last executing test programs:

9m23.931654939s ago: executing program 3 (id=3838):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c)
r1 = openat$vicodec0(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
ioctl$VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x201, 0xa, 0x4, 0x0, 0x9})
ioctl$VIDIOC_S_STD(r1, 0x40085618, &(0x7f0000000180)=0x320000)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000004580)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000001a40)="0e", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000b80)="bda033176eb146b36ef41f221a4e7ce4a02598d750606488520915c6806affc0a913781c7211ce1fcd59a12b5d5afdaf9d723f092ce9d1eed16e208f2e79831ca049e8979ad94621175c2c48c10e33b29f2def51498743b057efc21efe4be4d9f02e9d236f27190c29c5da0f3799452f5e3640340502fde4ae8c56b303e1b79b3d1842bf6277771bef544c745e7a80c9e7efdd1c619f69b9d01839aa326776d335689e4db7cb7e32fad8f4c40e943b43eb4ea173d720bf5998149625a731643636c8ddbe61e1d7d4736f8414a84acc40557012c82697d8a59c873424aefb3c7ff0dba302efaaf887a477b1ab7ea6c1def9db3514e444c1ef36c6cf42cde90d4bbb2e923a5d16a1bb191ad91cab867cd55037d507a12803f3df1b81f1857fad085dbc5c46aac14230d7a4f8b36d6bc63b4a16cd309b7697b421a662b83001b5ce5ab3ff80800243107df7aa6cae9a5db6a8f2a53ef7d6c6aeac76b83a15466c74a9cdbcde8505e3d14c0c3a47a36bf464168202dc88e25f4c1da57faf0eaa7ff16bdd751c2ae5778e169c8ffba57c9a20e24ad51e6e8e02b721e8ca94f131cc98e03b34b615a1db4080362de4ef215d5a0541aeb0c742a2636ac5af8538ceb3585ef9dca8037df55baa072096073b005b53eff0b899de59bc2b5d687d109520571eeacb30124c4012fe6cb9e3bf451be3d219206ddc35099101533cff5aee6c4783e00e6dd391f664052a6c66c62f62a49fde8fbe336543bf99b55e53b801e54c1d0a292da83db26a8a870ac1d8751c4bc0d495277295cd3a17f9e9a25d70214a17b981b62d5c75356ed025df3557a8b59648edd9d1dbdf169d91f9d85cfac11a57db0a14f03e8934a2cc98d389912a0d9942a40c3ee98d35da61d3bab1a32c9d788e9f74ee57012ca5bfd0dc090b591c64aae6a205fbd349fc372bbd7429983a69cae26ff8b5b019144d318ba225e46bc6cf8d7d3e5952333042542b2fd4fb4d88a3651dd8e14ecc2845d4e71f7dfd128e9e2ee2ab0062a3e701bb2477bfd73d7396ae522f11fa481078d1c7f7905e0846fb072dcf7c06106b3816ec4a3518514c7166d7385b680469f5184a93953258952554e68d93ea8f789c4f13982b65996d7d9cf19f0b39b72e1dc9079d84413bbc30d24fc481e24ef1beacb8bc15f50c2663d684d16a1c71b2c8a568481f4f1b254ccd66fbef4cacfc3e13f2c943a264e429824bef7297f93076aea55ed9cf12512ce3ac3df331695024bd", 0x37b}, {&(0x7f0000000300)="439e9c06fc666cabc8569d63a866b31ff3ceda1e28", 0x15}], 0x2}}], 0x2, 0x4048884)
close_range(r0, 0xffffffffffffffff, 0x0)

9m23.30450161s ago: executing program 3 (id=3839):
r0 = epoll_create1(0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = socket$inet6(0xa, 0x802, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r0)
r4 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000040)={0x20000001})
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r1, &(0x7f00000000c0)={0x1000})
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r4, &(0x7f0000000240)={0x20001011, 0x97ff})

9m23.198231784s ago: executing program 3 (id=3840):
socket$packet(0x11, 0x3, 0x300)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x7ffb, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffbf}, 0x0)
r2 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000002200), 0x80002, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4001, 0x0, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, 0x0, 0x0)
setsockopt$MRT6_INIT(r2, 0x29, 0xc8, &(0x7f00000002c0), 0x4)
signalfd4(r0, &(0x7f0000000080)={[0xc658]}, 0x8, 0x800)
r3 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
writev(r3, &(0x7f0000000100)=[{0x0}], 0x1)
io_setup(0x30, &(0x7f0000000600)=<r4=>0x0)
pipe2$9p(&(0x7f00000000c0), 0x4000)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000feffffff00000000000000001801000020646c4200000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000004000000850000000600000085000013"], 0x0, 0xfffffffe, 0x0, 0x0, 0x727c45cd4283345, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x94)
