last executing test programs:

11m18.89892749s ago: executing program 3 (id=3504):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x1)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x8)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$char_usb(r0, &(0x7f0000000600)="b56511e72c6cba780ce701ed0b2db27a336692892a6491e2488652ff00c468d353d809d5b20d8ee0f9fefa6cd7bd1036ed25f0e37053d291887c707a892884c2b4aa2ebac156ef8288264449eea05c4f51c3bb4355eb108744fe34e5d0e851d51a855854135f04dd5d854459226f090b6f0d6135e8f2824eed7469236cad2251116a381d8cd30bae59c1fe71e028a667cb910d523aa5d7208286755075ee8be937304cca20e234303df72ad4e2bdc71219456229460a7c6a2df61e8b21b4a4941dcba5c257b90bbf0a976a73973319258ad7f738c04dfbdee4ea0e1b77a909a154fd934f791ebea03db6f06c8f14bc40924e46cbb9b343f25d63f332f9b3f176601f842a4e40401cbc62ee7803c3a2d71f3878f61d8fb8cb5ee90a696b22fb97bbdfd36af05c2e34dfb3d36cf7333ea9dc98af537780ae7bc701053b9009d654d84f04c851b311341efcec16ef3d5c8a7e8af494068dbad55bfa7b7bf4475ceb03a6f4ef11ce14652dc36f279671b7184586c7aab57d50ca23deaeeeaebc2ed024d91f399c84834e7802ad28b6ffec7ed089e8af35d15f2713e70ce55b3f60b9c002496e110c3a68e4c01faf901df4e39d007bf99f3a2d2e33c58b92b961937060a92ab6347995c09eb6a363092e3a45b68bd5e734d43b0bc98070d66c8d03490897a7d05e894da6d92c46cb1d961d11a7d1cd9d3c437c07e9f090690d2b344a93fdc5d7276b74231f1ad050024359e7a73ee913e9a7eba72f23482de94c572d07491328ca363762c44ddcdb1623ec6d639b368d407ffafbb265de19bd5e52ec86c12167dfe2a3de629af1d66612c3f313e07a301d8378fc6eb551196b51680d1194d682ff6cdbb0f811608d6321b41664108ef6dd1dfcc7df602901b0c0d549fb8d0c1aa9b542b99d76b6b8c360c9bcb01ed819a57441948465279d0b2652be1058065929bffae3e9c8923ba01c954f3c49298db8ffad96b73684daf2e608046be2ffb0de70237e044d4be3e6ccc1984ebd2f6e0f57e99fcb0ec30598f121bd93a4003e0ba0815e5ddbeba9f3f8600ef86258a5423fb1f30da5be531e573bf5322a5842eeb23107f02021dc332e0e687bd1f4f0ac09293c3638603279484dd552d534089e0b5b903c4ceeedef410662ec12e17e9b616950874e24d313d770e84b488544a8b829039d06637269367c108dc37712d46ef6601ef4e937a120c607e570446d6216366a72ced5d543ba92a929cef7c4fb03307e88174ad88381b16de1c3f9985f483ff75e9b40fc0e001d037dda41df9a583009baa3b246c19ab5a20cb4e62accb7a86090717c17db68b0d14905ed0ce6e49555de65448782fc0899f631393b5ccd65da59265d1b4ba9ff4d8a328cb42d2e3a465db23cfa9f159ce5716df7ccf393a561a1783679048570f2467c5336106bc8954569c047e854b2211141d169b27ca796b42c544f70123bd9f6ae23f87d1be164cd7bb2da3dc79e6f12a687296942c9c8f2d99b6961b48e046028bd69dcda162510ad235b7bf28a0ff994e23f08e807437dcd1a426a31e818b918e5c28725bf12f42d6f719d9d81100e529b9f7e4891167aef44ec7afa086e46cf832d144ebe668dbafcbf229be799f33df6c1fb3365f4cb64f360fb70ee140818503a185a44f15d3db5fd5abe8ea3c59f4120c23d3792a4ac791959858dc88286e403ad45b31716e28be7684375c2651f88ed78c294", 0x4c7)
write$UHID_INPUT(r0, &(0x7f00000014c0)={0x8, {"1774d10ed679a3761698425e02229859f202c5d54bb9aaa84c470671ed39e31fcd1987c3fab368535c1d72f471356277d68201ce587582e0b61c74107f26d9b357fed4393b6676c62cb12bb5104bc87b40120258613657f462d98097b32565f3c6a065c0ecf81581c270d0adccfdd40199844781374e1cee0129091296af79ff67a1f52be0c73043a7bb6860312b9b2d3514d05233defb9e2e9ae218a0731aa015e7f042114d434f4209218e37f80b240526d575cb63f1ca89512cd50e27c21a827328cbae0874b155506fd933a2e59978eaad1c78dbed757e9e0047f5ebd5e9faefad831e5c55100f289794dc5b2116838edc1caef786cead375259a7768ddfd6cf5ed870b7abdcef90350a64c1eb5d6e54de748d6349f7e5bcb0377df4744678e7700911426a8b8540996d54716ecd8cd3a9f8175f23d45f9a1497654d5f2e4dad96b4b34cce3a39eb084bb829e05c82249951f91b432999c302bbe8ae5f79bb8954ed23ad98f87b5c30d079b1b2186db53a3849f9dce0e4d49c04f3025d4b25bc0728ab25ea5d050dc2586bad7ac437d7a5881c06e8b9f3eae66dc2aa48d0edf763daa7c6aa90df3c61fd69cf301090790b608324f4cfcc23acdcbbf9bd7e224c5c33d817cddcd10e86cbbda0de36f52d2389fa84dad6ed1819ee056b9a80d0b81f2a6b4ac50192f87cabf46f5fc88abcfbeb4301632d353aaf091b7828d941cb1c0e1477e5761032a63dadc3c7f51de8429c63b4ad65e975e38f244c6fe40e8fc6c33c4a16deffbe1b0423e584f45023e196d92b5bbc7d1854c3f33e8b0b7c5d3d87f0119380e2d14d6630219dc0e31469c2af0db2d624cab5c276c396f7d1543370ca9d925ac2dc2204de8008517c815e9fa7cd56e53f82ce1d095cd08032f57835ecb14c39fd57c90e39557934cd278a609e2e05a07a791d417f4460d2c30c10e1ef92cc146b1f9ff6b98b2688e2f050c510feba0d6960d31522cec3f6b0f539f85898a6b6409dd179d990fb57026acd9382f505ce06db211d7a369f46d8ea5804502bc7829155794b19a098d095a00b520966e9f49c74111d1f0f0f75b07aff0d388650a63656c9e601269d2eff1740e87206416ec73c08b56570dd496846b4f1a5d76602b6594e173209e5e7cebbab3f9f29bf957d000510eff9ce7ee3fea7fff32f3b6ae414ac311e14550e9a597aec7e76df40b7352bf4ddbd00739041edda795aeaa2665ad51a836120054bb0c8c1d3149477167214a0f952c78039ec8a70e21158db26d8f0238f782a5d54dced90951085abd412ef2e5b9984c7e263dc3eac6c683e8b82c5d56b5fa1e2f65d5d0afd32bc66d76ddb87a41805e11137de7373a9f6366a9a314cc6d5e731abeb2e83f135798a8bdda1c47b36db21140a9278b86c520bdbc8338ccaf5fbd61d7e73750b38e4bb6c77c33bf5617086c8f97ab219b4f6c930fd717aed4f1fa0eebcda82322c561dcae23284e0bfa4bf7a5b4b19ff3fe3137c4e07c55543a7d3778ccfaf757fae541bcf475382cc8ab6a0ede61789652b528efaacfa804fc1583bdfeaea00565c70a5941dc7a947ed97d9b6688f6363edf0735e72d9b8a4b21e5cd2de518e27bfd41749eafa66f3452e941273050ceaf39435327737857d4718a31b83649b3dced6f37a9ce3621a83a7ba9163dea12990677d21781f4ff95a68dc4b268b4c5e428c0941443c98025773362acd28a88f8d7e42fa72b908ac6a816270d78541c98e36b838b83ba99656192624211a343e6e76e154ebdb1af56aa8489f6a30a6be0dcd84f80ab2d02ac7bee22e5f6207d74c4fda0c6d7cc71bea537718bf8bb1d3c2602903139449b046d09528b4331bd8e396bb9b5c0b15db16a72947eecd0f050de9ee9e6b82fcf48a7fbecf911fda3d013fa9941a60f41b9d1f56ac40f07e7259c7c79f17cb0a90c472d33aed227151fc93c76e7a1fee4675edae1a9fda95a5d2b42c7b13d84995ee1b6411c48329f529752d65601c034cdb13ea4051132ecb7f71953b43663053fc2a174b1a7694d6a8b3eb9facbaf8b7281e00357ee255816a489ca91656dc506deaa9c925a0e53600a9e7df5bc89db907a323ffeba03d3c06a4f0569a6c0cd02ca46eede0b9979aa5b40fa85b47b3d4f4aaf614b5b72ab9ea4289d08346759fbc4c0c25dd179d0efc994f4ace7612720dbd1b40395c95c43e24bdb5941295ccfdfb8b558b3234a80a2cfb5a50d96a31e2f1bcc4aba66994626f735d5fd742f0fc2ab2bcc0a73a6210e9b2222a3577f7cba7fd31459c58bef86eb76dd00fc165a16519d05f5aa5753b89c5391a051b2930b22eadbd1f4fc76fc675faf35bde9306ef48fa349f1978b84e033340681bf06966a833c03902d749444574b9e3e88e027b01d057db785a1e0d6b4135c3b6f2ac370a01351bcdf0474d4708675502e64e02d468c4e1454271dda60f82cefb8f6ec9bd871bb4c7a50a17f3d1d9c1bce2e79cb59704f78a31d13cd6678e20ea53e8d0bff1527bf76670982fab8cbe62377baf3c59f256e0bb21686402efd240cf07989832b02975e09b06da9486667869e543e7e868e1eb2242811f306f9cbeff4e606c62dbccfcc3dec265b396fa70c04b0816dddedfe5d70b44c35e387accad9945c91ced6665482f95e1bcd4fb603eb5add65c934d74a40dd37a24ea972babb9197dd85b102e67d5658dd8cd64b661fac6dae2e1d8f7325e2a62d1060836f53a2f3737c843a42662a7ed6eb63c5ca670273539529a760417f3d95fd4adfe86ae582742c1d54dd121e5ac820d3f547a647f72f723a66dc9830fbcc228559c77d3fd1d7443598717f69d58b9e7cc64e9aad2da810b45aaf01b377d54eddc0e97f6d1dc07aa33c30aa2667719cebf73e67d001bd967e6529f195b38dc6684758b557ce4ba3b47d84a03be117b58cc22adbab162bed3965f768982e5355d241f7f0c0943d389a61ef2c633d8b99c7b6deba3bc4e4c1b7366a178ed6bc1fb49ce646b411ccb940998d01a941546a5ad1988faa66ba6338a7562e17ee0af33e76d6dfcd0ed0fb92911b2c9cb880f367f6429a7446f090b90b83893d1c0ddb138959853b68a85894a6d5aa1d287c2a949f9331fedecf7de02a5b51014c917a42e33274e6d597bd6ab586f73ce61a96f9512a0ebc729869c664a895be61ec7882869852c922d3016726edc90f909af1d07e8a3671bf751135cd24066fad1992103bdcd5052059abb0e1df33560ab3637d66b1013f8a234e3238de1170da7addd84b21f1e870151f534d799ed6164a031686bc48d2ae5a89c81894a28a9cd944a535b907777397e739a3b6a8e7d54bef71907071bc2a047ca14d7ef2e9d9b66da86ce56bc62ada0c813d9d63aa899f77f5d804a13a79b0e2275c4ba387e970519e67d212193d91bd0a96a1068bc136616ab5153b1e4b956f1a44b5334e8fbf8abf57fb28a13a64ad6085497faf88556d721f8e0a0699469646f22789e6530c03c75f69279e809d95d444bd44af1d19d12046de9d524caedc84a506642edf34b409b41ccb9689f8597cacd20eee8beec2b3e89644c06750e080da5cc06f3cb10b854fc23d39e52bf95b88335e7536888d67ea92df5868c5835321234e70ebf80e4365c19693a3a640a30f5aec7c490b4ed32ff169e907e25f862fe5aa8a9238cf5cee03ec2ab9e2801239980e78162b560ae3d066351f944c31d8b57a20cd2419b05b0fdd9f8ca4b7a8e1e7955a6b66a264d6d4c56d83c15871ab3f3327284ff7cf5e8d6c7f762d755fac0c7784af9efd13c9337d38451acb23020f4934ef1708b362b5d5cf4b743fc0f9712860ca2977319e1226ed860c2be3caacc8465ba80a0a6856322bc352972fd3f3c0db3acd66d56fef139e48f3d63d3a62c532aa10485807269bac3348316d9fd1931cbfd2acaa5c4e9102872ab16500260f2aec57025c0d6dc1bd68bff597667469e8eb57459b1881c10bf9531c23a6d9349b06b0db60aa6f89a4e0162038ea1850348b72e16f7d647e092c1d7ca55ba5095e58b18dd56b72ba9cbc09598663e8f54b2594194de72475abafdb285d464007ab91a83b91e7c8d5968ecb452e011c0b74e4309180615c3f67c2cad6e086f3686fd5394efd86d8bd45829314a5eb4a0549613b668e7b97600ac9ffe59df44e87046de44432dcd0aaf0c02c446ee9aaf72e80ce989923d4720fd3b8257d3fec5af22737c1e426f9d851c7929d69713e4751d5d39de20f0990bbdcb579f36b778bba4b8c5bdeb78208412005fe7cee40fe86691b8b0d6d3234e74192528622c31022cc3a81f4a574efdb67348b36ae7fd5977059d911da17746b040f06e7bef06accf4ef1ea4f4402041a98f3760d0fb8851b4e7d1124f37b1c653cc9ac53f4e373f694f8c957c390b0801859a19776a83854d2b65766bb03321fdac9a23d3345821fc21195910245e5ad79926a08094b54e242f002634b7213e5c122e76514f9ce76ce2740741f7ffe30e036de63b737fb16b240c6eeef0c1c537d219449b95d497723088548267c229fd5a122f25f2c6ad2fc3ff28133305ca850c5e2d1453dbb4429a8ee3a8f173feb49b611764c536c668c9aca8b8ec575c2310044898a4657fa1dda2ec6f7b8906d9521525ffd30c2b5948a0250224ba4d6beb39008c3785ddad71ceedb34301706b71634bf74b33ea4c436c2006cc5275d7931855d376c6314f8a5431781c3347bd9b3edadb8fcb959a6bb48e9407de69458fcc61c3a62e32720d3fd838dad3f50e852a2aa6d26af70205f9d8e40d3b9232c2ea9a4f86857fec4f7772e43d6dabd1e34400a84d1d338941bc31ead12047bde3ccdd89c53fcbfeff9fba85be6c11447c4b088eb184186a5e41e17bc0011c008aa8b98b44c1c862f8f977d1998d8dce81688d3d80d0fa2b9b7e7f78f80361f525a7586f3d9e68456b55d6f0e8c99495da3a5f392fc8bfe4e42af04fe85936c99b7be80acd351bffa7b723717621d9ff37b5ef829dfdc6ab085c2e83df864306cee0096486e77a1f9d7b7cf5bd157a69a05a12bb735606ac360af2c23542e52880fe9328524d5b121e378319ef2e1a0874fc99842ac8ac04dd6c634b08d81ffd379e9a52573a1721f63a6c009c590e7f43fcbaa2c23c975dfd1a9d1a6dc21587511b4cfdb6f53721940a9f4dd3d8a2c6bdf9890a152e05c9b561518a58a861aae8cb02f1031a121297f6b0820b22d9d6e544adc91216f4a3c011dee24774bfddef418a56c5f0ed57e6f3ce2a76d812a19a9420141eca0ef3d86f552814cb8b2a68b53bb195b2dd2b44f49e93c742db0b2bd637fd247bc28755819a9e122725a6b4409baec607359268eb6cf83fcb674a3771b75b8a7ea0300c16a624333b69bc188c417557356ff7336cde8645f973ad18ee15fc3b34074e1ec58eb00b779a86c7dd7e76872798a12b29b3f446240770999853686f18a624beb6f07f614b413a0cbd954de99a6a79b7c9dbdec41fa172025d9e7d6e82935fc21b4c90bae9b4e9a84478e2289fda091ceacdd02bee2d96fa9d02982191418a9db4115ba049b045ef03dcffc0566d802df6d97dcd90660cd9c3a682bca8a48dd7168ab86074685993571843f74498f1d3a85ab9c63c83450809e86cb1bcf2f341cfd7db56090ad58c34e3a6a98ea65e7b5b439295b0ad6e6e695d88dec93c2ed776df7fc41ef0cec809500d2ce06ac217001748fa337b91f1bccf4d22ee7183e44a573cf95bdbe1e2e10d0c2d52e1992983f84fa1b109eb1495c9d25651510b75a2d5c689b7fe9", 0x1000}}, 0x1006)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=[0xfff], 0x0, 0x0, 0x1}}, 0x40)

11m18.734964729s ago: executing program 3 (id=3505):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'bond0\x00', <r2=>0x0})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000200)={'batadv0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000ec0)=@newlink={0x48, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x21, 0x20}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @hsr={{0x8}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_HSR_SLAVE1={0x8, 0x1, r2}, @IFLA_HSR_SLAVE2={0x8, 0x2, r3}, @IFLA_HSR_PROTOCOL={0x5, 0x7, 0x1}]}}}]}, 0x48}}, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
r5 = syz_clone(0x26900000, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace$setopts(0x4206, r5, 0x0, 0x100010)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYRES8=r5, @ANYRESDEC=r3, @ANYRES64=r3], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
personality(0x4100001)
ioctl$TCFLSH(0xffffffffffffffff, 0x540b, 0x1)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x4e24, @empty}}, 0x0, 0x101, 0x3f8, 0x0, 0x50}, 0x9c)
ppoll(0x0, 0x0, &(0x7f00000001c0)={0x0, 0x3938700}, 0x0, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x24000000)
sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a181000b00000000010000000000000e000a000f000000028002002d1f", 0x2e}], 0x1}, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd60a24b9f00081100fe8000000000000000000000000000bbfe8000000100000000000000000000aa00004e2200089078"], 0x0)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000780), r8)
sendmsg$NLBL_MGMT_C_ADD(r7, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000007c0)={0x30, r9, 0x1, 0x70bd27, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0xc, 0x1, 'syztnl0\x00'}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x7}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @broadcast}]}, 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000002b40), r10)
sendmsg$NLBL_MGMT_C_ADD(r10, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000002c00)={&(0x7f0000000100)={0x2c, r11, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@NLBL_MGMT_A_DOMAIN={0xe, 0x1, 'net/l2cap\x00'}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x2c}, 0x1, 0x2000000, 0x0, 0x20000000}, 0x24000080)
sendmsg$NLBL_MGMT_C_REMOVE(r7, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x64, r11, 0x81b, 0x70bd2a, 0x25dfdbfb, {}, [@NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x28}, @NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x21}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @local}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @mcast1}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x2}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x7}, @NLBL_MGMT_A_IPV6MASK={0x14, 0x6, @dev={0xfe, 0x80, '\x00', 0x2d}}]}, 0x64}, 0x1, 0x0, 0x0, 0x11}, 0x4804)

11m16.129574231s ago: executing program 3 (id=3509):
r0 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000), 0x41, 0x0)
write$nbd(r0, &(0x7f0000000340)={0x1000000, 0x0, 0x0, 0x40, 0x9, "82b0cfc4337965941538be09000000000000000000007400a391793ba70d0000000000fdf700000000baffda6e4a4d"}, 0x3f)

11m15.808094951s ago: executing program 3 (id=3510):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a3000000000090003007379"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000fbffffffffffff0000000a74000000060a010400000000000000000200000048000480440001800c0001007061796c6f6164003400028008000440000000000800054000000000080003400000005a0800024000000402080006400000000208000740000000080900010073797a30000000000900020073797a32"], 0x9c}}, 0x4)

11m14.284573267s ago: executing program 3 (id=3512):
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, 0x0, 0x0)
syz_open_dev$dvb_demux(&(0x7f0000000140), 0x0, 0x62400)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x3, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x30, 0x8008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, r0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
writev(0xffffffffffffffff, &(0x7f0000001300), 0x0)
capset(0x0, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x9, 0xffffffff, 0x40})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000480)='pagemap\x00')
preadv(r4, &(0x7f0000000640)=[{&(0x7f0000000b00)=""/152, 0x98}, {&(0x7f0000000500)=""/189, 0x7fffef68}], 0x2, 0x300100, 0x0)

