 8b 05 d8 e5 18 12 <48> 89 44 24 68 31 c0 85 db 0f 84 54 04 00 00 48 8b 07 49 89 fd 48
[  481.671528][    C0] RSP: 0000:ffffc9000eba65c8 EFLAGS: 00000082
[  481.671539][    C0] RAX: 584dc595dbcf8a00 RBX: 0000000000000001 RCX: 0000000000000002
[  481.671547][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff8e3c9620
[  481.671555][    C0] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
[  481.671562][    C0] R10: 0000000000000002 R11: 0000000000010192 R12: ffff88802d58c980
[  481.671569][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  481.671577][    C0] FS:  0000555557426500(0000) GS:ffff8881248f5000(0000) knlGS:0000000000000000
[  481.671590][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  481.671599][    C0] CR2: 00007fd51eb15770 CR3: 00000000359b6000 CR4: 00000000003526f0
[  481.671607][    C0] Call Trace:
[  481.671611][    C0]  <TASK>
[  481.671619][    C0]  lock_acquire+0x179/0x330
[  481.671633][    C0]  ? unwind_next_frame+0xbd/0x20b0
[  481.671651][    C0]  ? unwind_next_frame+0x3f4/0x20b0
[  481.671667][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  481.671682][    C0]  unwind_next_frame+0xd1/0x20b0
[  481.671698][    C0]  ? unwind_next_frame+0xbd/0x20b0
[  481.671713][    C0]  ? try_charge_memcg+0x42a/0xd30
[  481.671731][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  481.671745][    C0]  arch_stack_walk+0x94/0x100
[  481.671763][    C0]  ? try_charge_memcg+0x42a/0xd30
[  481.671779][    C0]  stack_trace_save+0x8e/0xc0
[  481.671792][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  481.671810][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  481.671823][    C0]  ? is_bpf_text_address+0x94/0x1a0
[  481.671838][    C0]  kasan_save_stack+0x33/0x60
[  481.671852][    C0]  ? kasan_save_stack+0x33/0x60
[  481.671864][    C0]  ? kasan_save_track+0x14/0x30
[  481.671876][    C0]  ? __kasan_kmalloc+0xaa/0xb0
[  481.671889][    C0]  ? set_mm_walk+0x1f8/0x270
[  481.671902][    C0]  ? try_to_inc_max_seq+0xea/0xfa0
[  481.671918][    C0]  ? try_to_shrink_lruvec+0x735/0x9b0
[  481.671934][    C0]  ? shrink_lruvec+0x312/0x2b00
[  481.671950][    C0]  ? shrink_node+0x8a6/0x3bb0
[  481.671966][    C0]  ? do_try_to_free_pages+0x362/0x1920
[  481.671983][    C0]  ? try_to_free_mem_cgroup_pages+0x31b/0x740
[  481.671995][    C0]  ? try_charge_memcg+0x42a/0xd30
[  481.672020][    C0]  kasan_save_track+0x14/0x30
[  481.672033][    C0]  __kasan_kmalloc+0xaa/0xb0
[  481.672047][    C0]  set_mm_walk+0x1f8/0x270
[  481.672061][    C0]  try_to_inc_max_seq+0xea/0xfa0
[  481.672079][    C0]  ? sc_swappiness+0xd4/0x190
[  481.672094][    C0]  ? apply_proportional_protection+0x1b0/0x2c0
[  481.672111][    C0]  try_to_shrink_lruvec+0x735/0x9b0
[  481.672132][    C0]  ? __pfx_try_to_shrink_lruvec+0x10/0x10
[  481.672151][    C0]  shrink_lruvec+0x312/0x2b00
[  481.672170][    C0]  ? __lock_acquire+0x436/0x2890
[  481.672183][    C0]  ? xa_load+0x153/0x2c0
[  481.672200][    C0]  ? rcu_is_watching+0x12/0xc0
[  481.672213][    C0]  ? __pfx_shrink_lruvec+0x10/0x10
[  481.672230][    C0]  ? __pfx_zswap_shrinker_count+0x10/0x10
[  481.672248][    C0]  ? find_held_lock+0x2b/0x80
[  481.672265][    C0]  ? do_shrink_slab+0xa9f/0x1130
[  481.672282][    C0]  ? shrink_slab+0x54d/0x12b0
[  481.672299][    C0]  ? __pfx___might_resched+0x10/0x10
[  481.672311][    C0]  ? page_counter_calculate_protection+0x23/0x720
[  481.672329][    C0]  ? mem_cgroup_iter+0x38a/0x710
[  481.672350][    C0]  shrink_node+0x8a6/0x3bb0
[  481.672366][    C0]  ? __lock_acquire+0x436/0x2890
[  481.672383][    C0]  ? __pfx_shrink_node+0x10/0x10
[  481.672401][    C0]  ? queue_work_on+0x12a/0x1f0
[  481.672416][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[  481.672431][    C0]  ? queue_work_on+0x8b/0x1f0
[  481.672446][    C0]  ? vmpressure+0x2b9/0x340
[  481.672464][    C0]  ? do_try_to_free_pages+0x362/0x1920
[  481.672481][    C0]  do_try_to_free_pages+0x362/0x1920
[  481.672504][    C0]  ? __pfx_do_try_to_free_pages+0x10/0x10
[  481.672525][    C0]  try_to_free_mem_cgroup_pages+0x31b/0x740
[  481.672538][    C0]  ? __pfx_try_to_free_mem_cgroup_pages+0x10/0x10
[  481.672555][    C0]  ? psi_memstall_enter+0x225/0x310
[  481.672567][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[  481.672583][    C0]  try_charge_memcg+0x42a/0xd30