r5 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x101002)
io_submit(r4, 0x1, &(0x7f0000000180)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, r5, &(0x7f00000000c0)="01", 0x24}])

9m21.805670105s ago: executing program 3 (id=3843):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
mount$afs(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100), 0x4, &(0x7f0000000200)={[{@dyn}]})
ioctl$VT_GETMODE(r0, 0x5601, &(0x7f00000003c0))
mkdirat(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = socket$inet6(0xa, 0x1, 0x8010000000000084)
r3 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi4\x00', 0x2, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x300000d, 0x13, r3, 0x0)
readlink(&(0x7f0000000180)='./file0\x00', &(0x7f0000000040)=""/253, 0xfd)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ip_vs_stats\x00')
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="280000000203010400000000ffffffff0000000008000100"], 0x28}}, 0x20)
sendmsg$NFQNL_MSG_VERDICT_BATCH(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000500)={0x20, 0x3, 0x3, 0x101, 0x0, 0x0, {}, [@NFQA_VERDICT_HDR={0xc}]}, 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
bind$inet6(r2, 0x0, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000200)='net/rt_cache\x00')
setsockopt$inet_mreq(r6, 0x0, 0x24, &(0x7f0000000240)={@empty, @dev={0xac, 0x14, 0x14, 0xc}}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
io_uring_setup(0x8c3, &(0x7f0000000280)={0x0, 0x93d2, 0x2, 0x45, 0x227, 0x0, r6})
sendmsg$NFT_BATCH(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000340)={0x0, 0x7c}, 0x1, 0x0, 0x0, 0x881}, 0x20004000)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [], {0x14}}, 0x28}}, 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x104000, 0x0)
mount$9p_unix(&(0x7f0000000140)='./file0\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x12c5c18, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x2a05004, 0x0)
ioctl$TIOCPKT(r0, 0x5420, 0x0)

9m20.862319179s ago: executing program 3 (id=3844):
r0 = syz_clone(0x80000400, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x4206, r0)
tkill(r0, 0x12)
ptrace$getregs(0xc, r0, 0x1, 0x0)

9m20.407278607s ago: executing program 3 (id=3847):
openat$uhid(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$binderfs(0x0, 0x0, &(0x7f0000002400), 0x4000, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="3b1c1b2098f0bc154c9778a9229a7d3bd98f8b22f6", 0x15)
sched_setaffinity(0x0, 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b000000000000000000000000000400000000", @ANYRES32=0x0, @ANYBLOB="0000000000b267053aa772da53b5e9b9941ad8bb02c86e09000000d2c2bbf7c3bc537f9fb7661f2ea54a2c601b5d1e917a172a1a4ce1e52a37d4c39d530244c9e54e6739530a491b58ae6f645feac30a1e890c1265c8842eeeffe6f516c36b395b4e1f904730be36fc07e8cbf5800d0fb9169acd9c01caf8babe888c4dbe5d5ce35d08dd", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x2d)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(0xffffffffffffffff, 0x6, 0x21, 0x0, 0x0)
sendmsg$nl_route_sched(r4, 0x0, 0x0)
r5 = fsopen(&(0x7f0000000340)='ocfs2_dlmfs\x00', 0x0)
fsmount(r5, 0x0, 0x1)
fsconfig$FSCONFIG_SET_BINARY(r5, 0x2, &(0x7f0000000200)='/dev/snd/midiC#D#\x00', &(0x7f0000000d80)="fb", 0x1)
r6 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
fsetxattr$security_ima(r6, &(0x7f0000000000), &(0x7f0000000040)=@md5={0x1, "f08e6c04682c1f4b1dd44747e69d39b7"}, 0x11, 0x1)
ioctl$sock_netrom_SIOCADDRT(r6, 0x890b, &(0x7f00000000c0)={0x0, @null, @bpq0, 0x1, 'syz1\x00', @null, 0x5, 0x1, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]})

9m19.954300215s ago: executing program 32 (id=3847):