11m12.708927955s ago: executing program 3 (id=3516):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0xc, &(0x7f0000000100)=ANY=[@ANYBLOB="180800000000000000000000000000008500000023000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002a00000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$TUNSETFILTEREBPF(r0, 0x800454e1, &(0x7f00000001c0)=r1)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$kcm(0x11, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000440)={'syzkaller0\x00', <r4=>0x0})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x200, 0x0)
close(r5)
r6 = socket(0x400000000010, 0x2, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x0)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
sendmsg$kcm(r3, &(0x7f00000000c0)={&(0x7f0000000500)=@xdp={0x2c, 0x7, r4, 0x3e}, 0x80, &(0x7f00000007c0)=[{&(0x7f00000002c0)}], 0x1}, 0x20004014)

10m57.25818076s ago: executing program 32 (id=3516):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0xc, &(0x7f0000000100)=ANY=[@ANYBLOB="180800000000000000000000000000008500000023000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002a00000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$TUNSETFILTEREBPF(r0, 0x800454e1, &(0x7f00000001c0)=r1)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$kcm(0x11, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000440)={'syzkaller0\x00', <r4=>0x0})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x200, 0x0)
close(r5)
r6 = socket(0x400000000010, 0x2, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x0)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
sendmsg$kcm(r3, &(0x7f00000000c0)={&(0x7f0000000500)=@xdp={0x2c, 0x7, r4, 0x3e}, 0x80, &(0x7f00000007c0)=[{&(0x7f00000002c0)}], 0x1}, 0x20004014)

7m2.507705302s ago: executing program 0 (id=4335):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x0)

7m2.339244593s ago: executing program 0 (id=4338):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x100, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000001180), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000004280)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000180)={0x50, 0x0, r1, {0x7, 0x2b, 0x1, 0x3800402c, 0x3, 0xfffe, 0x2, 0x7fff, 0x0, 0x0, 0x100, 0x100}}, 0x50)
creat(&(0x7f00000001c0)='./file0\x00', 0x0)

7m2.168533673s ago: executing program 0 (id=4341):
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000400)="890704", 0x3)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f00000000c0)='xfrm0\x00', 0x10)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000f40)=[{{&(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10, 0x0}}], 0x68000, 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f00000001c0)='usrquota')
chdir(&(0x7f0000000140)='./file1\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_GETINFO(r0, 0xffffffff80000500, 0x0, &(0x7f00000002c0))

7m1.946704492s ago: executing program 0 (id=4343):
r0 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$SEG6_CMD_SET_TUNSRC(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x14, r0, 0x1, 0x70bd2e, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0xc8c0}, 0x44000000)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010829bd7000000000000b00000008000300", @ANYRES32=r3, @ANYBLOB], 0x7c}, 0x1, 0x0, 0x0, 0x4}, 0x0)

7m1.618955385s ago: executing program 0 (id=4344):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000500)=@broute={'broute\x00', 0x20, 0x1e01, 0x0, [0x0, 0x0, 0x1e01, 0x1e01, 0xfffff9, 0x80000440], 0x0, 0x0, 0x0}, 0x108)

7m1.477429598s ago: executing program 0 (id=4346):
r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0)
read$msr(r0, &(0x7f0000000200)=""/161, 0xa1)
syz_io_uring_setup(0xefd, &(0x7f0000000400)={0x0, 0x0, 0x10000, 0x3, 0x55}, 0x0, &(0x7f0000000140), 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r1 = creat(&(0x7f0000000040)='./bus\x00', 0x181)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8b06, &(0x7f0000000080)={'wlan1\x00', @random="22808009000a"})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$UBLK_U_CMD_START_DEV(0xffffffffffffffff, 0xc0207506, &(0x7f0000000000)={0x0, 0xffff, 0x0, 0x0, <r3=>0x0})
sched_setaffinity(r3, 0xfffffffffffffefe, &(0x7f0000000180)=0xbdd1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000, 0x0, 0x0, 0x8})
mlockall(0x7)
mprotect(&(0x7f000002c000/0x1000)=nil, 0x1000, 0x2)
madvise(&(0x7f000000a000/0x2000)=nil, 0x2000, 0x9)
r4 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r4, 0xc00c642e, &(0x7f0000000300)={0x0, 0x0, r4})
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
r5 = syz_open_procfs(0x0, &(0x7f0000000100)='smaps_rollup\x00')
r6 = socket$inet(0x2, 0x5, 0x0)
getsockopt$ARPT_SO_GET_ENTRIES(r6, 0x0, 0x50, 0x0, &(0x7f0000000000)=0x600)
read$FUSE(r5, &(0x7f0000002180)={0x2020}, 0x2020)
write$cgroup_int(r1, &(0x7f0000000540), 0xfffffdd8)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x19)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[], 0xfc}}, 0x0)

6m46.058651992s ago: executing program 33 (id=4346):
r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0)
read$msr(r0, &(0x7f0000000200)=""/161, 0xa1)
syz_io_uring_setup(0xefd, &(0x7f0000000400)={0x0, 0x0, 0x10000, 0x3, 0x55}, 0x0, &(0x7f0000000140), 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r1 = creat(&(0x7f0000000040)='./bus\x00', 0x181)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8b06, &(0x7f0000000080)={'wlan1\x00', @random="22808009000a"})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$UBLK_U_CMD_START_DEV(0xffffffffffffffff, 0xc0207506, &(0x7f0000000000)={0x0, 0xffff, 0x0, 0x0, <r3=>0x0})
sched_setaffinity(r3, 0xfffffffffffffefe, &(0x7f0000000180)=0xbdd1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000, 0x0, 0x0, 0x8})
mlockall(0x7)
mprotect(&(0x7f000002c000/0x1000)=nil, 0x1000, 0x2)
madvise(&(0x7f000000a000/0x2000)=nil, 0x2000, 0x9)
r4 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r4, 0xc00c642e, &(0x7f0000000300)={0x0, 0x0, r4})
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
r5 = syz_open_procfs(0x0, &(0x7f0000000100)='smaps_rollup\x00')
r6 = socket$inet(0x2, 0x5, 0x0)
getsockopt$ARPT_SO_GET_ENTRIES(r6, 0x0, 0x50, 0x0, &(0x7f0000000000)=0x600)
read$FUSE(r5, &(0x7f0000002180)={0x2020}, 0x2020)
write$cgroup_int(r1, &(0x7f0000000540), 0xfffffdd8)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x19)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[], 0xfc}}, 0x0)

6.95872764s ago: executing program 5 (id=6048):
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0)
madvise(&(0x7f00004a6000/0xb000)=nil, 0xb000, 0x4)

6.334768911s ago: executing program 5 (id=6050):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x80042, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)=@phonet, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)="b8", 0x1ff48}], 0x2}, 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_PORT_UNSPLIT(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={0x14, 0x0, 0x731, 0x70bd2d, 0x25dfdbfe, {0x38}}, 0x14}, 0x1, 0x2, 0x0, 0x4000000}, 0x0)
listen(r1, 0xda8d)
accept4$inet(r1, 0x0, 0x0, 0x800)
shutdown(r1, 0x1)
syz_usb_connect(0x0, 0x36, &(0x7f0000000940)=ANY=[@ANYBLOB="12010000226aa140070ad0001310010203010902240001000000000904000002bd22f00009050303000000000009058aff"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

4.395128147s ago: executing program 6 (id=6064):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0xdfffffff, 0x5e490420, 0x4, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20, 0x0, 0x3731, {0x0, 0x7f69ff17f1e1ab77}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0xc5001, 0x104)
write$FUSE_NOTIFY_RETRIEVE(r2, 0x0, 0x0)

2.370708191s ago: executing program 5 (id=6085):
r0 = socket$kcm(0x10, 0x2, 0x4)
r1 = socket$pppoe(0x18, 0x1, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x42795000)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000000c0), &(0x7f0000000180)=0xc)
connect$pppoe(r1, &(0x7f0000000000)={0x18, 0x0, {0x2, @local, 'bridge0\x00'}}, 0x1e)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="0204000902000000e4a17c45c8d260c9", 0x10}], 0x7}, 0x0)
sendmmsg(r1, &(0x7f0000002340)=[{{0x0, 0x0, 0x0}}], 0x3e8, 0x0)

2.324293098s ago: executing program 6 (id=6086):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x24000840)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000180)=ANY=[@ANYBLOB="700000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b0001006d616373656300000400028008000500", @ANYRES32=r1], 0x70}}, 0x0)

2.169004914s ago: executing program 1 (id=6087):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000000240)={@val={0x0, 0x6005}, @void, @eth={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @broadcast, @val={@val={0x88a8, 0x7, 0x0, 0x1}, {0x8100, 0x0, 0x0, 0xfff}}, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x2, 0x24, 0x68, 0x0, 0x0, 0x11, 0x0, @initdev={0xac, 0x1e, 0x2, 0x0}, @empty}, {0x0, 0x17c1, 0x10, 0x0, @gue={{0x2, 0x0, 0x0, 0x0, 0x100, @val=0x80}}}}}}}}, 0x3e)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000540)=0x189d, 0x4)
recvmmsg(r0, &(0x7f0000000b00)=[{{0x0, 0x0, 0x0}, 0x7fff}], 0x1, 0x0, 0x0)

2.061185691s ago: executing program 5 (id=6088):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x6, 0xf, &(0x7f0000000000)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}}, &(0x7f0000000100)='GPL\x00', 0x8}, 0x94)

2.057981467s ago: executing program 2 (id=6089):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000140)='./file1\x00')
r0 = open(&(0x7f00000002c0)='.\x00', 0x80000, 0x12d)
syz_open_dev$media(0x0, 0x3, 0x0)
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x2}, &(0x7f0000000b80)=<r1=>0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x16, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
ioctl$KVM_SET_CPUID2(r2, 0x4048aecb, &(0x7f0000000400)={0x1, 0x0, [{0x80000001, 0x1e3, 0x7, 0x8, 0x5, 0x110, 0x3}]})
pipe(&(0x7f0000000000))
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_IO_FLUSHER(0x43, 0x1)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil)
open(&(0x7f0000000000)='./file1\x00', 0x4684c2, 0x12)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, &(0x7f0000000180))

2.039036612s ago: executing program 6 (id=6090):
r0 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_PORT_GET(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="01000000000000000062540000000e0002006e657464657673696d0000000f0002006e657464657673696d300000080003"], 0x3c}, 0x1, 0x0, 0x0, 0x8001}, 0x0)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r3, 0x5, 0x0, 0x0, r2)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x2)
fchdir(r4)
r5 = open(&(0x7f0000000000)='.\x00', 0x0, 0x244)
r6 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r6, r6)
setpgid(0x0, r6)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
move_mount(r4, 0x0, r5, &(0x7f00000000c0)='./file0\x00', 0x14)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r5, 0x9362, 0x0)
sendfile(r1, r1, 0x0, 0x9)
socket$inet_udp(0x2, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x7fff8000}]})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40841, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB, @ANYRES32=r9, @ANYBLOB="01000000000000002800128009000100766c616e000000001800", @ANYRES64], 0x50}, 0x1, 0x0, 0x0, 0x80}, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})

1.852086173s ago: executing program 5 (id=6091):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x3, 0x8, &(0x7f00000003c0)=ANY=[@ANYBLOB], &(0x7f0000000640)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x3, &(0x7f0000000280)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_mptcp_buf(r3, 0x11c, 0x4, &(0x7f0000001440)=""/40, &(0x7f0000001480)=0x28)
r4 = syz_open_dev$cec(&(0x7f0000002340), 0x0, 0x101441)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r7, 0xc028ae92, &(0x7f0000000000)={0x80000000})
ioctl$CEC_S_MODE(r4, 0x40046109, 0x0)
r8 = syz_open_dev$cec(0x0, 0x0, 0x20000)
ioctl$CEC_S_MODE(r8, 0x40046109, &(0x7f0000000240)=0x82)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
mount(0x0, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='xfs\x00', 0x2208004, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/pid_for_children\x00')

1.843831424s ago: executing program 2 (id=6092):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000400)={0x1, 0x1, 0x0, 0x0, 0x0, 0xeeee0000})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000001680))
r1 = eventfd2(0x801, 0x80000)
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000001c0)={0x0, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f0000000440)=""/180, 0x0, 0x6000})
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x0, r1})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000140)={@my=0x1})
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10)

1.686515439s ago: executing program 1 (id=6093):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYRESHEX=0x0])
mount(0x0, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000140)='./file1\x00')
r0 = open(&(0x7f00000002c0)='.\x00', 0x80000, 0x12d)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil)
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, &(0x7f0000000180))

1.536491597s ago: executing program 2 (id=6095):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
getsockopt$inet_mptcp_buf(r0, 0x11c, 0x4, &(0x7f00000000c0)=""/206, &(0x7f0000000080)=0xce)

1.298337299s ago: executing program 1 (id=6096):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001400), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x2, 0x0, 0x111, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_DESTROY_ID(r0, &(0x7f0000000080)={0x1, 0x10}, 0x18)

1.140258409s ago: executing program 6 (id=6097):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file1\x00', 0x13b)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000003c0)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r0 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa1f)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
write$FUSE_CREATE_OPEN(r0, &(0x7f0000000180)={0xa0, 0xffffffffffffffda, 0x0, {{0x4, 0x3, 0x5, 0x6, 0x3, 0x1, {0x0, 0x9, 0x20ff, 0x1, 0x89, 0xd615, 0x9, 0x7fffffff, 0xfffffffe, 0x8000, 0x0, 0x0, 0x0, 0x3ff, 0x1}}, {0x0, 0x13}}}, 0xa0)
ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f0000000440)=ANY=[@ANYBLOB="05000000000000000300000000000000"])

955.446695ms ago: executing program 2 (id=6099):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
close(r0)
r1 = epoll_create1(0x0)
mount$9p_fd(0x0, &(0x7f0000000680)='./file0\x00', &(0x7f0000000380), 0x14c98, &(0x7f0000000040)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESDEC=r1])

883.873637ms ago: executing program 6 (id=6100):
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x31, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x94)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0xfffff000, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x4, 0x1, 0x0, 0x2000, &(0x7f0000002000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

821.243721ms ago: executing program 1 (id=6101):
r0 = syz_open_dev$loop(&(0x7f0000000280), 0x7, 0x400)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000300)={0xffffffffffffffff, 0x1, {0x0, 0x0, 0x0, 0x8, 0x7fffffffffffffff, 0x0, 0x0, 0xa, 0x24, "4708f47f6a23bbe312fa24d1926dc7d2b637f8eb808d6c7cb0fe78f46b4c1aa5c0ad99614351f83c3536cbfd037d2c31b0fa366a8c8d5f5eb5a2593e8b0337d9", "64525d7045be56711c1311059a2049bba367ff0d3ba0d07bccfbc54e8dffb920d07f84ba476e208fd9a1083e66c07f548673256d9de432cecdf66aba457ddfe5", "aef238d5fea484a094bce86e4bc81c947fa28c49ecc347daa061210a2e290143", [0x4, 0x6]}})

746.623001ms ago: executing program 5 (id=6103):
r0 = socket$inet(0x2, 0x2, 0x0)
getsockopt$inet_mreqn(r0, 0x0, 0x20, 0x0, &(0x7f0000000800))
ioctl$BTRFS_IOC_TREE_SEARCH_V2(r0, 0xc0709411, &(0x7f00000000c0)={{0x0, 0x2c, 0x0, 0x9, 0xffffffffffffffff, 0x6, 0x4, 0x4089, 0x5, 0x8, 0x7, 0x4, 0x0, 0x7f, 0x2}, 0x10, [0x0, 0x0]})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001480)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="1201100100000010450c1251000000000001090224"], 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f0000000000)={@local})
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0xc00000000000, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xfffdffffffffffff, 0x9, 0x3, 0xf, 0x80000006}, 0x0, 0x0)
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r3, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x5e, 0x8})
ioctl$IOCTL_VMCI_CTX_ADD_NOTIFICATION(r3, 0x7af, &(0x7f0000000080)={@hyper, 0x2})
r4 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, &(0x7f0000000240)={@hyper})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r4, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x5e})
close_range(r2, 0xffffffffffffffff, 0x0)

704.649794ms ago: executing program 1 (id=6104):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0xe, &(0x7f0000006680))
pwritev2(0xffffffffffffffff, 0x0, 0x0, 0x40000, 0x2, 0x0)

692.516733ms ago: executing program 6 (id=6105):
r0 = socket$inet(0x2, 0x2, 0x0)
getsockopt$inet_mreqn(r0, 0x0, 0x20, 0x0, &(0x7f0000000800))
ioctl$BTRFS_IOC_TREE_SEARCH_V2(r0, 0xc0709411, &(0x7f00000000c0)={{0x0, 0x2c, 0x0, 0x9, 0xffffffffffffffff, 0x6, 0x4, 0x4089, 0x5, 0x8, 0x7, 0x4, 0x0, 0x7f, 0x2}, 0x10, [0x0, 0x0]})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001480)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="1201100100000010450c1251000000000001090224"], 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f0000000000)={@local})
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x101000, 0x0)
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0xc00000000000, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xfffdffffffffffff, 0x9, 0x3, 0xf, 0x80000006}, 0x0, 0x0)
ioctl$IOCTL_VMCI_CTX_ADD_NOTIFICATION(r3, 0x7af, &(0x7f0000000080)={@hyper, 0x2})
r4 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, &(0x7f0000000240)={@hyper})
close_range(r2, 0xffffffffffffffff, 0x0)

596.710347ms ago: executing program 1 (id=6107):
r0 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_PORT_GET(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="01000000000000000062540000000e0002006e657464657673696d0000000f0002006e657464657673696d300000080003"], 0x3c}, 0x1, 0x0, 0x0, 0x8001}, 0x0)
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r3, 0x5, &(0x7f00000005c0)='fd', 0x0, r2)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x2)
fchdir(r4)
r5 = open(0x0, 0x0, 0x244)
r6 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r6, r6)
setpgid(0x0, r6)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
move_mount(r4, 0x0, r5, &(0x7f00000000c0)='./file0\x00', 0x14)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r5, 0x9362, 0x0)
sendfile(r1, r1, 0x0, 0x9)
socket$inet_udp(0x2, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x7fff8000}]})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40841, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB, @ANYRES32=r9, @ANYBLOB="01000000000000002800128009000100766c616e000000001800", @ANYRES64], 0x50}, 0x1, 0x0, 0x0, 0x80}, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})

460.284002ms ago: executing program 4 (id=6110):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file1\x00', 0x13b)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000003c0)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r0 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa1f)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
write$FUSE_CREATE_OPEN(r0, &(0x7f0000000180)={0xa0, 0xffffffffffffffda, 0x0, {{0x4, 0x3, 0x5, 0x6, 0x3, 0x1, {0x0, 0x9, 0x20ff, 0x1, 0x89, 0xd615, 0x9, 0x7fffffff, 0xfffffffe, 0x8000, 0x0, 0x0, 0x0, 0x3ff, 0x1}}, {0x0, 0x13}}}, 0xa0)
ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f0000000440)=ANY=[@ANYBLOB="05000000000000000300000000000000"])

431.576957ms ago: executing program 4 (id=6111):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, 0x0, 0x0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x4001, 0x0, @empty}, 0x1c)
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)

390.033453ms ago: executing program 4 (id=6112):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x0, 0x0, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000007c0)={r0}, 0xc)

320.701238ms ago: executing program 4 (id=6113):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r0, 0xfffffffc)
r1 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r1, &(0x7f0000000280)=[{0x0}], 0x1)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r1)

302.85272ms ago: executing program 4 (id=6114):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1, 0x42, 0x6, 0x8, 0x0, 0x1}, 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x8000}, 0x38)

210.709918ms ago: executing program 4 (id=6115):
renameat2(0xffffffffffffffff, &(0x7f00000002c0)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffffff, 0x0, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x20008, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x101000, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x1, 0x100004, 0xdf18, 0xe2a4, 0x1}, 0x50)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x18, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x1, r1}, 0x38)
ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f00000001c0)=0x4)
io_uring_setup(0x664b, &(0x7f0000000500)={0x0, 0x5e87, 0x0, 0x0, 0x337})
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r2 = add_key$user(0x0, 0x0, &(0x7f00000021c0), 0x0, 0xfffffffffffffffe)
r3 = add_key$user(0x0, &(0x7f0000002340)={'syz', 0x3}, &(0x7f0000000100)="370c099069effa43de3e1404db09b4ce1ef77bde4b371532dd16447c1b13403656c86711f6e750026f23029a50d44299c7bf5c78dc5efae2d041016160e8bef7b30c05e298aa9572540dd950307987eef2115e1bcf512bea3410ca5a9e9f827e4b13490dbbd4fc5a45", 0x69, 0xffffffffffffffff)
keyctl$dh_compute(0x17, &(0x7f0000000080)={r2, r3, r2}, 0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)={'streebog256-generic\x00'}})
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffb}, [@call={0x85, 0x0, 0x0, 0x50}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2000006}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x33}}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r4, 0x2000012, 0xe, 0x0, &(0x7f0000000280)="63ec33c9e9b98600000000000000", 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xb}, 0x50)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./cgroup\x00', &(0x7f0000000580), 0x0, &(0x7f0000000000))
r5 = syz_open_dev$sndctrl(&(0x7f0000001280), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r5, 0xc1205531, &(0x7f00000101c0)={0x0, 0x6, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x8f1, "b6855a32474ffa64f778ddcf29c94337"})