[  481.672600][    C0]  ? __pfx_try_charge_memcg+0x10/0x10
[  481.672617][    C0]  ? find_held_lock+0x2b/0x80
[  481.672635][    C0]  charge_memcg+0x8a/0x230
[  481.672651][    C0]  mem_cgroup_swapin_charge_folio+0xeb/0x470
[  481.672670][    C0]  __read_swap_cache_async+0x397/0x500
[  481.672684][    C0]  ? __pfx___read_swap_cache_async+0x10/0x10
[  481.672698][    C0]  ? __lock_acquire+0x436/0x2890
[  481.672713][    C0]  swap_cluster_readahead+0x432/0x770
[  481.672729][    C0]  ? __pfx_swap_cluster_readahead+0x10/0x10
[  481.672743][    C0]  ? __lock_acquire+0x436/0x2890
[  481.672760][    C0]  ? get_vma_policy+0x242/0x3c0
[  481.672777][    C0]  swapin_readahead+0x160/0x1220
[  481.672793][    C0]  ? __pfx_swapin_readahead+0x10/0x10
[  481.672806][    C0]  ? find_held_lock+0x2b/0x80
[  481.672822][    C0]  ? swap_cache_get_folio+0x267/0x8e0
[  481.672833][    C0]  ? swap_cache_get_folio+0x267/0x8e0
[  481.672845][    C0]  ? swap_cache_get_folio+0x267/0x8e0
[  481.672857][    C0]  ? swap_cache_get_folio+0x267/0x8e0
[  481.672868][    C0]  ? swap_cache_get_folio+0x293/0x8e0
[  481.672880][    C0]  ? __pfx_swap_cache_get_folio+0x10/0x10
[  481.672892][    C0]  ? __pfx_get_swap_device+0x10/0x10
[  481.672906][    C0]  ? rcu_read_unlock+0x2d/0xb0
[  481.672919][    C0]  ? do_swap_page+0x962/0x64a0
[  481.672936][    C0]  do_swap_page+0x962/0x64a0
[  481.672953][    C0]  ? __lock_acquire+0x436/0x2890
[  481.672969][    C0]  ? __pfx_do_swap_page+0x10/0x10
[  481.672987][    C0]  ? __pfx_default_wake_function+0x10/0x10
[  481.673008][    C0]  ? rcu_is_watching+0x12/0xc0
[  481.673019][    C0]  ? ___pte_offset_map+0x175/0x380
[  481.673036][    C0]  __handle_mm_fault+0x19cb/0x2bb0
[  481.673055][    C0]  ? reacquire_held_locks+0xcd/0x1f0
[  481.673070][    C0]  ? __pfx___handle_mm_fault+0x10/0x10
[  481.673089][    C0]  ? lock_vma_under_rcu+0x176/0x580
[  481.673109][    C0]  ? count_memcg_events_mm.constprop.0+0xfa/0x2a0
[  481.673125][    C0]  handle_mm_fault+0x3fe/0xad0
[  481.673144][    C0]  do_user_addr_fault+0x60c/0x1370
[  481.673160][    C0]  ? rcu_is_watching+0x12/0xc0
[  481.673172][    C0]  exc_page_fault+0x64/0xc0
[  481.673187][    C0]  asm_exc_page_fault+0x26/0x30
[  481.673199][    C0] RIP: 0033:0x7fd51dc6f0c0
[  481.673211][    C0] Code: 66 e6 fd ff 4c 8b 54 24 08 4c 8b 44 24 10 84 c0 0f 85 60 ff ff ff 80 7c 24 1f 00 75 0d 80 3d ce 2f 37 00 00 0f 85 70 01 00 00 <48> 83 7b 50 07 77 08 48 c7 43 50 08 00 00 00 8b 43 28 48 f7 d8 48
[  481.673222][    C0] RSP: 002b:00007ffee90871c0 EFLAGS: 00010202
[  481.673231][    C0] RAX: 0000000000000000 RBX: 00007fd51eb15720 RCX: ffffffff845ec907
[  481.673239][    C0] RDX: 0000000000000907 RSI: ffffffff845ec907 RDI: 0000000000000009
[  481.673246][    C0] RBP: ffffffff845ec907 R08: 00007fd51dfe6038 R09: 00007fd51dfd2000
[  481.673254][    C0] R10: 00007fd51d7ff008 R11: 0000000000000009 R12: 0000000000000009
[  481.673262][    C0] R13: 000000000000002a R14: ffffffff845ec900 R15: 000000000000002a
[  481.673270][    C0]  ? avc_has_perm+0x130/0x1f0
[  481.673288][    C0]  ? avc_has_perm+0x137/0x1f0
[  481.673307][    C0]  ? avc_has_perm+0x137/0x1f0
[  481.673324][    C0]  ? avc_has_perm+0x137/0x1f0
[  481.673347][    C0]  </TASK>
[  485.603478][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:fa:e9:a1:93:99:bd, vlan:0)
[  485.616103][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:fa:e9:a1:93:99:bd, vlan:0)
[  485.628614][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:fa:e9:a1:93:99:bd, vlan:0)
[  485.641109][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:fa:e9:a1:93:99:bd, vlan:0)
[  485.653636][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:fa:e9:a1:93:99:bd, vlan:0)
[  485.666122][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:fa:e9:a1:93:99:bd, vlan:0)
[  485.678583][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:fa:e9:a1:93:99:bd, vlan:0)
[  485.691040][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:fa:e9:a1:93:99:bd, vlan:0)
[  485.703534][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:fa:e9:a1:93:99:bd, vlan:0)
[  485.716012][    C1] bridge0: received packet on veth0_to_bridge with own address as source address (addr:fa:e9:a1:93:99:bd, vlan:0)