openat$uhid(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$binderfs(0x0, 0x0, &(0x7f0000002400), 0x4000, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="3b1c1b2098f0bc154c9778a9229a7d3bd98f8b22f6", 0x15)
sched_setaffinity(0x0, 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b000000000000000000000000000400000000", @ANYRES32=0x0, @ANYBLOB="0000000000b267053aa772da53b5e9b9941ad8bb02c86e09000000d2c2bbf7c3bc537f9fb7661f2ea54a2c601b5d1e917a172a1a4ce1e52a37d4c39d530244c9e54e6739530a491b58ae6f645feac30a1e890c1265c8842eeeffe6f516c36b395b4e1f904730be36fc07e8cbf5800d0fb9169acd9c01caf8babe888c4dbe5d5ce35d08dd", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x2d)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(0xffffffffffffffff, 0x6, 0x21, 0x0, 0x0)
sendmsg$nl_route_sched(r4, 0x0, 0x0)
r5 = fsopen(&(0x7f0000000340)='ocfs2_dlmfs\x00', 0x0)
fsmount(r5, 0x0, 0x1)
fsconfig$FSCONFIG_SET_BINARY(r5, 0x2, &(0x7f0000000200)='/dev/snd/midiC#D#\x00', &(0x7f0000000d80)="fb", 0x1)
r6 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
fsetxattr$security_ima(r6, &(0x7f0000000000), &(0x7f0000000040)=@md5={0x1, "f08e6c04682c1f4b1dd44747e69d39b7"}, 0x11, 0x1)
ioctl$sock_netrom_SIOCADDRT(r6, 0x890b, &(0x7f00000000c0)={0x0, @null, @bpq0, 0x1, 'syz1\x00', @null, 0x5, 0x1, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]})

5m27.783720506s ago: executing program 4 (id=4697):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000001ac0)=ANY=[@ANYBLOB], 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x1)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, <r4=>0x0, 0x0, <r5=>0x0}, 0x2037)
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
write$FUSE_INIT(r3, &(0x7f0000000040)={0x50, 0x0, r4, {0x7, 0x1f, 0x0, 0x10400}}, 0x50)
syz_fuse_handle_req(r3, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x20, 0x0, 0x7, {0x0, 0x1b}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r3, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ccc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb190df08747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb81035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22263e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485e4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6b3f0000f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784753f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2205eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e44312c24c2ce8e642bb73c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a748cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d9f95e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad24c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc5908", 0x2000, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x78, 0x0, 0x0, {0x0, 0x10000000, 0x0, {0x0, 0xfffffffffffffffd, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x8000, 0x5, 0x0, r5, 0x0, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
syz_fuse_handle_req(r3, &(0x7f0000006380)="c66dd220cbdeb68f27c1f98bf43fd861bcf841572658a3308737983b31a434673f1003eeeb6d9b934bcd19cf754f4882114d61e15354449f763f772e86c9e2252731f7a098faad2accca3e470845b32918bcf530f9474d3cd610d9028cb7b247d3a73d887719f70554d8976c10784c8073e521a80b5ebe7501d6c3b6b5cf9a498a1e97b8201ac756e5f35d71bdd4d196e73cae0cc34c7140cde8380de823e8c76662f0844f549818b5ef6c732b8f412b79273508b69f2e6a653709b4d9bded080b6c15ca5c5b8ff23309e05d460dfb40403f60a3e5a0e1d4e1aa59d53823a047427673267e79d40fdd6f12ef696fe22887d24087373f64987e48ba20e7f47d1f08871e0c22a02593156648fc106c4529d8cf17c71d473f4ad43992b1cdbf5cfaaf1ce401d5ad8b9c6bdc3c60a88a91c52f5aae74a5d25e0cd738fd80169a98b84d4d24a7e86c9d8e4c3e3ff1a9fc44a87558aeb7acbfec13a26a4b121b2cb9ae628c682aa4c44311c45a673bab25880665d6cdf589e5c5415794c4fd6b940e7a44df93a34a684183581c850fbe97ef8c1de852ea836e0db1a104b498d6dd8fdf65c606e772de2e9dfe46a418fac3c0bdd72916c951e3df04f2ae85839305be2a86aebcf4898b6e49c27df6033ad2b8651279ceb20c779716