49.255061ms ago: executing program 2 (id=6116):
bpf$MAP_CREATE(0x0, &(0x7f0000001d00)=@bloom_filter={0x1e, 0x0, 0x8, 0x5, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)

0s ago: executing program 2 (id=6117):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x1}, 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x4, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x81}, [@call={0x85, 0x0, 0x0, 0xe}]}, &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r0, 0x2000012, 0xe, 0x0, &(0x7f0000000280)="63ec33c9e9b98600000000000000", 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xb}, 0x50)

kernel console output (not intermixed with test programs):

 1174.585511][T22122] Invalid ELF header type: 3 != 1
[ 1174.982367][T15214] usb 2-1: new high-speed USB device number 67 using dummy_hcd
[ 1175.194498][T15214] usb 2-1: too many configurations: 151, using maximum allowed: 8
[ 1175.744478][T15214] usb 2-1: New USB device found, idVendor=04d8, idProduct=0082, bcdDevice=ce.b7
[ 1175.779022][T15214] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=130
[ 1175.811322][T15214] usb 2-1: Product: syz
[ 1175.832863][T15214] usb 2-1: Manufacturer: syz
[ 1175.975834][T15214] usb 2-1: SerialNumber: syz
[ 1175.994880][T15214] usb 2-1: config 0 descriptor??
[ 1176.022566][T15214] ims_pcu 2-1:0.0: Zero length descriptor
[ 1176.037812][T15214] ims_pcu 2-1:0.0: probe with driver ims_pcu failed with error -22
[ 1177.213180][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[ 1177.221353][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[ 1177.857215][T15214] usb 6-1: new high-speed USB device number 37 using dummy_hcd
[ 1177.935781][ T5795] usb 2-1: USB disconnect, device number 67
[ 1178.028235][T15214] usb 6-1: device descriptor read/64, error -71
[ 1178.312528][T22166] Invalid ELF header type: 3 != 1
[ 1178.710347][T15214] usb 6-1: new high-speed USB device number 38 using dummy_hcd
[ 1178.846866][T15214] usb 6-1: device descriptor read/64, error -71
[ 1178.970421][T15214] usb usb6-port1: attempt power cycle
[ 1180.127803][T22191] fuse: Unknown parameter 'group_id00000000000000000000'
[ 1181.272189][ T5795] kernel read not supported for file /newroot/46/file0 (pid: 5795 comm: kworker/0:7)
[ 1182.128580][T22221] netlink: 'syz.2.4804': attribute type 4 has an invalid length.
[ 1182.170381][T22221] netlink: 152 bytes leftover after parsing attributes in process `syz.2.4804'.
[ 1185.017058][T22253] Invalid ELF header type: 3 != 1
[ 1186.031009][T22259] netlink: 'syz.6.4818': attribute type 4 has an invalid length.
[ 1186.040038][T22259] netlink: 152 bytes leftover after parsing attributes in process `syz.6.4818'.
[ 1186.054853][T22259] .`: renamed from bond0 (while UP)
[ 1187.067830][T22270] syz.5.4817 (22270) used greatest stack depth: 18816 bytes left
[ 1187.794759][T22302] Invalid ELF header type: 3 != 1
[ 1188.417417][T22306] tmpfs: Bad value for 'grpquota_block_hardlimit'
[ 1190.156647][ T5724] usb 3-1: new high-speed USB device number 57 using dummy_hcd
[ 1190.261602][T22320] netlink: 220 bytes leftover after parsing attributes in process `syz.5.4834'.
[ 1190.332588][T22324] openvswitch: netlink: Actions may not be safe on all matching packets
[ 1190.407380][ T5724] usb 3-1: Using ep0 maxpacket: 8
[ 1190.428174][ T5724] usb 3-1: config 0 has an invalid interface number: 55 but max is 0
[ 1190.446555][ T5724] usb 3-1: config 0 has no interface number 0
[ 1190.454790][ T5724] usb 3-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1190.469314][ T5724] usb 3-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1190.492029][ T5724] usb 3-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1190.503928][T22328] netlink: 220 bytes leftover after parsing attributes in process `syz.5.4837'.
[ 1190.521048][ T5724] usb 3-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1190.547813][ T5724] usb 3-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1190.572494][ T5724] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1190.576852][ T5794] usb 5-1: new high-speed USB device number 56 using dummy_hcd
[ 1190.606666][ T5724] usb 3-1: config 0 descriptor??
[ 1190.644664][ T5724] ldusb 3-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1190.716720][ T5794] usb 5-1: device descriptor read/64, error -71
[ 1190.876080][T22337] Invalid ELF header type: 3 != 1
[ 1191.302567][ T5795] usb 3-1: USB disconnect, device number 57
[ 1191.352385][ T5795] ldusb 3-1:0.55: LD USB Device #0 now disconnected
[ 1191.367373][ T5794] usb 5-1: new high-speed USB device number 57 using dummy_hcd
[ 1191.546953][ T5794] usb 5-1: device descriptor read/64, error -71
[ 1191.806987][ T5794] usb usb5-port1: attempt power cycle
[ 1191.945409][T22347] Invalid ELF header type: 3 != 1
[ 1192.556550][ T5724] usb 6-1: new high-speed USB device number 40 using dummy_hcd
[ 1192.621165][ T5794] usb 5-1: new high-speed USB device number 58 using dummy_hcd
[ 1192.816633][ T5724] usb 6-1: Using ep0 maxpacket: 8
[ 1192.830508][ T5724] usb 6-1: config 0 has an invalid interface number: 55 but max is 0
[ 1192.862877][ T5724] usb 6-1: config 0 has no interface number 0
[ 1192.887293][ T5724] usb 6-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1192.941688][ T5724] usb 6-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1192.989826][ T5724] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1193.036687][ T5724] usb 6-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1193.089768][ T5724] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1193.131848][ T5724] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1193.209229][ T5724] usb 6-1: config 0 descriptor??
[ 1193.257313][ T5794] usb 5-1: device descriptor read/8, error -71
[ 1193.262984][ T5724] ldusb 6-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1193.296729][ T5745] usb 3-1: new high-speed USB device number 58 using dummy_hcd
[ 1193.342655][T22361] netlink: 80 bytes leftover after parsing attributes in process `syz.1.4847'.
[ 1193.357615][T22361] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4847'.
[ 1193.368150][T22361] netlink: 64 bytes leftover after parsing attributes in process `syz.1.4847'.
[ 1194.010960][ T5745] usb 3-1: Using ep0 maxpacket: 8
[ 1194.285463][ T5794] usb 5-1: new high-speed USB device number 59 using dummy_hcd
[ 1194.331692][ T5745] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1194.418608][T22362] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1194.473824][ T5745] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1194.611890][ T5745] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1194.622004][ T5794] usb 5-1: device descriptor read/8, error -71
[ 1194.644174][ T5745] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1194.710002][ T5745] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1194.757383][ T5794] usb usb5-port1: unable to enumerate USB device
[ 1194.794986][ T5745] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1195.064061][ T5745] usb 3-1: GET_CAPABILITIES returned 0
[ 1195.075378][ T5745] usbtmc 3-1:16.0: can't read capabilities
[ 1196.081022][ T5724] usb 6-1: USB disconnect, device number 40
[ 1196.089731][T22353] ldusb 6-1:0.55: Couldn't submit interrupt_in_urb -19
[ 1196.121935][ T5724] ldusb 6-1:0.55: LD USB Device #0 now disconnected
[ 1196.420073][   T24] usb 3-1: USB disconnect, device number 58
[ 1197.479237][T22396] loop5: detected capacity change from 0 to 7
[ 1197.494174][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1197.503563][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[ 1197.513268][    C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1197.522536][    C1] Buffer I/O error on dev loop5, logical block 0, async page read
[ 1197.534613][    C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1197.543875][    C1] Buffer I/O error on dev loop5, logical block 0, async page read
[ 1197.847501][T14828] Bluetooth: hci4: unexpected event for opcode 0x0c25
[ 1197.940133][T22400] loop5: detected capacity change from 7 to 0
[ 1197.940243][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1197.955432][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[ 1197.980457][T22396] ldm_validate_partition_table(): Disk read failed.
[ 1198.001822][T22407] syzkaller0: entered promiscuous mode
[ 1198.022829][T22396] Dev loop5: unable to read RDB block 0
[ 1198.034374][T22407] syzkaller0: entered allmulticast mode
[ 1198.058177][T22396]  loop5: unable to read partition table
[ 1198.089871][T22396] loop5: partition table beyond EOD, truncated
[ 1198.096195][T22396] loop_reread_partitions: partition scan of loop5 (íðÉ�Ôn/C>|¶×n˜èªÐ˨“Ò,l¤-"@Iy}˜“c¤9¬ás„GQäªa§üG%xÔ?) failed (rc=-5)
[ 1198.192997][T22412] netlink: 80 bytes leftover after parsing attributes in process `syz.5.4859'.
[ 1198.212559][T22412] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4859'.
[ 1198.233219][T22412] netlink: 64 bytes leftover after parsing attributes in process `syz.5.4859'.
[ 1199.666953][T15214] usb 2-1: new high-speed USB device number 68 using dummy_hcd
[ 1200.056581][T15214] usb 2-1: Using ep0 maxpacket: 8
[ 1200.095448][T22436] netlink: 20 bytes leftover after parsing attributes in process `syz.6.4869'.
[ 1200.122931][T15214] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1200.241440][T15214] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1200.256967][T15214] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1200.268592][T15214] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1200.386640][T22436] tipc: Invalid UDP bearer configuration
[ 1200.386709][T22436] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[ 1201.376604][T15214] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1201.400047][T15214] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1202.374601][T15214] usb 2-1: GET_CAPABILITIES returned 0
[ 1202.384910][T15214] usbtmc 2-1:16.0: can't read capabilities
[ 1202.505311][T22454] syzkaller0: entered promiscuous mode
[ 1202.511391][T22454] syzkaller0: entered allmulticast mode
[ 1202.614879][   T29] usb 2-1: USB disconnect, device number 68
[ 1202.748405][T22463] fuse: Bad value for 'fd'
[ 1202.760622][ T5794] kernel read not supported for file /newroot/423/file0 (pid: 5794 comm: kworker/0:6)
[ 1202.836153][T22467] loop5: detected capacity change from 0 to 7
[ 1202.838518][T22466] netlink: 80 bytes leftover after parsing attributes in process `syz.4.4879'.
[ 1202.847502][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1202.853404][T22466] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4879'.
[ 1202.860461][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[ 1202.869895][T22466] netlink: 64 bytes leftover after parsing attributes in process `syz.4.4879'.
[ 1202.900387][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1202.909633][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[ 1202.919971][    C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1202.929200][    C1] Buffer I/O error on dev loop5, logical block 0, async page read
[ 1202.961461][T22470] loop5: detected capacity change from 7 to 0
[ 1202.964674][    C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1202.976825][    C1] Buffer I/O error on dev loop5, logical block 0, async page read
[ 1202.986868][T22467] ldm_validate_partition_table(): Disk read failed.
[ 1203.006653][T22467] Dev loop5: unable to read RDB block 0
[ 1203.022469][T22467]  loop5: unable to read partition table
[ 1203.038592][T22467] loop5: partition table beyond EOD, truncated
[ 1203.054752][T22467] loop_reread_partitions: partition scan of loop5 (íðÉ�Ôn/C>|¶×n˜èªÐ˨“Ò,l¤-"@Iy}˜“c¤9¬ás„GQäªa§üG%xÔ?) failed (rc=-5)
[ 1203.245609][T22476] netlink: 'syz.4.4881': attribute type 10 has an invalid length.
[ 1203.526975][   T29] usb 3-1: new high-speed USB device number 59 using dummy_hcd
[ 1203.811809][   T29] usb 3-1: Using ep0 maxpacket: 8
[ 1203.839623][   T29] usb 3-1: config 0 has an invalid interface number: 55 but max is 0
[ 1203.872613][   T29] usb 3-1: config 0 has no interface number 0
[ 1203.901602][   T29] usb 3-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1203.970587][   T29] usb 3-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1204.073866][   T29] usb 3-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1204.163631][   T29] usb 3-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1204.211591][   T29] usb 3-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1204.220788][   T29] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1204.240977][   T29] usb 3-1: config 0 descriptor??
[ 1204.258870][   T29] ldusb 3-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1204.444178][T22496] veth1_to_bond: entered allmulticast mode
[ 1204.546904][T22495] syzkaller0: entered promiscuous mode
[ 1204.552592][T22495] syzkaller0: entered allmulticast mode
[ 1204.910102][T22502] fuse: Bad value for 'fd'
[ 1204.924012][   T29] kernel read not supported for file /newroot/260/file0 (pid: 29 comm: kworker/1:1)
[ 1205.089847][T22489] veth1_to_bond: left allmulticast mode
[ 1205.176685][T22508] netlink: 80 bytes leftover after parsing attributes in process `syz.1.4891'.
[ 1205.205983][T22508] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4891'.
[ 1205.240430][T22508] netlink: 64 bytes leftover after parsing attributes in process `syz.1.4891'.
[ 1205.638984][T22519] Invalid ELF header type: 3 != 1
[ 1206.066680][T16801] usb 6-1: new high-speed USB device number 41 using dummy_hcd
[ 1206.305049][T16801] usb 6-1: Using ep0 maxpacket: 8
[ 1206.409095][   T29] usb 3-1: USB disconnect, device number 59
[ 1206.438764][T16801] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1206.599785][T16801] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1206.736356][T16801] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1206.828496][T16801] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1206.968116][T16801] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1206.989601][   T29] ldusb 3-1:0.55: LD USB Device #0 now disconnected
[ 1206.997116][T16801] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1207.186079][T22531] netlink: 'syz.1.4896': attribute type 10 has an invalid length.
[ 1207.400495][T16801] usb 6-1: GET_CAPABILITIES returned 0
[ 1207.453804][T16801] usbtmc 6-1:16.0: can't read capabilities
[ 1208.404820][T16801] usb 6-1: USB disconnect, device number 41
[ 1208.430067][T22544] fuse: Bad value for 'fd'
[ 1208.691272][   T24] kernel read not supported for file /newroot/432/file0 (pid: 24 comm: kworker/1:0)
[ 1208.696790][T22547] netlink: 80 bytes leftover after parsing attributes in process `syz.1.4902'.
[ 1208.710188][T22547] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4902'.
[ 1208.719304][T22547] netlink: 64 bytes leftover after parsing attributes in process `syz.1.4902'.
[ 1209.949714][T14828] Bluetooth: hci3: command 0x0406 tx timeout
[ 1210.166418][T22564] netlink: 'syz.6.4908': attribute type 4 has an invalid length.
[ 1210.175079][T22564] netlink: 152 bytes leftover after parsing attributes in process `syz.6.4908'.
[ 1210.651303][T22567] netlink: 96 bytes leftover after parsing attributes in process `syz.4.4909'.
[ 1210.686666][ T5794] usb 6-1: new high-speed USB device number 42 using dummy_hcd
[ 1210.856534][ T5794] usb 6-1: Using ep0 maxpacket: 8
[ 1210.867659][ T5794] usb 6-1: config 0 has an invalid interface number: 55 but max is 0
[ 1210.885891][ T5794] usb 6-1: config 0 has no interface number 0
[ 1210.899855][ T5794] usb 6-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1210.943913][ T5794] usb 6-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1210.982496][ T5794] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1211.018151][ T5794] usb 6-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1211.032979][T22578] fuse: Bad value for 'fd'
[ 1211.046263][ T5745] kernel read not supported for file /newroot/309/file0 (pid: 5745 comm: kworker/0:5)
[ 1211.076272][ T5794] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1211.084382][T22580] netlink: 80 bytes leftover after parsing attributes in process `syz.4.4915'.
[ 1211.102515][ T5794] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1211.112397][T22580] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4915'.
[ 1211.132385][T22580] netlink: 64 bytes leftover after parsing attributes in process `syz.4.4915'.
[ 1211.133348][ T5794] usb 6-1: config 0 descriptor??
[ 1211.181310][ T5794] ldusb 6-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1212.595834][T22606] fuse: Bad value for 'fd'
[ 1212.616214][ T5794] kernel read not supported for file /newroot/72/file0 (pid: 5794 comm: kworker/0:6)
[ 1213.016590][   T24] usb 6-1: USB disconnect, device number 42
[ 1213.301054][   T24] ldusb 6-1:0.55: LD USB Device #0 now disconnected
[ 1213.389355][T22615] netlink: 80 bytes leftover after parsing attributes in process `syz.6.4929'.
[ 1213.450006][T22615] netlink: 24 bytes leftover after parsing attributes in process `syz.6.4929'.
[ 1213.463473][T22617] netlink: 200 bytes leftover after parsing attributes in process `syz.5.4930'.
[ 1213.504803][T22615] netlink: 64 bytes leftover after parsing attributes in process `syz.6.4929'.
[ 1213.906681][   T24] usb 6-1: new full-speed USB device number 43 using dummy_hcd
[ 1214.859065][T22635] ALSA: mixer_oss: invalid OSS volume ''
[ 1215.070482][T22643] fuse: Bad value for 'fd'
[ 1215.078239][ T5731] kernel read not supported for file /newroot/269/file0 (pid: 5731 comm: kworker/1:6)
[ 1215.143055][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10
[ 1215.194815][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[ 1215.295698][   T24] usb 6-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ac.7e
[ 1215.354397][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1215.403156][   T24] usb 6-1: Product: syz
[ 1215.445159][   T24] usb 6-1: Manufacturer: syz
[ 1215.478399][   T24] usb 6-1: SerialNumber: syz
[ 1215.676782][   T24] usb 6-1: config 0 descriptor??
[ 1215.925935][   T24] hub 6-1:0.0: bad descriptor, ignoring hub
[ 1215.993646][   T24] hub 6-1:0.0: probe with driver hub failed with error -5
[ 1215.999244][T22654] netlink: 80 bytes leftover after parsing attributes in process `syz.2.4944'.
[ 1216.009969][T22654] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4944'.
[ 1216.018973][T22654] netlink: 64 bytes leftover after parsing attributes in process `syz.2.4944'.
[ 1216.056523][   T24] input: syz syz as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input48
[ 1216.186234][   T24] input: failed to attach handler mousedev to device input48, error: -5
[ 1216.391097][   T30] audit: type=1400 audit(1782517219.032:907): avc:  denied  { create } for  pid=22666 comm="syz.1.4949" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[ 1216.456978][   T30] audit: type=1400 audit(1782517219.032:908): avc:  denied  { bind } for  pid=22666 comm="syz.1.4949" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[ 1216.491016][T22673] fuse: Invalid rootmode
[ 1216.910611][   T30] audit: type=1400 audit(1782517219.432:909): avc:  denied  { nlmsg_write } for  pid=22668 comm="syz.2.4951" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[ 1218.571628][T22674] ALSA: mixer_oss: invalid OSS volume ''
[ 1218.776265][ T5745] kernel read not supported for file /newroot/272/file0 (pid: 5745 comm: kworker/0:5)
[ 1220.204203][T22695] kAFS: unparsable volume name
[ 1220.262323][T22697] netlink: 80 bytes leftover after parsing attributes in process `syz.6.4956'.
[ 1220.283007][T22697] netlink: 24 bytes leftover after parsing attributes in process `syz.6.4956'.
[ 1220.305576][T22697] netlink: 64 bytes leftover after parsing attributes in process `syz.6.4956'.
[ 1220.333504][T16801] usb 6-1: USB disconnect, device number 43
[ 1220.956641][ T5794] usb 2-1: new full-speed USB device number 69 using dummy_hcd
[ 1221.226883][ T5794] usb 2-1: config 150 has an invalid interface number: 204 but max is 2
[ 1221.262014][ T5794] usb 2-1: config 150 has 2 interfaces, different from the descriptor's value: 3
[ 1222.149020][ T5794] usb 2-1: config 150 has no interface number 0
[ 1222.155382][ T5794] usb 2-1: config 150 interface 204 has no altsetting 0
[ 1222.164610][ T5794] usb 2-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb
[ 1222.173837][ T5794] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1222.182806][ T5794] usb 2-1: Product: syz
[ 1222.187183][ T5794] usb 2-1: Manufacturer: syz
[ 1222.191817][ T5794] usb 2-1: SerialNumber: syz
