last executing test programs:

3m38.610099016s ago: executing program 3 (id=2058):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff})
socket$inet6(0xa, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
r2 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0xfffffffd, @empty}, 0x1c)
r3 = dup(r2)
r4 = open(&(0x7f00000000c0)='./file0\x00', 0x1298c2, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x70bd2d, 0x0, {{@in6=@loopback, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x3, 0xa, 0x30, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xc, 0x0, 0x0, 0x3, 0xffffffffffffffff}, {0x0, 0xa00, 0x407ffffffffffe, 0x800000000000002}, 0x1, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in6=@ipv4={'\x00', '\xff\xff', @multicast2}, 0x0, 0x3c}, 0x2, @in=@empty, 0x3504, 0x4, 0x3, 0x0, 0x0, 0xfffffffe, 0x20000}]}]}, 0xfc}}, 0x0)
sendfile(r3, r4, 0x0, 0x80001d00c0d1)
recvmmsg(r0, 0x0, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff0f0000}, 0x0)
io_uring_setup(0x1148, 0x0)

3m35.873380643s ago: executing program 3 (id=2066):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x1000)=nil, 0x1000, 0x3000000, 0x13, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x1}}, 0x80001}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="180100"/12], 0x0, 0x0, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0xde104000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f00000000c0)={'#! ', './file0', [], 0xa, "f697663f39991b3da3431f89"}, 0x17)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000000)=@gcm_256={{0x303}, "d2487b822050386f", "4946115b8e1acab11dda0ee7d5239a0ff818a4b776b238dccb81bfd9652cb934", "f728d519", "0cb42238c52f3b48"}, 0x38)
r5 = socket(0x2, 0x80805, 0x0)
getsockopt$bt_hci(r5, 0x84, 0x6d, 0x0, &(0x7f0000001040))
sendfile(r0, r4, &(0x7f0000000100)=0x10, 0xfffd)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000240)={0x3, &(0x7f0000000200)=[{0x15, 0x0, 0x0, 0xb7a}, {0x20, 0xe}, {0x6, 0x0, 0x8, 0x7ffffcb9}]})
r6 = add_key$keyring(&(0x7f0000000400), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffb)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r6, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000006c0)=@bpf_lsm={0x6, 0x5, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000000000000000090000006110040200009500f8ffffffffffffff003482f1227ef9fef639edcb238791c398adbbb961638749d1caa041469b185ad62178fb900f9ebde7500b64a13c3a24e43602db62285b2bb532fcf56e8a5fec0d6b29fbadc4ed1dd4749eec82707d7b84fbe1f700"/132], &(0x7f0000000040)='GPL\x00', 0x7fff}, 0x94)
socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$PNPIPE_IFINDEX(r4, 0x113, 0x2, &(0x7f0000000300), &(0x7f0000000340)=0x4)

3m34.293687519s ago: executing program 3 (id=2068):
r0 = syz_usb_connect(0x5, 0x46, &(0x7f0000000780)=ANY=[@ANYBLOB="12010000e75fcc08c0070515c5b8010203010902340001000080000904ba00038e4e"], 0x0)
syz_usb_control_io$printer(r0, &(0x7f00000003c0)={0x14, 0x0, &(0x7f00000002c0)={0x0, 0x3, 0x2, @string={0x2}}}, 0x0)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r1, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3}}, 0x80002}}, 0x2e)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000940), 0x1, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000300), 0x1, 0xab000)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r3, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r3, 0xc01064b5, &(0x7f0000000100)={&(0x7f00000000c0)=[0x0, 0x0], 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANE(r3, 0xc02064b6, 0x0)
ioctl$SNAPSHOT_S2RAM(r2, 0x330b)

3m33.077396397s ago: executing program 3 (id=2072):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d00000085"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x15, 0x5, 0x2, 0x0, 0x18088, 0x1, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x4}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020646c2500000000002020207b1af8ff00"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000a40)={r2, 0x27, 0xd, 0x0, &(0x7f0000000000)="f8ad1dcc02cb29dcc800320081", 0x0, 0x4000, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x50)
r3 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socket$qrtr(0x2a, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r7 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$6lowpan_control(r7, &(0x7f00000000c0)='connect aa:aa:aa:aa:aa:11 2', 0x1b)
connect$bt_rfcomm(r3, &(0x7f0000005dc0)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x15}, 0xa)

3m30.809571641s ago: executing program 3 (id=2078):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, 0x0, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, 0x0, 0x0)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x4e23, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000002c0)={{{@in=@multicast2, @in6=@mcast1, 0x4e20, 0x4, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0xfffffffffffffffe}, {0x0, 0x0, 0xfffffffffffffffc, 0xff}, 0x0, 0x0, 0x1}, {{@in=@dev={0xac, 0x14, 0x14, 0x3c}, 0x0, 0x32}, 0x0, @in=@private=0xa010100, 0x0, 0x2, 0x0, 0xb7, 0xfffffffe, 0xffffff7e}}, 0xe8)
sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x1c)
sendmsg$SMC_PNETID_ADD(0xffffffffffffffff, 0x0, 0x0)
timer_create(0xfffffffffffffffd, 0x0, &(0x7f00000000c0))
exit(0x2616)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f0000000040)={0x0, 0xff80, 0x90}, 0x8)
getsockopt$inet_sctp_SCTP_PR_STREAM_STATUS(0xffffffffffffffff, 0x84, 0x74, &(0x7f0000000040)=""/184, 0x0)
sendmsg$SMC_PNETID_DEL(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x40030000000000}, 0x4000)
r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)
bind$bt_hci(r5, &(0x7f0000000100)={0x1f, 0xffffffffffffffff, 0x1}, 0x6)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$inet_buf(r6, 0x0, 0x41, &(0x7f0000000180)=""/4096, &(0x7f0000001180)=0x28)

3m27.533472918s ago: executing program 3 (id=2087):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x30, 0x8b}, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000000)='source', 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x10, 0x0)
r3 = syz_io_uring_setup(0x111, &(0x7f0000000140)={0x0, 0x0, 0x800, 0x3, 0x1}, &(0x7f0000000340)=<r4=>0x0, &(0x7f0000000000)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000300)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f00000001c0)='./file0/../file0\x00', 0x26, 0x80})
io_uring_enter(r3, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)

3m11.811356731s ago: executing program 32 (id=2087):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x30, 0x8b}, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000000)='source', 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x10, 0x0)
r3 = syz_io_uring_setup(0x111, &(0x7f0000000140)={0x0, 0x0, 0x800, 0x3, 0x1}, &(0x7f0000000340)=<r4=>0x0, &(0x7f0000000000)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000300)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f00000001c0)='./file0/../file0\x00', 0x26, 0x80})
io_uring_enter(r3, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)

17.541366671s ago: executing program 0 (id=2493):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x0, 0x0)
syz_open_dev$MSR(0x0, 0x5, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0)
syz_clone(0x20080000, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
listen(r0, 0x3)
accept4$bt_l2cap(r0, 0x0, 0x0, 0x80800)
syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYBLOB="043e130100c900", @ANYBLOB=' '], 0x16)

16.457295151s ago: executing program 0 (id=2496):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket(0xa, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000010c0)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
getsockopt$bt_hci(r3, 0x84, 0x6d, 0x0, 0x0)
setsockopt$bt_BT_DEFER_SETUP(0xffffffffffffffff, 0x112, 0x7, &(0x7f0000000100), 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r4, &(0x7f0000000340)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0x7ee, @empty, 0x1}, {0xa, 0x4e21, 0x8, @dev={0xfe, 0x80, '\x00', 0x37}, 0x108}, 0xffffffffffffffff, 0xb}}, 0x48)
write$RDMA_USER_CM_CMD_DESTROY_ID(r4, &(0x7f0000000f80)={0x1, 0x10, 0xfa00, {&(0x7f00000001c0)}}, 0x18)
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, &(0x7f0000000640)={0x44, &(0x7f0000000380)={0x40, 0x16, 0x4, "e808a479"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

13.9446727s ago: executing program 4 (id=2501):
r0 = shmget(0x1, 0x4000, 0x200, &(0x7f0000ffb000/0x4000)=nil)
shmat(r0, &(0x7f0000ff9000/0x1000)=nil, 0x4000)
shmctl$IPC_RMID(r0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002200000018010000202070250000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180200009b1aecb60000000000000000850000007500000095"], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$COMEDI_DEVCONFIG(0xffffffffffffffff, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(0xffffffffffffffff, 0x40946400, 0x0)
socket$inet6(0xa, 0x80002, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}]}, @NFT_MSG_NEWRULE={0x84, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x5c, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_XFRM_KEY={0x8, 0x2, 0x1, 0x0, 0x6}, @NFTA_XFRM_DIR={0x5}, @NFTA_XFRM_DREG={0x8, 0x1, 0x1, 0x0, 0x9}]}}}, {0x2c, 0x1, 0x0, 0x1, @cmp={{0x8}, @val={0x20, 0x2, 0x0, 0x1, [@NFTA_CMP_DATA={0xc, 0x3, 0x0, 0x1, [@NFTA_DATA_VALUE={0x5, 0x1, "ac"}]}, @NFTA_CMP_SREG={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_CMP_OP={0x8, 0x2, 0x1, 0x0, 0x5}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xf8}, 0x1, 0x0, 0x0, 0x4}, 0x0)

12.95711051s ago: executing program 0 (id=2504):
syz_open_dev$cec(0x0, 0x0, 0x0)
socket(0x28, 0x1, 0x0)
timer_create(0x0, 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40046602, &(0x7f00000000c0)=0x2000)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000880)={0x2020}, 0x2020)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6)
r0 = syz_open_dev$sndmidi(&(0x7f0000000140), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = syz_io_uring_setup(0x88f, &(0x7f0000000180)={0x0, 0xc989, 0x0, 0xffffffdf, 0x173}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x40, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x8001}})
io_uring_enter(r1, 0x2b93, 0xf9d0, 0x22, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x28, &(0x7f0000000000)=0x1, 0x4)

12.110682746s ago: executing program 0 (id=2506):
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0x8)
set_mempolicy(0x2002, 0x0, 0x9)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x401c2, 0x0)
ftruncate(r2, 0x8800000)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(r3, &(0x7f0000006680)={0x0, 0x0, &(0x7f0000006640)={&(0x7f00000065c0)={0x18, 0x1, 0x2, 0x101, 0x0, 0x0, {0xa}, [@CTA_EXPECT_MASTER={0x4}]}, 0x18}}, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
bind$unix(0xffffffffffffffff, &(0x7f0000000180)=@abs={0x1, 0x0, 0x4e21}, 0x6e)
listen(0xffffffffffffffff, 0x0)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
getsockopt$bt_BT_RCVMTU(r4, 0x112, 0xd, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x700, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3)
clock_gettime(0x0, 0x0)
accept4(r0, 0x0, 0x0, 0x0)

9.811853833s ago: executing program 5 (id=2508):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], 0x0, 0x2, 0x0, 0x0, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000faff0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000008385000000710000"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3, 0x0, 0x5}, 0x18)
r4 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r4, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x0, @remote}, 0x10, 0x0}, 0x3000c041)
r5 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x258, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08060cdc030ec0007f03e3f70000000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120800030006010000bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0)

9.726739378s ago: executing program 1 (id=2509):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
fanotify_init(0xf00, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0)

8.524547527s ago: executing program 1 (id=2511):
mount(&(0x7f0000000100)=@md0, &(0x7f0000000040)='.\x00', 0x0, 0x5, 0x0)

8.521755443s ago: executing program 5 (id=2512):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$can_j1939(0x1d, 0x2, 0x7)
r4 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x180300, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r4, 0x4601, &(0x7f0000000040)={0x191, 0x258, 0x1e0, 0x3f, 0x32, 0x1, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x3})

7.614767906s ago: executing program 5 (id=2513):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], 0x0, 0x2, 0x0, 0x0, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000faff0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000008385000000"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3, 0x0, 0x5}, 0x18)
r4 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r4, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x0, @remote}, 0x10, 0x0}, 0x3000c041)
r5 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x258, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08060cdc030ec0007f03e3f70000000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120800030006010000bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0)

7.513019496s ago: executing program 2 (id=2514):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000000c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
lseek(r1, 0x6, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @empty, 0x400}, 0x1c)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
socket$inet6_udp(0xa, 0x2, 0x0)
r2 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_ENUM_FRAMESIZES(r2, 0xc02c564a, &(0x7f0000001b00)={0x0, 0x34325842, 0x1, @discrete={0x1, 0x100}})
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
ioctl$AUTOFS_IOC_FAIL(0xffffffffffffffff, 0x9361, 0xa90b)
bpf$PROG_LOAD(0x5, &(0x7f0000019240)={0x1b, 0xb, 0x0, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = syz_open_procfs(0x0, &(0x7f00000190c0)='net/ip_tables_targets\x00')
pread64(r4, &(0x7f0000000080)=""/102356, 0x18fd4, 0xc2a)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000006c0), 0x48200, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000100)=0x2)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000080)=0xe)
ioctl$TIOCVHANGUP(r5, 0x5437, 0x200000000000000)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000400), 0xffffffffffffffff)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)

7.395651898s ago: executing program 1 (id=2515):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$can_j1939(0x1d, 0x2, 0x7)
io_setup(0x8, 0x0)
r3 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x180300, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r3, 0x4601, &(0x7f0000000040)={0x191, 0x258, 0x1e0, 0x3f, 0x32, 0x1, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x3})

6.372514437s ago: executing program 1 (id=2516):
syz_open_dev$cec(0x0, 0x0, 0x0)
socket(0x28, 0x1, 0x0)
timer_create(0x0, 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40046602, &(0x7f00000000c0)=0x2000)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000880)={0x2020}, 0x2020)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6)
r0 = syz_open_dev$sndmidi(&(0x7f0000000140), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = syz_io_uring_setup(0x88f, &(0x7f0000000180)={0x0, 0xc989, 0x0, 0xffffffdf, 0x173}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x40, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x8001}})
io_uring_enter(r1, 0x2b93, 0xf9d0, 0x22, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x28, &(0x7f0000000000)=0x1, 0x4)

6.106743828s ago: executing program 0 (id=2517):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c000000ffbfffff01"], 0x48)
sendmsg$NFNL_MSG_COMPAT_GET(0xffffffffffffffff, 0x0, 0x4000000)
mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r5, 0x40946400, &(0x7f0000000180)={'pcl816\x00', [0x4f27, 0x6, 0x3, 0x4, 0x5, 0xcc9, 0xf, 0x4, 0xa, 0xfffffffc, 0x2, 0x3, 0xfffffffe, 0x1, 0x7, 0x101, 0x0, 0x1a449, 0x3, 0x40000003, 0x2, 0xcaa7, 0x0, 0x20001e58, 0x7, 0x63e, 0x3c, 0x8, 0xfffffffe, 0x0, 0xfffffff8]})
r6 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
connect$bt_rfcomm(r6, &(0x7f0000000040)={0x1f, @none, 0x2}, 0xa)
ioctl$KDFONTOP_SET(0xffffffffffffffff, 0x4b72, 0x0)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB='$\x00', @ANYRES16, @ANYBLOB="010c25bd7000ffdbdf251400000008001d00", @ANYRES32, @ANYBLOB="080003"], 0x24}, 0x1, 0x0, 0x0, 0x20040801}, 0x20000004)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000810018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

5.245638269s ago: executing program 2 (id=2518):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000000)={&(0x7f000000e940)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}]}, @NFT_MSG_NEWSETELEM={0x2c, 0xe, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xb0}, 0x1, 0x0, 0x0, 0x20008004}, 0x0)

5.126870165s ago: executing program 0 (id=2519):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff})
socket$inet6(0xa, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r2, 0x0, 0x0)
r3 = dup(r2)
r4 = open(&(0x7f00000000c0)='./file0\x00', 0x1298c2, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x70bd2d, 0x0, {{@in6=@loopback, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x3, 0xa, 0x30, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xc, 0x0, 0x0, 0x3, 0xffffffffffffffff}, {0x0, 0xa00, 0x407ffffffffffe, 0x800000000000002}, 0x1, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in6=@ipv4={'\x00', '\xff\xff', @multicast2}, 0x0, 0x3c}, 0x2, @in=@empty, 0x3504, 0x4, 0x3, 0x0, 0x0, 0xfffffffe, 0x20000}]}]}, 0xfc}}, 0x0)
ftruncate(r4, 0x200004)
sendfile(r3, r4, 0x0, 0x80001d00c0d1)
recvmmsg(r0, 0x0, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff0f0000}, 0x0)
io_uring_setup(0x1148, 0x0)