240d3d0fef3bb6c417a8c6f75398a91942d8ab11f21f5795767650a96e246c7244f8e4935e9c01349616a098ae810487d657fd095beee05a36812f39f4266f25f4508e80f19a4aec7116f1d8bc48bc2c1f0f96ff34b66a965d428852766b78f1e7eb0260bbb355cc0859af6988ff7efa0b3fede3d5f2f2147ffae4a5eb58a7585b596270334c360a1547787a95634e13d59bf53f51f48e75a6a3e48f8348f4cb495d9699dfdf8cc71668c5b9622578100f7163394cb3171fc8a6c1e7f88f08b8c3cf4b0cd9a1bc16bd1488ebe43199d97cdf4bbcde8a06a79c5af6ff2ebf1a04add74830cfac0b946514b18de249e934dd8a1a96fce085320fa857c853480170208533acd3d41c4384a932eeccd4ce7d09827efae4c0d19d00c5b48943c4d877017be59434dae6bef767fb9ffd073c2261b06c0f23a0c77a5bcb1f5738dceb6abee00bd7c649f6ebc64b4b8b948319a22ed4add48eedda8a2cd1bad6799e1d9ed778e5ce22d5fead0cd06806cb4b7b5661f9db6bcf9ddcdc9e49e0e6a8ec98fc42c660d5d75311fb9c9d06074611ebbdbea45672dd78760ed92d0e95c1d5ae234d674dc3ffaeef3d928aa4b93c0fe55fa886bd3f2371a5bb22c4dd6b8bc13250490cf279d4e56b646dec4eaa53951d55f602c1f4081d49316f6bcb35aad0453b44c7f266e99838683404859bc372d1df5f1512f35558b3706b32093b72a78a40c8a188852a0b5aca11a34ba23195cb598ca595f243c260392cd793b65dda856f81be1b54d873a0366407ac26687262d6bda693e058f598bde80e304c83dd0c2fd0e634ff15e1ca4e2918bfa8e3a626aee7b5e445aa7fae096595fe58032c993eb06ce49c1045b1f132f2c90d6e23b76076838ad7ed7a6a74245d7ad72b38bdc04e458d3908d1d272f23fe18f68ad746e5440cfbcc3b7ad477dccd6fb2db536df0e4d24480d2765e724ca06cbde7e01cd32e36681796a454c801adc1b25b501cc4aaae778f3783dad15d12e656b09bb3d8f37efc86cc7faea5e51913902faed79ae5973f4413e275f78e7e66099f9e41bd73a07445a780dde0b189308e3b83d1a3cf5aef2d3e11fcad930eb6c60ebb899b22cdbd539412b2371d28a4331394d8f29d8b16f94ffd91d4eb5c278e7f6b4024fcc7af9dfde1b3c915b06dae683760fad05d6638c6389fdd19a9b12956c11e9b9ea7d30e09b13d9f681e012f1e41746341a61b71ac6c333b29883ca2cd1aaa3c02e66c85de1e3b2b7e77b0dd1469ab9db5c17beb2d33862db20fd77de685a1e70ba55b0d9cf4b2d3d1196196b5317324e5f189605baa37493c9586b7e475865b4bb21b335e8b291b9dea17f6afc1cd84618b189567817511de821a866a00b62c62516b716cf55dcf7f5b7d7520306fe03f00cc61b7dc297886459d74bedb8ac1d05cc506db74d018c877da735481c318224fd06f349b59f69b0d2d017c817e5a1f934d263789d418eb69c772d923b01a6a4a6afbba4a6980fbf7cddd84f8e4392eaccb98cdd30488919ea6d492d32f9ca4233649117474f4116f6ca4cb762d524c0f92bbb40d3f430dbd50dba20adda8b4170a73c3b66257c412311a7bd3ea3ecca0da47a7a00ef0a464ee0a4b2402b61db833f3cfe1847b9630de47f331d575f6e3c6fb44a9021700c6d8055ea982a05a5ba6a91a41e7445fdba7ac09202fee733a5c216b3c3090991225b98178508d1985832f8e7dae58482ec0fa2215c935bd0ef9f03c0ed3caf97bf4de023605aa8535f1e88e841471bd8842084c6715a3fd3acd07ec9c43f635e5f868d82cdc6f9424ed978d39e72cc92535c2637164f15e9a67770389535ba46cbf786189562908872274ba126b313bd1c0780e9d0ca38956d1277b58f04eaa1f97ed8c6c83d9c05df0df8b43da930707a84662e480a33d1868edc9ff65368d51fda828ad29ecbd3b2cc0ddb0aad251b4736f872ba5f066617a9e9675ed7f80685544af44c677b9d39a1a353984ea4ccbf36d759b490f8dcd5621e573baaa2c03ef367f543ca5d36d1c9d33d4762bb0b1e02ec67d3511582d69b06a57d15f5260fab5ed8d9361948eabf88d9e776a18c5c4f2d42bb46373861b613db9a91ccff8fbd563ddb37f0738fa1723c23c85cac0f9eb53a41d115fe0339eed3167f59b2f2f0739cf9c0ba5769b18a213d5809bccadecee6e781811bf584c22a6557516d12bd58420f5c67c673fdf0888ab31edcee3198927b5b87a63f89f7a07d1da8cb946f0a87e7d3bb455c888f394d17694378446c9073e54368564dc546b6c930ae17afcc8360cb2e31d87ad8923f60033aa637a399707398ffa51645ab1d9963c29375c834746004ac16d24d8f006e9674e45da3d938de524857c57fd39b22678f39096309527ed22c41677a65a67dc0998a8babc9cb688a56628d09a732773d9019d92399415e93852a12d66ccbfa571837b7689c7cc50026ed643a89c8f1bdef6d01016e6e1c21bb779db52c2254f5dae40ff173943ba62ce343ec035d93d5c92c64884d654777cf6995dd0c485c7c132db383769ae1f35f1980654d2b47e92b1862f653eeb81ada4eed6c9d0fe9da3d7db5dfb4d66b2d576676beddc4394ade2acf55f9ec24aee7c4c77138e799f62deb19367ce226a66715da515479b176c9ca06c739566d279142ce2163b8835c840a3de6e2d275b5d5a948b26ec8faa6cf322c5038fc00fb0a27