[ 1223.497898][ T5794] xr_serial 2-1:150.204: skipping garbage
[ 1223.702687][ T5794] xr_serial 2-1:150.204: xr_serial converter detected
[ 1223.714417][ T5794] xr_serial ttyUSB0: Failed to set reg 0x60: -71
[ 1223.722397][ T5794] xr_serial ttyUSB0: probe with driver xr_serial failed with error -71
[ 1223.767884][ T5794] usb 2-1: USB disconnect, device number 69
[ 1223.943377][ T5794] xr_serial 2-1:150.204: device disconnected
[ 1223.952523][T22733] fuse: Invalid rootmode
[ 1224.030207][T22737] netlink: 200 bytes leftover after parsing attributes in process `syz.1.4970'.
[ 1224.060197][ T5745] kernel read not supported for file /newroot/450/file0 (pid: 5745 comm: kworker/0:5)
[ 1224.599812][T22730] ALSA: mixer_oss: invalid OSS volume ''
[ 1224.846554][ T5794] usb 2-1: new full-speed USB device number 70 using dummy_hcd
[ 1225.038930][ T5794] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10
[ 1225.128464][T22758] Invalid ELF header type: 3 != 1
[ 1225.522477][ T5794] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[ 1225.534452][ T5794] usb 2-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ac.7e
[ 1225.543605][ T5794] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1225.551942][ T5794] usb 2-1: Product: syz
[ 1225.556127][ T5794] usb 2-1: Manufacturer: syz
[ 1225.561599][ T5794] usb 2-1: SerialNumber: syz
[ 1225.582609][ T5794] usb 2-1: config 0 descriptor??
[ 1225.614572][ T5794] hub 2-1:0.0: bad descriptor, ignoring hub
[ 1225.628040][ T5794] hub 2-1:0.0: probe with driver hub failed with error -5
[ 1225.643811][ T5794] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input49
[ 1227.307328][T22775] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1227.988421][T22787] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4986'.
[ 1228.359033][ T5794] usb 2-1: USB disconnect, device number 70
[ 1229.851298][T22779] ALSA: mixer_oss: invalid OSS volume ''
[ 1229.903803][T22794] openvswitch: netlink: Actions may not be safe on all matching packets
[ 1230.723688][T22821] Invalid ELF header type: 3 != 1
[ 1231.233577][T22824] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1233.476348][T22834] ALSA: mixer_oss: invalid OSS volume ''
[ 1233.885747][T22857] syzkaller0: entered promiscuous mode
[ 1233.913934][T22857] syzkaller0: entered allmulticast mode
[ 1234.191376][T22870] Invalid ELF header type: 3 != 1
[ 1234.897287][T22875] netlink: 76 bytes leftover after parsing attributes in process `syz.5.5014'.
[ 1234.911401][   T30] audit: type=1400 audit(1782517237.572:910): avc:  denied  { ioctl } for  pid=22876 comm="syz.1.5016" path="/dev/fuse" dev="devtmpfs" ino=99 ioctlcmd=0xe503 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[ 1234.947537][T22875] syzkaller0: entered promiscuous mode
[ 1234.967373][T22875] syzkaller0: entered allmulticast mode
[ 1234.996828][ T5794] usb 3-1: new high-speed USB device number 60 using dummy_hcd
[ 1235.006691][   T30] audit: type=1400 audit(1782517237.652:911): avc:  denied  { mounton } for  pid=22876 comm="syz.1.5016" path="/282/file0" dev="tmpfs" ino=1541 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1
[ 1235.216796][ T5794] usb 3-1: Using ep0 maxpacket: 8
[ 1235.235556][ T5794] usb 3-1: config 0 has an invalid interface number: 55 but max is 0
[ 1235.291799][ T5794] usb 3-1: config 0 has no interface number 0
[ 1235.341947][ T5794] usb 3-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1235.421735][ T5794] usb 3-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1235.469060][ T5794] usb 3-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1235.526350][ T5794] usb 3-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1235.617030][ T5794] usb 3-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1235.658800][ T5794] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1235.795796][ T5794] usb 3-1: config 0 descriptor??
[ 1235.919951][ T5794] ldusb 3-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1236.315365][ T5794] usb 3-1: USB disconnect, device number 60
[ 1236.960409][T22888] ALSA: mixer_oss: invalid OSS volume ''
[ 1237.006274][ T5794] ldusb 3-1:0.55: LD USB Device #0 now disconnected
[ 1237.254482][T22906] syzkaller0: entered promiscuous mode
[ 1237.266918][T22906] syzkaller0: entered allmulticast mode
[ 1237.418787][T15214] usb 6-1: new high-speed USB device number 44 using dummy_hcd
[ 1237.581630][T15214] usb 6-1: Using ep0 maxpacket: 32
[ 1238.191974][T22915] Invalid ELF header type: 3 != 1
[ 1238.607243][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[ 1238.748587][T15214] usb 6-1: config index 0 descriptor too short (expected 29220, got 36)
[ 1238.755777][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[ 1238.758890][T15214] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[ 1238.792451][T15214] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81
[ 1238.828440][T15214] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1238.938365][T15214] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1238.949026][T15214] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 1238.962956][T15214] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[ 1238.976168][T15214] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1238.997090][T15214] usb 6-1: config 0 descriptor??
[ 1239.219804][T15214] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 44 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[ 1239.315464][ T5624] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[ 1239.329290][ T5624] CPU: 1 UID: 0 PID: 5624 Comm: kworker/u9:7 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1239.329347][ T5624] Tainted: [L]=SOFTLOCKUP
[ 1239.329355][ T5624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 1239.329379][ T5624] Workqueue: hci2 hci_rx_work
[ 1239.329414][ T5624] Call Trace:
[ 1239.329422][ T5624]  <TASK>
[ 1239.329432][ T5624]  dump_stack_lvl+0x100/0x190
[ 1239.329469][ T5624]  sysfs_warn_dup.cold+0x1c/0x28
[ 1239.329506][ T5624]  sysfs_create_dir_ns+0x24b/0x2b0
[ 1239.329542][ T5624]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1239.329570][ T5624]  ? find_held_lock+0x2b/0x80
[ 1239.329589][ T5624]  ? kobject_add_internal+0x25f/0x930
[ 1239.329623][ T5624]  ? kobject_add_internal+0x25f/0x930
[ 1239.329656][ T5624]  ? do_raw_spin_unlock+0x145/0x1e0
[ 1239.329690][ T5624]  kobject_add_internal+0x2c8/0x930
[ 1239.329730][ T5624]  kobject_add+0x16a/0x1e0
[ 1239.329751][ T5624]  ? __pfx_kobject_add+0x10/0x10
[ 1239.329772][ T5624]  ? class_to_subsys+0x10f/0x150
[ 1239.329805][ T5624]  ? kobject_put+0xb9/0x640
[ 1239.329836][ T5624]  ? _raw_spin_unlock+0x28/0x50
[ 1239.329868][ T5624]  device_add+0x294/0x1970
[ 1239.329897][ T5624]  ? __pfx_dev_set_name+0x10/0x10
[ 1239.329924][ T5624]  ? __pfx_device_add+0x10/0x10
[ 1239.329950][ T5624]  ? mgmt_send_event_skb+0x2fb/0x460
[ 1239.329987][ T5624]  hci_conn_add_sysfs+0x1a3/0x260
[ 1239.330021][ T5624]  le_conn_complete_evt+0x11eb/0x1f60
[ 1239.330059][ T5624]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1239.330083][ T5624]  ? hci_event_packet+0x186/0xcd0
[ 1239.330112][ T5624]  hci_le_conn_complete_evt+0x23c/0x3a0
[ 1239.330139][ T5624]  ? skb_pull_data+0x15f/0x1e0
[ 1239.330169][ T5624]  hci_le_meta_evt+0x34a/0x5f0
[ 1239.330199][ T5624]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[ 1239.330230][ T5624]  hci_event_packet+0x51c/0xcd0
[ 1239.330257][ T5624]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1239.330283][ T5624]  ? __pfx_hci_event_packet+0x10/0x10
[ 1239.330309][ T5624]  ? kcov_remote_start+0x384/0x670
[ 1239.330334][ T5624]  ? lockdep_hardirqs_on+0x78/0x100
[ 1239.330362][ T5624]  hci_rx_work+0x451/0xfc0
[ 1239.330402][ T5624]  process_one_work+0xa23/0x1940
[ 1239.330439][ T5624]  ? __pfx_process_one_work+0x10/0x10
[ 1239.330470][ T5624]  ? __pfx_hci_rx_work+0x10/0x10
[ 1239.330495][ T5624]  worker_thread+0x5ef/0xe50
[ 1239.330527][ T5624]  ? kthread+0x13a/0x450
[ 1239.330547][ T5624]  ? __pfx_worker_thread+0x10/0x10
[ 1239.330567][ T5624]  kthread+0x370/0x450
[ 1239.330585][ T5624]  ? __pfx_kthread+0x10/0x10
[ 1239.330608][ T5624]  ret_from_fork+0x72b/0xd50
[ 1239.330639][ T5624]  ? __pfx_ret_from_fork+0x10/0x10
[ 1239.330672][ T5624]  ? __switch_to+0x800/0x10f0
[ 1239.330696][ T5624]  ? __pfx_kthread+0x10/0x10
[ 1239.330719][ T5624]  ret_from_fork_asm+0x1a/0x30
[ 1239.330755][ T5624]  </TASK>
[ 1239.332615][ T5624] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1239.374157][T22937] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[ 1239.376006][ T5624] Bluetooth: hci2: failed to register connection device
[ 1239.390191][T22937] batman_adv: batadv0: Adding interface: gretap1
[ 1239.648332][   T30] audit: type=1400 audit(1782517242.302:912): avc:  denied  { read write } for  pid=22901 comm="syz.5.5022" name="lp0" dev="devtmpfs" ino=3491 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1
[ 1239.656290][T22937] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1239.722381][T22937] batman_adv: batadv0: Interface activated: gretap1
[ 1239.751552][   T30] audit: type=1400 audit(1782517242.302:913): avc:  denied  { open } for  pid=22901 comm="syz.5.5022" path="/dev/usb/lp0" dev="devtmpfs" ino=3491 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1
[ 1239.781041][    C1] usblp0: nonzero read bulk status received: -71
[ 1239.782084][ T5795] usb 6-1: USB disconnect, device number 44
[ 1239.790142][T22902] usblp0: error -71 reading from printer
[ 1239.993163][T14828] Bluetooth: hci5: Unable to find connection for big 0x00
[ 1239.997704][T22901] usblp0: removed
[ 1240.033440][T22947] syzkaller0: entered promiscuous mode
[ 1240.050126][T22947] syzkaller0: entered allmulticast mode
[ 1240.446626][ T5724] usb 5-1: new high-speed USB device number 60 using dummy_hcd
[ 1240.587207][ T5724] usb 5-1: device descriptor read/64, error -71
[ 1240.762202][T22972] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5046'.
[ 1240.841996][ T5724] usb 5-1: new high-speed USB device number 61 using dummy_hcd
[ 1240.944865][T22978] netlink: 'syz.5.5047': attribute type 10 has an invalid length.
[ 1240.953782][T22978] syz_tun: entered promiscuous mode
[ 1240.968061][T22978] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[ 1240.978496][ T5724] usb 5-1: device descriptor read/64, error -71
[ 1241.096896][ T5724] usb usb5-port1: attempt power cycle
[ 1241.457257][ T5724] usb 5-1: new high-speed USB device number 62 using dummy_hcd
[ 1242.352637][ T5724] usb 5-1: device descriptor read/8, error -71
[ 1242.786596][T23003] Invalid ELF header type: 3 != 1
[ 1242.916612][ T5724] usb 5-1: new high-speed USB device number 63 using dummy_hcd
[ 1243.071419][ T5724] usb 5-1: device descriptor read/8, error -71
[ 1243.134478][T23008] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5058'.
[ 1243.199341][ T5724] usb usb5-port1: unable to enumerate USB device
[ 1243.487030][T23022] netlink: 'syz.1.5062': attribute type 10 has an invalid length.
[ 1243.880846][T23047] Invalid ELF header type: 3 != 1
[ 1245.571610][   T30] audit: type=1400 audit(1782517248.232:914): avc:  denied  { ioctl } for  pid=23062 comm="syz.6.5075" path="socket:[85491]" dev="sockfs" ino=85491 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[ 1245.598536][T23061] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5071'.
[ 1245.607474][T23061] netlink: 348 bytes leftover after parsing attributes in process `syz.1.5071'.
[ 1245.616655][T23061] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5071'.
[ 1245.625501][T23061] netlink: 348 bytes leftover after parsing attributes in process `syz.1.5071'.
[ 1245.635651][T23061] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5071'.
[ 1245.759531][T23068] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1245.866733][T14828] Bluetooth: hci2: command 0x0406 tx timeout
[ 1246.441686][   T30] audit: type=1400 audit(1782517249.092:915): avc:  denied  { mount } for  pid=23077 comm="syz.4.5081" name="/" dev="rpc_pipefs" ino=84626 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1
[ 1246.827416][   T30] audit: type=1400 audit(1782517249.102:916): avc:  denied  { create } for  pid=23079 comm="syz.5.5082" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1247.027114][   T30] audit: type=1400 audit(1782517249.142:917): avc:  denied  { setopt } for  pid=23079 comm="syz.5.5082" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1247.263424][T23096] netlink: 80 bytes leftover after parsing attributes in process `syz.2.5087'.
[ 1247.286366][T23096] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5087'.
[ 1247.307362][T23096] netlink: 64 bytes leftover after parsing attributes in process `syz.2.5087'.
[ 1248.346544][T14828] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[ 1248.359331][T14828] Bluetooth: hci5: Injecting HCI hardware error event
[ 1248.393109][ T5624] Bluetooth: hci5: hardware error 0x00
[ 1248.869941][T23113] netlink: 'syz.6.5093': attribute type 1 has an invalid length.
[ 1248.899688][T23113] netlink: 'syz.6.5093': attribute type 2 has an invalid length.
[ 1249.084277][ T5724] IPVS: starting estimator thread 0...
[ 1250.370069][T23119] IPVS: using max 34 ests per chain, 81600 per kthread
[ 1250.666832][ T5624] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[ 1251.220789][ T5624] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[ 1251.221783][T23128] netlink: 'syz.1.5096': attribute type 10 has an invalid length.
[ 1251.235078][ T5624] CPU: 1 UID: 0 PID: 5624 Comm: kworker/u9:7 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1251.235114][ T5624] Tainted: [L]=SOFTLOCKUP
[ 1251.235124][ T5624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 1251.235140][ T5624] Workqueue: hci1 hci_rx_work
[ 1251.235172][ T5624] Call Trace:
[ 1251.235181][ T5624]  <TASK>
[ 1251.235190][ T5624]  dump_stack_lvl+0x100/0x190
[ 1251.235223][ T5624]  sysfs_warn_dup.cold+0x1c/0x28
[ 1251.235256][ T5624]  sysfs_create_dir_ns+0x24b/0x2b0
[ 1251.235291][ T5624]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1251.235323][ T5624]  ? find_held_lock+0x2b/0x80
[ 1251.235344][ T5624]  ? kobject_add_internal+0x25f/0x930
[ 1251.235378][ T5624]  ? kobject_add_internal+0x25f/0x930
[ 1251.235415][ T5624]  ? do_raw_spin_unlock+0x145/0x1e0
[ 1251.235447][ T5624]  kobject_add_internal+0x2c8/0x930
[ 1251.235487][ T5624]  kobject_add+0x16a/0x1e0
[ 1251.235507][ T5624]  ? __pfx_kobject_add+0x10/0x10
[ 1251.235527][ T5624]  ? class_to_subsys+0x10f/0x150
[ 1251.235559][ T5624]  ? kobject_put+0xb9/0x640
[ 1251.235588][ T5624]  ? _raw_spin_unlock+0x28/0x50
[ 1251.235620][ T5624]  device_add+0x294/0x1970
[ 1251.235645][ T5624]  ? __pfx_dev_set_name+0x10/0x10
[ 1251.235674][ T5624]  ? __pfx_device_add+0x10/0x10
[ 1251.235699][ T5624]  ? mgmt_send_event_skb+0x2fb/0x460
[ 1251.235736][ T5624]  hci_conn_add_sysfs+0x1a3/0x260
[ 1251.235769][ T5624]  le_conn_complete_evt+0x11eb/0x1f60
[ 1251.235806][ T5624]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1251.235832][ T5624]  ? hci_event_packet+0x186/0xcd0
[ 1251.235866][ T5624]  hci_le_conn_complete_evt+0x23c/0x3a0
[ 1251.235896][ T5624]  ? skb_pull_data+0x15f/0x1e0
[ 1251.235925][ T5624]  hci_le_meta_evt+0x34a/0x5f0
[ 1251.235962][ T5624]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[ 1251.235996][ T5624]  hci_event_packet+0x51c/0xcd0
[ 1251.236026][ T5624]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1251.236057][ T5624]  ? __pfx_hci_event_packet+0x10/0x10
[ 1251.236087][ T5624]  ? kcov_remote_start+0x384/0x670
[ 1251.236114][ T5624]  ? lockdep_hardirqs_on+0x78/0x100
[ 1251.236148][ T5624]  hci_rx_work+0x451/0xfc0
[ 1251.236181][ T5624]  process_one_work+0xa23/0x1940
[ 1251.236218][ T5624]  ? __pfx_process_one_work+0x10/0x10
[ 1251.236251][ T5624]  ? __pfx_hci_rx_work+0x10/0x10
[ 1251.236281][ T5624]  worker_thread+0x5ef/0xe50
[ 1251.236317][ T5624]  ? kthread+0x13a/0x450
[ 1251.236336][ T5624]  ? __pfx_worker_thread+0x10/0x10
[ 1251.236359][ T5624]  kthread+0x370/0x450
[ 1251.236380][ T5624]  ? __pfx_kthread+0x10/0x10
[ 1251.236404][ T5624]  ret_from_fork+0x72b/0xd50
[ 1251.236438][ T5624]  ? __pfx_ret_from_fork+0x10/0x10
[ 1251.236470][ T5624]  ? __switch_to+0x800/0x10f0
[ 1251.236493][ T5624]  ? __pfx_kthread+0x10/0x10
[ 1251.236517][ T5624]  ret_from_fork_asm+0x1a/0x30
[ 1251.236553][ T5624]  </TASK>
[ 1251.237581][ T5624] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1251.526530][ T5624] Bluetooth: hci1: failed to register connection device
[ 1253.235507][T23147] netlink: 80 bytes leftover after parsing attributes in process `syz.6.5101'.
[ 1253.244588][T23147] netlink: 24 bytes leftover after parsing attributes in process `syz.6.5101'.
[ 1253.261949][T23147] netlink: 64 bytes leftover after parsing attributes in process `syz.6.5101'.
[ 1253.524857][T23165] netlink: 'syz.6.5110': attribute type 1 has an invalid length.
[ 1253.567747][T23165] netlink: 'syz.6.5110': attribute type 2 has an invalid length.
[ 1253.716970][ T5795] usb 6-1: new high-speed USB device number 45 using dummy_hcd
[ 1253.870807][ T5795] usb 6-1: device descriptor read/64, error -71
[ 1254.133894][ T5795] usb 6-1: new high-speed USB device number 46 using dummy_hcd
[ 1254.368353][ T5795] usb 6-1: device descriptor read/64, error -71
[ 1254.498272][ T5795] usb usb6-port1: attempt power cycle
[ 1255.335278][ T5795] usb 6-1: new high-speed USB device number 47 using dummy_hcd
[ 1255.402295][ T5795] usb 6-1: device descriptor read/8, error -71
[ 1255.502324][T23177] netlink: 'syz.4.5113': attribute type 10 has an invalid length.
[ 1255.577695][T23184] lo speed is unknown, defaulting to 1000
[ 1255.676549][ T5795] usb 6-1: new high-speed USB device number 48 using dummy_hcd
[ 1256.656494][ T5795] usb 6-1: device descriptor read/8, error -71
[ 1256.672142][T14828] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection
[ 1256.768786][ T5795] usb usb6-port1: unable to enumerate USB device
[ 1256.809501][T23201] netlink: 80 bytes leftover after parsing attributes in process `syz.1.5120'.
[ 1256.826064][T23201] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5120'.
[ 1256.842800][T23201] netlink: 64 bytes leftover after parsing attributes in process `syz.1.5120'.
[ 1258.038687][T23218] netlink: 'syz.1.5124': attribute type 1 has an invalid length.
[ 1258.077531][T23218] netlink: 'syz.1.5124': attribute type 2 has an invalid length.
[ 1258.228977][ T5610] IPVS: starting estimator thread 0...
[ 1258.327145][T23230] IPVS: using max 37 ests per chain, 88800 per kthread
[ 1258.842634][T14828] Bluetooth: hci1: command 0x0406 tx timeout
[ 1260.103831][T23247] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1260.205809][T23254] netlink: 'syz.4.5134': attribute type 4 has an invalid length.
[ 1260.402292][T23254] netlink: 152 bytes leftover after parsing attributes in process `syz.4.5134'.
[ 1261.186610][ T5795] usb 2-1: new high-speed USB device number 71 using dummy_hcd
[ 1261.995871][ T5795] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1262.135534][ T5795] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1262.305848][ T5795] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1262.420208][T23277] netlink: 'syz.2.5142': attribute type 1 has an invalid length.
[ 1262.505364][ T5795] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1262.585535][T23277] netlink: 'syz.2.5142': attribute type 2 has an invalid length.
[ 1262.628064][ T5795] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1263.064557][ T5795] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1263.111764][ T5795] usb 2-1: Manufacturer: syz
[ 1263.121182][ T5795] usb 2-1: config 0 descriptor??
[ 1263.336541][ T5724] usb 6-1: new full-speed USB device number 49 using dummy_hcd
[ 1263.379344][T23289] loop5: detected capacity change from 0 to 7
[ 1263.410188][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1263.419410][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[ 1263.429220][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1263.438448][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[ 1263.451428][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1263.460702][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[ 1263.468860][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1263.478081][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[ 1263.488074][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1263.497296][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[ 1263.507031][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1263.516398][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[ 1263.524766][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1263.533965][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[ 1263.543040][T23289] ldm_validate_partition_table(): Disk read failed.