4.980010161s ago: executing program 4 (id=2520):
pipe2(&(0x7f0000000200)={0x0, <r0=>0x0}, 0x0)
syz_usb_connect(0x1, 0x2d, &(0x7f0000000340)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904010001faf40d00090582239f"], 0x0)
close(r0)
syz_open_dev$char_usb(0xc, 0xb4, 0x800000000000)
write$FUSE_INIT(r0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000005b80)={{r1}, 0x0, 0x0}, 0x1c)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8982, 0x0)
r2 = socket$igmp(0x2, 0x3, 0x2)
ioctl$EXT4_IOC_MIGRATE(0xffffffffffffffff, 0x6609)
setsockopt$MRT_INIT(r2, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_TABLE(r2, 0x0, 0xcf, &(0x7f0000000700)=0xffffffff, 0x4)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r3 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r3, 0x0, 0xca, &(0x7f00000000c0)={0x8, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev={0xac, 0x14, 0x14, 0x40}}, 0x10)
syz_emit_ethernet(0x42, &(0x7f0000000140)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x6, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x80, 0x2, 0x0, @empty, @multicast1=0xe0000300, {[@timestamp_addr={0x44, 0x4, 0x59, 0x1, 0x3}]}}, @dest_unreach={0x3, 0x7, 0x0, 0x0, 0x3, 0xc58, {0x5, 0x4, 0x0, 0x7, 0x0, 0x65, 0xe, 0x4e, 0x24, 0xc, @empty, @dev={0xac, 0x14, 0x14, 0x44}}}}}}}, 0x0)

4.944467073s ago: executing program 2 (id=2521):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
process_vm_writev(0x0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)

3.602089544s ago: executing program 5 (id=2522):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
fanotify_init(0xf00, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0)

3.574481764s ago: executing program 2 (id=2523):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x1, 0x7fff0000}]})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1700000000000000040000000300000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/15, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$vcsu(0xffffffffffffff9c, &(0x7f0000000100), 0x40, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r5, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4)
connect$inet6(r5, &(0x7f00000001c0)={0xa, 0x0, 0x0, @loopback}, 0x58)
r6 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r6, &(0x7f0000000180)=[{&(0x7f0000000900)="580000001400192340834b80040d8c560a066e0202ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000007000200060c10000000010000000000", 0x58}], 0x1)

3.534728607s ago: executing program 1 (id=2524):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000300), 0x20502, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
r3 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x180300, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r3, 0x4601, &(0x7f0000000040)={0x191, 0x258, 0x1e0, 0x3f, 0x32, 0x1, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x3})

2.587452488s ago: executing program 5 (id=2525):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r4 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$FS_IOC_GETFSLABEL(r5, 0x400452c9, &(0x7f0000000100))
fsmount(r4, 0x0, 0x5)

1.590256455s ago: executing program 5 (id=2526):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
io_setup(0x8, &(0x7f0000004200)=<r4=>0x0)
io_submit(r4, 0x4f, &(0x7f0000000380)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x0}])

1.495432129s ago: executing program 4 (id=2527):
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
r1 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r1, 0x0, 0x0)
r2 = socket$rxrpc(0x21, 0x2, 0x2)
setsockopt$RXRPC_MIN_SECURITY_LEVEL(r2, 0x110, 0x4, 0x0, 0x0)
socket(0x28, 0x5, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00"/12], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0x7fffffffff, 0x1}, 0x0, &(0x7f0000000280)={0x3ff, 0x0, 0x0, 0x3, 0x0, 0x36, 0x4, 0xfffffffffffffffc}, 0x0, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0)

1.473802947s ago: executing program 1 (id=2528):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000000c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
lseek(r1, 0x6, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @empty, 0x400}, 0x1c)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
socket$inet6_udp(0xa, 0x2, 0x0)
r2 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_ENUM_FRAMESIZES(r2, 0xc02c564a, &(0x7f0000001b00)={0x0, 0x34325842, 0x1, @discrete={0x1, 0x100}})
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
ioctl$AUTOFS_IOC_FAIL(0xffffffffffffffff, 0x9361, 0xa90b)
bpf$PROG_LOAD(0x5, &(0x7f0000019240)={0x1b, 0xb, 0x0, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = syz_open_procfs(0x0, &(0x7f00000190c0)='net/ip_tables_targets\x00')
pread64(r4, &(0x7f0000000080)=""/102356, 0x18fd4, 0xc2a)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000006c0), 0x48200, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000100)=0x2)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000080)=0xe)
ioctl$TIOCVHANGUP(r5, 0x5437, 0x200000000000000)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000400), 0xffffffffffffffff)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)

1.376983868s ago: executing program 4 (id=2529):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r3, &(0x7f00000002c0)={0x1f, 0x0, @any, 0x6}, 0xe)
connect$bt_l2cap(r3, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
sendmmsg$inet(r3, &(0x7f00000023c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000c80)=[{&(0x7f0000000b40)='$', 0x1}], 0x1}}], 0x2, 0x40080c0)

349.475783ms ago: executing program 2 (id=2530):
madvise(&(0x7f0000003000/0x1000)=nil, 0x7f7884acbfff, 0x14)
r0 = socket$inet6(0xa, 0xa, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='attr\x00')
fchdir(r1)
ioctl$UFFDIO_CONTINUE(r1, 0xc020aa07, &(0x7f0000000140)={{&(0x7f0000138000/0x2000)=nil, 0x2000}})
newfstatat(0xffffffffffffff9c, &(0x7f0000002140)='./file0\x00', 0x0, 0x2000)
setsockopt$inet6_buf(r0, 0x29, 0xcd, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x1)
syz_io_uring_setup(0x5bdc, &(0x7f0000000400)={0x0, 0x7079, 0x8000, 0x2, 0xc1, 0x0, r1}, &(0x7f00000007c0)=<r2=>0x0, &(0x7f00000001c0))
accept4(0xffffffffffffffff, 0x0, 0x0, 0x80800)
getgroups(0x1, &(0x7f0000000040)=[0xee00])
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x80, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
preadv(0xffffffffffffffff, &(0x7f00000015c0), 0x0, 0x0, 0x0)
ioctl$VT_ACTIVATE(0xffffffffffffffff, 0x5606, 0x7)
r3 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
r4 = syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0)
ioctl$VIDIOC_S_SELECTION(r4, 0xc040565f, &(0x7f0000000940)={0xa, 0x0, 0x1, {0x8002, 0x1000, 0x4, 0x6}})
ioctl$vim2m_VIDIOC_S_FMT(r3, 0xc0d05605, &(0x7f00000002c0)={0x2, @sdr={0x3147504d, 0x1}})

344.4153ms ago: executing program 4 (id=2531):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), r0)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000010c0)={'wpan0\x00', <r2=>0x0})
sendmsg$NL802154_CMD_SET_SEC_PARAMS(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000600)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB, @ANYRES32=r2, @ANYBLOB="1c002b800800010002"], 0x38}, 0x1, 0x0, 0x0, 0x4040041}, 0x810)

184.985574ms ago: executing program 4 (id=2532):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000400)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff9ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00010000850000000d000000b7000000000000009500000000000000496cf2827fb43a431ca711fcd0cdfa146ec5617503"], 0x0}, 0x94)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000180)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/66, 0x0, 0x100000})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/71})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000600))
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1, r1})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)

0s ago: executing program 2 (id=2533):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000002000)=""/102400, 0x19000)
process_vm_writev(0x0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0x7ffff000}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)

kernel console output (not intermixed with test programs):