f0b76b5e305780c9145e99feadf571bf8d87dc93ea0f8ff3bc246b16d4e43256507abc7ccc92e113a037ab13855058ba1e0770b90f52e0740c157d68963b3d236f681454589385c6124bddf948c5aa2e147a3543c301dc6d82acb504f76239c890b7d3d76dbd7c26445ab6fe66f9f71d95f4f0d6c51533ce4b05353ef27178f6b6813366189ff4cc19cc5c9f7aca4d6b6f3b5b213e828cbf8b8b5cacb42ade1fa2594cc4ccd3457a45a5b19926f17b9061c9072fdce96afbd3f2bbecc6dfbdf9d9b3e1a621e65a7cdf0a97cb0223b220b39a88b7414ce91e5fb52f3c9c7e10199ffc8fad826d40a798ecaebbd8881c1605f986bb0af06f416280f63f3a3c28d399d13c21e6d79501cbbfcc9483a73a931e91358807fbebefd39b466cb9f251fa4fc7d5f4fd2d87d4604c9750593d3a801b963085ad7aaa91e023977742b728d292b046d0bd49f81717a686f10096e154681b85aeb81a26fa8f46bf3dfdf5dc7c7ca37aa3da37e53a105be5935640baff476453f53ffcf786894eac35d1933a5e97fb9b6d975f9fbe7914d09dc948d305005eb4aba3a9b8cdefb30dbb3300f46041db06567956ba4327280721addb17425a2b223e81bc41467cb413cebbe16818468eeb5b24b6cd79ec4787f693f3c301e5dd10747bea13bf042d6fde42d18c48fec0e3e43454799da1d5501130fc98917fed27d696ae85a39debdb67d5b3d70a82a2097095476e24211757626c91a29e917796766bc4016456c4acf0436b6c02055778ce7f34e605264f7d6d1321072c4ba341866ac6f78e9b99a30478eb7f09a17f4fb3e23184e878c2f60d2c18617185007841778c7c256750a287ec0bbdd20bd37ab50538e43a5929456d336fb46a04593765b2692ba15e7b71b97788970a7903e12088211098bd356132862a4d586508b4aac077d3acd4f77c67d9066b436d14b20d3e2870cb19cdad5581de2e08da761fc95755c43cf0dc2cff84e6a3a8fa2d0390fcfee285a133b37ac7b2fefd0d3665b1705784187e228579680be97982194329136fb72d8b61cdeaa88f3dfc835ae22167c0130529fe81043b0e1c3aebccb1f4aadc28cb484f850158504439d389d1e559ff424217dc031d422a8b7b51731db75dc541e16fed8fae14f58c1f9c8d0fb91a685245ba558c1aeb243aa728db51c3f3aa6d8f7a4a547b8d95018402283a59a45173e7696f02304954ebfb43c2215f180c8e47e433e5262e279fdb63405c81b0f128b7d6a095ff5f85690331d94d34923a3e8beef5cccbf7b208b2a0aa898f9a32b2f1bb55aca4eaaefcdf09acd871f4b88feb535be87dfdbb5ad45ff3c26a2765230011d90baa4b5d5baaac5519f9013c8fd497d57083403ee6eb0c4e23428cf3846bd34d69840d021196f9a9a4fc101016fe2d4fbf4ec23c11e9d737c5e6d2cc3da7e0981c00ea9df07ed88ab05b7821033b2d311f2fe0525176660d0a33b0eb23a57f5b1d41e2c1698ac7bfe5f59c27792f899fd39610052b705862e798a27084450edfccd180a13d8adf8072430e9305f41b0a67bd1784b6ba9450b1e872794e0b7b55b22a2f649f83270b98d0a0137694fec0d16ec2ebf37c72d9398d231a71e40c912428929a29a433dc0fdcb697f64e07540da92067b1b5a7735fb7fb8ac8da2591fa44b676bbaa32ef5e6cc11f1b2ab3b262d9bc4b2082e081ee50fe71def63cf6e2d588bb8d66a8daa8c8a30ca07d2956463e1affc76003e4bacc632cdeee50098fe80cd7485fefed6eab639d8c42a1357fefae5a5a779fad536474e3bdebf6aab699552e807ffd8a44030f439756748dee9ddf19a6cbf5f75307b03c5ef4185a31a41583fb4ca3699e06319371c5d932d6e5f4e1bf77c02c70564d2140f7510e183ba2fa7ead8a9b8cfb085a9d0fa7dbca7561bd9dc1e5c1a1da0322982ff29c0fa2cc33bea18646445cc59b44965a01570b7b739d730df8f1f2cfe3558e7102de13994d6745ef8f91965265fbe0d29c3f381e1eb9c63242962a4409ddb0a4946ef9ce5b0eda90f8365362681943247a0d87d9b7fbbdd26d4902be34068499b6e2ab2ea746634402e1065c8cb9c32a211d10fc2796f1a7045c59b9cbc4771dbf56a5c38303f93951194d06a1b8cce31dd4869a148ae90a797d09de168e47974ed9699eab3a6424781f481d03cf1046df28b454af02df72c0f56c693343a82f7f383afb3ac452200ff155444010f6c988de71e3fb6f079bc6ac2bfab6ff451242b7e3e70578b8206529816764206d47115cda77b3e356e54f825ec745017ea8c3dcb412523b754b951d19fc075ec66012cceff51da925af9079f547e840c3f2774239cce5fd6533f3ee8d194812de2d4499ef18c4bebfa8d7273307d7aa0ac09e6ebfd95ba99946a585a4bd4afef8bb0b52857e8415a32b42e0a9ccb0749599d7a43cec793b22c96b3de91534c905456b25a5972124b83c7d8f0520cd71c5544e49afab26cccacdb7e112f0af1acbcb2b68760c7538aa6c990814d7cf7bde5ddd618bfd55bfbdd968e53e28f94042fafa2796b5bf2d1be612c81dbafbf90b0728b4b06fe216aab91b8898780ab06cff75be5239c39ac836dbdb5482222e61ff5971ea492c5b5ef509720fc886f8a07a9232653d427d176574c99d65244f1618fdaab109f732e1e1295391a25f9b750c9761bbceb81d316d9f9dcd555afb762191b7e173f06a4d8f4d97