[ 1263.551074][    C0] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1263.560310][    C0] Buffer I/O error on dev loop5, logical block 0, async page read
[ 1263.569973][ T5795] appleir 0003:05AC:8243.0004: unknown main item tag 0x0
[ 1263.583583][    C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1263.593576][    C1] Buffer I/O error on dev loop5, logical block 0, async page read
[ 1263.598334][ T5795] appleir 0003:05AC:8243.0004: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[ 1263.605752][    C1] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1263.621735][    C1] Buffer I/O error on dev loop5, logical block 0, async page read
[ 1263.632264][T23289] Dev loop5: unable to read RDB block 0
[ 1263.649785][ T5724] usb 6-1: config 0 has an invalid interface number: 8 but max is 0
[ 1263.662593][ T5724] usb 6-1: config 0 has no interface number 0
[ 1263.672202][ T5724] usb 6-1: config 0 interface 8 altsetting 0 has an endpoint descriptor with address 0x9F, changing to 0x8F
[ 1263.677209][T23289]  loop5: unable to read partition table
[ 1263.695312][ T5724] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[ 1263.728507][T23289] loop5: partition table beyond EOD, truncated
[ 1263.742267][ T5724] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1263.753486][T23289] loop_reread_partitions: partition scan of loop5 (úù) failed (rc=-5)
[ 1263.897572][ T5724] usb 6-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[ 1264.092081][ T5724] usb 6-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[ 1264.245432][ T5724] usb 6-1: Product: syz
[ 1264.315257][ T5724] usb 6-1: SerialNumber: syz
[ 1264.586403][ T5724] usb 6-1: config 0 descriptor??
[ 1264.645129][T23300] netlink: 'syz.6.5149': attribute type 4 has an invalid length.
[ 1264.653041][T23300] netlink: 152 bytes leftover after parsing attributes in process `syz.6.5149'.
[ 1264.702948][ T5724] cm109 6-1:0.8: invalid payload size 0, expected 4
[ 1264.749994][ T5724] input: CM109 USB driver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.8/input/input50
[ 1264.796952][ T5795] usb 2-1: USB disconnect, device number 71
[ 1265.648819][T23314] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1266.164660][T23280] veth0_to_bridge: mtu less than device minimum
[ 1266.249841][T23327] netlink: 'syz.1.5157': attribute type 1 has an invalid length.
[ 1266.257922][T23327] netlink: 'syz.1.5157': attribute type 2 has an invalid length.
[ 1266.640587][T23333] netlink: 'syz.6.5160': attribute type 4 has an invalid length.
[ 1266.707044][T23333] netlink: 152 bytes leftover after parsing attributes in process `syz.6.5160'.
[ 1267.066600][    C0] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1267.130809][T20263] usb 6-1: USB disconnect, device number 49
[ 1267.130808][    C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1267.131042][    C1] cm109 6-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[ 1267.198529][T20263] cm109 6-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[ 1267.546831][ T5724] usb 2-1: new high-speed USB device number 72 using dummy_hcd
[ 1267.736916][ T5724] usb 2-1: Using ep0 maxpacket: 8
[ 1267.805740][ T5724] usb 2-1: config 0 has an invalid interface number: 55 but max is 0
[ 1267.861493][ T5724] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1267.984776][ T5724] usb 2-1: config 0 has no interface number 0
[ 1268.035167][ T5724] usb 2-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1268.145998][ T5724] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1268.402451][ T5724] usb 2-1: config 0 descriptor??
[ 1268.501878][ T5724] ldusb 2-1:0.55: Interrupt in endpoint not found
[ 1268.621485][T23368] netlink: 'syz.2.5174': attribute type 4 has an invalid length.
[ 1268.652469][T23368] netlink: 152 bytes leftover after parsing attributes in process `syz.2.5174'.
[ 1268.706182][T16801] usb 2-1: USB disconnect, device number 72
[ 1268.812506][T23374] .`: (slave syz_tun): Releasing backup interface
[ 1268.830692][T23374] A link change request failed with some changes committed already. Interface .` may have been left with an inconsistent configuration, please check.
[ 1269.354078][T23385] Invalid source name
[ 1269.358505][T23385] UBIFS error (pid: 23385): cannot open "./file0", error -22
[ 1269.493921][T23397] netlink: 'syz.1.5186': attribute type 4 has an invalid length.
[ 1269.510137][T23397] netlink: 152 bytes leftover after parsing attributes in process `syz.1.5186'.
[ 1269.672244][T23405] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1269.778519][T23405] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1269.785856][T23405] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1269.874080][T23405] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1269.889357][T23405] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1269.936548][ T5731] usb 6-1: new high-speed USB device number 50 using dummy_hcd
[ 1270.006031][T20263] lo speed is unknown, defaulting to 1000
[ 1270.006860][   T13] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1270.012220][T20263] syz2: Port: 1 Link DOWN
[ 1270.030517][   T13] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1270.042041][   T13] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1270.051818][   T13] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1270.096619][ T5731] usb 6-1: Using ep0 maxpacket: 8
[ 1270.106236][ T5731] usb 6-1: config 0 has an invalid interface number: 55 but max is 0
[ 1270.122654][ T5731] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1270.139064][T23413] Invalid source name
[ 1270.143198][ T5731] usb 6-1: config 0 has no interface number 0
[ 1270.143251][T23413] UBIFS error (pid: 23413): cannot open "./file0", error -22
[ 1270.155403][ T5731] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1270.190833][ T5731] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1270.215730][ T5731] usb 6-1: config 0 descriptor??
[ 1270.228990][ T5731] ldusb 6-1:0.55: Interrupt in endpoint not found
[ 1270.695106][T16801] usb 6-1: USB disconnect, device number 50
[ 1271.188809][T23425] netlink: 'syz.1.5197': attribute type 4 has an invalid length.
[ 1271.196695][T23425] netlink: 152 bytes leftover after parsing attributes in process `syz.1.5197'.
[ 1271.300441][T23430] .`: (slave syz_tun): Releasing backup interface
[ 1271.357146][T23430] bridge_slave_0: left allmulticast mode
[ 1271.378518][T23430] bridge_slave_0: left promiscuous mode
[ 1271.400930][T23430] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1271.451077][T23430] bridge_slave_1: left allmulticast mode
[ 1271.478426][T23430] bridge_slave_1: left promiscuous mode
[ 1271.496178][T23430] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1271.685983][T23430] .`: (slave bond_slave_0): Releasing backup interface
[ 1271.710658][T23430] .`: (slave bond_slave_1): Releasing backup interface
[ 1271.726293][T23430] team0: Port device team_slave_0 removed
[ 1271.789682][T23442] Invalid ELF header type: 3 != 1
[ 1272.075193][T23430] team0: Port device team_slave_1 removed
[ 1272.199116][T23430] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1272.208866][T23430] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1272.219346][T23430] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1272.226984][T23430] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1272.237202][T23430] A link change request failed with some changes committed already. Interface hsr_slave_1 may have been left with an inconsistent configuration, please check.
[ 1272.430695][T23445] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1272.564707][T23455] netlink: 'syz.6.5209': attribute type 4 has an invalid length.
[ 1272.573100][T23455] netlink: 152 bytes leftover after parsing attributes in process `syz.6.5209'.
[ 1274.975454][T23481] Invalid ELF header type: 3 != 1
[ 1276.140051][T23493] netlink: 'syz.5.5220': attribute type 4 has an invalid length.
[ 1276.154229][T23493] netlink: 152 bytes leftover after parsing attributes in process `syz.5.5220'.
[ 1276.173462][T23493] .`: renamed from bond0 (while UP)
[ 1276.560778][ T5731] usb 5-1: new high-speed USB device number 64 using dummy_hcd
[ 1276.610655][T23511] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=23511 comm=syz.5.5224
[ 1277.466815][T23512] Invalid ELF header type: 3 != 1
[ 1277.607895][ T5731] usb 5-1: Using ep0 maxpacket: 8
[ 1278.292304][ T5731] usb 5-1: config 0 has an invalid interface number: 55 but max is 0
[ 1278.302761][ T5731] usb 5-1: config 0 has no interface number 0
[ 1278.315688][ T5731] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1278.326775][ T5731] usb 5-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1278.345356][ T5731] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1278.366404][T23505] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1278.386730][ T5731] usb 5-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1278.432633][ T5731] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1278.451952][ T5731] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1278.469564][ T5731] usb 5-1: config 0 descriptor??
[ 1278.561354][ T5731] ldusb 5-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1278.568451][T23522] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 1279.112593][T23534] fuse: Bad value for 'user_id'
[ 1279.119674][T23534] fuse: Bad value for 'user_id'
[ 1279.407797][T23540] netlink: 'syz.6.5234': attribute type 10 has an invalid length.
[ 1279.426258][T23540] syz_tun: entered promiscuous mode
[ 1279.448252][T23540] .`: (slave syz_tun): Enslaving as an active interface with an up link
[ 1279.854375][ T5731] usb 5-1: USB disconnect, device number 64
[ 1280.630681][ T5731] ldusb 5-1:0.55: LD USB Device #0 now disconnected
[ 1280.965612][ T5724] usb 3-1: new high-speed USB device number 61 using dummy_hcd
[ 1281.220825][T23564] Invalid ELF header type: 3 != 1
[ 1281.296720][ T5724] usb 3-1: device descriptor read/64, error -71
[ 1281.428058][T23567] capability: warning: `syz.1.5242' uses 32-bit capabilities (legacy support in use)
[ 1281.546534][ T5724] usb 3-1: new high-speed USB device number 62 using dummy_hcd
[ 1281.969495][ T5724] usb 3-1: device descriptor read/64, error -71
[ 1282.196884][ T5724] usb usb3-port1: attempt power cycle
[ 1282.225322][T23582] fuse: Bad value for 'fd'
[ 1282.243914][T23582] kvm: apic: phys broadcast and lowest prio
[ 1282.334038][T23582] kvm: apic: phys broadcast and lowest prio
[ 1282.482897][T23584] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1282.536497][ T5724] usb 3-1: new high-speed USB device number 63 using dummy_hcd
[ 1282.577002][ T5724] usb 3-1: device descriptor read/8, error -71
[ 1282.761621][T23592] fuse: Bad value for 'user_id'
[ 1282.769867][T23592] fuse: Bad value for 'user_id'
[ 1284.600431][T23600] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 1285.006628][T23612] Invalid ELF header type: 3 != 1
[ 1286.381918][T23624] fuse: Unknown parameter 'group_i00000000000000000000'
[ 1286.648320][T23634] fuse: Bad value for 'fd'
[ 1287.089646][T23620] Can't find ip_set type hash:ma
[ 1288.166608][T23644] Invalid ELF header type: 3 != 1
[ 1288.781813][T23654] netlink: 92 bytes leftover after parsing attributes in process `syz.2.5271'.
[ 1288.791117][T23654] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5271'.
[ 1288.802135][T23654] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5271'.
[ 1288.830070][T23654] overlay: Bad value for 'uuid'
[ 1289.797019][   T30] audit: type=1400 audit(1782517291.482:918): avc:  denied  { mount } for  pid=23647 comm="syz.2.5271" name="/" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[ 1290.655641][   T30] audit: type=1400 audit(1782517292.562:919): avc:  denied  { unmount } for  pid=16557 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[ 1290.838763][T23666] kAFS: No cell specified
[ 1291.168699][T23669] fuse: Unknown parameter 'group_i00000000000000000000'
[ 1292.063961][T23678] netlink: 'syz.2.5279': attribute type 1 has an invalid length.
[ 1292.073366][T23678] netlink: 'syz.2.5279': attribute type 2 has an invalid length.
[ 1292.146942][   T30] audit: type=1400 audit(1782517294.772:920): avc:  denied  { write } for  pid=23679 comm="syz.1.5278" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[ 1292.646932][ T5795] usb 2-1: new high-speed USB device number 73 using dummy_hcd
[ 1292.882210][ T5795] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[ 1292.953308][ T5795] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1293.012452][ T5795] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[ 1293.043893][ T5795] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[ 1293.098506][ T5795] usb 2-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[ 1293.117893][ T5795] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1293.142560][ T5795] usb 2-1: Product: syz
[ 1293.155569][ T5795] usb 2-1: Manufacturer: syz
[ 1293.173378][ T5795] usb 2-1: SerialNumber: syz
[ 1293.199701][ T5795] usb 2-1: config 0 descriptor??
[ 1293.437438][ T5795] adutux 2-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0
[ 1294.015896][ T5724] usb 2-1: USB disconnect, device number 73
[ 1294.651638][T23720] netlink: 'syz.5.5292': attribute type 1 has an invalid length.
[ 1294.660314][T23720] netlink: 'syz.5.5292': attribute type 2 has an invalid length.
[ 1297.062426][T23759] Bluetooth: MGMT ver 1.23
[ 1297.172010][T23762] netlink: 'syz.2.5306': attribute type 1 has an invalid length.
[ 1297.180108][T23762] netlink: 'syz.2.5306': attribute type 2 has an invalid length.
[ 1297.278198][T20263] usb 2-1: new high-speed USB device number 74 using dummy_hcd
[ 1298.236598][T20263] usb 2-1: Using ep0 maxpacket: 8
[ 1298.243521][T20263] usb 2-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[ 1298.271672][T20263] usb 2-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[ 1298.285287][T20263] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1298.294534][T20263] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1298.312654][T20263] usbtmc 2-1:16.0: bulk endpoints not found
[ 1298.532145][   T30] audit: type=1400 audit(1782517301.192:921): avc:  denied  { write } for  pid=23777 comm="syz.4.5312" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1298.687702][ T5610] usb 3-1: new high-speed USB device number 65 using dummy_hcd
[ 1298.708600][   T30] audit: type=1400 audit(1782517301.372:922): avc:  denied  { read } for  pid=23777 comm="syz.4.5312" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1298.846469][ T5610] usb 3-1: Using ep0 maxpacket: 16
[ 1298.853492][ T5610] usb 3-1: config 0 has no interfaces?
[ 1298.864782][ T5610] usb 3-1: New USB device found, idVendor=0b95, idProduct=772a, bcdDevice=82.73
[ 1298.881183][ T5610] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1298.891303][ T5610] usb 3-1: Product: syz
[ 1298.896322][ T5610] usb 3-1: Manufacturer: syz
[ 1298.901823][ T5610] usb 3-1: SerialNumber: syz
[ 1298.919840][ T5610] usb 3-1: config 0 descriptor??
[ 1299.179485][T23774] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1299.268314][T15214] usb 3-1: USB disconnect, device number 65
[ 1300.029305][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[ 1300.038825][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[ 1301.098873][ T5724] usb 3-1: new high-speed USB device number 66 using dummy_hcd
[ 1301.174022][ T5610] usb 2-1: USB disconnect, device number 74
[ 1301.207286][T23810] netlink: 'syz.4.5319': attribute type 1 has an invalid length.
[ 1301.234224][T23810] netlink: 'syz.4.5319': attribute type 2 has an invalid length.
[ 1301.276574][ T5724] usb 3-1: Using ep0 maxpacket: 8
[ 1301.490778][ T5724] usb 3-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[ 1301.661645][ T5610] usb 2-1: new full-speed USB device number 75 using dummy_hcd
[ 1302.105587][ T5724] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1302.121175][ T5724] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1302.272828][ T5610] usb 2-1: config 0 has an invalid interface number: 8 but max is 0
[ 1302.281807][ T5610] usb 2-1: config 0 has no interface number 0
[ 1302.290874][ T5610] usb 2-1: config 0 interface 8 altsetting 0 has an endpoint descriptor with address 0x9F, changing to 0x8F
[ 1302.321039][ T5610] usb 2-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[ 1302.387236][ T5610] usb 2-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1302.426375][ T5610] usb 2-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[ 1302.471409][ T5610] usb 2-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[ 1302.538570][ T5610] usb 2-1: Product: syz
[ 1302.559372][ T5610] usb 2-1: SerialNumber: syz
[ 1302.587734][ T5610] usb 2-1: config 0 descriptor??
[ 1302.599747][ T5610] cm109 2-1:0.8: invalid payload size 0, expected 4
[ 1302.623576][ T5610] input: CM109 USB driver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.8/input/input55
[ 1303.544631][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1303.553901][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1303.561103][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1303.568265][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1303.575366][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1303.582471][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1303.590345][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1303.597732][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1303.604822][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1303.611944][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1303.661831][ T5724] usb 2-1: USB disconnect, device number 75
[ 1303.667806][    C1] cm109 2-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[ 1303.752429][ T5724] cm109 2-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[ 1303.804114][T20263] usb 3-1: USB disconnect, device number 66
[ 1306.785014][T23855] netlink: 'syz.4.5332': attribute type 1 has an invalid length.
[ 1306.827553][T23855] netlink: 'syz.4.5332': attribute type 2 has an invalid length.
[ 1310.497861][T23889] netlink: 48 bytes leftover after parsing attributes in process `syz.4.5345'.
[ 1310.722602][T23901] fuse: Invalid rootmode
[ 1310.781637][T23902] netlink: 'syz.5.5349': attribute type 1 has an invalid length.
[ 1310.815480][   T30] audit: type=1400 audit(1782517313.462:923): avc:  denied  { append } for  pid=23897 comm="syz.4.5348" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[ 1310.908851][T23902] netlink: 'syz.5.5349': attribute type 2 has an invalid length.
[ 1311.699654][T23903] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1311.842387][T23903] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1312.018581][T23903] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1312.081623][T23903] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1312.102886][T23903] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1312.165168][T23903] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1312.176804][T23916] Invalid ELF header type: 3 != 1
[ 1312.232191][T23903] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1312.257574][T23903] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1312.284203][T23903] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1312.338254][T23903] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1312.356099][T23903] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1313.672352][T23935] fuse: Invalid rootmode
[ 1313.804748][T14828] Bluetooth: hci2: command 0x0406 tx timeout
[ 1314.167482][T14828] Bluetooth: hci1: command 0x0406 tx timeout
[ 1314.351708][T14828] Bluetooth: hci4: command 0x0406 tx timeout
[ 1314.357886][ T5624] Bluetooth: hci3: command 0x0406 tx timeout
[ 1316.101216][ T5624] Bluetooth: hci2: command 0x0406 tx timeout
[ 1316.346483][ T5624] Bluetooth: hci1: command 0x0406 tx timeout
[ 1316.426937][ T5624] Bluetooth: hci3: command 0x0406 tx timeout
[ 1316.433100][T14828] Bluetooth: hci4: command 0x0406 tx timeout
[ 1318.612327][ T5624] Bluetooth: hci1: command 0x0406 tx timeout
[ 1318.619850][ T5624] Bluetooth: hci4: command 0x0406 tx timeout
[ 1318.689075][T23973] fuse: Bad value for 'fd'