yscall=202 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  687.728291][   T30] audit: type=1326 audit(1766852840.311:845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13051 comm="syz.2.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  687.758090][ T5141] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci0/hci0:201'
[  687.769189][ T5141] CPU: 0 UID: 0 PID: 5141 Comm: kworker/u9:1 Not tainted syzkaller #0 PREEMPT(full) 
[  687.769217][ T5141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  687.769230][ T5141] Workqueue: hci0 hci_rx_work
[  687.769255][ T5141] Call Trace:
[  687.769261][ T5141]  <TASK>
[  687.769268][ T5141]  dump_stack_lvl+0x16c/0x1f0
[  687.769294][ T5141]  sysfs_warn_dup+0x7f/0xa0
[  687.769315][ T5141]  sysfs_create_dir_ns+0x24b/0x2b0
[  687.769335][ T5141]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  687.769360][ T5141]  ? find_held_lock+0x2b/0x80
[  687.769390][ T5141]  ? do_raw_spin_unlock+0x172/0x230
[  687.769416][ T5141]  kobject_add_internal+0x2c4/0x9d0
[  687.769445][ T5141]  kobject_add+0x16e/0x240
[  687.769468][ T5141]  ? __pfx_kobject_add+0x10/0x10
[  687.769495][ T5141]  ? kobject_put+0xaf/0x6f0
[  687.769514][ T5141]  ? _raw_spin_unlock+0x28/0x50
[  687.769539][ T5141]  device_add+0x288/0x1980
[  687.769557][ T5141]  ? __pfx_dev_set_name+0x10/0x10
[  687.769576][ T5141]  ? __pfx_device_add+0x10/0x10
[  687.769594][ T5141]  ? mgmt_send_event_skb+0x2fb/0x460
[  687.769616][ T5141]  hci_conn_add_sysfs+0x1a8/0x260
[  687.769636][ T5141]  le_conn_complete_evt+0x11ed/0x1fa0
[  687.769665][ T5141]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  687.769700][ T5141]  hci_le_conn_complete_evt+0x23c/0x3a0
[  687.769735][ T5141]  hci_le_meta_evt+0x357/0x610
[  687.769760][ T5141]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  687.769790][ T5141]  hci_event_packet+0x685/0x1210
[  687.769814][ T5141]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  687.769843][ T5141]  ? __pfx_hci_event_packet+0x10/0x10
[  687.769871][ T5141]  ? kcov_remote_start+0x399/0x680
[  687.769895][ T5141]  ? lockdep_hardirqs_on+0x7c/0x110
[  687.769923][ T5141]  hci_rx_work+0x2c9/0x1020
[  687.769946][ T5141]  process_one_work+0x9ba/0x1b20
[  687.769978][ T5141]  ? __pfx_process_one_work+0x10/0x10
[  687.770008][ T5141]  ? assign_work+0x1a0/0x250
[  687.770031][ T5141]  worker_thread+0x6c8/0xf10
[  687.770065][ T5141]  ? __pfx_worker_thread+0x10/0x10
[  687.770087][ T5141]  kthread+0x3c5/0x780
[  687.770108][ T5141]  ? __pfx_kthread+0x10/0x10
[  687.770130][ T5141]  ? rcu_is_watching+0x12/0xc0
[  687.770146][ T5141]  ? __pfx_kthread+0x10/0x10
[  687.770167][ T5141]  ret_from_fork+0x983/0xb10
[  687.770187][ T5141]  ? __pfx_ret_from_fork+0x10/0x10
[  687.770208][ T5141]  ? __switch_to+0x7af/0x10d0
[  687.770230][ T5141]  ? __pfx_kthread+0x10/0x10
[  687.770251][ T5141]  ret_from_fork_asm+0x1a/0x30
[  687.770291][ T5141]  </TASK>
[  687.770314][ T5141] kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  688.020777][ T5141] Bluetooth: hci0: failed to register connection device
[  688.068497][T13059] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  688.112038][   T30] audit: type=1400 audit(1766852840.561:846): avc:  denied  { listen } for  pid=13044 comm="syz.0.1652" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  688.267174][T13063] fuse: Bad value for 'fd'
[  688.362908][   T30] audit: type=1400 audit(1766852840.561:847): avc:  denied  { accept } for  pid=13044 comm="syz.0.1652" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  688.414630][   T30] audit: type=1326 audit(1766852840.651:848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13051 comm="syz.2.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  688.416928][T13065] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  688.494867][   T30] audit: type=1326 audit(1766852840.651:849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13051 comm="syz.2.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  688.569183][   T30] audit: type=1326 audit(1766852840.921:850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13051 comm="syz.2.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  688.639927][   T30] audit: type=1326 audit(1766852840.921:851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13051 comm="syz.2.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  688.879378][   T30] audit: type=1326 audit(1766852840.921:852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13051 comm="syz.2.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  688.959829][   T30] audit: type=1326 audit(1766852840.921:853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13051 comm="syz.2.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  688.987022][   T30] audit: type=1326 audit(1766852840.921:854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13051 comm="syz.2.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  689.027327][   T30] audit: type=1326 audit(1766852840.921:855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13051 comm="syz.2.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  689.054784][   T30] audit: type=1326 audit(1766852840.921:856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13051 comm="syz.2.1654" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  689.072792][T13073] syzkaller0: entered promiscuous mode
[  689.083765][T13073] syzkaller0: entered allmulticast mode
[  689.172516][T13076] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  689.179191][T13076] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  689.202750][T13076] vhci_hcd vhci_hcd.0: Device attached
[  689.376596][   T49] vhci_hcd vhci_hcd.1: vhci_device speed not set
[  689.437244][   T49] usb 35-1: new full-speed USB device number 2 using vhci_hcd
[  691.527220][T13094] usb usb8: usbfs: process 13094 (syz.4.1665) did not claim interface 0 before use
[  691.660288][T13077] vhci_hcd: connection reset by peer
[  691.723576][ T6186] vhci_hcd vhci_hcd.1: stop threads
[  691.774422][ T6186] vhci_hcd vhci_hcd.1: release socket
[  691.781011][T13099] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  691.817293][ T6186] vhci_hcd vhci_hcd.1: disconnect device
[  693.860438][T13076] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1660'.
[  694.031905][   T30] kauditd_printk_skb: 3 callbacks suppressed
[  694.031921][   T30] audit: type=1326 audit(1766852846.911:860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13114 comm="syz.0.1671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa226f8f749 code=0x7ffc0000
[  694.083681][T13115] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  694.141290][   T30] audit: type=1326 audit(1766852846.911:861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13114 comm="syz.0.1671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa226f8f749 code=0x7ffc0000
[  694.578274][   T49] vhci_hcd vhci_hcd.1: vhci_device speed not set
[  695.238437][T13123] can: request_module (can-proto-3) failed.
[  695.244914][   T30] audit: type=1326 audit(1766852846.961:862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13114 comm="syz.0.1671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa226f8f749 code=0x7ffc0000
[  696.265953][   T30] audit: type=1326 audit(1766852846.981:863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13114 comm="syz.0.1671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa226f8f749 code=0x7ffc0000
[  696.289797][   T30] audit: type=1326 audit(1766852846.981:864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13114 comm="syz.0.1671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa226f8f749 code=0x7ffc0000
[  697.226513][   T30] audit: type=1326 audit(1766852847.021:865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13114 comm="syz.0.1671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa226f8f749 code=0x7ffc0000
[  697.249922][   T30] audit: type=1326 audit(1766852847.351:866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13114 comm="syz.0.1671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa226f8f749 code=0x7ffc0000
[  697.273517][   T30] audit: type=1326 audit(1766852847.351:867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13114 comm="syz.0.1671" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa226f8f749 code=0x7ffc0000
[  697.667266][T13143] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  697.828393][T13146] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  698.413075][T13151] block device autoloading is deprecated and will be removed.
[  700.205100][T13165] netdevsim netdevsim4 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  700.215082][T13165] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  700.250494][T13165] netdevsim netdevsim4 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  700.263048][T13165] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  700.366516][T13165] netdevsim netdevsim4 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  700.397981][T13165] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  700.452019][T13165] netdevsim netdevsim4 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  700.464128][T13165] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  700.586556][ T5925] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  700.679393][   T30] audit: type=1400 audit(1766852853.561:868): avc:  denied  { create } for  pid=13172 comm="syz.0.1685" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  700.747000][ T5925] usb 3-1: Using ep0 maxpacket: 32
[  700.793752][ T5925] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  700.837707][   T30] audit: type=1400 audit(1766852853.591:869): avc:  denied  { listen } for  pid=13172 comm="syz.0.1685" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  700.879563][ T5925] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  700.912035][ T6186] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  700.970882][ T6186] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  700.992903][ T5925] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  701.047706][   T30] audit: type=1400 audit(1766852853.591:870): avc:  denied  { accept } for  pid=13172 comm="syz.0.1685" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  701.087230][ T5925] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  701.205113][ T5925] usb 3-1: config 0 descriptor??
[  701.313688][ T5925] hub 3-1:0.0: USB hub found
[  701.624467][ T5925] hub 3-1:0.0: 1 port detected
[  701.638265][T13184] fuse: Unknown parameter 'use00000000000000000000'
[  701.676776][T12757] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  701.858236][T12757] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  701.892796][ T6185] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  701.907314][ T6185] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  702.012933][ T6185] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  702.040246][ T6185] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  702.306722][ T5925] hub 3-1:0.0: activate --> -90
[  702.928745][   T30] audit: type=1804 audit(1766852855.341:871): pid=13194 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.4.1690" name="/newroot/341/bus" dev="tmpfs" ino=1884 res=1 errno=0
[  703.188602][    T9] usb 3-1: USB disconnect, device number 31
[  704.389073][T13212] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  704.473349][T13214] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1694'.
[  704.493785][T13214] netlink: 256 bytes leftover after parsing attributes in process `syz.2.1694'.
[  704.556229][T13217] netlink: 'syz.1.1695': attribute type 30 has an invalid length.
[  704.617734][T13218] netlink: 'syz.1.1695': attribute type 30 has an invalid length.
[  704.992599][T13217] 9pnet_virtio: no channels available for device syz
[  705.402894][T13212] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  705.504836][   T30] audit: type=1326 audit(1766852858.381:872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13220 comm="syz.2.1696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  705.589663][T13212] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  705.621073][   T30] audit: type=1326 audit(1766852858.421:873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13220 comm="syz.2.1696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  705.656547][   T30] audit: type=1326 audit(1766852858.421:874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13220 comm="syz.2.1696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  705.680120][   T30] audit: type=1326 audit(1766852858.421:875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13220 comm="syz.2.1696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  705.704492][   T30] audit: type=1326 audit(1766852858.421:876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13220 comm="syz.2.1696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  706.007876][T13227] binder: 13226:13227 ioctl c0306201 2000000003c0 returned -14
[  706.064174][T13212] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  706.153834][   T30] audit: type=1326 audit(1766852858.421:877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13220 comm="syz.2.1696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  706.194138][   T30] audit: type=1326 audit(1766852858.421:878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13220 comm="syz.2.1696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  706.246648][   T30] audit: type=1326 audit(1766852858.421:879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13220 comm="syz.2.1696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  706.250821][ T5822] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[  706.257285][ T6186] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  706.274812][ T5822] CPU: 1 UID: 0 PID: 5822 Comm: kworker/u9:4 Not tainted syzkaller #0 PREEMPT(full) 
[  706.274835][ T5822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  706.274846][ T5822] Workqueue: hci1 hci_rx_work
[  706.274867][ T5822] Call Trace:
[  706.274872][ T5822]  <TASK>
[  706.274878][ T5822]  dump_stack_lvl+0x16c/0x1f0
[  706.274900][ T5822]  sysfs_warn_dup+0x7f/0xa0
[  706.274919][ T5822]  sysfs_create_dir_ns+0x24b/0x2b0
[  706.274936][ T5822]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  706.274952][ T5822]  ? find_held_lock+0x2b/0x80
[  706.274979][ T5822]  ? do_raw_spin_unlock+0x172/0x230
[  706.275001][ T5822]  kobject_add_internal+0x2c4/0x9d0
[  706.275027][ T5822]  kobject_add+0x16e/0x240
[  706.275048][ T5822]  ? __pfx_kobject_add+0x10/0x10
[  706.275071][ T5822]  ? kobject_put+0xaf/0x6f0
[  706.275088][ T5822]  ? _raw_spin_unlock+0x28/0x50
[  706.275111][ T5822]  device_add+0x288/0x1980
[  706.275128][ T5822]  ? __pfx_dev_set_name+0x10/0x10
[  706.275146][ T5822]  ? __pfx_device_add+0x10/0x10
[  706.275162][ T5822]  ? mgmt_send_event_skb+0x2fb/0x460
[  706.275185][ T5822]  hci_conn_add_sysfs+0x1a8/0x260
[  706.275204][ T5822]  le_conn_complete_evt+0x11ed/0x1fa0
[  706.275226][ T5822]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  706.275248][ T5822]  hci_le_conn_complete_evt+0x23c/0x3a0
[  706.275270][ T5822]  hci_le_meta_evt+0x357/0x610
[  706.275287][ T5822]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  706.275306][ T5822]  hci_event_packet+0x685/0x1210
[  706.275330][ T5822]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  706.275348][ T5822]  ? __pfx_hci_event_packet+0x10/0x10
[  706.275367][ T5822]  ? kcov_remote_start+0x399/0x680
[  706.275384][ T5822]  ? lockdep_hardirqs_on+0x7c/0x110
[  706.275408][ T5822]  hci_rx_work+0x2c9/0x1020
[  706.275430][ T5822]  process_one_work+0x9ba/0x1b20
[  706.275460][ T5822]  ? __pfx_process_one_work+0x10/0x10
[  706.275487][ T5822]  ? assign_work+0x1a0/0x250
[  706.275509][ T5822]  worker_thread+0x6c8/0xf10
[  706.275535][ T5822]  ? __kthread_parkme+0x19e/0x250
[  706.275551][ T5822]  ? __pfx_worker_thread+0x10/0x10
[  706.275569][ T5822]  kthread+0x3c5/0x780
[  706.275586][ T5822]  ? __pfx_kthread+0x10/0x10
[  706.275604][ T5822]  ? rcu_is_watching+0x12/0xc0
[  706.275619][ T5822]  ? __pfx_kthread+0x10/0x10
[  706.275636][ T5822]  ret_from_fork+0x983/0xb10
[  706.275654][ T5822]  ? __pfx_ret_from_fork+0x10/0x10
[  706.275670][ T5822]  ? rcu_is_watching+0x12/0xc0
[  706.275684][ T5822]  ? __switch_to+0x7af/0x10d0
[  706.275703][ T5822]  ? __pfx_kthread+0x10/0x10
[  706.275721][ T5822]  ret_from_fork_asm+0x1a/0x30
[  706.275754][ T5822]  </TASK>
[  706.275774][ T5822] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  706.557338][ T5822] Bluetooth: hci1: failed to register connection device
[  706.645338][   T30] audit: type=1326 audit(1766852858.421:880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13220 comm="syz.2.1696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  706.724504][ T6186] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  706.983145][ T6185] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  707.402195][ T6185] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  707.437617][   T30] audit: type=1326 audit(1766852858.421:881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13220 comm="syz.2.1696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  707.560227][   T30] audit: type=1326 audit(1766852858.421:882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13220 comm="syz.2.1696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  707.738213][   T30] audit: type=1326 audit(1766852858.421:883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13220 comm="syz.2.1696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  707.810221][   T30] audit: type=1326 audit(1766852858.431:884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13220 comm="syz.2.1696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  708.065262][T13248] process 'syz.2.1702' launched '/dev/fd/8' with NULL argv: empty string added
[  708.507728][T13250] comedi comedi0: Minor 47 could not be opened
[  708.966541][   T30] audit: type=1326 audit(1766852858.431:885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13220 comm="syz.2.1696" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  709.513495][T13258] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  709.859731][T13271] netlink: 'syz.0.1710': attribute type 30 has an invalid length.
[  709.958653][T13273] netlink: 'syz.0.1710': attribute type 30 has an invalid length.
[  710.065758][T13271] 9pnet_virtio: no channels available for device syz
[  710.157829][T13262] netdevsim netdevsim3 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  710.170493][T13262] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  710.530377][T13280] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  710.661608][T13262] netdevsim netdevsim3 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  710.701059][T13262] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  710.935180][T13262] netdevsim netdevsim3 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  710.995836][T13262] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  712.248573][T13262] netdevsim netdevsim3 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  712.295832][T13262] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  712.563382][T13290] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[  712.569923][T13290] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  712.656609][ T5141] Bluetooth: hci1: command 0x0406 tx timeout
[  712.777270][T13295] netlink: 96 bytes leftover after parsing attributes in process `syz.1.1708'.
[  712.863787][T13290] vhci_hcd vhci_hcd.0: Device attached
[  713.070594][   T24] vhci_hcd vhci_hcd.1: vhci_device speed not set
[  713.132891][ T6186] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  713.149499][ T6186] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  713.186595][   T24] usb 35-1: new full-speed USB device number 3 using vhci_hcd
[  713.213858][ T6186] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  713.247682][T13291] vhci_hcd: connection reset by peer
[  713.263405][ T6186] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  713.273044][T12757] vhci_hcd vhci_hcd.1: stop threads
[  713.278570][T12757] vhci_hcd vhci_hcd.1: release socket
[  713.300637][T12757] vhci_hcd vhci_hcd.1: disconnect device