ab88b9ae19f6c85c361b8b5cbe91a3493cae594063ed457f3be99772485b34d3308da4e751e58a14cf7c771d8e5be77f88c7567af095caae1eb83d259cea709ea5441047ce96f0e21faf89ed491bba5d0dcc6bc33a07237fbef2fe671447ce14e16a1cae4361938767ce65ecfe0c63e1261cce5fbf603a2537d21b50c9a3a3ed6a7cf112a0586a653b43f813912a226aa4722f7edaf8dda5553efb22721dc71924aa73bf232c2439b1d806d3beaf157442643c81ce2b551b82d63cbcd4195029e2f63aef127ed4df0bffd41665d86213512557ce90ee54fcd01078a6a19085bde6a0343595f540b1ff610bd7a5a2d695bdc5e508cbf544d15cf5920b3e405ef4e10e6651c5ffff039adde2f805143b78916188fec05cadac443c93447d23bb25b0a0cfc787754a20f7efcdee5798de939b758f238f15c23f2622b8ed682378017c8f251dda0261baa33c6262d42d6365e68e85d43a46d92aaf04acee203c09487755df49f07ea1129782b1be0feb6f011bb914266fe2cf5361c377fe33a491089f701ac61bcab2bfa3bbe8bf7b0b834dba1bf187ab78fca751b57f1bddfc670c80d83c34c3461d823d7762b45ff0accc3af21b38137276d4e4d7a5d0a075902865f17f084cfa94cc28f70ee7296e216401b172184df0e060dd61be91efcdbeb03b4a6699c88a16ebb18f3e938cb458a377e29a3f3cbdaaf121e278b691c02b6f0dc790510840b3970b1f905b421a1cb376043cc7511e70e94cc63941ed0f864b4118592878538e12e986b9abaaf2ed588ad5f0e5e0851ffc29ef21aed080eb6f35fa10052f27767d0ddf3fea5a08c14657d68a9c3e6cba422d93a6aff222c40eee9f3c9fcb03a310453b616a80c48646f7d196433736fedcfc2ff4fa1a43bf9f8fc0a0660cf9f79fd0d8e106591a2319cff5eb0a5be578d178e0e184a9eca92991ca63bf1e9c5b1c56dba3c836975a74d9eb9b763ce7c5dc753cde77fb2d048e3656a15f9aa7f9dea249c4a3dc0456b64533513e69861fcb9f4348d78acd5b8ce1f3c41271b8551ba4d5754fbb123862236bc94192a5306c29adb2b0b053cd7d4deaa1be6c61f75bca27b53765a7356dd34a48437d5e5b356d48db64749243fea9b1f44e4625fe7ce820dc9f1a6022d77198e6e917cd4f5e23622d5b3b2fafd4f9be0b85db21371f5d35c7c651a616a8351a02dbfa74f9d273a0eb7d2ab9fca254bd28509b3d6f5420108cabc42d9a5670779dfdfb78afe74cd87fdf8e3be937e6c6981eb88156f5cbc91e4b92f8d65a151ee3307cce381dc189c54a29d21c9fa9f512c50dbc9f1c0ddb43b6b10d5190b8169f9e06f7c60a2103c9c3fa3fe0d1cab8358cf4ddf95d5e26fbed636b2f1f474b7d10426afb5aa21948f7486e0df5275ffa6c091c46c3868703c4e30e1a15a8d27a708b6d5fa7d123f1524c221fb93b5f9f8d87b0286de38c6112a05d1f07706923b531e335db326ff756acf6cf9a5e5352953d112a842d7b2f05d296f644b01bca413f2686dbdea6b2cc6dd8115e22d832af742eb801ee61f6b90f93d227b694fe474385125801d6eb58867c15246faa6c0a1cae0b05f104fb2e97476c73a79185796e0c26bb1b59527aba4b79db6ec99f1650898b996e068329d17b94730cd6ab79a3d77d80e5ed78eecc7d680b5425231357f24c46fd01732052eb18737634915131c7ffcdb0b48a35d8761c402ff5b56aa1a9080b46836e4a888c86d7a260fb6cc2f3b9f68d52201531220bbfe0e7b2890a390acb33831fa1126b88dceb126a555181edbfa4680cadb08d38abe00c91980ce68ab58274ec28eaa697f8a4d7d6db744d8c9daac2035d40a5eb565e12c8be5c2bc1d725f713d45a03ac14ceaf91bb1c5dddcac87553b9d22e23d738742e3bf994412ab153f66ddea53a35c9ec19c555a49ae1aea112a70ddc10201258536ba93ae0dc7fb60d51ffbbe9e96eb8eeea6878e3784dcd686fc0db4516249cdfcb9f6d880fdcf8f86cdadd23ea7455b3b7e3a0e8affc9b61be59814f8e32175c869adaf7dbb5acb4c994e2269d2657011e8751c5c0e6e97e9eda4e8e6c309e842c8ea01c20de3c5f4f6372cc8cb7cdf2b0e3519155e4c662fc8572c36d9d3b7eb3ee19e985bfab9eb20e077c20dec4172e584357cc54f9cd49742e0b31d1fed87812f19efa9ae81ebebb021df0c280aa9790d2f1acb94b38f268ca7861b1da63cbb86daaeac3a5b067c86fc532a1db230a29578563f16dee5b4267f9d474c81c9ad762216452cb3a37c8ed44cbaab2e4b9a9583b134da3a64390fe5f76946879a1757d127e6e10b3b3042de48189350d844ede16134c770dba47cf56483cc14e2cfc93fc11f47cd33b06b720f531efdd1ff1254966b68fc46645ec3b45c2a60427e69ba1d710f25571522ba90622315f9f0cad33f8b1a1053a45aa07964892621ecc9256b7c4e21716e546c235fdb618f339b55c377a30b61a9add4e3b5657e3433a6feaff5b67ef34771ae6d04449b5228b6b99ce7237996b307613d14602d76f21a58a55cdc71a1f348ca18265634f094012bf4eae241df634d7424de578eb4c4199de382f2795c17eefa11ac2ad4625be7263373de4bbe189d42fa51953652d433323b9e6110f00c7cb44e4e7df1e6e1cc421c5cc5e78eac4009824d73b4bf0a0340ebd883acb90e928f6034d6a44edee021abc40726df358ef83429351f