[ 1318.941393][T23967] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1319.120101][   T30] audit: type=1400 audit(1782517321.782:924): avc:  denied  { map } for  pid=23980 comm="syz.5.5376" path="/dev/dri/card0" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[ 1319.144510][T23967] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1319.144615][   T30] audit: type=1400 audit(1782517321.782:925): avc:  denied  { execute } for  pid=23980 comm="syz.5.5376" path="/dev/dri/card0" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[ 1319.649829][ T5624] Bluetooth: hci2: command 0x0406 tx timeout
[ 1319.669116][T23967] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1319.683510][T23967] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1321.156842][ T5624] Bluetooth: hci1: command 0x0406 tx timeout
[ 1321.706908][T14828] Bluetooth: hci4: command 0x0406 tx timeout
[ 1321.713131][ T5624] Bluetooth: hci3: command 0x0406 tx timeout
[ 1324.576546][T15214] usb 2-1: new high-speed USB device number 76 using dummy_hcd
[ 1325.055463][T24028] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1325.062589][T24028] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1325.070071][T24028] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1325.081452][T24028] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1325.344875][T24042] 9p: Bad value for 'rfdno'
[ 1325.398695][T15214] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1325.408529][T15214] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[ 1325.419485][T15214] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1325.428902][T15214] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 14129, setting to 64
[ 1325.442735][T15214] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1325.452611][T15214] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1325.461167][T15214] usb 2-1: Product: syz
[ 1325.465621][T15214] usb 2-1: Manufacturer: syz
[ 1325.477363][T15214] cdc_wdm 2-1:1.0: skipping garbage
[ 1325.482660][T15214] cdc_wdm 2-1:1.0: skipping garbage
[ 1325.488720][T15214] cdc_wdm 2-1:1.0: probe with driver cdc_wdm failed with error -22
[ 1325.645841][T24051] Invalid ELF header type: 3 != 1
[ 1326.059090][T15214] usb 2-1: USB disconnect, device number 76
[ 1326.506563][T14828] Bluetooth: hci2: command 0x0406 tx timeout
[ 1327.146587][T14828] Bluetooth: hci3: command 0x0406 tx timeout
[ 1327.152765][ T5624] Bluetooth: hci4: command 0x0406 tx timeout
[ 1327.159158][ T5624] Bluetooth: hci1: command 0x0406 tx timeout
[ 1329.416873][T24095] overlayfs: failed to resolve './file1': -2
[ 1329.425417][T24091] 9p: Bad value for 'rfdno'
[ 1329.637403][T14828] Bluetooth: hci2: Malformed LE Event: 0x0d
[ 1329.886707][ T5724] usb 6-1: new high-speed USB device number 51 using dummy_hcd
[ 1330.164196][ T5724] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1330.350698][ T5724] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[ 1330.391383][ T5724] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1331.245656][ T5724] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 14129, setting to 64
[ 1331.270611][ T5724] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1331.282071][ T5724] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1331.290718][ T5724] usb 6-1: Product: syz
[ 1331.294940][ T5724] usb 6-1: Manufacturer: syz
[ 1331.567877][ T5724] cdc_wdm 6-1:1.0: skipping garbage
[ 1331.628782][ T5724] cdc_wdm 6-1:1.0: skipping garbage
[ 1331.707713][ T5724] cdc_wdm 6-1:1.0: probe with driver cdc_wdm failed with error -22
[ 1331.785928][T24118] fuse: Bad value for 'rootmode'
[ 1331.806742][ T5724] usb 6-1: USB disconnect, device number 51
[ 1332.498745][T24137] netlink: 80 bytes leftover after parsing attributes in process `syz.4.5427'.
[ 1332.515790][T24137] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5427'.
[ 1332.529289][T24137] netlink: 64 bytes leftover after parsing attributes in process `syz.4.5427'.
[ 1332.586022][T24139] 9p: Bad value for 'rfdno'
[ 1334.758395][T14828] Bluetooth: hci4: Malformed LE Event: 0x0d
[ 1335.958321][T24170] Invalid ELF header type: 3 != 1
[ 1336.485277][T24174] fuse: Unknown parameter 'use00000000000000000000'
[ 1336.892947][T24182] Invalid ELF header type: 3 != 1
[ 1338.558137][T14828] Bluetooth: hci2: Malformed LE Event: 0x0d
[ 1339.787359][ T5794] usb 6-1: new high-speed USB device number 52 using dummy_hcd
[ 1341.595209][T24232] Invalid ELF header type: 3 != 1
[ 1342.180228][ T5794] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1342.221675][ T5794] usb 6-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config
[ 1342.271012][ T5794] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1342.303265][ T5794] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1342.348159][ T5794] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1342.370266][ T5794] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1342.392149][ T5794] usb 6-1: Product: syz
[ 1342.406851][T14828] Bluetooth: hci2: Malformed LE Event: 0x0d
[ 1342.416246][ T5794] usb 6-1: Manufacturer: syz
[ 1342.467424][ T5794] usb 6-1: can't set config #1, error -71
[ 1342.486889][ T5794] usb 6-1: USB disconnect, device number 52
[ 1342.588672][T24241] netlink: 'syz.2.5457': attribute type 10 has an invalid length.
[ 1342.624751][T24241] .`: (slave syz_tun): Enslaving as an active interface with an up link
[ 1342.686489][T16801] usb 2-1: new high-speed USB device number 77 using dummy_hcd
[ 1342.836509][T16801] usb 2-1: device descriptor read/64, error -71
[ 1343.098497][T16801] usb 2-1: new high-speed USB device number 78 using dummy_hcd
[ 1343.204374][T24264] Invalid ELF header type: 3 != 1
[ 1343.236525][T16801] usb 2-1: device descriptor read/64, error -71
[ 1343.356812][T16801] usb usb2-port1: attempt power cycle
[ 1343.716470][T16801] usb 2-1: new high-speed USB device number 79 using dummy_hcd
[ 1343.747095][T16801] usb 2-1: device descriptor read/8, error -71
[ 1343.756516][ T5745] usb 3-1: new high-speed USB device number 67 using dummy_hcd
[ 1343.929486][ T5745] usb 3-1: Using ep0 maxpacket: 8
[ 1343.943424][ T5745] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1343.975373][ T5745] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1343.989230][T16801] usb 2-1: new high-speed USB device number 80 using dummy_hcd
[ 1344.006636][ T5745] usb 3-1: config 16 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1344.031067][T16801] usb 2-1: device descriptor read/8, error -71
[ 1344.039311][ T5745] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1344.065718][ T5745] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1344.084702][ T5745] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1344.109770][ T5745] usbtmc 3-1:16.0: bulk endpoints not found
[ 1344.147351][T16801] usb usb2-port1: unable to enumerate USB device
[ 1344.276472][ T5610] usb 6-1: new high-speed USB device number 53 using dummy_hcd
[ 1344.426612][ T5610] usb 6-1: Using ep0 maxpacket: 16
[ 1344.448939][ T5610] usb 6-1: config 0 has no interfaces?
[ 1344.472184][ T5610] usb 6-1: New USB device found, idVendor=0b95, idProduct=772a, bcdDevice=82.73
[ 1344.482472][ T5610] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1344.491480][ T5610] usb 6-1: Product: syz
[ 1344.496756][ T5610] usb 6-1: Manufacturer: syz
[ 1344.501449][ T5610] usb 6-1: SerialNumber: syz
[ 1344.530503][ T5610] usb 6-1: config 0 descriptor??
[ 1344.914890][ T5745] usb 6-1: USB disconnect, device number 53
[ 1345.095442][T24294] syz_tun: left promiscuous mode
[ 1345.120902][T24294] 8021q: adding VLAN 0 to HW filter on device .`
[ 1345.475103][T24293] ceph: No mds server is up or the cluster is laggy
[ 1345.953118][ T5610] libceph: connect (1)[c::]:6789 error -101
[ 1345.960270][ T5610] libceph: mon0 (1)[c::]:6789 connect error
[ 1346.234903][ T5724] libceph: connect (1)[c::]:6789 error -101
[ 1346.250476][ T5724] libceph: mon0 (1)[c::]:6789 connect error
[ 1346.377044][T16337] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[ 1346.411448][T16337] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[ 1346.632978][ T5610] usb 3-1: USB disconnect, device number 67
[ 1346.648912][T16337] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[ 1346.895866][T16337] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[ 1347.387739][T24327] kAFS: No cell specified
[ 1349.201689][T24340] overlayfs: missing 'lowerdir'
[ 1349.332147][T24342] Invalid ELF header type: 3 != 1
[ 1351.759347][T24377] kAFS: No cell specified
[ 1353.796528][ T5610] usb 6-1: new high-speed USB device number 54 using dummy_hcd
[ 1354.066508][ T5610] usb 6-1: Using ep0 maxpacket: 8
[ 1354.074237][ T5610] usb 6-1: config 0 has an invalid interface number: 55 but max is 0
[ 1354.082930][ T5610] usb 6-1: config 0 has no interface number 0
[ 1354.089337][ T5610] usb 6-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1354.100533][ T5610] usb 6-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1354.112512][ T5610] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1354.123903][ T5610] usb 6-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1354.159776][ T5610] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1354.207324][ T5610] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1354.320730][ T5610] usb 6-1: config 0 descriptor??
[ 1354.357296][ T5610] ldusb 6-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1354.831914][ T5610] usb 6-1: USB disconnect, device number 54
[ 1354.876615][ T5610] ldusb 6-1:0.55: LD USB Device #0 now disconnected
[ 1355.056252][T24421] kAFS: No cell specified
[ 1355.306049][T24423] lo speed is unknown, defaulting to 1000
[ 1357.199718][T24436] loop5: detected capacity change from 0 to 7
[ 1357.271345][T24436] Dev loop5: unable to read RDB block 7
[ 1357.303999][T24436]  loop5: AHDI p1
[ 1358.545459][T24436] loop5: partition table partially beyond EOD, truncated
[ 1359.098845][T24452] kAFS: No cell specified
[ 1359.960953][T24456] overlayfs: missing 'lowerdir'
[ 1361.356566][ T5795] usb 2-1: new high-speed USB device number 81 using dummy_hcd
[ 1361.474166][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[ 1361.482403][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[ 1361.507143][ T5795] usb 2-1: Using ep0 maxpacket: 16
[ 1361.516566][ T5795] usb 2-1: config 0 has no interfaces?
[ 1361.528161][ T5795] usb 2-1: New USB device found, idVendor=0b95, idProduct=772a, bcdDevice=82.73
[ 1361.692206][ T5795] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1362.107700][T24487] fuse: Bad value for 'fd'
[ 1362.816883][ T5795] usb 2-1: Product: syz
[ 1362.821101][ T5795] usb 2-1: Manufacturer: syz
[ 1362.825958][ T5795] usb 2-1: SerialNumber: syz
[ 1362.846531][ T5795] usb 2-1: config 0 descriptor??
[ 1363.134605][T24506] fuse: Unknown parameter 'user_id00000000000000000000'
[ 1363.144611][T24504] overlayfs: missing 'lowerdir'
[ 1363.187388][T24469] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1363.650814][ T5731] usb 2-1: USB disconnect, device number 81
[ 1364.435193][T24523] Invalid ELF header type: 3 != 1
[ 1364.456215][   T30] audit: type=1400 audit(1782517367.102:926): avc:  denied  { ioctl } for  pid=24518 comm="syz.6.5543" path="socket:[91104]" dev="sockfs" ino=91104 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[ 1364.750688][   T30] audit: type=1400 audit(1782517367.382:927): avc:  denied  { execute } for  pid=24518 comm="syz.6.5543" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=91116 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[ 1366.222154][T24522] syzkaller1: entered promiscuous mode
[ 1366.227835][T24522] syzkaller1: entered allmulticast mode
[ 1367.440324][T24539] fuse: Bad value for 'fd'
[ 1367.493570][T24534] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1367.527153][T24534] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1367.549311][T24534] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1367.566996][T24534] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1367.579025][T24534] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1367.621640][T24545] fuse: Unknown parameter 'user_id00000000000000000000'
[ 1368.106696][ T5795] usb 6-1: new high-speed USB device number 55 using dummy_hcd
[ 1368.266676][ T5795] usb 6-1: Using ep0 maxpacket: 16
[ 1368.274447][ T5795] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1368.285116][ T5795] usb 6-1: config 0 has no interfaces?
[ 1368.292368][ T5795] usb 6-1: New USB device found, idVendor=0c45, idProduct=5112, bcdDevice= 0.00
[ 1368.303245][ T5795] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1368.319454][ T5795] usb 6-1: config 0 descriptor??
[ 1369.176512][T14828] Bluetooth: hci2: command 0x0406 tx timeout
[ 1369.604290][T23043] Bluetooth: hci1: command 0x0406 tx timeout
[ 1369.610834][T14828] Bluetooth: hci4: command 0x0406 tx timeout
[ 1369.640962][T14828] Bluetooth: hci3: command 0x0406 tx timeout
[ 1370.032938][T16801] usb 6-1: USB disconnect, device number 55
[ 1370.101730][T24575] fuse: Bad value for 'fd'
[ 1370.109348][T24575] kvm: apic: phys broadcast and lowest prio
[ 1371.199459][T24597] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1371.708912][T23043] Bluetooth: hci3: command 0x0406 tx timeout
[ 1372.038134][T24610] fuse: Bad value for 'fd'
[ 1372.077350][T24613] Invalid ELF header type: 3 != 1
[ 1372.096811][T24610] kvm: apic: phys broadcast and lowest prio
[ 1372.154106][T24610] kvm: apic: phys broadcast and lowest prio
[ 1372.306483][T16801] usb 3-1: new high-speed USB device number 68 using dummy_hcd
[ 1372.950298][T16801] usb 3-1: Using ep0 maxpacket: 8
[ 1372.965453][T16801] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1372.980471][T16801] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1372.999446][T16801] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1373.009994][T16801] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1373.028409][T16801] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1373.058099][T16801] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1373.866891][T14828] Bluetooth: hci1: command 0x0406 tx timeout
[ 1374.261632][T16801] usb 3-1: GET_CAPABILITIES returned 0
[ 1374.276554][T16801] usbtmc 3-1:16.0: can't read capabilities
[ 1374.502943][T16801] usb 3-1: USB disconnect, device number 68
[ 1376.143725][T24658] kvm: apic: phys broadcast and lowest prio
[ 1376.235595][T24663] kvm: apic: phys broadcast and lowest prio
[ 1376.266908][T24642] netlink: 36 bytes leftover after parsing attributes in process `syz.6.5584'.
[ 1376.356554][T24667] netlink: 80 bytes leftover after parsing attributes in process `syz.5.5590'.
[ 1376.373153][T24667] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5590'.
[ 1376.392820][T24667] netlink: 64 bytes leftover after parsing attributes in process `syz.5.5590'.
[ 1378.848325][T24696] Invalid ELF header type: 3 != 1
[ 1379.477842][   T30] audit: type=1400 audit(1782517382.142:928): avc:  denied  { write } for  pid=24699 comm="syz.1.5601" name="mouse0" dev="devtmpfs" ino=924 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[ 1381.801826][T24717] netlink: 80 bytes leftover after parsing attributes in process `syz.2.5607'.
[ 1381.811116][T24717] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5607'.
[ 1381.820564][T24717] netlink: 64 bytes leftover after parsing attributes in process `syz.2.5607'.
[ 1383.116678][   T24] usb 6-1: new high-speed USB device number 56 using dummy_hcd
[ 1383.336604][   T24] usb 6-1: Using ep0 maxpacket: 32
[ 1383.347495][   T24] usb 6-1: config 4 has an invalid interface number: 228 but max is 0
[ 1383.361756][   T24] usb 6-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[ 1383.405177][   T24] usb 6-1: config 4 has no interface number 0
[ 1383.435318][   T24] usb 6-1: too many endpoints for config 4 interface 228 altsetting 12: 129, using maximum allowed: 30
[ 1383.475384][   T24] usb 6-1: config 4 interface 228 altsetting 12 has 0 endpoint descriptors, different from the interface descriptor's value: 129
[ 1383.548292][   T24] usb 6-1: config 4 interface 228 has no altsetting 0
[ 1383.577203][   T24] usb 6-1: New USB device found, idVendor=0499, idProduct=a9a2, bcdDevice=c4.e8
[ 1383.602068][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1383.713519][   T24] usb 6-1: Product: syz
[ 1383.726510][   T24] usb 6-1: Manufacturer: syz
[ 1383.734880][   T24] usb 6-1: SerialNumber: syz
[ 1385.731227][T24753] Invalid ELF header type: 3 != 1
[ 1385.743394][   T24] usb 6-1: USB disconnect, device number 56
[ 1385.775949][T20798] udevd[20798]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:4.228/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1386.670734][T23043] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1387.166539][T24760] netlink: 80 bytes leftover after parsing attributes in process `syz.2.5621'.
[ 1387.198305][T24760] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5621'.
[ 1387.223222][T24760] netlink: 64 bytes leftover after parsing attributes in process `syz.2.5621'.
[ 1388.466525][T16801] usb 2-1: new high-speed USB device number 82 using dummy_hcd
[ 1388.474328][   T24] usb 5-1: new high-speed USB device number 65 using dummy_hcd
[ 1388.706586][T16801] usb 2-1: Using ep0 maxpacket: 16
[ 1388.718280][   T24] usb 5-1: Using ep0 maxpacket: 16
[ 1388.768361][T16801] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1388.795906][   T24] usb 5-1: config 0 has no interfaces?
[ 1388.843329][   T24] usb 5-1: New USB device found, idVendor=0b95, idProduct=772a, bcdDevice=82.73
[ 1388.852733][T16801] usb 2-1: config 0 has no interfaces?
[ 1388.908049][T16801] usb 2-1: New USB device found, idVendor=0c45, idProduct=5112, bcdDevice= 0.00
[ 1388.930297][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1388.980541][T16801] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1389.007585][   T24] usb 5-1: Product: syz
[ 1389.042795][   T24] usb 5-1: Manufacturer: syz
[ 1389.080912][   T24] usb 5-1: SerialNumber: syz
[ 1389.155194][T16801] usb 2-1: config 0 descriptor??
[ 1389.402737][   T24] usb 5-1: config 0 descriptor??
[ 1389.740755][   T24] usb 5-1: USB disconnect, device number 65
[ 1390.538562][ T5795] usb 5-1: new high-speed USB device number 66 using dummy_hcd
[ 1390.804621][ T5795] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[ 1390.960913][ T1051] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1391.390129][ T5731] usb 2-1: USB disconnect, device number 82
[ 1392.629671][ T5795] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1392.639537][ T5795] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[ 1392.650543][ T5795] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[ 1392.662550][ T5795] usb 5-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[ 1392.675944][ T5795] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1392.684849][ T5795] usb 5-1: Product: syz
[ 1392.689173][ T5795] usb 5-1: Manufacturer: syz
[ 1392.693834][ T5795] usb 5-1: SerialNumber: syz
[ 1392.701114][ T5795] usb 5-1: config 0 descriptor??
[ 1392.763710][T24813] netlink: 80 bytes leftover after parsing attributes in process `syz.5.5636'.
[ 1392.773319][T24813] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5636'.
[ 1392.784001][T24813] netlink: 64 bytes leftover after parsing attributes in process `syz.5.5636'.
[ 1392.986674][T23043] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1392.995198][T14828] Bluetooth: hci0: command 0x1003 tx timeout
[ 1393.624921][ T5795] adutux 5-1:0.0: ADU208  now attached to /dev/usb/adutux0
[ 1393.638516][ T5795] usb 5-1: USB disconnect, device number 66
[ 1394.216596][ T5795] usb 5-1: new high-speed USB device number 67 using dummy_hcd
[ 1394.408568][ T5795] usb 5-1: Using ep0 maxpacket: 8
[ 1394.453767][ T5795] usb 5-1: config 0 has an invalid interface number: 55 but max is 0
[ 1394.700246][ T5795] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1394.705120][T24833] Invalid ELF header type: 3 != 1
[ 1394.715886][ T5795] usb 5-1: config 0 has no interface number 0
[ 1394.722689][ T5795] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1394.734527][ T5795] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1394.743863][ T5795] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1394.769137][ T5795] usb 5-1: config 0 descriptor??
[ 1394.779302][ T5795] ldusb 5-1:0.55: Interrupt in endpoint not found
[ 1395.371356][T16801] usb 5-1: USB disconnect, device number 67
[ 1397.959016][T24865] netlink: 80 bytes leftover after parsing attributes in process `syz.4.5651'.
[ 1397.999486][T24865] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5651'.