[  713.324278][ T6186] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  713.445319][ T6186] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  713.453779][ T6186] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  713.470564][ T6186] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  715.032597][T13306] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1716'.
[  715.069061][T13306] netlink: 212 bytes leftover after parsing attributes in process `syz.2.1716'.
[  715.072290][   T30] kauditd_printk_skb: 23 callbacks suppressed
[  715.072304][   T30] audit: type=1326 audit(1766852867.951:909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13309 comm="syz.4.1719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff66738f749 code=0x7ffc0000
[  715.155893][   T30] audit: type=1326 audit(1766852867.991:910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13309 comm="syz.4.1719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff66738f749 code=0x7ffc0000
[  715.180694][T13306] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1716'.
[  715.263680][   T30] audit: type=1326 audit(1766852867.991:911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13309 comm="syz.4.1719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7ff66738f749 code=0x7ffc0000
[  715.305254][   T30] audit: type=1326 audit(1766852867.991:912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13309 comm="syz.4.1719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff66738f749 code=0x7ffc0000
[  715.429638][   T30] audit: type=1326 audit(1766852867.991:913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13309 comm="syz.4.1719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff66738f749 code=0x7ffc0000
[  715.460981][   T30] audit: type=1326 audit(1766852867.991:914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13309 comm="syz.4.1719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff66738f749 code=0x7ffc0000
[  715.849920][   T30] audit: type=1326 audit(1766852867.991:915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13309 comm="syz.4.1719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff66738f749 code=0x7ffc0000
[  716.155962][T13318] comedi comedi0: Minor 47 could not be opened
[  716.876495][   T30] audit: type=1326 audit(1766852867.991:916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13309 comm="syz.4.1719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff66738f749 code=0x7ffc0000
[  717.337742][   T30] audit: type=1326 audit(1766852867.991:917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13309 comm="syz.4.1719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff66738f749 code=0x7ffc0000
[  717.362717][   T30] audit: type=1326 audit(1766852867.991:918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13309 comm="syz.4.1719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff66738f749 code=0x7ffc0000
[  717.926785][T13333] fuse: Unknown parameter 'user_i00000000000000000000'
[  718.176928][ T5822] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  718.188431][ T5822] CPU: 0 UID: 0 PID: 5822 Comm: kworker/u9:4 Not tainted syzkaller #0 PREEMPT(full) 
[  718.188459][ T5822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  718.188472][ T5822] Workqueue: hci3 hci_rx_work
[  718.188496][ T5822] Call Trace:
[  718.188502][ T5822]  <TASK>
[  718.188510][ T5822]  dump_stack_lvl+0x16c/0x1f0
[  718.188535][ T5822]  sysfs_warn_dup+0x7f/0xa0
[  718.188558][ T5822]  sysfs_create_dir_ns+0x24b/0x2b0
[  718.188579][ T5822]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  718.188597][ T5822]  ? find_held_lock+0x2b/0x80
[  718.188629][ T5822]  ? do_raw_spin_unlock+0x172/0x230
[  718.188657][ T5822]  kobject_add_internal+0x2c4/0x9d0
[  718.188687][ T5822]  kobject_add+0x16e/0x240
[  718.188711][ T5822]  ? __pfx_kobject_add+0x10/0x10
[  718.188739][ T5822]  ? kobject_put+0xaf/0x6f0
[  718.188760][ T5822]  ? _raw_spin_unlock+0x28/0x50
[  718.188786][ T5822]  device_add+0x288/0x1980
[  718.188806][ T5822]  ? __pfx_dev_set_name+0x10/0x10
[  718.188828][ T5822]  ? __pfx_device_add+0x10/0x10
[  718.188847][ T5822]  ? mgmt_send_event_skb+0x2fb/0x460
[  718.188876][ T5822]  hci_conn_add_sysfs+0x1a8/0x260
[  718.188900][ T5822]  le_conn_complete_evt+0x11ed/0x1fa0
[  718.188926][ T5822]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  718.188953][ T5822]  hci_le_conn_complete_evt+0x23c/0x3a0
[  718.188977][ T5822]  hci_le_meta_evt+0x357/0x610
[  718.188998][ T5822]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  718.189021][ T5822]  hci_event_packet+0x685/0x1210
[  718.189041][ T5822]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  718.189063][ T5822]  ? __pfx_hci_event_packet+0x10/0x10
[  718.189084][ T5822]  ? kcov_remote_start+0x399/0x680
[  718.189103][ T5822]  ? lockdep_hardirqs_on+0x7c/0x110
[  718.189132][ T5822]  hci_rx_work+0x2c9/0x1020
[  718.189156][ T5822]  process_one_work+0x9ba/0x1b20
[  718.189188][ T5822]  ? __pfx_process_one_work+0x10/0x10
[  718.189217][ T5822]  ? assign_work+0x1a0/0x250
[  718.189246][ T5822]  worker_thread+0x6c8/0xf10
[  718.189275][ T5822]  ? __kthread_parkme+0x19e/0x250
[  718.189296][ T5822]  ? __pfx_worker_thread+0x10/0x10
[  718.189318][ T5822]  kthread+0x3c5/0x780
[  718.189339][ T5822]  ? __pfx_kthread+0x10/0x10
[  718.189361][ T5822]  ? rcu_is_watching+0x12/0xc0
[  718.189378][ T5822]  ? __pfx_kthread+0x10/0x10
[  718.189399][ T5822]  ret_from_fork+0x983/0xb10
[  718.189420][ T5822]  ? __pfx_ret_from_fork+0x10/0x10
[  718.189440][ T5822]  ? rcu_is_watching+0x12/0xc0
[  718.189456][ T5822]  ? __switch_to+0x7af/0x10d0
[  718.189478][ T5822]  ? __pfx_kthread+0x10/0x10
[  718.189500][ T5822]  ret_from_fork_asm+0x1a/0x30
[  718.189539][ T5822]  </TASK>
[  718.189594][ T5822] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  718.336530][   T24] vhci_hcd vhci_hcd.1: vhci_device speed not set
[  718.456327][ T5822] Bluetooth: hci3: failed to register connection device
[  718.899849][T13345] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  720.436525][ T1289] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  721.036562][ T1289] usb 5-1: Using ep0 maxpacket: 8
[  721.042980][ T1289] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  721.053937][ T1289] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  721.074557][ T1289] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  721.096330][ T1289] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  721.116899][ T1289] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  721.244919][ T1289] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  721.285021][ T1289] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  721.381474][T13369] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  721.388018][T13369] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  721.461982][T13369] vhci_hcd vhci_hcd.0: Device attached
[  721.522833][ T1289] usb 5-1: usb_control_msg returned -32
[  721.533180][T13369] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1730'.
[  721.573541][ T1289] usbtmc 5-1:16.0: can't read capabilities
[  721.626790][ T1289] usb 5-1: USB disconnect, device number 19
[  721.686620][ T5870] vhci_hcd vhci_hcd.2: vhci_device speed not set
[  721.722847][T13370] vhci_hcd: connection closed
[  721.724674][ T1302] vhci_hcd vhci_hcd.2: stop threads
[  721.752048][ T1302] vhci_hcd vhci_hcd.2: release socket
[  721.774365][ T1302] vhci_hcd vhci_hcd.2: disconnect device
[  721.796522][ T5870] usb 37-1: new full-speed USB device number 2 using vhci_hcd
[  721.848693][ T5870] usb 37-1: enqueue for inactive port 0
[  721.926658][ T5870] vhci_hcd vhci_hcd.2: vhci_device speed not set
[  727.284581][T13452] netlink: 'syz.1.1750': attribute type 30 has an invalid length.
[  727.396977][T13453] netlink: 'syz.1.1750': attribute type 30 has an invalid length.
[  727.511606][T13454] 9pnet_virtio: no channels available for device syz
[  727.955710][T13459] netlink: 'syz.0.1751': attribute type 30 has an invalid length.
[  728.869573][T13460] netlink: 'syz.0.1751': attribute type 30 has an invalid length.
[  728.922308][T13458] 9pnet_virtio: no channels available for device syz
[  729.752338][T13473] comedi comedi0: Minor 47 could not be opened
[  730.815552][ T5822] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  730.939417][T13482] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1759'.
[  731.032631][T13484] sp0: Synchronizing with TNC
[  731.044096][T13484] [U] è`
[  732.580392][T13503] netlink: 'syz.1.1764': attribute type 30 has an invalid length.
[  732.646875][T13505] netlink: 'syz.1.1764': attribute type 30 has an invalid length.
[  732.739797][T13506] 9pnet_virtio: no channels available for device syz
[  734.531530][T13527] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  735.096524][   T30] kauditd_printk_skb: 39 callbacks suppressed
[  735.096541][   T30] audit: type=1400 audit(1766852887.811:958): avc:  denied  { connect } for  pid=13507 comm="syz.3.1765" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  736.084653][T13539] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1772'.
[  736.645062][   T30] audit: type=1326 audit(1766852889.521:959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13544 comm="syz.0.1773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa226f8f749 code=0x7ffc0000
[  736.776505][   T30] audit: type=1326 audit(1766852889.621:960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13544 comm="syz.0.1773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fa226f8f749 code=0x7ffc0000
[  736.832281][   T30] audit: type=1326 audit(1766852889.621:961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13544 comm="syz.0.1773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa226f8f749 code=0x7ffc0000
[  737.341471][   T30] audit: type=1326 audit(1766852889.621:962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13544 comm="syz.0.1773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa226f8f749 code=0x7ffc0000
[  737.365306][   T30] audit: type=1326 audit(1766852889.621:963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13544 comm="syz.0.1773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa226f8f749 code=0x7ffc0000
[  737.389737][   T30] audit: type=1326 audit(1766852889.621:964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13544 comm="syz.0.1773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa226f8f749 code=0x7ffc0000
[  737.439005][   T30] audit: type=1326 audit(1766852889.621:965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13544 comm="syz.0.1773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa226f8f749 code=0x7ffc0000
[  737.860352][   T30] audit: type=1326 audit(1766852889.621:966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13544 comm="syz.0.1773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa226f8f749 code=0x7ffc0000
[  737.884057][   T30] audit: type=1326 audit(1766852889.621:967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13544 comm="syz.0.1773" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa226f8f749 code=0x7ffc0000
[  738.075724][T13561] comedi comedi0: Minor 47 could not be opened
[  740.641809][T13563] netlink: 'syz.4.1778': attribute type 4 has an invalid length.
[  743.130677][T13604] comedi comedi0: Minor 47 could not be opened
[  743.566492][ T5870] usb 2-1: new full-speed USB device number 29 using dummy_hcd
[  744.137744][ T5870] usb 2-1: config 255 has too many interfaces: 223, using maximum allowed: 32
[  744.237618][T13601] syzkaller0: entered promiscuous mode
[  744.253462][T13601] syzkaller0: entered allmulticast mode
[  744.266900][ T5870] usb 2-1: config 255 has 1 interface, different from the descriptor's value: 223
[  744.308242][ T5870] usb 2-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[  744.326543][ T5870] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  744.334547][ T5870] usb 2-1: Product: syz
[  744.503471][T13620] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1790'.
[  744.623600][ T5870] usb 2-1: Manufacturer: syz
[  744.636549][ T5870] usb 2-1: SerialNumber: syz
[  744.676288][ T5870] gspca_main: sq930x-2.14.0 probing 2770:930c
[  745.212273][T13628] comedi comedi0: Minor 47 could not be opened
[  745.686487][ T5870] gspca_sq930x: reg_w 0305 fd00 failed -110
[  746.094689][ T5870] sq930x 2-1:255.0: probe with driver sq930x failed with error -110
[  746.917090][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  746.923520][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  747.112839][   T30] kauditd_printk_skb: 24 callbacks suppressed
[  747.112855][   T30] audit: type=1400 audit(1766852899.991:992): avc:  denied  { create } for  pid=13639 comm="syz.3.1793" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[  747.165588][   T30] audit: type=1400 audit(1766852900.041:993): avc:  denied  { sys_admin } for  pid=13639 comm="syz.3.1793" capability=21  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[  747.192363][T13643] 9pnet_virtio: no channels available for device syz
[  747.229462][   T30] audit: type=1400 audit(1766852900.111:994): avc:  denied  { unmount } for  pid=13639 comm="syz.3.1793" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  747.722933][T13653] fuse: Unknown parameter 'user_id00000000000000000000'
[  747.961414][T13655] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1800'.
[  748.013867][T13656] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1800'.
[  748.243340][ T1289] usb 2-1: USB disconnect, device number 29
[  749.040913][T13665] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1801'.
[  749.705668][T13669] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  754.752079][T10982] Bluetooth: hci4: command 0x0419 tx timeout
[  757.538751][   T30] audit: type=1326 audit(1766852910.421:995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13739 comm="syz.3.1818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f167898f749 code=0x7ffc0000
[  757.799993][   T30] audit: type=1326 audit(1766852910.441:996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13739 comm="syz.3.1818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f167898f749 code=0x7ffc0000
[  757.979449][   T30] audit: type=1326 audit(1766852910.461:997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13739 comm="syz.3.1818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f167898f749 code=0x7ffc0000
[  758.086683][   T30] audit: type=1326 audit(1766852910.461:998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13739 comm="syz.3.1818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f167898f749 code=0x7ffc0000
[  758.162329][   T30] audit: type=1326 audit(1766852910.511:999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13739 comm="syz.3.1818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f167898f749 code=0x7ffc0000
[  758.236318][   T30] audit: type=1326 audit(1766852910.511:1000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13739 comm="syz.3.1818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f167898f749 code=0x7ffc0000
[  758.296683][   T30] audit: type=1326 audit(1766852910.511:1001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13739 comm="syz.3.1818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f167898f749 code=0x7ffc0000
[  758.320796][   T30] audit: type=1326 audit(1766852910.511:1002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13739 comm="syz.3.1818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f167898f749 code=0x7ffc0000
[  758.355225][   T30] audit: type=1326 audit(1766852910.511:1003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13739 comm="syz.3.1818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f167898f749 code=0x7ffc0000
[  758.379010][   T30] audit: type=1326 audit(1766852910.511:1004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13739 comm="syz.3.1818" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f167898f749 code=0x7ffc0000
[  758.514270][T13746] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  758.520895][T13746] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  758.594892][T13746] vhci_hcd vhci_hcd.0: Device attached
[  758.624119][T13746] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1819'.
[  758.761736][T13752] netlink: 'syz.4.1821': attribute type 30 has an invalid length.
[  758.807020][    T9] vhci_hcd vhci_hcd.0: vhci_device speed not set
[  758.846941][T13753] netlink: 'syz.4.1821': attribute type 30 has an invalid length.
[  758.951723][T13747] vhci_hcd: connection closed
[  758.951899][ T6185] vhci_hcd vhci_hcd.0: stop threads
[  759.073791][ T6185] vhci_hcd vhci_hcd.0: release socket
[  759.128992][ T6185] vhci_hcd vhci_hcd.0: disconnect device
[  760.378202][    T9] usb 33-1: new full-speed USB device number 2 using vhci_hcd
[  760.385721][    T9] usb 33-1: enqueue for inactive port 0
[  760.456603][    T9] vhci_hcd vhci_hcd.0: vhci_device speed not set
[  761.682135][ T5822] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[  761.696601][ T5822] CPU: 1 UID: 0 PID: 5822 Comm: kworker/u9:4 Not tainted syzkaller #0 PREEMPT(full) 
[  761.696629][ T5822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  761.696640][ T5822] Workqueue: hci4 hci_rx_work
[  761.696664][ T5822] Call Trace:
[  761.696670][ T5822]  <TASK>
[  761.696678][ T5822]  dump_stack_lvl+0x16c/0x1f0
[  761.696703][ T5822]  sysfs_warn_dup+0x7f/0xa0
[  761.696723][ T5822]  sysfs_create_dir_ns+0x24b/0x2b0
[  761.696742][ T5822]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  761.696760][ T5822]  ? find_held_lock+0x2b/0x80
[  761.696786][ T5822]  ? do_raw_spin_unlock+0x172/0x230
[  761.696807][ T5822]  kobject_add_internal+0x2c4/0x9d0
[  761.696836][ T5822]  kobject_add+0x16e/0x240
[  761.696859][ T5822]  ? __pfx_kobject_add+0x10/0x10
[  761.696885][ T5822]  ? kobject_put+0xaf/0x6f0
[  761.696904][ T5822]  ? _raw_spin_unlock+0x28/0x50
[  761.696927][ T5822]  device_add+0x288/0x1980
[  761.696946][ T5822]  ? __pfx_dev_set_name+0x10/0x10
[  761.696965][ T5822]  ? __pfx_device_add+0x10/0x10
[  761.696982][ T5822]  ? mgmt_send_event_skb+0x2fb/0x460
[  761.697005][ T5822]  hci_conn_add_sysfs+0x1a8/0x260
[  761.697027][ T5822]  le_conn_complete_evt+0x11ed/0x1fa0
[  761.697061][ T5822]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  761.697089][ T5822]  hci_le_conn_complete_evt+0x23c/0x3a0
[  761.697115][ T5822]  hci_le_meta_evt+0x357/0x610
[  761.697136][ T5822]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[  761.697156][ T5822]  hci_event_packet+0x685/0x1210
[  761.697174][ T5822]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  761.697195][ T5822]  ? __pfx_hci_event_packet+0x10/0x10
[  761.697217][ T5822]  ? kcov_remote_start+0x399/0x680
[  761.697236][ T5822]  ? lockdep_hardirqs_on+0x7c/0x110
[  761.697262][ T5822]  hci_rx_work+0x2c9/0x1020
[  761.697284][ T5822]  process_one_work+0x9ba/0x1b20
[  761.697313][ T5822]  ? __pfx_process_one_work+0x10/0x10
[  761.697343][ T5822]  ? assign_work+0x1a0/0x250
[  761.697367][ T5822]  worker_thread+0x6c8/0xf10
[  761.697397][ T5822]  ? __kthread_parkme+0x19e/0x250
[  761.697416][ T5822]  ? __pfx_worker_thread+0x10/0x10
[  761.697438][ T5822]  kthread+0x3c5/0x780
[  761.697459][ T5822]  ? __pfx_kthread+0x10/0x10
[  761.697482][ T5822]  ? rcu_is_watching+0x12/0xc0
[  761.697499][ T5822]  ? __pfx_kthread+0x10/0x10
[  761.697521][ T5822]  ret_from_fork+0x983/0xb10
[  761.697541][ T5822]  ? __pfx_ret_from_fork+0x10/0x10
[  761.697561][ T5822]  ? rcu_is_watching+0x12/0xc0
[  761.697578][ T5822]  ? __switch_to+0x7af/0x10d0
[  761.697600][ T5822]  ? __pfx_kthread+0x10/0x10
[  761.697622][ T5822]  ret_from_fork_asm+0x1a/0x30
[  761.697661][ T5822]  </TASK>
[  761.697684][ T5822] kobject: kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  761.959157][ T5822] Bluetooth: hci4: failed to register connection device
[  762.254789][T13798] netlink: 'syz.4.1833': attribute type 30 has an invalid length.
[  762.344846][T13799] netlink: 'syz.4.1833': attribute type 30 has an invalid length.
[  765.274552][T13820] ISOFS: Unable to identify CD-ROM format.
[  766.382335][T13828] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  767.914191][T13850] netlink: 'syz.4.1844': attribute type 30 has an invalid length.
[  768.077290][T13852] netlink: 'syz.4.1844': attribute type 30 has an invalid length.
[  768.432021][T13840] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  768.926358][T13840] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  769.257093][T13840] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  770.034679][T13866] ISOFS: Unable to identify CD-ROM format.