46aaf10b63b0a5f4c68bdf4e425f8ce7c6a8ad95dc4874836a56a298f586a602ad7b33350fabaacfda30b80210432dc6b59cb807d50782399624d624bbb5e759c09daec8ab3afbff204f62f94754e377cca96b00ba4842d52d8f12a5ce7d1dd81b760c1c5392f739d91f8bdc8c290090fc6e3221ee69abd2648b6c7a818e8a0d04ffd83464f7b26002e4d5614392848205fc0e766713e4c65f46ec2f9d221e98fdeaa5c329d8a0e7481690164fa1ad829ce9dd2eec2fe92231b33415c3f564161353ea7f823e3dc97c9e905f40d693082be719aff77b3b35a832ed3fc16e3bf57305fbabfbbadea1d33ece1f05ba482d3dcc391e0c709c02c335a6289a8deb035fd5b99edde61f0d936631e21251eb65c1dc23574a7a8f9ba8fd0b6c958ee146954cdab3daf90c17ffe92aef5390b4e19d32fef469e9e60ef8ea16af6b66dab7de1d6ddfeeb602cd69d8f32e4d5f06bfaebe7f000d62abc793ad34d77d1369c63785e93c2ff205769589011208ed6affc73dda9287bc8f4d9e27d33038b699431f56285f92fd9f02e78745fcdca4a4840dcfc307bf8f1806146d954ed5ccc8a66edf2179e2a5356624b3b30f8f78839ddc9940794acce40290e5eb73dbb52fe1c633e88d1492aedc69b351912a0890b63eda0d8756a5b7c47c740fcd73a0f419fa363fbf0cd3fcdd38f0fd055627932c998421f086ee0cbe0520b2f2fd6d38fce1575a2c90fef9f81aa23fc7c4c5625d6f46fbfd02ac31cd1620a92c43b7884e4a050e5ef5bb9b8f9825a159bb0370c828519ef71090e09ab43ff2bd2cc75563fb9073eadcfd869f0d9b6986e4320b1986ce3f19a3f5dce202f8c13757726e5d6a9fc9e2b0b357625362fb873709fb307ee51bc58494857fdd3811f6a8aee0086b0a62da4e327c698e5639e373567d5eefc76e0d6725272527cdbc01a2b40e7511ac986e32bb7e48558756dca3b944855fd9dfdbb2358a52e53769817cad50af13d8a5941c41f6bd121cb267acdc461c500855c6f6c0750367c62dd32fa41595a6070e728f1915bab951e5536ff8230a0608ac96c2e19a5c1415209a3774c091174f575bc937d544d495370294aaffc5e6be76364c7a212bbb4ec7f3bd38db75a159b68e2b3075ae6bb68ffa02e6bfb42553b505da20f133b2855572b7e6f8f3de240d9ab1ff32b3d9825f087774f4932024be806b78f059d4b3b40414df456aef405d1cffb2f3604834dae38932d830298df7045d404f005f5edf81061850808d4998f6ce80bc7569081765875d908d4b6a0edcb434317543a4f5954a5e0e5b7c4da75cb369e2810e2aebf950b973ad3380bca5d0de8311e59a6ed3f01d8f7c1b39060fddc7ac1febe659626ed7ad27dcee7b3d409b9f84e4f55ceb2e462f55627857f8c485c35c9abdc2fa87c4281365790ecdf1971f3a285ea0bb2038ae91d927729f4bf847bf0fc724b002cb029d2a57b89218bd4a763ab01902b7b48cb609cf3b9ad8fb568aef0ceff20c5def1a4faee11d33d304e2227b83f3ab06f0b9fa5502b1d9c6fe2a34bf9abb9a5b13928800149488cead47e48c754c75a061d5ea8a515f7f55611b0c048b88c9772ca4b1eb3d6fc931801990f1611e9b1171223527dceccfe8cfd72600a88a8486e088e21c30b997af1b60b55bc5443cecb18c2dcf54dbca3ac34f10ad2be9d755679519bb674b42904be579df62436bcf06de4cfd636d592840d674d11195edeb4dfe61370e9a9453378957fdecf2115ee008224fb8c97fcd051ddb1ed8d0419b950f2cd085bf1debaafb2a46cf65be863939cffde741797fdf64c17f3b447464be0e6bb90324c4c65b3cf66958a15d537a1675dffbc4e41f7a6c92ed27c5ef0dd0dcce6f96225b4e0ece510ce00f9611e395215e116026499dce3417cee3fbde0106b2a6fbd5937423124f6549c2206afc2ad1df5bedcc5e1371ed2b9f09f76576589450b09dd990811c59c3f848c1a4fccdfe686968903edffbc010eb73f55ac5a675fa3db70db12c826c8b7360617d8abeacefa6e2a8da62e4f304543cc9217fe1b0ec4fb044ca849802c4a140b91cc056d566c8670e4600941a54b2eb8643ff206c3401c0bd9838a025545227ae3e6bcb47fa3dcd1b40d8a0917f63744fb1ec2b72211c6cfda13248b2d0b4232e4fe7015cc42d4928f07ca9161640102f22236cca7ca3b81ffc81c4ff20532b5203e0d94771b8d0ec70e637135fdbb788fa8b4704e11d3c6083a45f51efd8560c0e63435516586aa82eaa998c140767d3ce35491e301c12f74583c61cd4d2ef1caa6fea3e353637cdeb3332d964155c9d32f826829a7174ab06c44e32063e46ce742b7027cffb8999302b602949c60496a0bf3c7cdf859d4ba51102674414867af614cffb88ac177dfbdb6131f7370dcb851002cec1742fb1561257716850c9ed3b075a6c023bcf05b5d580ac8e5d7ab7e5b1723212c681989e5f91958b635e0d076634584920c1b98d7f6ea0ddded6be9eb74de778b3c57c36b18e0c56c3a051014e09fac70ce6a7b0f042f5eeca8b8885e500bcb41f6fd974e5f6888859abdf3600706a3de9fce060c3069600c63106aff24210461c5d3423fa4e350041fd166902ad86bdba8cf965917f7e3ab019e1911d8013dad576465319c4e04b89b5ee1d07f54705718592d6aa453558294743daa8dba33159fb0e291829ac220562b007597e067e5f65841563673b69cc1d549f50e9efbdf256d797fe8c7d09596c167a45d", 0x2000, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x18, 0xfffffffffffffffe, 0xffffffff, {0x4}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