[ 1398.048840][T24865] netlink: 64 bytes leftover after parsing attributes in process `syz.4.5651'.
[ 1399.487466][ T5795] usb 3-1: new low-speed USB device number 69 using dummy_hcd
[ 1399.739821][ T5795] usb 3-1: config 0 has no interfaces?
[ 1399.746901][ T5795] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00
[ 1399.766206][ T5795] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1399.803225][ T5795] usb 3-1: config 0 descriptor??
[ 1399.808456][ T5794] usb 5-1: new high-speed USB device number 68 using dummy_hcd
[ 1399.967076][ T5794] usb 5-1: Using ep0 maxpacket: 8
[ 1399.977911][ T5794] usb 5-1: config 0 has an invalid interface number: 55 but max is 0
[ 1399.986697][ T5610] usb 6-1: new high-speed USB device number 57 using dummy_hcd
[ 1399.996746][ T5794] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1400.007313][ T5794] usb 5-1: config 0 has no interface number 0
[ 1400.013695][ T5794] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1400.027890][ T5794] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1400.041224][ T5795] usb 3-1: USB disconnect, device number 69
[ 1400.057541][ T5794] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1400.075317][ T5794] usb 5-1: config 0 descriptor??
[ 1400.092909][ T5794] ldusb 5-1:0.55: Interrupt in endpoint not found
[ 1400.149820][ T5610] usb 6-1: Using ep0 maxpacket: 16
[ 1400.160831][ T5610] usb 6-1: config 0 has no interfaces?
[ 1400.173663][ T5610] usb 6-1: New USB device found, idVendor=0b95, idProduct=772a, bcdDevice=82.73
[ 1400.183074][ T5610] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1400.191525][ T5610] usb 6-1: Product: syz
[ 1400.195823][ T5610] usb 6-1: Manufacturer: syz
[ 1400.200764][ T5610] usb 6-1: SerialNumber: syz
[ 1400.216685][ T5610] usb 6-1: config 0 descriptor??
[ 1400.297166][ T5794] usb 5-1: USB disconnect, device number 68
[ 1400.427486][ T5795] usb 6-1: USB disconnect, device number 57
[ 1400.944922][T24913] netlink: 80 bytes leftover after parsing attributes in process `syz.2.5667'.
[ 1400.969766][T24913] netlink: 24 bytes leftover after parsing attributes in process `syz.2.5667'.
[ 1400.991937][T24913] netlink: 64 bytes leftover after parsing attributes in process `syz.2.5667'.
[ 1401.244871][T24916] fuse: Unknown parameter 'fd0x0000000000000003'
[ 1402.759741][T24929] Invalid ELF header type: 3 != 1
[ 1404.251381][ T5731] usb 3-1: new high-speed USB device number 70 using dummy_hcd
[ 1404.269221][T24958] fuse: Unknown parameter 'fd0x0000000000000003'
[ 1404.626457][ T5731] usb 3-1: Using ep0 maxpacket: 16
[ 1405.096991][ T5745] usb 6-1: new high-speed USB device number 58 using dummy_hcd
[ 1405.174171][ T5731] usb 3-1: config 0 has no interfaces?
[ 1405.181690][ T5731] usb 3-1: New USB device found, idVendor=0b95, idProduct=772a, bcdDevice=82.73
[ 1405.190935][ T5731] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1405.199259][ T5731] usb 3-1: Product: syz
[ 1405.203443][ T5731] usb 3-1: Manufacturer: syz
[ 1405.208461][ T5731] usb 3-1: SerialNumber: syz
[ 1405.217286][ T5731] usb 3-1: config 0 descriptor??
[ 1405.328032][ T5745] usb 6-1: Using ep0 maxpacket: 8
[ 1405.334938][ T5745] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1405.347119][ T5745] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1405.358867][ T5745] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1405.369248][ T5745] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1405.403454][ T5745] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1405.429476][ T5745] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1405.431597][ T5731] usb 3-1: USB disconnect, device number 70
[ 1405.669072][ T5745] usb 6-1: usb_control_msg returned -32
[ 1405.678547][ T5745] usbtmc 6-1:16.0: can't read capabilities
[ 1405.723896][ T5745] usb 6-1: USB disconnect, device number 58
[ 1405.856531][T16801] usb 2-1: new high-speed USB device number 83 using dummy_hcd
[ 1406.016477][T16801] usb 2-1: Using ep0 maxpacket: 8
[ 1406.024325][T16801] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1406.046575][T16801] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1406.062653][T16801] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1406.073530][T16801] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1406.087304][T16801] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1406.099776][T16801] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1406.321066][T16801] usb 2-1: GET_CAPABILITIES returned 0
[ 1406.338913][T16801] usbtmc 2-1:16.0: can't read capabilities
[ 1406.801750][T16801] usb 2-1: USB disconnect, device number 83
[ 1407.933003][T25022] Invalid ELF header type: 3 != 1
[ 1409.747275][ T5610] usb 3-1: new high-speed USB device number 71 using dummy_hcd
[ 1409.926444][ T5610] usb 3-1: Using ep0 maxpacket: 8
[ 1410.650000][ T5610] usb 3-1: config 0 has an invalid interface number: 55 but max is 0
[ 1410.720632][ T5610] usb 3-1: config 0 has no interface number 0
[ 1410.802462][ T5610] usb 3-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1410.869474][ T5610] usb 3-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1410.922419][ T5610] usb 3-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1410.963189][ T5610] usb 3-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1410.994820][ T5610] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1411.035450][ T5610] usb 3-1: config 0 descriptor??
[ 1411.054369][ T5610] ldusb 3-1:0.55: Interrupt in endpoint not found
[ 1411.258869][ T5610] usb 3-1: USB disconnect, device number 71
[ 1411.336562][ T5745] usb 5-1: new high-speed USB device number 69 using dummy_hcd
[ 1411.486485][ T5745] usb 5-1: Using ep0 maxpacket: 32
[ 1411.492974][ T5745] usb 5-1: config 4 has an invalid interface number: 228 but max is 0
[ 1411.501284][ T5745] usb 5-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[ 1411.511526][ T5745] usb 5-1: config 4 has no interface number 0
[ 1411.517844][ T5745] usb 5-1: too many endpoints for config 4 interface 228 altsetting 12: 129, using maximum allowed: 30
[ 1411.529575][ T5745] usb 5-1: config 4 interface 228 altsetting 12 has 0 endpoint descriptors, different from the interface descriptor's value: 129
[ 1411.543358][ T5745] usb 5-1: config 4 interface 228 has no altsetting 0
[ 1411.552627][ T5745] usb 5-1: New USB device found, idVendor=0499, idProduct=a9a2, bcdDevice=c4.e8
[ 1411.561857][ T5745] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1411.569982][ T5745] usb 5-1: Product: syz
[ 1411.574210][ T5745] usb 5-1: Manufacturer: syz
[ 1411.578979][ T5745] usb 5-1: SerialNumber: syz
[ 1411.801472][T25068] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5717'.
[ 1411.877519][ T5745] usb 5-1: USB disconnect, device number 69
[ 1411.948452][T20798] udevd[20798]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:4.228/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1412.024393][T25075] syzkaller1: entered promiscuous mode
[ 1412.036180][T25075] syzkaller1: entered allmulticast mode
[ 1413.035433][T25085] input: syz1 as /devices/virtual/input/input56
[ 1413.208427][T25092] overlayfs: "xino" feature enabled using 3 upper inode bits.
[ 1413.253068][T25095] netlink: 48 bytes leftover after parsing attributes in process `syz.5.5726'.
[ 1413.279883][T25096] Invalid ELF header type: 3 != 1
[ 1414.030302][T25115] syzkaller1: entered promiscuous mode
[ 1414.060402][T25115] syzkaller1: entered allmulticast mode
[ 1414.576447][ T5731] usb 3-1: new high-speed USB device number 72 using dummy_hcd
[ 1414.742472][T14828] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1414.757670][T14828] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1414.766713][ T5731] usb 3-1: Using ep0 maxpacket: 8
[ 1414.773831][T14828] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1414.782518][T14828] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1414.804002][T14828] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1414.811482][ T5731] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1414.876733][ T5731] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1414.887082][ T5731] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1414.898129][ T5731] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1414.911349][ T5731] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1414.921465][ T5731] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1415.272472][ T5731] usb 3-1: usb_control_msg returned -32
[ 1415.280035][ T5731] usbtmc 3-1:16.0: can't read capabilities
[ 1415.308434][ T5731] usb 3-1: USB disconnect, device number 72
[ 1415.485173][T25151] input: syz1 as /devices/virtual/input/input57
[ 1415.491960][T11941] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1415.509354][T11941] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[ 1415.762285][T11941] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1415.788241][T11941] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[ 1416.002675][T11941] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1416.024668][T11941] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[ 1416.053558][T25163] Invalid ELF header type: 3 != 1
[ 1416.133506][T25134] lo speed is unknown, defaulting to 1000
[ 1416.211795][T11941] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1416.223578][T11941] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[ 1416.906587][T14828] Bluetooth: hci0: command tx timeout
[ 1417.131521][T11941] .` (unregistering): Released all slaves
[ 1417.934882][T11941] tipc: Left network mode
[ 1419.007240][T14828] Bluetooth: hci0: command tx timeout
[ 1419.468099][   T30] audit: type=1400 audit(1782517422.072:929): avc:  denied  { write } for  pid=25193 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1776 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1419.513375][   T30] audit: type=1400 audit(1782517422.172:930): avc:  denied  { write } for  pid=25231 comm="rm" name="hook-state" dev="tmpfs" ino=1776 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1419.651937][T25134] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1419.672111][T25134] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1419.687592][T25134] bridge_slave_0: entered allmulticast mode
[ 1419.701229][T25134] bridge_slave_0: entered promiscuous mode
[ 1419.918218][ T5272] 8021q: adding VLAN 0 to HW filter on device eth9
[ 1419.928129][T25134] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1419.935673][T25134] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1419.943071][T25134] bridge_slave_1: entered allmulticast mode
[ 1419.950628][T25134] bridge_slave_1: entered promiscuous mode
[ 1419.982139][T25134] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1419.994344][T25134] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1420.068702][T25134] team0: Port device team_slave_0 added
[ 1420.097088][T25134] team0: Port device team_slave_1 added
[ 1420.239663][T25134] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1420.271281][T25134] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1420.322689][T25134] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1420.368419][T25134] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1420.376215][T25134] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1420.390800][T14828] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[ 1420.404455][T25134] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1420.412195][T14828] CPU: 1 UID: 0 PID: 14828 Comm: kworker/u9:0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1420.412232][T14828] Tainted: [L]=SOFTLOCKUP
[ 1420.412241][T14828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 1420.412258][T14828] Workqueue: hci3 hci_rx_work
[ 1420.412290][T14828] Call Trace:
[ 1420.412297][T14828]  <TASK>
[ 1420.412306][T14828]  dump_stack_lvl+0x100/0x190
[ 1420.412340][T14828]  sysfs_warn_dup.cold+0x1c/0x28
[ 1420.412372][T14828]  sysfs_create_dir_ns+0x24b/0x2b0
[ 1420.412408][T14828]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[ 1420.412441][T14828]  ? find_held_lock+0x2b/0x80
[ 1420.412463][T14828]  ? kobject_add_internal+0x25f/0x930
[ 1420.412497][T14828]  ? kobject_add_internal+0x25f/0x930
[ 1420.412533][T14828]  ? do_raw_spin_unlock+0x145/0x1e0
[ 1420.412566][T14828]  kobject_add_internal+0x2c8/0x930
[ 1420.412606][T14828]  kobject_add+0x16a/0x1e0
[ 1420.412626][T14828]  ? __pfx_kobject_add+0x10/0x10
[ 1420.412645][T14828]  ? class_to_subsys+0x10f/0x150
[ 1420.412678][T14828]  ? kobject_put+0xb9/0x640
[ 1420.412707][T14828]  ? _raw_spin_unlock+0x28/0x50
[ 1420.412739][T14828]  device_add+0x294/0x1970
[ 1420.412764][T14828]  ? __pfx_dev_set_name+0x10/0x10
[ 1420.412792][T14828]  ? __pfx_device_add+0x10/0x10
[ 1420.412816][T14828]  ? mgmt_send_event_skb+0x2fb/0x460
[ 1420.412850][T14828]  hci_conn_add_sysfs+0x1a3/0x260
[ 1420.412894][T14828]  le_conn_complete_evt+0x11eb/0x1f60
[ 1420.412934][T14828]  ? __pfx_le_conn_complete_evt+0x10/0x10
[ 1420.412960][T14828]  ? hci_event_packet+0x186/0xcd0
[ 1420.412994][T14828]  hci_le_conn_complete_evt+0x23c/0x3a0
[ 1420.413024][T14828]  ? skb_pull_data+0x15f/0x1e0
[ 1420.413052][T14828]  hci_le_meta_evt+0x34a/0x5f0
[ 1420.413082][T14828]  ? __pfx_hci_le_conn_complete_evt+0x10/0x10
[ 1420.413116][T14828]  hci_event_packet+0x51c/0xcd0
[ 1420.413147][T14828]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1420.413177][T14828]  ? __pfx_hci_event_packet+0x10/0x10
[ 1420.413207][T14828]  ? kcov_remote_start+0x384/0x670
[ 1420.413234][T14828]  ? lockdep_hardirqs_on+0x78/0x100
[ 1420.413268][T14828]  hci_rx_work+0x451/0xfc0
[ 1420.413300][T14828]  process_one_work+0xa23/0x1940
[ 1420.413338][T14828]  ? __pfx_process_one_work+0x10/0x10
[ 1420.413369][T14828]  ? __pfx_hci_rx_work+0x10/0x10
[ 1420.413399][T14828]  worker_thread+0x5ef/0xe50
[ 1420.413432][T14828]  ? __pfx_worker_thread+0x10/0x10
[ 1420.413457][T14828]  ? kthread+0x13a/0x450
[ 1420.413477][T14828]  ? __pfx_worker_thread+0x10/0x10
[ 1420.413500][T14828]  kthread+0x370/0x450
[ 1420.413522][T14828]  ? __pfx_kthread+0x10/0x10
[ 1420.413545][T14828]  ret_from_fork+0x72b/0xd50
[ 1420.413578][T14828]  ? __pfx_ret_from_fork+0x10/0x10
[ 1420.413611][T14828]  ? __switch_to+0x800/0x10f0
[ 1420.413634][T14828]  ? __pfx_kthread+0x10/0x10
[ 1420.413657][T14828]  ret_from_fork_asm+0x1a/0x30
[ 1420.413694][T14828]  </TASK>
[ 1420.413719][T14828] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1420.712683][T14828] Bluetooth: hci3: failed to register connection device
[ 1420.841385][T25134] hsr_slave_0: entered promiscuous mode
[ 1420.847412][T25251] Invalid ELF header type: 3 != 1
[ 1420.866198][T25134] hsr_slave_1: entered promiscuous mode
[ 1420.890557][T25134] debugfs: 'hsr0' already exists in 'hsr'
[ 1420.903843][T25134] Cannot create hsr debugfs directory
[ 1420.918291][T16801] usb 6-1: new full-speed USB device number 59 using dummy_hcd
[ 1420.989703][T11941] hsr_slave_1: left promiscuous mode
[ 1421.039593][T11941] veth1_macvtap: left promiscuous mode
[ 1421.053460][T11941] veth0_macvtap: left promiscuous mode
[ 1421.065093][T11941] veth1_vlan: left promiscuous mode
[ 1421.077313][T14828] Bluetooth: hci0: command tx timeout
[ 1421.077896][T11941] veth0_vlan: left promiscuous mode
[ 1421.086148][T16801] usb 6-1: config 0 has an invalid interface number: 159 but max is 0
[ 1421.106209][T16801] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1421.116527][T16801] usb 6-1: config 0 has no interface number 0
[ 1421.122670][T16801] usb 6-1: config 0 interface 159 has no altsetting 0
[ 1421.131301][T16801] usb 6-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[ 1421.141134][T16801] usb 6-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[ 1421.151785][T16801] usb 6-1: Product: syz
[ 1421.155972][T16801] usb 6-1: SerialNumber: syz
[ 1421.163749][T16801] usb 6-1: config 0 descriptor??
[ 1421.282084][   T30] audit: type=1400 audit(1782517423.942:931): avc:  denied  { write } for  pid=25252 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1776 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1421.511616][ T5795] usb 6-1: USB disconnect, device number 59
[ 1422.072626][   T30] audit: type=1400 audit(1782517424.702:932): avc:  denied  { write } for  pid=25271 comm="rm" name="hook-state" dev="tmpfs" ino=1776 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1422.993315][T23043] Bluetooth: hci3: command 0x0406 tx timeout
[ 1423.027186][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[ 1423.039824][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[ 1423.156438][T14828] Bluetooth: hci0: command tx timeout
[ 1424.091937][ T5272] 8021q: adding VLAN 0 to HW filter on device eth10
[ 1424.485392][T11941] IPVS: stop unused estimator thread 0...
[ 1424.856481][ T5795] usb 6-1: new full-speed USB device number 60 using dummy_hcd
[ 1424.883209][   T30] audit: type=1400 audit(1782517427.542:933): avc:  denied  { write } for  pid=25312 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1776 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1425.018205][ T5795] usb 6-1: config 0 has an invalid interface number: 159 but max is 0
[ 1425.030183][ T5795] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1425.049904][ T5795] usb 6-1: config 0 has no interface number 0
[ 1425.063287][ T5795] usb 6-1: config 0 interface 159 has no altsetting 0
[ 1425.074252][ T5795] usb 6-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[ 1425.083411][T23043] Bluetooth: hci3: command 0x0406 tx timeout
[ 1425.088922][   T30] audit: type=1400 audit(1782517427.642:934): avc:  denied  { write } for  pid=25334 comm="rm" name="hook-state" dev="tmpfs" ino=1776 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1425.130971][ T5795] usb 6-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[ 1425.166677][ T5795] usb 6-1: Product: syz
[ 1425.170954][ T5795] usb 6-1: SerialNumber: syz
[ 1425.913484][T25134] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1425.965953][T25134] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 1425.994039][T25134] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1426.024171][T25134] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 1426.054618][T25134] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1426.076728][   T30] audit: type=1400 audit(1782517428.732:935): avc:  denied  { write } for  pid=25338 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1776 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1426.077595][ T5795] usb 6-1: config 0 descriptor??
[ 1426.200253][T25134] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 1426.210167][T25134] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1426.230589][T25134] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 1426.395832][ T5745] usb 6-1: USB disconnect, device number 60
[ 1426.427370][   T30] audit: type=1400 audit(1782517429.082:936): avc:  denied  { write } for  pid=25364 comm="rm" name="hook-state" dev="tmpfs" ino=1776 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1426.482843][T25134] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1426.505839][T25134] 8021q: adding VLAN 0 to HW filter on device team0
[ 1426.524150][T11934] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1426.531321][T11934] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1426.560722][T11934] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1426.567971][T11934] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1427.147998][   T30] audit: type=1400 audit(1782517429.782:937): avc:  denied  { write } for  pid=25372 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1776 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1427.310555][   T30] audit: type=1400 audit(1782517429.972:938): avc:  denied  { write } for  pid=25404 comm="rm" name="hook-state" dev="tmpfs" ino=1776 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1427.374296][T25134] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1427.516444][ T5795] usb 3-1: new high-speed USB device number 73 using dummy_hcd
[ 1427.669494][ T5795] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[ 1427.687915][ T5795] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1427.698747][ T5795] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[ 1427.702852][T25134] veth0_vlan: entered promiscuous mode
[ 1427.711758][ T5795] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[ 1427.730396][ T5795] usb 3-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[ 1427.741858][T25134] veth1_vlan: entered promiscuous mode