[  770.303985][T13840] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  770.441380][T13871] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1850'.
[  770.471317][T13871] netlink: 212 bytes leftover after parsing attributes in process `syz.2.1850'.
[  770.485999][T13871] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1850'.
[  770.507841][ T1125] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  770.575148][T13874] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[  770.581695][T13874] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  770.589660][T13874] vhci_hcd vhci_hcd.0: Device attached
[  770.617031][   T30] kauditd_printk_skb: 37 callbacks suppressed
[  770.617046][   T30] audit: type=1400 audit(1766852923.491:1042): avc:  denied  { map } for  pid=13872 comm="syz.4.1851" path="socket:[48513]" dev="sockfs" ino=48513 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[  770.736625][ T5989] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  770.775014][ T5989] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  770.897059][T11906] usb 42-1: SetAddress Request (2) to port 0
[  770.907383][T11906] usb 42-1: new SuperSpeed USB device number 2 using vhci_hcd
[  771.409810][T13878] ISOFS: Unable to identify CD-ROM format.
[  771.490716][T13875] vhci_hcd: connection reset by peer
[  771.518678][ T5989] vhci_hcd vhci_hcd.4: stop threads
[  771.523975][ T5989] vhci_hcd vhci_hcd.4: release socket
[  771.601947][ T5989] vhci_hcd vhci_hcd.4: disconnect device
[  771.627458][T13882] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  771.810003][   T13] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  772.133933][T13888] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  772.140476][T13888] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  772.148611][T13888] vhci_hcd vhci_hcd.0: Device attached
[  772.516645][   T24] usb 38-1: SetAddress Request (2) to port 0
[  772.522931][   T24] usb 38-1: new SuperSpeed USB device number 2 using vhci_hcd
[  773.056690][T13889] vhci_hcd: connection reset by peer
[  773.156605][ T6187] vhci_hcd vhci_hcd.2: stop threads
[  773.197203][ T6187] vhci_hcd vhci_hcd.2: release socket
[  773.260680][ T6187] vhci_hcd vhci_hcd.2: disconnect device
[  773.814178][T13906] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  773.820716][T13906] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  773.829949][T13906] vhci_hcd vhci_hcd.0: Device attached
[  774.674616][T13907] vhci_hcd: connection closed
[  774.679272][ T6187] vhci_hcd vhci_hcd.2: stop threads
[  774.828535][ T6187] vhci_hcd vhci_hcd.2: release socket
[  774.851174][ T6187] vhci_hcd vhci_hcd.2: disconnect device
[  775.130256][T13905] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  775.417970][T13905] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  775.527085][T13905] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  775.880806][T13905] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  776.004272][T13923] ISOFS: Unable to identify CD-ROM format.
[  776.216714][T11906] usb 42-1: device descriptor read/8, error -110
[  776.334111][ T6185] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  776.371908][ T6185] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  776.398792][ T6185] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  776.549261][ T6187] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  777.038379][T11906] usb usb42-port1: attempt power cycle
[  778.115933][   T24] usb 38-1: device descriptor read/8, error -110
[  779.801386][T11906] usb usb42-port1: unable to enumerate USB device
[  779.816540][   T24] usb usb38-port1: attempt power cycle
[  780.005917][T13953] binder: 13950:13953 ioctl c0306201 2000000003c0 returned -14
[  781.317385][   T24] usb usb38-port1: unable to enumerate USB device
[  782.638491][T13969] ISOFS: Unable to identify CD-ROM format.
[  783.132666][T11906] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  783.296463][T11906] usb 3-1: Using ep0 maxpacket: 8
[  783.336307][T11906] usb 3-1: config 0 has an invalid interface number: 186 but max is 0
[  783.356665][T11906] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  783.379349][T11906] usb 3-1: config 0 has no interface number 0
[  783.385444][T11906] usb 3-1: config 0 interface 186 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  783.447184][T11906] usb 3-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5
[  783.468822][T11906] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  783.667126][T11906] usb 3-1: Product: syz
[  783.671330][T11906] usb 3-1: Manufacturer: syz
[  783.675921][T11906] usb 3-1: SerialNumber: syz
[  783.682063][T13960] overlayfs: failed to clone upperpath
[  783.706442][T13981] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  784.111491][T11906] usb 3-1: config 0 descriptor??
[  784.646583][T11906] iowarrior 3-1:0.186: no interrupt-in endpoint found
[  785.259464][T13999] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1881'.
[  785.280522][T13999] 9pnet_virtio: no channels available for device syz
[  785.453980][T14000] random: crng reseeded on system resumption
[  786.112999][   T30] audit: type=1400 audit(1766852938.991:1043): avc:  denied  { create } for  pid=14002 comm="syz.1.1883" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  786.198300][T14008] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  787.997028][ T5870] usb 3-1: USB disconnect, device number 32
[  788.256492][T10982] Bluetooth: hci4: command 0x0419 tx timeout
[  789.144678][T14057] fuse: Bad value for 'fd'
[  789.573625][   T30] audit: type=1326 audit(1766852942.451:1044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14061 comm="syz.2.1897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  789.629365][   T30] audit: type=1326 audit(1766852942.451:1045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14061 comm="syz.2.1897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  789.661817][   T30] audit: type=1326 audit(1766852942.451:1046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14061 comm="syz.2.1897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  789.685776][   T30] audit: type=1326 audit(1766852942.451:1047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14061 comm="syz.2.1897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  789.710127][   T30] audit: type=1326 audit(1766852942.451:1048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14061 comm="syz.2.1897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  789.883501][   T30] audit: type=1326 audit(1766852942.451:1049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14061 comm="syz.2.1897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  789.913815][   T30] audit: type=1326 audit(1766852942.451:1050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14061 comm="syz.2.1897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  790.118540][   T30] audit: type=1326 audit(1766852942.451:1051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14061 comm="syz.2.1897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  790.150708][T14070] ISOFS: Unable to identify CD-ROM format.
[  790.434497][   T30] audit: type=1326 audit(1766852942.451:1052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14061 comm="syz.2.1897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  792.147874][T14086] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  792.306857][T14086] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  792.421787][T14086] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  792.494854][T14105] netdevsim netdevsim3 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  792.504822][T14105] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  792.537439][T14086] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  792.595938][T14105] netdevsim netdevsim3 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  792.626094][T14105] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  792.679404][T14105] netdevsim netdevsim3 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  792.701296][T14105] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  792.750887][ T3904] netdevsim netdevsim1 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  792.783306][ T3904] netdevsim netdevsim1 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  792.804892][T14105] netdevsim netdevsim3 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  792.821834][T14105] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  792.877375][   T13] netdevsim netdevsim1 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  792.926605][   T13] netdevsim netdevsim1 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  792.985523][T14024] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  793.005744][T14024] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  793.041088][T14024] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  793.072873][T14024] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  793.096815][T14113] usb usb8: usbfs: process 14113 (syz.1.1909) did not claim interface 0 before use
[  793.156709][T14024] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  793.165267][T14024] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  793.176613][T14024] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  793.310890][T14024] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  794.010455][T14125] ISOFS: Unable to identify CD-ROM format.
[  796.923634][T14137] comedi comedi0: Minor 47 could not be opened
[  796.938603][T14149] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  802.457639][T14181] usb usb8: usbfs: process 14181 (syz.4.1924) did not claim interface 0 before use
[  802.594102][T14182] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  802.600616][T14182] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  802.661109][T14182] vhci_hcd vhci_hcd.0: Device attached
[  802.674248][T14184] vhci_hcd: connection closed
[  802.716709][ T5989] vhci_hcd vhci_hcd.2: stop threads
[  802.738787][ T5989] vhci_hcd vhci_hcd.2: release socket
[  802.967002][ T5989] vhci_hcd vhci_hcd.2: disconnect device
[  803.272021][   T30] kauditd_printk_skb: 13 callbacks suppressed
[  803.272037][   T30] audit: type=1326 audit(1766852956.151:1066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14195 comm="syz.3.1928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f167898f749 code=0x7ffc0000
[  803.369256][   T30] audit: type=1326 audit(1766852956.151:1067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14195 comm="syz.3.1928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f167898f749 code=0x7ffc0000
[  803.473801][   T30] audit: type=1326 audit(1766852956.151:1068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14195 comm="syz.3.1928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f167898f749 code=0x7ffc0000
[  803.569114][   T30] audit: type=1326 audit(1766852956.151:1069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14195 comm="syz.3.1928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f167898f749 code=0x7ffc0000
[  803.696458][   T30] audit: type=1326 audit(1766852956.151:1070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14195 comm="syz.3.1928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f167898f749 code=0x7ffc0000
[  803.837136][   T30] audit: type=1326 audit(1766852956.151:1071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14195 comm="syz.3.1928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f167898f749 code=0x7ffc0000
[  804.405947][   T30] audit: type=1326 audit(1766852956.151:1072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14195 comm="syz.3.1928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f167898f749 code=0x7ffc0000
[  804.435033][T14213] usb usb8: usbfs: process 14213 (syz.4.1934) did not claim interface 0 before use
[  804.447071][   T30] audit: type=1326 audit(1766852956.151:1073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14195 comm="syz.3.1928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f167898f749 code=0x7ffc0000
[  804.475530][   T30] audit: type=1326 audit(1766852956.151:1074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14195 comm="syz.3.1928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f167898f749 code=0x7ffc0000
[  804.559790][   T30] audit: type=1326 audit(1766852956.151:1075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14195 comm="syz.3.1928" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7f167898f749 code=0x7ffc0000
[  805.039751][T14226] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  808.338332][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  809.047791][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  809.716915][T14261] usb usb8: usbfs: process 14261 (syz.4.1944) did not claim interface 0 before use
[  809.772595][T14262] usb usb8: usbfs: process 14262 (syz.2.1945) did not claim interface 0 before use
[  811.197056][T14281] fuse: Unknown parameter 'group_i00000000000000000000'
[  814.525423][T14323] sp0: Synchronizing with TNC
[  814.532398][T14323] [U] è`
[  815.136438][ T5141] Bluetooth: hci4: command 0x0419 tx timeout
[  815.745456][T14334] fuse: Unknown parameter 'group_i00000000000000000000'
[  816.872187][   T30] kauditd_printk_skb: 20 callbacks suppressed
[  816.872203][   T30] audit: type=1326 audit(1766852969.751:1096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14354 comm="syz.4.1967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff66738f749 code=0x7ffc0000
[  816.919652][   T30] audit: type=1326 audit(1766852969.751:1097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14354 comm="syz.4.1967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7ff66738f749 code=0x7ffc0000
[  816.960013][   T30] audit: type=1326 audit(1766852969.751:1098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14354 comm="syz.4.1967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff66738f749 code=0x7ffc0000
[  817.008699][   T30] audit: type=1326 audit(1766852969.751:1099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14354 comm="syz.4.1967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff66738f749 code=0x7ffc0000
[  817.166506][   T30] audit: type=1326 audit(1766852969.751:1100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14354 comm="syz.4.1967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff66738f749 code=0x7ffc0000
[  817.190196][   T30] audit: type=1326 audit(1766852969.751:1101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14354 comm="syz.4.1967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff66738f749 code=0x7ffc0000
[  817.256005][   T30] audit: type=1326 audit(1766852969.751:1102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14354 comm="syz.4.1967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff66738f749 code=0x7ffc0000
[  817.296827][   T30] audit: type=1326 audit(1766852969.751:1103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14354 comm="syz.4.1967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff66738f749 code=0x7ffc0000
[  817.598812][   T30] audit: type=1326 audit(1766852970.481:1104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14354 comm="syz.4.1967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff66738f749 code=0x7ffc0000
[  817.644563][   T30] audit: type=1326 audit(1766852970.481:1105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14354 comm="syz.4.1967" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff66738f749 code=0x7ffc0000
[  817.801701][T14373] netdevsim netdevsim3 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  817.816007][T14373] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  817.915144][T14373] netdevsim netdevsim3 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  817.932940][T14373] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  818.664048][T14381] sp0: Synchronizing with TNC
[  818.669808][T14381] [U] è`
[  818.747447][T14373] netdevsim netdevsim3 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  818.758772][T14373] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  818.794463][T14391] fuse: Unknown parameter 'group_id00000000000000000000'
[  818.966339][T14373] netdevsim netdevsim3 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  818.982106][T14373] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  819.740510][ T3904] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  819.753300][ T3904] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  819.780933][ T3904] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  819.790586][ T3904] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  819.933042][ T3904] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  819.945859][ T3904] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  819.972287][  T990] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  819.987018][  T990] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  820.298343][    T9] usb 2-1: new full-speed USB device number 30 using dummy_hcd
[  820.457953][    T9] usb 2-1: config 255 has too many interfaces: 223, using maximum allowed: 32
[  820.490496][    T9] usb 2-1: config 255 has 0 interfaces, different from the descriptor's value: 223
[  820.507554][T14408] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1978'.
[  820.538989][    T9] usb 2-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[  820.633067][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  820.686570][    T9] usb 2-1: Product: syz
[  820.693703][    T9] usb 2-1: Manufacturer: syz
[  820.703835][    T9] usb 2-1: SerialNumber: syz
[  822.426998][T14442] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  822.524062][T14443] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  823.010648][T14446] fuse: Unknown parameter 'group_id00000000000000000000'
[  823.104395][   T24] usb 2-1: USB disconnect, device number 30
[  824.732596][T14464] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1991'.
[  826.300354][T14485] fuse: Unknown parameter 'group_id00000000000000000000'
[  826.835895][T14488] overlayfs: invalid origin (00000079000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000)
[  826.923420][   T30] kauditd_printk_skb: 22 callbacks suppressed
[  826.923432][   T30] audit: type=1400 audit(1766852979.801:1128): avc:  denied  { mount } for  pid=14475 comm="syz.1.1994" name="/" dev="overlay" ino=2046 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  827.293027][   T30] audit: type=1400 audit(1766852980.171:1129): avc:  denied  { unmount } for  pid=5823 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  827.314516][T14498] fuse: Unknown parameter 'fd0x0000000000000008'
[  827.734022][T14509] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  827.740536][T14509] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  827.805120][T14509] vhci_hcd vhci_hcd.0: Device attached
[  828.096801][   T24] usb 36-1: SetAddress Request (2) to port 0
[  828.103263][   T24] usb 36-1: new SuperSpeed USB device number 2 using vhci_hcd
[  828.624149][T14510] vhci_hcd: connection reset by peer
[  828.675757][ T5989] vhci_hcd vhci_hcd.1: stop threads
[  828.708132][ T5989] vhci_hcd vhci_hcd.1: release socket
[  828.743826][ T5989] vhci_hcd vhci_hcd.1: disconnect device
[  829.058702][T14517] fuse: Bad value for 'user_id'
[  829.082109][T14517] fuse: Bad value for 'user_id'
[  829.337527][T14521] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2006'.
[  831.643612][T14546] comedi comedi0: Minor 47 could not be opened
[  832.823146][   T30] audit: type=1804 audit(1766852985.701:1130): pid=14552 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.2.2015" name="/newroot/399/bus" dev="tmpfs" ino=2166 res=1 errno=0
[  833.040005][T14561] fuse: Unknown parameter 'fd0x0000000000000008'
[  833.366596][   T24] usb 36-1: device descriptor read/8, error -110
[  833.390554][   T30] audit: type=1326 audit(1766852986.271:1131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14562 comm="syz.3.2019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f167898f749 code=0x7ffc0000
[  833.416611][T14565] comedi comedi0: Minor 47 could not be opened
[  833.450754][   T30] audit: type=1326 audit(1766852986.291:1132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14562 comm="syz.3.2019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f167898f749 code=0x7ffc0000
[  833.526428][   T30] audit: type=1326 audit(1766852986.301:1133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14562 comm="syz.3.2019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f167898f749 code=0x7ffc0000
[  833.607858][   T30] audit: type=1326 audit(1766852986.301:1134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14562 comm="syz.3.2019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f167898f749 code=0x7ffc0000
[  833.621005][T14567] fuse: Bad value for 'user_id'
[  833.691364][   T30] audit: type=1326 audit(1766852986.301:1135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14562 comm="syz.3.2019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f167898f749 code=0x7ffc0000
[  833.694425][T14567] fuse: Bad value for 'user_id'
[  833.786776][   T30] audit: type=1326 audit(1766852986.301:1136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14562 comm="syz.3.2019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f167898f749 code=0x7ffc0000
[  833.811634][   T24] usb usb36-port1: attempt power cycle
[  833.865311][   T30] audit: type=1326 audit(1766852986.301:1137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14562 comm="syz.3.2019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f167898f749 code=0x7ffc0000
[  833.943923][   T30] audit: type=1326 audit(1766852986.301:1138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14562 comm="syz.3.2019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f167898f749 code=0x7ffc0000
[  834.076557][   T30] audit: type=1326 audit(1766852986.301:1139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14562 comm="syz.3.2019" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7f167898f749 code=0x7ffc0000
[  834.386914][   T24] usb usb36-port1: unable to enumerate USB device
[  837.654978][T14620] usb usb8: usbfs: process 14620 (syz.1.2035) did not claim interface 0 before use
[  839.679287][T14633] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  844.288677][T14670] usb usb8: usbfs: process 14670 (syz.0.2047) did not claim interface 0 before use
[  844.508249][T14674] fuse: Bad value for 'fd'
[  846.007024][ T5870] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  846.608177][ T5870] usb 2-1: Using ep0 maxpacket: 8
[  846.777049][ T5870] usb 2-1: config 0 has an invalid interface number: 186 but max is 0
[  846.826329][ T5870] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  846.847223][ T5870] usb 2-1: config 0 has no interface number 0
[  846.853668][ T5870] usb 2-1: config 0 interface 186 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  846.878458][ T5870] usb 2-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5
[  846.889015][ T5870] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  846.902716][ T5870] usb 2-1: Product: syz
[  846.940273][T14704] fuse: Unknown parameter 'grou00000000000000000000'
[  846.958665][ T5870] usb 2-1: Manufacturer: syz
[  847.004535][ T5870] usb 2-1: SerialNumber: syz
[  847.809141][ T5870] usb 2-1: config 0 descriptor??
[  847.823217][ T5870] iowarrior 2-1:0.186: no interrupt-in endpoint found
[  848.796944][T14720] random: crng reseeded on system resumption
[  849.128254][T14709] netlink: 'syz.2.2057': attribute type 4 has an invalid length.
[  849.787312][T14732] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2062'.
[  849.851482][T14733] binder: 14727:14733 unknown command 1077961494
[  849.857948][T14733] binder: 14727:14733 ioctl c0306201 200000000100 returned -22
[  849.861300][T14732] bridge1: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  849.956645][T14732] bridge1: entered allmulticast mode
[  850.771152][ T5141] Bluetooth: hci4: command 0x0419 tx timeout
[  851.037330][   T24] usb 2-1: USB disconnect, device number 31
[  851.246362][T14746] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  851.252900][T14746] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  851.260904][T14746] vhci_hcd vhci_hcd.0: Device attached
[  851.567422][   T24] usb 36-1: SetAddress Request (6) to port 0
[  851.611643][   T24] usb 36-1: new SuperSpeed USB device number 6 using vhci_hcd
[  852.017806][T14747] vhci_hcd: connection reset by peer
[  852.050553][ T6185] vhci_hcd vhci_hcd.1: stop threads
[  852.191722][ T6185] vhci_hcd vhci_hcd.1: release socket
[  852.202427][   T30] kauditd_printk_skb: 17 callbacks suppressed
[  852.202445][   T30] audit: type=1326 audit(1766853005.081:1157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14750 comm="syz.0.2067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa226f8f749 code=0x7ffc0000
[  852.444606][ T6185] vhci_hcd vhci_hcd.1: disconnect device
[  852.710423][   T30] audit: type=1326 audit(1766853005.291:1158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14750 comm="syz.0.2067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa226f8f749 code=0x7ffc0000
[  852.740919][   T30] audit: type=1326 audit(1766853005.291:1159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14750 comm="syz.0.2067" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa226f8f749 code=0x0
[  852.766125][   T30] audit: type=1326 audit(1766853005.321:1160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14750 comm="syz.0.2067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa226f8f749 code=0x7ffc0000
[  852.789821][   T30] audit: type=1326 audit(1766853005.321:1161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14750 comm="syz.0.2067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa226f8f749 code=0x7ffc0000
[  852.957340][   T30] audit: type=1326 audit(1766853005.321:1162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14750 comm="syz.0.2067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa226f8f749 code=0x7ffc0000
[  852.981553][   T30] audit: type=1326 audit(1766853005.341:1163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14750 comm="syz.0.2067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa226f8f749 code=0x7ffc0000
[  853.008104][T14759] comedi comedi0: Minor 47 could not be opened
[  853.066671][   T30] audit: type=1326 audit(1766853005.351:1164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14750 comm="syz.0.2067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa226f8f749 code=0x7ffc0000
[  853.130834][   T30] audit: type=1326 audit(1766853005.351:1165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14750 comm="syz.0.2067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa226f8f749 code=0x7ffc0000
[  853.186074][   T30] audit: type=1326 audit(1766853005.671:1166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14750 comm="syz.0.2067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa226f8f749 code=0x7ffc0000
[  856.826658][   T24] usb 36-1: device descriptor read/8, error -110
[  856.857090][T14805] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  857.283618][   T24] usb usb36-port1: attempt power cycle
[  858.337345][   T24] usb usb36-port1: unable to enumerate USB device
[  859.587166][T14836] fuse: Unknown parameter 'group_id00000000000000000000'
[  860.404041][T14826] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  860.532971][T14845] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  860.844624][   T30] kauditd_printk_skb: 22 callbacks suppressed
[  860.844637][   T30] audit: type=1400 audit(1766853013.721:1189): avc:  denied  { create } for  pid=14842 comm="syz.2.2089" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  861.368360][T14851] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8)
[  861.374903][T14851] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  861.382951][T14851] vhci_hcd vhci_hcd.0: Device attached
[  861.680088][ T5953] usb 34-1: SetAddress Request (2) to port 0
[  861.707107][ T5953] usb 34-1: new SuperSpeed USB device number 2 using vhci_hcd
[  862.221362][T14852] vhci_hcd: connection reset by peer
[  862.299416][  T990] vhci_hcd vhci_hcd.0: stop threads
[  862.342265][  T990] vhci_hcd vhci_hcd.0: release socket
[  862.406793][  T990] vhci_hcd vhci_hcd.0: disconnect device
[  862.936943][T14861] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  862.943483][T14861] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  862.951546][T14861] vhci_hcd vhci_hcd.0: Device attached
[  864.269696][T14862] vhci_hcd: connection closed
[  864.282906][ T4234] vhci_hcd vhci_hcd.0: stop threads
[  864.306015][ T4234] vhci_hcd vhci_hcd.0: release socket
[  864.314961][ T4234] vhci_hcd vhci_hcd.0: disconnect device
[  866.853272][ T5953] usb 34-1: device descriptor read/8, error -110
[  867.014223][T14886] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  867.404729][ T5953] usb usb34-port1: attempt power cycle
[  868.599724][ T5953] usb usb34-port1: unable to enumerate USB device
[  869.627281][T14915] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  869.779425][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  869.810224][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  870.903715][T14919] vivid-002: kernel_thread() failed
[  870.945873][T14919] vivid-002: kernel_thread() failed
[  872.849919][T14944] fuse: Invalid rootmode
[  875.028736][T14959] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  876.101578][T10982] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  876.111077][T10982] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  876.118995][T10982] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  876.127622][T10982] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  876.135349][T10982] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  878.257469][T10982] Bluetooth: hci5: command tx timeout
[  879.801028][   T30] audit: type=1400 audit(1766853032.681:1190): avc:  denied  { module_request } for  pid=14974 comm="syz-executor" kmod="rtnl-link-nicvf" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  879.900986][T14999] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  879.992352][T14844] syz_tun (unregistering): left allmulticast mode
[  880.048457][T14974] chnl_net:caif_netlink_parms(): no params data found
[  880.343141][T10982] Bluetooth: hci5: command tx timeout
[  881.763902][T15020] fuse: Invalid rootmode
[  882.416434][T10982] Bluetooth: hci5: command tx timeout
[  882.438305][ T4234] netdevsim netdevsim3 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  882.473418][ T4234] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  882.584571][ T4234] netdevsim netdevsim3 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  882.674660][ T4234] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  882.728464][T14974] bridge0: port 1(bridge_slave_0) entered blocking state
[  882.750779][T14974] bridge0: port 1(bridge_slave_0) entered disabled state
[  882.758202][T14974] bridge_slave_0: entered allmulticast mode
[  882.765499][T14974] bridge_slave_0: entered promiscuous mode
[  882.773675][T14974] bridge0: port 2(bridge_slave_1) entered blocking state
[  882.797303][T14974] bridge0: port 2(bridge_slave_1) entered disabled state
[  882.806817][T14974] bridge_slave_1: entered allmulticast mode
[  882.816951][T14974] bridge_slave_1: entered promiscuous mode
[  882.949321][ T4234] netdevsim netdevsim3 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  883.951112][ T4234] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  884.586503][T10982] Bluetooth: hci5: command tx timeout
[  884.635579][T14974] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  884.647542][T14974] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  884.855088][ T4234] netdevsim netdevsim3 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  885.121705][T15048] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8)
[  885.128249][T15048] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  885.136553][T15048] vhci_hcd vhci_hcd.0: Device attached
[  885.390374][ T4234] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  885.437130][   T49] usb 34-1: SetAddress Request (6) to port 0
[  885.468798][   T49] usb 34-1: new SuperSpeed USB device number 6 using vhci_hcd
[  885.713617][T15050] vhci_hcd: connection reset by peer
[  885.782352][ T3904] vhci_hcd vhci_hcd.0: stop threads
[  885.798269][ T3904] vhci_hcd vhci_hcd.0: release socket
[  886.238369][ T3904] vhci_hcd vhci_hcd.0: disconnect device
[  886.291394][T14974] team0: Port device team_slave_0 added
[  886.331452][T14974] team0: Port device team_slave_1 added
[  886.427144][T15065] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  886.702427][T14974] batman_adv: batadv0: Adding interface: batadv_slave_0
[  886.710265][T14974] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  886.839845][T14974] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  886.990096][T15059] tipc: Started in network mode
[  886.996135][T15059] tipc: Node identity 424e0ec60713, cluster identity 4711
[  887.016243][T15059] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  887.023281][T15067] syzkaller0: entered promiscuous mode
[  887.037046][T15067] syzkaller0: entered allmulticast mode
[  887.179346][T14974] batman_adv: batadv0: Adding interface: batadv_slave_1
[  887.186763][T14974] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  887.847258][T14974] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  887.874373][T15058] tipc: Resetting bearer <eth:syzkaller0>
[  887.900859][T15058] tipc: Disabling bearer <eth:syzkaller0>
[  887.926588][ T4234] bridge_slave_1: left allmulticast mode
[  887.937732][ T4234] bridge_slave_1: left promiscuous mode
[  887.950741][ T4234] bridge0: port 2(bridge_slave_1) entered disabled state
[  887.990674][ T4234] bridge_slave_0: left allmulticast mode
[  888.006447][ T4234] bridge_slave_0: left promiscuous mode
[  888.046626][ T4234] bridge0: port 1(bridge_slave_0) entered disabled state
[  889.428969][T15084] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  889.901647][ T4234] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  889.927562][ T4234] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  889.952330][ T4234] bond0 (unregistering): Released all slaves
[  889.978986][T15092] netlink: 'syz.4.2146': attribute type 4 has an invalid length.
[  890.072985][T14974] hsr_slave_0: entered promiscuous mode
[  890.082093][T15102] usb usb8: usbfs: process 15102 (syz.2.2148) did not claim interface 0 before use
[  890.103973][T14974] hsr_slave_1: entered promiscuous mode
[  890.224958][T14974] debugfs: 'hsr0' already exists in 'hsr'
[  890.238474][T14974] Cannot create hsr debugfs directory
[  890.245054][ T4234] tipc: Left network mode
[  890.753182][   T49] usb 34-1: device descriptor read/8, error -110
[  890.779978][ T4234] IPVS: stopping backup sync thread 10358 ...
[  891.201949][   T49] usb usb34-port1: attempt power cycle
[  891.213928][T15117] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  891.534890][T15127] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  891.889051][   T49] usb usb34-port1: unable to enumerate USB device
[  892.385785][ T4234] hsr_slave_0: left promiscuous mode
[  892.399011][ T4234] hsr_slave_1: left promiscuous mode
[  892.539487][T15145] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  892.682818][T15129] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  892.700444][ T4234] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  892.714405][ T4234] batman_adv: batadv0: Removing interface: batadv_slave_0
[  892.731086][ T4234] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  892.766477][ T4234] batman_adv: batadv0: Removing interface: batadv_slave_1
[  892.783041][ T4234] veth1_macvtap: left promiscuous mode
[  892.789276][ T4234] veth0_macvtap: left promiscuous mode
[  892.794961][ T4234] veth1_vlan: left promiscuous mode
[  892.800984][ T4234] veth0_vlan: left promiscuous mode
[  895.021735][T15166] 9pnet_virtio: no channels available for device syz
[  895.231410][T15158] overlayfs: failed to resolve './file0': -2
[  895.648258][ T4234] team0 (unregistering): Port device team_slave_1 removed
[  895.790646][ T4234] team0 (unregistering): Port device team_slave_0 removed
[  896.061088][T15193] 9pnet_virtio: no channels available for device syz
[  897.340928][T15173] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  897.349063][T15177] syzkaller0: entered promiscuous mode
[  897.354514][T15177] syzkaller0: entered allmulticast mode
[  897.408623][T14974] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  897.490834][T15192] tipc: Resetting bearer <eth:syzkaller0>
[  897.587871][T15192] tipc: Disabling bearer <eth:syzkaller0>
[  897.619129][T14974] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  897.652339][T14974] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  897.749548][T14974] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  899.066729][ T5953] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  899.316624][ T5953] usb 1-1: Using ep0 maxpacket: 32
[  899.334049][ T5953] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  899.375215][ T5953] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  899.415719][T14974] 8021q: adding VLAN 0 to HW filter on device bond0
[  899.449487][ T5953] usb 1-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  899.451841][T14974] 8021q: adding VLAN 0 to HW filter on device team0
[  899.458749][T11906] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  899.498164][ T5953] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  899.531680][ T5953] usb 1-1: config 0 descriptor??
[  899.532213][ T6185] bridge0: port 1(bridge_slave_0) entered blocking state
[  899.543722][ T6185] bridge0: port 1(bridge_slave_0) entered forwarding state
[  899.608273][ T6185] bridge0: port 2(bridge_slave_1) entered blocking state
[  899.615471][ T6185] bridge0: port 2(bridge_slave_1) entered forwarding state
[  899.668509][T11906] usb 5-1: Using ep0 maxpacket: 32
[  899.906833][T11906] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  899.925203][T11906] usb 5-1: config 0 has no interfaces?
[  899.930772][T11906] usb 5-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  899.956508][T11906] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  899.986975][T11906] usb 5-1: config 0 descriptor??
[  900.395323][T14974] 8021q: adding VLAN 0 to HW filter on device batadv0
[  900.682945][T14974] veth0_vlan: entered promiscuous mode
[  900.709640][T14974] veth1_vlan: entered promiscuous mode
[  900.778365][T14974] veth0_macvtap: entered promiscuous mode
[  900.799418][T14974] veth1_macvtap: entered promiscuous mode
[  900.843825][T14974] batman_adv: batadv0: Interface activated: batadv_slave_0
[  900.884350][T14974] batman_adv: batadv0: Interface activated: batadv_slave_1
[  900.926160][ T6187] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  900.958497][ T6187] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  900.989479][ T6187] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  901.028766][ T6187] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  901.353110][T15090] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  901.361303][ T5989] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  901.371425][T15090] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  901.384063][ T5989] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  901.427438][   T30] audit: type=1400 audit(1766853054.311:1191): avc:  denied  { mounton } for  pid=14974 comm="syz-executor" path="/root/syzkaller.QqT4Ib/syz-tmp" dev="sda1" ino=2047 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[  901.463586][T15270] usb 1-1: USB disconnect, device number 32
[  901.527232][   T30] audit: type=1400 audit(1766853054.341:1192): avc:  denied  { mounton } for  pid=14974 comm="syz-executor" path="/root/syzkaller.QqT4Ib/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  901.633425][   T30] audit: type=1400 audit(1766853054.351:1193): avc:  denied  { mounton } for  pid=14974 comm="syz-executor" path="/root/syzkaller.QqT4Ib/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=55195 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  901.754706][   T30] audit: type=1400 audit(1766853054.381:1194): avc:  denied  { mounton } for  pid=14974 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=2784 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  902.258656][T15289] comedi comedi0: Minor 47 could not be opened
[  903.276617][T11906] usb 5-1: USB disconnect, device number 20
[  903.327096][T15285] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2174'.
[  904.231957][T15299] vivid-000: kernel_thread() failed
[  904.278399][T15299] vivid-000: kernel_thread() failed
[  904.839729][T15292] binder: 15277:15292 unknown command 1077961494