[ 1427.750591][ T5795] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1427.769281][ T5795] usb 3-1: Product: syz
[ 1427.779852][ T5795] usb 3-1: Manufacturer: syz
[ 1427.781923][T25134] veth0_macvtap: entered promiscuous mode
[ 1427.790621][ T5795] usb 3-1: SerialNumber: syz
[ 1427.798082][T25134] veth1_macvtap: entered promiscuous mode
[ 1427.809753][ T5795] usb 3-1: config 0 descriptor??
[ 1427.821114][   T30] audit: type=1400 audit(1782517430.482:939): avc:  denied  { write } for  pid=25410 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1776 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1427.851160][T25134] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1427.865888][T25134] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1428.025168][T11941] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1428.041344][T11941] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1428.054965][ T5795] adutux 3-1:0.0: ADU208  now attached to /dev/usb/adutux0
[ 1428.083122][T11941] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1428.090160][ T5795] usb 3-1: USB disconnect, device number 73
[ 1428.218258][   T30] audit: type=1400 audit(1782517430.782:940): avc:  denied  { write } for  pid=25431 comm="rm" name="hook-state" dev="tmpfs" ino=1776 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1428.585119][T25448] netlink: 200 bytes leftover after parsing attributes in process `syz.6.5796'.
[ 1428.655516][T11936] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1428.685355][T11936] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1428.713381][T11941] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1428.768584][   T30] audit: type=1400 audit(1782517431.422:941): avc:  denied  { name_bind } for  pid=25452 comm="syz.1.5798" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[ 1428.784399][T17949] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1428.848032][T17949] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1428.865174][   T30] audit: type=1400 audit(1782517431.522:942): avc:  denied  { write } for  pid=25438 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1776 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1428.932928][T25456] bond0: option primary_reselect: invalid value (254)
[ 1428.979029][T25456] bond0 (unregistering): Released all slaves
[ 1429.247801][T25430] usb 6-1: new full-speed USB device number 61 using dummy_hcd
[ 1429.426060][T25430] usb 6-1: config 0 has an invalid interface number: 159 but max is 0
[ 1429.448678][T25430] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1429.484520][T25430] usb 6-1: config 0 has no interface number 0
[ 1429.492289][T25430] usb 6-1: config 0 interface 159 has no altsetting 0
[ 1429.508033][T25430] usb 6-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[ 1429.527485][T25430] usb 6-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[ 1429.536206][T25430] usb 6-1: Product: syz
[ 1429.559000][T25430] usb 6-1: SerialNumber: syz
[ 1429.603167][T25430] usb 6-1: config 0 descriptor??
[ 1430.028864][T20263] usb 6-1: USB disconnect, device number 61
[ 1430.352043][T25478] program syz.1.5803 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1430.457541][T16801] usb 5-1: new high-speed USB device number 70 using dummy_hcd
[ 1430.636533][T16801] usb 5-1: Using ep0 maxpacket: 8
[ 1430.660547][T16801] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1431.382780][T16801] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1431.394433][T16801] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1431.404640][T16801] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1431.417942][T16801] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1431.427544][T16801] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1431.469711][T25488] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5807'.
[ 1431.653852][T16801] usb 5-1: usb_control_msg returned -32
[ 1431.663654][T16801] usbtmc 5-1:16.0: can't read capabilities
[ 1431.686863][T16801] usb 5-1: USB disconnect, device number 70
[ 1432.334023][T25506] netlink: 40 bytes leftover after parsing attributes in process `syz.1.5811'.
[ 1435.163139][T25550] kAFS: No cell specified
[ 1436.341119][T25567] netlink: 76 bytes leftover after parsing attributes in process `syz.1.5829'.
[ 1437.558925][T25588] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5835'.
[ 1438.976068][T25608] kAFS: No cell specified
[ 1440.226107][T25623] netlink: 76 bytes leftover after parsing attributes in process `syz.6.5846'.
[ 1442.059130][T25648] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5853'.
[ 1442.150991][T25648] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5853'.
[ 1444.349591][T25663] kAFS: No cell specified
[ 1445.052915][T25665] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5859'.
[ 1445.116400][T20263] usb 3-1: new high-speed USB device number 74 using dummy_hcd
[ 1445.326447][T20263] usb 3-1: Using ep0 maxpacket: 8
[ 1445.356518][T20263] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1445.543078][T25680] netlink: 76 bytes leftover after parsing attributes in process `syz.6.5861'.
[ 1446.346462][T20263] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1446.359534][T20263] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1446.369555][T20263] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1446.382665][T20263] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1446.455205][   T30] kauditd_printk_skb: 1 callbacks suppressed
[ 1446.455222][   T30] audit: type=1400 audit(1782517449.112:944): avc:  denied  { mounton } for  pid=25666 comm="syz.4.5860" path="/file0" dev="autofs" ino=99518 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=dir permissive=1
[ 1446.562177][T25684] 9p: Could not find request transport: virti®.=!ºo
[ 1446.885943][T20263] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1446.976819][T25698] openvswitch: netlink: Flow key attr not present in new flow.
[ 1447.163602][T20263] usb 3-1: GET_CAPABILITIES returned 0
[ 1447.213114][T20263] usbtmc 3-1:16.0: can't read capabilities
[ 1447.471858][T20263] usb 3-1: USB disconnect, device number 74
[ 1448.195172][T25712] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5872'.
[ 1448.218231][T25706] syzkaller0: entered promiscuous mode
[ 1448.244178][T25706] syzkaller0: entered allmulticast mode
[ 1448.320356][T25717] kAFS: No cell specified
[ 1452.538469][T25766] netlink: 'syz.5.5881': attribute type 10 has an invalid length.
[ 1455.060072][T25723] netlink: 76 bytes leftover after parsing attributes in process `syz.1.5874'.
[ 1455.624373][T25784] siw: device registration error -23
[ 1455.641200][T25784] kAFS: No cell specified
[ 1456.386929][T25793] openvswitch: netlink: Actions may not be safe on all matching packets
[ 1456.424945][T25794] netlink: 200 bytes leftover after parsing attributes in process `syz.5.5889'.
[ 1456.607252][T25803] No control pipe specified
[ 1456.715783][T25798] netlink: 'syz.6.5892': attribute type 10 has an invalid length.
[ 1456.766447][ T5610] usb 6-1: new full-speed USB device number 62 using dummy_hcd
[ 1457.545118][ T5610] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10
[ 1457.715324][ T5610] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[ 1457.735857][ T5610] usb 6-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ac.7e
[ 1457.745460][ T5610] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1457.753835][ T5610] usb 6-1: Product: syz
[ 1457.758468][ T5610] usb 6-1: Manufacturer: syz
[ 1457.763077][ T5610] usb 6-1: SerialNumber: syz
[ 1457.769723][ T5610] usb 6-1: config 0 descriptor??
[ 1457.777050][ T5610] hub 6-1:0.0: bad descriptor, ignoring hub
[ 1457.783051][ T5610] hub 6-1:0.0: probe with driver hub failed with error -5
[ 1457.817425][T25816] syzkaller0: entered promiscuous mode
[ 1457.827197][ T5610] input: syz syz as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input58
[ 1457.848600][T25816] syzkaller0: entered allmulticast mode
[ 1458.233433][T25831] program syz.4.5901 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1458.426140][T25841] No control pipe specified
[ 1459.407632][T25430] usb 6-1: USB disconnect, device number 62
[ 1459.701006][T25851] syzkaller0: entered promiscuous mode
[ 1459.717991][T25851] syzkaller0: entered allmulticast mode
[ 1459.913030][T25866] program syz.2.5913 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1460.143302][T25877] No control pipe specified
[ 1460.409991][   T30] audit: type=1400 audit(1782517463.062:945): avc:  denied  { map } for  pid=25888 comm="syz.6.5923" path="socket:[99889]" dev="sockfs" ino=99889 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 1460.509408][   T30] audit: type=1400 audit(1782517463.062:946): avc:  denied  { read } for  pid=25888 comm="syz.6.5923" path="socket:[99889]" dev="sockfs" ino=99889 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 1460.625211][T25902] program syz.2.5927 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1460.930504][T25910] netlink: 14 bytes leftover after parsing attributes in process `syz.6.5930'.
[ 1460.944164][T25910] .` (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1460.955521][T25910] .` (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1460.976754][T25910] .` (unregistering): (slave syz_tun): Releasing backup interface
[ 1460.999945][T25910] .` (unregistering): Released all slaves
[ 1461.140401][T25916] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5933'.
[ 1461.451637][T25933] netlink: 76 bytes leftover after parsing attributes in process `syz.2.5939'.
[ 1461.486001][T25933] syzkaller0: entered promiscuous mode
[ 1461.510354][T25933] syzkaller0: entered allmulticast mode
[ 1461.820143][T25947] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=25947 comm=syz.6.5944
[ 1462.307268][   T24] usb 6-1: new low-speed USB device number 63 using dummy_hcd
[ 1462.639673][   T24] usb 6-1: config 0 has no interfaces?
[ 1462.663629][   T24] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00
[ 1462.714029][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1462.766334][   T24] usb 6-1: config 0 descriptor??
[ 1462.964652][T25964] netlink: 52 bytes leftover after parsing attributes in process `syz.4.5952'.
[ 1462.976486][T25429] usb 3-1: new high-speed USB device number 75 using dummy_hcd
[ 1463.003824][   T24] usb 6-1: USB disconnect, device number 63
[ 1463.226816][T25429] usb 3-1: Using ep0 maxpacket: 16
[ 1463.240467][T25429] usb 3-1: config 0 has no interfaces?
[ 1463.252093][T25429] usb 3-1: New USB device found, idVendor=0b95, idProduct=772a, bcdDevice=82.73
[ 1463.262220][T25429] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1463.270516][T25429] usb 3-1: Product: syz
[ 1463.274811][T25429] usb 3-1: Manufacturer: syz
[ 1463.279478][T25429] usb 3-1: SerialNumber: syz
[ 1463.286843][T25429] usb 3-1: config 0 descriptor??
[ 1463.907661][ T5610] usb 3-1: USB disconnect, device number 75
[ 1463.984947][T25989] evm: overlay not supported
[ 1464.239483][T25998] xt_hashlimit: size too large, truncated to 1048576
[ 1464.857758][T26015] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=26015 comm=syz.6.5965
[ 1466.239146][T26024] fuse: Bad value for 'fd'
[ 1466.782048][T26036] netlink: 344 bytes leftover after parsing attributes in process `syz.2.5972'.
[ 1466.907137][T26043] openvswitch: netlink: Actions may not be safe on all matching packets
[ 1467.649571][T26057] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=26057 comm=syz.2.5977
[ 1468.900045][T26063] program syz.4.5980 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1469.080837][T26070] overlayfs: missing 'lowerdir'
[ 1471.648296][ T5795] usb 5-1: new high-speed USB device number 71 using dummy_hcd
[ 1471.826918][ T5795] usb 5-1: Using ep0 maxpacket: 16
[ 1471.872678][ T5795] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1471.971996][ T5795] usb 5-1: config 0 has no interfaces?
[ 1472.025690][ T5795] usb 5-1: New USB device found, idVendor=0c45, idProduct=5112, bcdDevice= 0.00
[ 1472.108124][ T5795] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1472.198513][ T5795] usb 5-1: config 0 descriptor??
[ 1472.218354][T26105] netlink: 'syz.1.5990': attribute type 10 has an invalid length.
[ 1472.415497][T26097] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[ 1472.450744][ T5795] usb 5-1: USB disconnect, device number 71
[ 1472.487641][T26120] netlink: 56 bytes leftover after parsing attributes in process `syz.1.5997'.
[ 1475.960403][T26158] netlink: 56 bytes leftover after parsing attributes in process `syz.1.6010'.
[ 1482.451440][T26253] lo speed is unknown, defaulting to 1000
[ 1483.916993][ T5795] usb 6-1: new high-speed USB device number 64 using dummy_hcd
[ 1484.117383][ T5795] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[ 1484.244969][ T5795] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1484.348287][ T1314] ieee802154 phy0 wpan0: encryption failed: -22
[ 1484.353699][ T5795] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[ 1484.442113][ T1314] ieee802154 phy1 wpan1: encryption failed: -22
[ 1484.481745][ T5795] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[ 1484.609128][ T5795] usb 6-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[ 1484.645745][ T5795] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1484.693796][ T5795] usb 6-1: Product: syz
[ 1484.707737][ T5795] usb 6-1: Manufacturer: syz
[ 1484.722356][ T5795] usb 6-1: SerialNumber: syz
[ 1484.771677][ T5795] usb 6-1: config 0 descriptor??
[ 1485.021249][ T5795] adutux 6-1:0.0: ADU208  now attached to /dev/usb/adutux0
[ 1485.089191][ T5795] usb 6-1: USB disconnect, device number 64
[ 1485.964162][T26331] netlink: 52 bytes leftover after parsing attributes in process `syz.2.6073'.
[ 1487.338183][T26362] netlink: 52 bytes leftover after parsing attributes in process `syz.6.6086'.
[ 1487.954691][T26379] autofs: Unknown parameter '0x0000000000000000'
[ 1488.623763][T26392] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=26392 comm=syz.4.6098
[ 1488.913297][T26405] autofs: Unknown parameter '0x0000000000000000'
[ 1489.056520][ T5795] usb 6-1: new high-speed USB device number 65 using dummy_hcd
[ 1489.188362][T26425] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=26425 comm=syz.4.6113
[ 1489.206505][ T5795] usb 6-1: Using ep0 maxpacket: 16
[ 1489.214328][ T5795] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1489.231833][ T5795] usb 6-1: config 0 has no interfaces?
[ 1489.237516][ T5795] usb 6-1: New USB device found, idVendor=0c45, idProduct=5112, bcdDevice= 0.00
[ 1489.247375][ T5795] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1489.267427][ T5795] usb 6-1: config 0 descriptor??
[ 1489.601802][T26433] 
[ 1489.604158][T26433] ============================================
[ 1489.610304][T26433] WARNING: possible recursive locking detected
[ 1489.616448][T26433] syzkaller #0 Tainted: G             L     
[ 1489.622418][T26433] --------------------------------------------
[ 1489.628553][T26433] syz.5.6103/26433 is trying to acquire lock:
[ 1489.634621][T26433] ffffffff8f9eeed0 (qp_broker_list.mutex){+.+.}-{4:4}, at: vmci_qp_broker_detach+0x14c/0x11e0
[ 1489.644917][T26433] 
[ 1489.644917][T26433] but task is already holding lock:
[ 1489.652285][T26433] ffffffff8f9eeed0 (qp_broker_list.mutex){+.+.}-{4:4}, at: vmci_qp_broker_detach+0x14c/0x11e0
[ 1489.662584][T26433] 
[ 1489.662584][T26433] other info that might help us debug this:
[ 1489.670645][T26433]  Possible unsafe locking scenario:
[ 1489.670645][T26433] 
[ 1489.678087][T26433]        CPU0
[ 1489.681358][T26433]        ----
[ 1489.684621][T26433]   lock(qp_broker_list.mutex);
[ 1489.689469][T26433]   lock(qp_broker_list.mutex);
[ 1489.694318][T26433] 
[ 1489.694318][T26433]  *** DEADLOCK ***
[ 1489.694318][T26433] 
[ 1489.702450][T26433]  May be due to missing lock nesting notation
[ 1489.702450][T26433] 
[ 1489.710755][T26433] 1 lock held by syz.5.6103/26433:
[ 1489.715854][T26433]  #0: ffffffff8f9eeed0 (qp_broker_list.mutex){+.+.}-{4:4}, at: vmci_qp_broker_detach+0x14c/0x11e0
[ 1489.726589][T26433] 
[ 1489.726589][T26433] stack backtrace:
[ 1489.732481][T26433] CPU: 0 UID: 0 PID: 26433 Comm: syz.5.6103 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1489.732518][T26433] Tainted: [L]=SOFTLOCKUP
[ 1489.732528][T26433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[ 1489.732544][T26433] Call Trace:
[ 1489.732553][T26433]  <TASK>
[ 1489.732564][T26433]  dump_stack_lvl+0x100/0x190
[ 1489.732603][T26433]  print_deadlock_bug.cold+0xbd/0xca
[ 1489.732639][T26433]  __lock_acquire+0x1256/0x1a40
[ 1489.732675][T26433]  lock_acquire+0x1b9/0x370
[ 1489.732701][T26433]  ? vmci_qp_broker_detach+0x14c/0x11e0
[ 1489.732737][T26433]  ? __pfx___might_resched+0x10/0x10
[ 1489.732765][T26433]  ? kasan_save_stack+0x3f/0x50
[ 1489.732793][T26433]  __mutex_lock+0x1a4/0x1bd0
[ 1489.732821][T26433]  ? vmci_qp_broker_detach+0x14c/0x11e0
[ 1489.732855][T26433]  ? vmci_qp_broker_detach+0x14c/0x11e0
[ 1489.732887][T26433]  ? vmci_host_close+0x115/0x1a0
[ 1489.732915][T26433]  ? __fput+0x3ff/0xb50
[ 1489.732939][T26433]  ? task_work_run+0x150/0x240
[ 1489.732962][T26433]  ? exit_to_user_mode_loop+0x1d8/0x6f0
[ 1489.732991][T26433]  ? do_syscall_64+0x666/0x870
[ 1489.733017][T26433]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1489.733042][T26433]  ? __pfx___mutex_lock+0x10/0x10
[ 1489.733080][T26433]  ? vmci_qp_broker_detach+0x14c/0x11e0
[ 1489.733113][T26433]  vmci_qp_broker_detach+0x14c/0x11e0
[ 1489.733148][T26433]  ? kasan_quarantine_put+0x104/0x240
[ 1489.733173][T26433]  ? lockdep_hardirqs_on+0x78/0x100
[ 1489.733200][T26433]  ? __pfx_vmci_qp_broker_detach+0x10/0x10
[ 1489.733234][T26433]  ? ctx_free_ctx+0x4b0/0xda0
[ 1489.733255][T26433]  ? ctx_free_ctx+0x4bd/0xda0
[ 1489.733276][T26433]  ? kfree+0x22b/0x6c0
[ 1489.733310][T26433]  ctx_free_ctx+0x517/0xda0
[ 1489.733333][T26433]  ? __pfx___schedule+0x10/0x10
[ 1489.733357][T26433]  ? __pfx_ctx_free_ctx+0x10/0x10
[ 1489.733380][T26433]  ? preempt_schedule_thunk+0x16/0x40
[ 1489.733406][T26433]  ? preempt_schedule_common+0x42/0xc0
[ 1489.733432][T26433]  ? preempt_schedule_thunk+0x16/0x40
[ 1489.733460][T26433]  vmci_ctx_enqueue_datagram+0x4be/0x5f0
[ 1489.733487][T26433]  vmci_datagram_dispatch+0x3db/0xc60
[ 1489.733514][T26433]  ? __pfx_vmci_datagram_dispatch+0x10/0x10
[ 1489.733540][T26433]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1489.733563][T26433]  ? find_held_lock+0x2b/0x80
[ 1489.733583][T26433]  ? vmci_qp_broker_detach+0xef9/0x11e0
[ 1489.733627][T26433]  qp_notify_peer+0x1a6/0x230
[ 1489.733659][T26433]  ? __pfx_qp_notify_peer+0x10/0x10
[ 1489.733695][T26433]  ? __pfx_vmci_ctx_qp_exists+0x10/0x10
[ 1489.733725][T26433]  vmci_qp_broker_detach+0xa20/0x11e0
[ 1489.733763][T26433]  ? __pfx_vmci_qp_broker_detach+0x10/0x10
[ 1489.733797][T26433]  ? ctx_free_ctx+0x4b0/0xda0
[ 1489.733817][T26433]  ? ctx_free_ctx+0x4bd/0xda0
[ 1489.733838][T26433]  ? kfree+0x22b/0x6c0
[ 1489.733871][T26433]  ctx_free_ctx+0x517/0xda0
[ 1489.733896][T26433]  ? __pfx_ctx_free_ctx+0x10/0x10
[ 1489.733918][T26433]  ? __pfx_autoremove_wake_function+0x10/0x10
[ 1489.733945][T26433]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[ 1489.733978][T26433]  vmci_ctx_destroy+0x150/0x1c0
[ 1489.734001][T26433]  vmci_host_close+0x115/0x1a0
[ 1489.734030][T26433]  ? __pfx_vmci_host_close+0x10/0x10
[ 1489.734060][T26433]  __fput+0x3ff/0xb50
[ 1489.734089][T26433]  task_work_run+0x150/0x240
[ 1489.734113][T26433]  ? __pfx_task_work_run+0x10/0x10
[ 1489.734142][T26433]  exit_to_user_mode_loop+0x1d8/0x6f0
[ 1489.734171][T26433]  ? rcu_is_watching+0x12/0xc0
[ 1489.734205][T26433]  do_syscall_64+0x666/0x870
[ 1489.734233][T26433]  ? clear_bhb_loop+0x40/0x90
[ 1489.734258][T26433]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1489.734282][T26433] RIP: 0033:0x7facca79ce59
[ 1489.734303][T26433] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1489.734326][T26433] RSP: 002b:00007faccb6e0028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1489.734349][T26433] RAX: 0000000000000000 RBX: 00007faccaa16090 RCX: 00007facca79ce59
[ 1489.734365][T26433] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000008
[ 1489.734380][T26433] RBP: 00007facca832e6f R08: 0000000000000000 R09: 0000000000000000
[ 1489.734395][T26433] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1489.734410][T26433] R13: 00007faccaa16128 R14: 00007faccaa16090 R15: 00007ffeaeed05a8
[ 1489.734435][T26433]  </TASK>