[  904.843538][T15285] bridge4: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  904.846108][T15292] binder: 15277:15292 ioctl c0306201 200000000100 returned -22
[  905.959163][T15285] bridge4: entered allmulticast mode
[  907.276163][T15330] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  910.708972][T15362] vivid-008: kernel_thread() failed
[  910.754912][T15362] vivid-008: kernel_thread() failed
[  913.277622][T15385] usb usb8: usbfs: process 15385 (syz.0.2194) did not claim interface 0 before use
[  914.134513][   T30] audit: type=1400 audit(1766853066.991:1195): avc:  denied  { ioctl } for  pid=15383 comm="syz.1.2193" path="socket:[55324]" dev="sockfs" ino=55324 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  914.236299][T15400] comedi comedi0: Minor 47 could not be opened
[  917.859522][ T5141] Bluetooth: hci5: command 0x0405 tx timeout
[  917.952447][T15420] comedi comedi0: Minor 47 could not be opened
[  925.486293][T15485] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  925.495893][T15484] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2214'.
[  925.520519][T15484] 9pnet_virtio: no channels available for device syz
[  926.820101][   T30] audit: type=1326 audit(1766853079.701:1196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15513 comm="syz.4.2220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff66738f749 code=0x7ffc0000
[  926.827371][T15515] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  926.882993][   T30] audit: type=1326 audit(1766853079.701:1197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15513 comm="syz.4.2220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff66738f749 code=0x7ffc0000
[  926.916457][   T30] audit: type=1326 audit(1766853079.711:1198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15513 comm="syz.4.2220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff66738f749 code=0x7ffc0000
[  927.014300][   T30] audit: type=1326 audit(1766853079.841:1199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15513 comm="syz.4.2220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff66738f749 code=0x7ffc0000
[  927.015429][T15520] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  927.343353][   T30] audit: type=1326 audit(1766853079.841:1200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15513 comm="syz.4.2220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff66738f749 code=0x7ffc0000
[  927.445117][   T30] audit: type=1326 audit(1766853080.191:1201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15513 comm="syz.4.2220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff66738f749 code=0x7ffc0000
[  927.485940][   T30] audit: type=1326 audit(1766853080.191:1202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15513 comm="syz.4.2220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff66738f749 code=0x7ffc0000
[  927.520799][   T30] audit: type=1326 audit(1766853080.221:1203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15513 comm="syz.4.2220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff66738f749 code=0x7ffc0000
[  928.255146][T15541] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  928.276501][   T30] audit: type=1326 audit(1766853081.131:1204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15513 comm="syz.4.2220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff66738f749 code=0x7ffc0000
[  928.574337][   T30] audit: type=1326 audit(1766853081.131:1205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15513 comm="syz.4.2220" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff66738f749 code=0x7ffc0000
[  929.285622][T15552] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  929.877537][ T5141] Bluetooth: hci5: link tx timeout
[  929.883752][ T5141] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[  930.294345][T15570] usb usb8: usbfs: process 15570 (syz.5.2228) did not claim interface 0 before use
[  931.228139][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  931.234564][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  931.938580][ T5141] Bluetooth: hci5: command 0x0405 tx timeout
[  932.090565][T15603] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  935.153294][T15652] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  935.608431][T15664] ISOFS: Unable to identify CD-ROM format.
[  936.081823][T15668] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  936.434227][T15681] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  940.125059][T15703] comedi comedi0: Minor 47 could not be opened
[  942.954719][T15728] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  943.721483][   T30] audit: type=1400 audit(1766853096.601:1206): avc:  denied  { write } for  pid=15737 comm="syz.4.2266" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  943.741567][T15738] ieee802154 phy0 wpan0: encryption failed: -22
[  943.792387][   T30] audit: type=1400 audit(1766853096.651:1207): avc:  denied  { read } for  pid=15737 comm="syz.4.2266" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  945.928462][T15751] vivid-008: kernel_thread() failed
[  945.971062][T15751] vivid-008: kernel_thread() failed
[  946.656863][T15758] comedi comedi0: Minor 47 could not be opened
[  949.436242][   T30] audit: type=1326 audit(1766853102.311:1208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15772 comm="syz.2.2276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  949.609206][   T30] audit: type=1326 audit(1766853102.361:1209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15772 comm="syz.2.2276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  949.633277][   T30] audit: type=1326 audit(1766853102.361:1210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15772 comm="syz.2.2276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  949.656932][   T30] audit: type=1326 audit(1766853102.361:1211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15772 comm="syz.2.2276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  949.692648][   T30] audit: type=1326 audit(1766853102.361:1212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15772 comm="syz.2.2276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  949.720216][   T30] audit: type=1326 audit(1766853102.371:1213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15772 comm="syz.2.2276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  949.746108][   T30] audit: type=1326 audit(1766853102.371:1214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15772 comm="syz.2.2276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  950.748834][   T30] audit: type=1326 audit(1766853102.371:1215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15772 comm="syz.2.2276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  950.776703][   T30] audit: type=1326 audit(1766853102.371:1216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15772 comm="syz.2.2276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  950.971994][   T30] audit: type=1326 audit(1766853102.371:1217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15772 comm="syz.2.2276" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa38c18f749 code=0x7ffc0000
[  951.696297][T15793] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  951.745701][T15800] comedi comedi0: Minor 47 could not be opened
[  955.807032][T15830] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2290'.
[  955.818147][T15827] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  955.863296][T15830] bridge2: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  955.940508][T15830] bridge2: entered allmulticast mode
[  956.104688][T15830] binder: 15825:15830 unknown command 1077961494
[  956.111141][T15830] binder: 15825:15830 ioctl c0306201 200000000100 returned -22
[  956.278557][T15839] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  957.031666][T15845] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2293'.
[  958.618164][T15858] /dev/nullb0: Can't open blockdev
[  961.536533][ T5822] Bluetooth: hci5: command 0x0405 tx timeout
[  962.632230][T15896] usb usb8: usbfs: process 15896 (syz.0.2307) did not claim interface 0 before use
[  966.986683][T15910] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  967.886444][ T5822] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection
[  969.057986][T15944] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  969.236964][T15946] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[  969.243480][T15946] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  969.251960][T15946] vhci_hcd vhci_hcd.0: Device attached
[  969.600301][    T9] usb 42-1: SetAddress Request (6) to port 0
[  970.006486][T15947] vhci_hcd: connection closed
[  970.530556][ T1302] vhci_hcd vhci_hcd.4: stop threads
[  970.540606][ T1302] vhci_hcd vhci_hcd.4: release socket
[  970.546050][ T1302] vhci_hcd vhci_hcd.4: disconnect device
[  970.596633][    T9] usb 42-1: new SuperSpeed USB device number 6 using vhci_hcd
[  970.619877][    T9] usb 42-1: enqueue for inactive port 0
[  971.751737][    T9] usb usb42-port1: attempt power cycle
[  972.049685][   T30] kauditd_printk_skb: 20 callbacks suppressed
[  972.049702][   T30] audit: type=1400 audit(1766853124.891:1238): avc:  denied  { shutdown } for  pid=15943 comm="syz.1.2320" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  973.038978][T15970] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  973.187084][    T9] usb usb42-port1: unable to enumerate USB device
[  974.123837][ T5141] Bluetooth: hci5: command 0x0405 tx timeout
[  977.058483][   T30] audit: type=1400 audit(1766853129.471:1239): avc:  denied  { write } for  pid=15990 comm="syz.0.2334" name="fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  980.414420][T16017] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  981.694383][T16036] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  981.700929][T16036] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  981.865672][T16036] vhci_hcd vhci_hcd.0: Device attached
[  981.899626][T16036] netlink: 96 bytes leftover after parsing attributes in process `syz.0.2336'.
[  982.157206][T15270] vhci_hcd vhci_hcd.0: vhci_device speed not set
[  982.366806][T16039] vhci_hcd: connection closed
[  982.376116][ T1302] vhci_hcd vhci_hcd.0: stop threads
[  982.418210][ T1302] vhci_hcd vhci_hcd.0: release socket
[  982.432989][ T1302] vhci_hcd vhci_hcd.0: disconnect device
[  982.456510][T15270] usb 33-1: new full-speed USB device number 3 using vhci_hcd
[  982.464834][T15270] usb 33-1: enqueue for inactive port 0
[  982.578876][T15270] vhci_hcd vhci_hcd.0: vhci_device speed not set
[  983.894180][T16060] usb usb8: usbfs: process 16060 (syz.2.2353) did not claim interface 0 before use
[  983.998051][T16064] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2354'.
[  984.064751][T16064] bridge2: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  984.083433][T16064] bridge2: entered allmulticast mode
[  984.241935][T16064] binder: 16061:16064 unknown command 1077961494
[  984.248764][T16064] binder: 16061:16064 ioctl c0306201 200000000100 returned -22
[  987.538107][T16089] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[  988.366458][ T5870] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  988.517180][ T5870] usb 1-1: Using ep0 maxpacket: 16
[  988.524430][ T5870] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  988.536083][ T5870] usb 1-1: config 0 interface 0 altsetting 16 has 0 endpoint descriptors, different from the interface descriptor's value: 28
[  988.661092][ T5870] usb 1-1: config 0 interface 0 has no altsetting 0
[  988.675948][ T5870] usb 1-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  988.693555][ T5870] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  988.720500][ T5870] usb 1-1: config 0 descriptor??
[  989.191871][ T5870] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  991.383030][    T9] usb 1-1: USB disconnect, device number 33
[  992.666673][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  992.675179][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  996.722875][T16171] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(8)
[  996.729426][T16171] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  996.737434][T16171] vhci_hcd vhci_hcd.0: Device attached
[  997.028391][ T5953] usb 44-1: SetAddress Request (2) to port 0
[  997.585625][T16172] vhci_hcd: connection closed
[  997.588443][  T990] vhci_hcd vhci_hcd.5: stop threads
[  997.605509][ T5953] usb 44-1: new SuperSpeed USB device number 2 using vhci_hcd
[  997.703018][  T990] vhci_hcd vhci_hcd.5: release socket
[  997.826430][  T990] vhci_hcd vhci_hcd.5: disconnect device
[  999.373682][T16197] batman_adv: batadv0: Adding interface: dummy0
[  999.419407][T16197] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  999.427210][   T30] audit: type=1400 audit(1766853152.301:1240): avc:  denied  { ioctl } for  pid=16196 comm="syz.5.2385" path="socket:[57301]" dev="sockfs" ino=57301 ioctlcmd=0x8922 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  999.497170][T16197] batman_adv: batadv0: Interface activated: dummy0
[  999.701702][T16198] batadv0: mtu less than device minimum
[  999.728718][T16198] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  999.739745][T16198] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  999.751041][T16198] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  999.761892][T16198] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  999.772719][T16198] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  999.783549][T16198] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  999.794365][T16198] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  999.805159][T16198] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  999.815972][T16198] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[ 1000.486025][ T5141] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[ 1000.499082][ T5141] CPU: 1 UID: 0 PID: 5141 Comm: kworker/u9:1 Not tainted syzkaller #0 PREEMPT(full) 
[ 1000.499103][ T5141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1000.499111][ T5141] Workqueue: hci3 hci_rx_work
[ 1000.499129][ T5141] Call Trace:
[ 1000.499133][ T5141]  <TASK>
[ 1000.499138][ T5141]  dump_stack_lvl+0x16c/0x1f0
[ 1000.499155][ T5141]  sysfs_warn_dup+0x7f/0xa0
[ 1000.499174][ T5141]  sysfs_create_dir_ns+0x24b/0x2b0
[ 1000.499191][ T5141]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1000.499202][ T5141]  ? find_held_lock+0x2b/0x80
[ 1000.499222][ T5141]  ? do_raw_spin_unlock+0x172/0x230
[ 1000.499239][ T5141]  kobject_add_internal+0x2c4/0x9d0
[ 1000.499257][ T5141]  kobject_add+0x16e/0x240
[ 1000.499273][ T5141]  ? __pfx_kobject_add+0x10/0x10
[ 1000.499289][ T5141]  ? kobject_put+0xaf/0x6f0
[ 1000.499300][ T5141]  ? _raw_spin_unlock+0x28/0x50
[ 1000.499315][ T5141]  device_add+0x288/0x1980
[ 1000.499327][ T5141]  ? __pfx_dev_set_name+0x10/0x10
[ 1000.499339][ T5141]  ? __pfx_device_add+0x10/0x10
[ 1000.499350][ T5141]  ? mgmt_send_event_skb+0x2fb/0x460
[ 1000.499364][ T5141]  hci_conn_add_sysfs+0x1a8/0x260
[ 1000.499378][ T5141]  le_conn_complete_evt+0x11ed/0x1fa0
[ 1000.499392][ T5141]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1000.499407][ T5141]  hci_le_conn_complete_evt+0x23c/0x3a0
[ 1000.499427][ T5141]  hci_le_meta_evt+0x357/0x610
[ 1000.499438][ T5141]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[ 1000.499451][ T5141]  hci_event_packet+0x685/0x1210
[ 1000.499462][ T5141]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1000.499475][ T5141]  ? __pfx_hci_event_packet+0x10/0x10
[ 1000.499488][ T5141]  ? kcov_remote_start+0x399/0x680
[ 1000.499501][ T5141]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1000.499518][ T5141]  hci_rx_work+0x2c9/0x1020
[ 1000.499533][ T5141]  process_one_work+0x9ba/0x1b20
[ 1000.499552][ T5141]  ? __pfx_process_one_work+0x10/0x10
[ 1000.499569][ T5141]  ? assign_work+0x1a0/0x250
[ 1000.499582][ T5141]  worker_thread+0x6c8/0xf10
[ 1000.499600][ T5141]  ? __pfx_worker_thread+0x10/0x10
[ 1000.499613][ T5141]  kthread+0x3c5/0x780
[ 1000.499625][ T5141]  ? __pfx_kthread+0x10/0x10
[ 1000.499638][ T5141]  ? rcu_is_watching+0x12/0xc0
[ 1000.499647][ T5141]  ? __pfx_kthread+0x10/0x10
[ 1000.499660][ T5141]  ret_from_fork+0x983/0xb10
[ 1000.499671][ T5141]  ? __pfx_ret_from_fork+0x10/0x10
[ 1000.499683][ T5141]  ? __switch_to+0x7af/0x10d0
[ 1000.499696][ T5141]  ? __pfx_kthread+0x10/0x10
[ 1000.499708][ T5141]  ret_from_fork_asm+0x1a/0x30
[ 1000.499731][ T5141]  </TASK>
[ 1000.499744][ T5141] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1000.846058][ T5141] Bluetooth: hci3: failed to register connection device
[ 1002.266373][T16220] Bluetooth: hci5: command 0x0405 tx timeout
[ 1002.385543][T15270] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[ 1002.624604][T15270] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1002.675689][T15270] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1002.697543][T15270] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 1002.729797][T15270] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1002.835017][T15270] usb 3-1: config 0 descriptor??
[ 1002.869567][ T5953] usb 44-1: device descriptor read/8, error -110
[ 1003.085435][T15270] usb 3-1: USB disconnect, device number 33
[ 1003.137253][ T5141] Bluetooth: hci3: command 0x0406 tx timeout
[ 1003.267964][ T5953] usb usb44-port1: attempt power cycle
[ 1003.394845][T16242] xt_NFQUEUE: number of queues (51632) out of range (got 109621)
[ 1004.539125][ T5953] usb usb44-port1: unable to enumerate USB device
[ 1005.919306][ T5141] Bluetooth: hci3: command 0x0406 tx timeout
[ 1006.239912][T16254] comedi comedi0: Minor 47 could not be opened
[ 1006.468310][T16259] 9pnet_virtio: no channels available for device syz
[ 1006.606382][    T9] usb 2-1: new low-speed USB device number 32 using dummy_hcd
[ 1006.730244][T16265] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[ 1006.789243][    T9] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[ 1006.797566][    T9] usb 2-1: config 0 has no interface number 0
[ 1006.803671][    T9] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[ 1006.815366][    T9] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[ 1006.829423][    T9] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1006.844095][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1006.856473][    T9] usb 2-1: config 0 descriptor??
[ 1006.864823][T16256] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1006.910411][    T9] iowarrior 2-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[ 1008.459745][ T5926] usb 2-1: USB disconnect, device number 32
[ 1008.465672][    C1] iowarrior 2-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[ 1012.930771][T16305] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[ 1016.246721][T15270] usb 2-1: new low-speed USB device number 33 using dummy_hcd
[ 1016.408052][T15270] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[ 1016.416135][T15270] usb 2-1: config 0 has no interface number 0
[ 1016.437755][T15270] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[ 1016.466522][T15270] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[ 1016.486930][T15270] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1016.572982][T15270] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1016.631718][T15270] usb 2-1: config 0 descriptor??
[ 1016.669375][T16313] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1017.036107][T15270] iowarrior 2-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[ 1017.266669][ T5870] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[ 1018.366510][T15270] usb 2-1: USB disconnect, device number 33
[ 1018.514547][ T5870] usb 6-1: Using ep0 maxpacket: 16
[ 1018.554871][ T5870] usb 6-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1019.103485][ T5870] usb 6-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 28
[ 1019.122005][ T5870] usb 6-1: config 0 interface 0 has no altsetting 0
[ 1019.132814][ T5870] usb 6-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[ 1019.148415][ T5870] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1019.216638][ T5870] usb 6-1: config 0 descriptor??
[ 1019.293857][ T5870] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[ 1020.047814][ T5822] Bluetooth: hci5: link tx timeout
[ 1020.080083][ T5822] Bluetooth: hci5: killing stalled connection 10:aa:aa:aa:aa:aa
[ 1020.387971][T16357] vivid-004: kernel_thread() failed
[ 1020.435095][T16357] vivid-004: kernel_thread() failed
[ 1021.191286][ T5870] usb 6-1: USB disconnect, device number 2
[ 1022.200298][ T5141] Bluetooth: hci5: command 0x0405 tx timeout
[ 1022.898712][T16385] netlink: 48 bytes leftover after parsing attributes in process `syz.5.2433'.
[ 1023.077022][T16384] 9pnet_virtio: no channels available for device syz
[ 1023.657767][   T49] usb 2-1: new low-speed USB device number 34 using dummy_hcd
[ 1023.896581][T16399] comedi comedi0: Minor 47 could not be opened
[ 1023.970207][   T49] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[ 1023.992797][   T49] usb 2-1: config 0 has no interface number 0
[ 1024.009615][   T49] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[ 1024.040316][   T49] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[ 1024.067327][   T49] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1024.088945][   T49] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1024.117851][   T49] usb 2-1: config 0 descriptor??
[ 1024.135022][T16390] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1024.171654][   T49] iowarrior 2-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[ 1024.378054][   T49] usb 2-1: USB disconnect, device number 34
[ 1024.384020][    C1] iowarrior 2-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[ 1024.576175][T16414] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2442'.
[ 1025.010051][T16411] binder: 16407:16411 unknown command 1077961494
[ 1025.015324][T16414] bridge5: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[ 1025.016525][T16411] binder: 16407:16411 ioctl c0306201 200000000100 returned -22
[ 1025.141937][T16414] bridge5: entered allmulticast mode
[ 1030.837149][T16443] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[ 1031.969164][T16453] net_ratelimit: 10 callbacks suppressed
[ 1031.969174][T16453] batman_adv: batadv0: Local translation table size (108) exceeds maximum packet size (-320); Ignoring new local tt entry: 80:00:00:00:00:85
[ 1036.994822][T16481] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[ 1037.276405][ T5870] usb 6-1: new low-speed USB device number 3 using dummy_hcd
[ 1037.340713][T16493] No source specified
[ 1037.446391][ T5870] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[ 1037.454405][ T5870] usb 6-1: config 0 has no interface number 0
[ 1037.461487][ T5870] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[ 1037.496342][ T5870] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[ 1037.626915][ T5870] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1037.636022][ T5870] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1038.144758][ T5870] usb 6-1: config 0 descriptor??
[ 1038.150492][T16486] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1038.160783][ T5870] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[ 1038.200581][T16501] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2463'.
[ 1038.293370][T16501] bridge3: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[ 1038.304302][T16501] bridge3: entered allmulticast mode
[ 1038.422261][T16486] syz_tun: entered allmulticast mode
[ 1038.476818][ T5870] usb 6-1: USB disconnect, device number 3
[ 1038.787863][T16501] binder: 16495:16501 unknown command 1077961494
[ 1038.808577][T16501] binder: 16495:16501 ioctl c0306201 200000000100 returned -22
[ 1041.525004][   T30] audit: type=1400 audit(1766853194.401:1241): avc:  denied  { mount } for  pid=16516 comm="syz.4.2468" name="/" dev="nfsd" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfsd_fs_t tclass=filesystem permissive=1
[ 1043.849866][T16526] ISOFS: Unable to identify CD-ROM format.
[ 1044.291640][T16543] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[ 1045.569435][T16342] usb 2-1: new low-speed USB device number 35 using dummy_hcd
[ 1045.777565][ T5822] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[ 1045.788243][ T5822] CPU: 1 UID: 0 PID: 5822 Comm: kworker/u9:4 Not tainted syzkaller #0 PREEMPT(full) 
[ 1045.788260][ T5822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1045.788269][ T5822] Workqueue: hci2 hci_rx_work
[ 1045.788286][ T5822] Call Trace:
[ 1045.788290][ T5822]  <TASK>
[ 1045.788295][ T5822]  dump_stack_lvl+0x16c/0x1f0
[ 1045.788311][ T5822]  sysfs_warn_dup+0x7f/0xa0
[ 1045.788324][ T5822]  sysfs_create_dir_ns+0x24b/0x2b0
[ 1045.788336][ T5822]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1045.788352][ T5822]  ? find_held_lock+0x2b/0x80
[ 1045.788370][ T5822]  ? do_raw_spin_unlock+0x172/0x230
[ 1045.788386][ T5822]  kobject_add_internal+0x2c4/0x9d0
[ 1045.788402][ T5822]  kobject_add+0x16e/0x240
[ 1045.788416][ T5822]  ? __pfx_kobject_add+0x10/0x10
[ 1045.788433][ T5822]  ? kobject_put+0xaf/0x6f0
[ 1045.788445][ T5822]  ? _raw_spin_unlock+0x28/0x50
[ 1045.788461][ T5822]  device_add+0x288/0x1980
[ 1045.788475][ T5822]  ? __pfx_dev_set_name+0x10/0x10
[ 1045.788487][ T5822]  ? __pfx_device_add+0x10/0x10
[ 1045.788498][ T5822]  ? mgmt_send_event_skb+0x2fb/0x460
[ 1045.788513][ T5822]  hci_conn_add_sysfs+0x1a8/0x260
[ 1045.788527][ T5822]  le_conn_complete_evt+0x11ed/0x1fa0
[ 1045.788541][ T5822]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1045.788556][ T5822]  hci_le_conn_complete_evt+0x23c/0x3a0
[ 1045.788571][ T5822]  hci_le_meta_evt+0x357/0x610
[ 1045.788586][ T5822]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[ 1045.788604][ T5822]  hci_event_packet+0x685/0x1210
[ 1045.788621][ T5822]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1045.788639][ T5822]  ? __pfx_hci_event_packet+0x10/0x10
[ 1045.788651][ T5822]  ? kcov_remote_start+0x399/0x680
[ 1045.788663][ T5822]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1045.788679][ T5822]  hci_rx_work+0x2c9/0x1020
[ 1045.788692][ T5822]  process_one_work+0x9ba/0x1b20
[ 1045.788711][ T5822]  ? __pfx_process_one_work+0x10/0x10
[ 1045.788727][ T5822]  ? assign_work+0x1a0/0x250
[ 1045.788740][ T5822]  worker_thread+0x6c8/0xf10
[ 1045.788757][ T5822]  ? __kthread_parkme+0x19e/0x250
[ 1045.788768][ T5822]  ? __pfx_worker_thread+0x10/0x10
[ 1045.788781][ T5822]  kthread+0x3c5/0x780
[ 1045.788792][ T5822]  ? __pfx_kthread+0x10/0x10
[ 1045.788805][ T5822]  ? rcu_is_watching+0x12/0xc0
[ 1045.788814][ T5822]  ? __pfx_kthread+0x10/0x10
[ 1045.788826][ T5822]  ret_from_fork+0x983/0xb10
[ 1045.788838][ T5822]  ? __pfx_ret_from_fork+0x10/0x10
[ 1045.788849][ T5822]  ? rcu_is_watching+0x12/0xc0
[ 1045.788859][ T5822]  ? __switch_to+0x7af/0x10d0
[ 1045.788871][ T5822]  ? __pfx_kthread+0x10/0x10
[ 1045.788884][ T5822]  ret_from_fork_asm+0x1a/0x30
[ 1045.788906][ T5822]  </TASK>
[ 1045.788964][ T5822] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1046.049979][ T5822] Bluetooth: hci2: failed to register connection device
[ 1046.059880][T16342] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[ 1046.068230][T16342] usb 2-1: config 0 has no interface number 0
[ 1046.074324][T16342] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[ 1046.085678][T16342] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[ 1046.097379][T16342] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1046.106536][T16342] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1046.117356][T16342] usb 2-1: config 0 descriptor??
[ 1046.123037][T16553] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1046.134248][T16342] iowarrior 2-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[ 1047.747413][T16342] usb 2-1: USB disconnect, device number 35
[ 1047.747537][    C0] iowarrior 2-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[ 1048.330798][T16589] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2487'.
[ 1050.526884][ T5141] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[ 1050.981382][T16608] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[ 1051.075003][T16622] comedi comedi0: Minor 47 could not be opened
[ 1051.176565][T16220] Bluetooth: hci5: command 0x0405 tx timeout
[ 1053.376462][ T1289] usb 3-1: new low-speed USB device number 34 using dummy_hcd
[ 1054.100755][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[ 1054.107545][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[ 1054.188092][ T1289] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[ 1054.202383][ T1289] usb 3-1: config 0 has no interface number 0
[ 1054.216518][ T1289] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[ 1054.330791][ T1289] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[ 1054.832500][ T1289] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1054.887258][ T1289] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1054.896392][    T9] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[ 1054.947289][ T1289] usb 3-1: config 0 descriptor??
[ 1054.956426][T16636] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1054.968935][ T1289] iowarrior 3-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[ 1055.147131][    T9] usb 2-1: Using ep0 maxpacket: 16
[ 1055.177244][    T9] usb 2-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1055.211815][ T5870] usb 3-1: USB disconnect, device number 34
[ 1055.227688][    T9] usb 2-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1055.252024][    T9] usb 2-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 28
[ 1056.365987][T16660] comedi comedi0: Minor 47 could not be opened
[ 1057.229965][    T9] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1057.273433][    T9] usb 2-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[ 1057.333341][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1057.553170][    T9] usb 2-1: config 0 descriptor??
[ 1057.851104][    T9] usb 2-1: can't set config #0, error -71
[ 1058.526596][    T9] usb 2-1: USB disconnect, device number 36
[ 1060.723838][T16684] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[ 1063.476399][    T9] usb 5-1: new low-speed USB device number 21 using dummy_hcd
[ 1063.759620][    T9] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[ 1063.776033][    T9] usb 5-1: config 0 has no interface number 0
[ 1063.874582][    T9] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[ 1063.874615][    T9] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[ 1063.874655][    T9] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1063.874675][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1063.885069][    T9] usb 5-1: config 0 descriptor??
[ 1063.887282][T16698] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1063.921402][    T9] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[ 1064.130525][T16698] syz_tun: entered allmulticast mode
[ 1064.133942][    T9] usb 5-1: USB disconnect, device number 21
[ 1066.714724][T16741] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2531'.
[ 1066.888341][T16748] genirq: Flags mismatch irq 7. 00200080 (ttyS3) vs. 00200000 (at-a2150c)
[ 1173.206265][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 1173.213219][    C1] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P16613/1:b..l
[ 1173.221529][    C1] rcu: 	(detected by 1, t=10502 jiffies, g=63829, q=703 ncpus=2)
[ 1173.229232][    C1] task:syz.0.2493      state:R  running task     stack:23208 pid:16613 tgid:16613 ppid:5813   task_flags:0x40064c flags:0x00080001
[ 1173.243398][    C1] Call Trace:
[ 1173.246668][    C1]  <TASK>
[ 1173.249593][    C1]  ? __schedule+0x10b9/0x6150
[ 1173.254245][    C1]  __schedule+0x1139/0x6150
[ 1173.258722][    C1]  ? __lock_acquire+0x436/0x2890
[ 1173.263642][    C1]  ? __pfx___schedule+0x10/0x10
[ 1173.268464][    C1]  ? lock_acquire+0x179/0x330
[ 1173.273121][    C1]  preempt_schedule_irq+0x51/0x90
[ 1173.278205][    C1]  irqentry_exit+0x1d8/0x8c0
[ 1173.282770][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1173.288734][    C1] RIP: 0010:lock_acquire+0x62/0x330
[ 1173.293905][    C1] Code: b4 18 12 83 f8 07 0f 87 a2 02 00 00 89 c0 48 0f a3 05 22 b9 ee 0e 0f 82 74 02 00 00 8b 35 ba e9 ee 0e 85 f6 0f 85 8d 00 00 00 <48> 8b 44 24 30 65 48 2b 05 39 b4 18 12 0f 85 ad 02 00 00 48 83 c4
[ 1173.313499][    C1] RSP: 0018:ffffc9000cba6e70 EFLAGS: 00000206
[ 1173.319537][    C1] RAX: 0000000000000046 RBX: ffffffff8e3c96a0 RCX: 0000000068c1bacb
[ 1173.327483][    C1] RDX: 0000000000000000 RSI: ffffffff8daa7ea1 RDI: ffffffff8bf2b400
[ 1173.335434][    C1] RBP: 0000000000000002 R08: 00000000ffffffff R09: 00000000ffffffff
[ 1173.343377][    C1] R10: 0000000000000002 R11: ffff88803be0d4b0 R12: 0000000000000000
[ 1173.351321][    C1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1173.359278][    C1]  unwind_next_frame+0xd1/0x20b0
[ 1173.364193][    C1]  ? unwind_next_frame+0xbd/0x20b0
[ 1173.369295][    C1]  ? __unwind_start+0x574/0x7f0
[ 1173.374188][    C1]  ? get_stack_info_noinstr+0x18/0x120
[ 1173.379619][    C1]  __unwind_start+0x45f/0x7f0
[ 1173.384269][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1173.390395][    C1]  arch_stack_walk+0x73/0x100
[ 1173.395062][    C1]  ? __unwind_start+0x574/0x7f0
[ 1173.399897][    C1]  stack_trace_save+0x8e/0xc0
[ 1173.404546][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[ 1173.409901][    C1]  ? __lock_acquire+0x436/0x2890
[ 1173.414813][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1173.420000][    C1]  save_stack+0x160/0x1f0
[ 1173.424318][    C1]  ? __pfx_save_stack+0x10/0x10
[ 1173.429150][    C1]  ? page_ext_put+0x3e/0xd0
[ 1173.433632][    C1]  __reset_page_owner+0x84/0x1a0
[ 1173.438543][    C1]  free_unref_folios+0xa22/0x1610
[ 1173.443553][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1173.448287][    C1]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1173.454084][    C1]  folios_put_refs+0x4be/0x750
[ 1173.458826][    C1]  ? __pfx_folios_put_refs+0x10/0x10
[ 1173.464082][    C1]  ? folio_batch_remove_exceptionals+0x115/0x1a0
[ 1173.470381][    C1]  shmem_undo_range+0x58f/0x1140
[ 1173.475292][    C1]  ? __pfx_shmem_undo_range+0x10/0x10
[ 1173.480641][    C1]  ? find_held_lock+0x2b/0x80
[ 1173.485317][    C1]  shmem_evict_inode+0x39e/0xbe0
[ 1173.490226][    C1]  ? inode_wait_for_writeback+0x170/0x390
[ 1173.495930][    C1]  ? __pfx_shmem_evict_inode+0x10/0x10
[ 1173.501380][    C1]  ? __pfx_inode_wait_for_writeback+0x10/0x10
[ 1173.507433][    C1]  ? find_held_lock+0x2b/0x80
[ 1173.512089][    C1]  ? evict+0x37e/0xad0
[ 1173.516146][    C1]  ? __pfx_shmem_evict_inode+0x10/0x10
[ 1173.521578][    C1]  evict+0x3c2/0xad0
[ 1173.525444][    C1]  ? find_held_lock+0x2b/0x80
[ 1173.530102][    C1]  ? __pfx_evict+0x10/0x10
[ 1173.534522][    C1]  ? iput.part.0+0x619/0x1190
[ 1173.539182][    C1]  iput.part.0+0x621/0x1190
[ 1173.543670][    C1]  iput+0x35/0x40
[ 1173.547290][    C1]  dentry_unlink_inode+0x29c/0x480
[ 1173.552384][    C1]  __dentry_kill+0x1d0/0x600
[ 1173.556954][    C1]  finish_dput+0x76/0x480
[ 1173.561262][    C1]  dput.part.0+0x451/0x570
[ 1173.565650][    C1]  dput+0x1f/0x30
[ 1173.569255][    C1]  __fput+0x51c/0xb70
[ 1173.573219][    C1]  task_work_run+0x150/0x240
[ 1173.577782][    C1]  ? __pfx_task_work_run+0x10/0x10
[ 1173.582867][    C1]  do_exit+0x87f/0x2bd0
[ 1173.586995][    C1]  ? proc_coredump_connector+0x2d1/0x4f0
[ 1173.592610][    C1]  ? __pfx_do_exit+0x10/0x10
[ 1173.597179][    C1]  do_group_exit+0xd3/0x2a0
[ 1173.601665][    C1]  get_signal+0x2671/0x26d0
[ 1173.606147][    C1]  ? __pfx_get_signal+0x10/0x10
[ 1173.610984][    C1]  arch_do_signal_or_restart+0x8f/0x7e0
[ 1173.616507][    C1]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1173.622636][    C1]  ? __bad_area_nosemaphore+0x350/0x690
[ 1173.628169][    C1]  irqentry_exit+0x38a/0x8c0
[ 1173.632744][    C1]  asm_exc_page_fault+0x26/0x30
[ 1173.637572][    C1] RIP: 0033:0x7fa226e4f6b7
[ 1173.642044][    C1] RSP: 002b:00007fa227e5b1a0 EFLAGS: 00010206
[ 1173.648079][    C1] RAX: 0000000000000000 RBX: 000000000000000b RCX: 00007fa226f8f749
[ 1173.656030][    C1] RDX: 00007fa227e5b1c0 RSI: 00007fa227e5b2f0 RDI: 000000000000000b
[ 1173.663974][    C1] RBP: 00007fa227013f91 R08: 0000000000000000 R09: 0000000000000000
[ 1173.671916][    C1] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1173.679858][    C1] R13: 00007fa2271e6038 R14: 00007fa2271e5fa0 R15: 00007ffcc0e4c388
[ 1173.687808][    C1]  </TASK>
[ 1173.690798][    C1] rcu: rcu_preempt kthread starved for 10545 jiffies! g63829 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[ 1173.701973][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 1173.711914][    C1] rcu: RCU grace-period kthread stack dump:
[ 1173.717771][    C1] task:rcu_preempt     state:R  running task     stack:28480 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00080000
[ 1173.731224][    C1] Call Trace:
[ 1173.734485][    C1]  <TASK>
[ 1173.737388][    C1]  ? __schedule+0x10b9/0x6150
[ 1173.742038][    C1]  __schedule+0x1139/0x6150
[ 1173.746573][    C1]  ? __lock_acquire+0x436/0x2890
[ 1173.751529][    C1]  ? __mod_timer+0x8f2/0xd30
[ 1173.756116][    C1]  ? __pfx___schedule+0x10/0x10
[ 1173.760950][    C1]  ? find_held_lock+0x2b/0x80
[ 1173.765612][    C1]  ? schedule+0x2d7/0x3a0
[ 1173.769929][    C1]  schedule+0xe7/0x3a0
[ 1173.773978][    C1]  schedule_timeout+0x123/0x290
[ 1173.778799][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[ 1173.784141][    C1]  ? __pfx_process_timeout+0x10/0x10
[ 1173.789409][    C1]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1173.795185][    C1]  ? prepare_to_swait_event+0xf5/0x480
[ 1173.800618][    C1]  rcu_gp_fqs_loop+0x1ea/0xaf0
[ 1173.805371][    C1]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[ 1173.810630][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1173.815800][    C1]  ? __pfx_rcu_gp_init+0x10/0x10
[ 1173.820722][    C1]  ? rcu_gp_cleanup+0x7c1/0xe90
[ 1173.825543][    C1]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1173.831329][    C1]  rcu_gp_kthread+0x26d/0x380
[ 1173.835977][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1173.841144][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1173.845875][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1173.851045][    C1]  ? __kthread_parkme+0x19e/0x250
[ 1173.856046][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1173.861214][    C1]  kthread+0x3c5/0x780
[ 1173.865265][    C1]  ? __pfx_kthread+0x10/0x10
[ 1173.869834][    C1]  ? rcu_is_watching+0x12/0xc0
[ 1173.874574][    C1]  ? __pfx_kthread+0x10/0x10
[ 1173.879140][    C1]  ret_from_fork+0x983/0xb10
[ 1173.883709][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[ 1173.888789][    C1]  ? __switch_to+0x7af/0x10d0
[ 1173.893437][    C1]  ? __pfx_kthread+0x10/0x10
[ 1173.898002][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1173.902756][    C1]  </TASK>
[ 1173.905754][    C1] rcu: Stack dump where RCU GP kthread last ran:
[ 1173.912047][    C1] Sending NMI from CPU 1 to CPUs 0:
[ 1173.917229][    C0] NMI backtrace for cpu 0
[ 1173.917240][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted syzkaller #0 PREEMPT(full) 
[ 1173.917254][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1173.917262][    C0] RIP: 0010:pv_native_safe_halt+0xf/0x20
[ 1173.917280][    C0] Code: b6 5f 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 13 39 12 00 fb f4 <e9> cc 35 03 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
[ 1173.917291][    C0] RSP: 0018:ffffffff8e007df8 EFLAGS: 000002c6
[ 1173.917302][    C0] RAX: 0000000002b9d8ad RBX: 0000000000000000 RCX: ffffffff8b7826d9
[ 1173.917310][    C0] RDX: 0000000000000000 RSI: ffffffff8dacdf23 RDI: ffffffff8bf2b400
[ 1173.917318][    C0] RBP: fffffbfff1c12f68 R08: 0000000000000001 R09: ffffed101708673d
[ 1173.917326][    C0] R10: ffff8880b84339eb R11: ffffffff8e098670 R12: 0000000000000000
[ 1173.917334][    C0] R13: ffffffff8e097b40 R14: ffffffff9088b4d0 R15: 0000000000000000
[ 1173.917341][    C0] FS:  0000000000000000(0000) GS:ffff8881248f5000(0000) knlGS:0000000000000000
[ 1173.917354][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1173.917362][    C0] CR2: 000000110c2d27c7 CR3: 000000007c507000 CR4: 00000000003526f0
[ 1173.917370][    C0] Call Trace:
[ 1173.917374][    C0]  <TASK>
[ 1173.917378][    C0]  default_idle+0x13/0x20
[ 1173.917394][    C0]  default_idle_call+0x6c/0xb0
[ 1173.917410][    C0]  do_idle+0x38d/0x510
[ 1173.917429][    C0]  ? __pfx_do_idle+0x10/0x10
[ 1173.917448][    C0]  cpu_startup_entry+0x4f/0x60
[ 1173.917465][    C0]  rest_init+0x16b/0x2b0
[ 1173.917475][    C0]  ? acpi_subsystem_init+0x133/0x180
[ 1173.917488][    C0]  ? __pfx_x86_late_time_init+0x10/0x10
[ 1173.917502][    C0]  start_kernel+0x3ef/0x4d0
[ 1173.917521][    C0]  x86_64_start_reservations+0x18/0x30
[ 1173.917540][    C0]  x86_64_start_kernel+0x130/0x190
[ 1173.917558][    C0]  common_startup_64+0x13e/0x148
[ 1173.917576][    C0]  </TASK>