writev(r6, &(0x7f00000006c0)=[{&(0x7f00000005c0)="23ccaba1401d36d3d03d682ba47a8c2e0c5a5a5ed9131f73330e9e04295317ff97adac5549724581ef66f12aab8672659fb2b2b1f47546616b1e6f350a5bab3e49c7e52d6451f736cc13dbaa0792b73eda52278a769ee442ffd157512eae59b17dadfcb93af0a51fef7706dcd70f7d06e5409833e8cd578e5f73661abedacab46e02d12fbe7c3d9e54f068e26a20d338e6cc8316f6ad768c9c3d411dd535434386ccf1a972f547595740eac2b50108a4c2a264267ca6a64dd01a046829db5183c4d36dd8df2ad10f92dacfdebeca046a", 0xd0}], 0x1)
close(r3)
recvmmsg(r0, &(0x7f00000002c0)=[{{&(0x7f0000000240)=@caif, 0x80, &(0x7f0000000140)=[{&(0x7f0000000e80)=""/4096, 0x1000}, {&(0x7f0000000000)=""/49, 0x31}], 0x2, &(0x7f000000b380)=""/4082, 0xff2}, 0x9}], 0x1, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r7 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000200)=ANY=[@ANYBLOB="1201410130f56920ac05190272f00102030109021b000100001000090455070103490200090582030004"], 0x0)
syz_usb_control_io(r7, 0x0, &(0x7f0000000580)={0x84, &(0x7f0000000340)=ANY=[@ANYBLOB='\x00N\b'], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_ep_write$ath9k_ep1(r7, 0x82, 0xfffffffffffffedd, &(0x7f0000000000)=ANY=[])
syz_usb_control_io$cdc_ncm(r7, 0x0, 0x0)

5m22.231156544s ago: executing program 4 (id=4719):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000ed000095"], &(0x7f00000000c0)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r2}, 0x10)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@remote, 0x0, 0x2}, 0x0)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=@newtaction={0x6c, 0x30, 0xffff, 0x0, 0x0, {}, [{0x58, 0x1, [@m_ife={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x3}}}, @TCA_IFE_METALST={0xc, 0x6, [@IFE_META_SKBMARK={0x8, 0x1, @val=0x5}]}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x4)
openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x40042, 0x21)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000340), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000a40)='./file0\x00', &(0x7f0000000000), 0x80, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r5, &(0x7f0000006380)={0x2020, 0x0, <r6=>0x0}, 0x2020)
write$FUSE_INIT(r5, &(0x7f00000007c0)={0x50, 0x0, r6, {0x7, 0x1f, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}}, 0x50)
syz_fuse_handle_req(r5, &(0x7f00000041c0)="412e450a2a7b9586d1e6e9de257afc4fd60c8de430c0d6348b2cf1db8d070a539de9c1e91a178f9240dbcfe303566018f6c20c55d643a2ed46aaacf49ca491ee2f06184bdb548778a2c56e56f6b40b994419428bbbb9dfa5f9593511ca8ae1c088fb0ee5da72f505000000000000002c04754204f194ae6ceff4570d44496eeffe619998eafc7167d22e1c6aa73e89ad19224e35130a37cf68d5c41ccafe59b4b753a26e06c4306d31d78de6cede97c06e3ca2cc4af66b7548268efa91621ffca2655d2c8f1a9bb019b88fa729cb3d32f72c098c44898d42c42f39feb4faead93980726c236129acdf31c01f1cabb5ca3ec4e45eb5e6e59912792b4976e3f2b560c861d49b539d8e1870040a8cf190a8a767ec067a8048aac53336b44669d3d425843ae80681a7c02a5d5a3d90f355fd4a6ac277e75230d558f0df20cb323cc65e9b5a258cdd669c8a9534e4aff09a8fe89b124748c9e756c28789c2152a5142bc0bb205e339d43bb980b3f04a3c1a424a2a093966b20600a5410e0528fb35937c998eea19f01eaf2f39e16d85563a6737ddab3213ca1832f0afdf891e34a582f6a4ac81fda70ebc3fedac2fb3a492fdb40b91021e5d371d990064cd1f7c2c1a6472dec7505f9a4940057a3e57fd53aa3cd2eb914e073a19b6e925f8553e6875c093c7d19de25861fd9640f0eca4cda0467f12126daa2e0c6df7d4e4babe5a6e59e8391be7700790315b6b8a8aa74cd6d3f054aceaeda79430676b67fe25c9029e0894b413377fc4d8300d9f9338fadd07e4c80cac08113df8971a868458c47c06fff0c1c4bfd48ea583e9e76ef103d42c233b6de10b30612cdbeb6b60a6a4dbbe2da63cc2dd4fb93cac65af3c1279274f4af0e2c5b96e6068aa5b41f7548fb72b0c142351f64446db7425115b89132b5589ee642ebbde655adb2d7d1117456a6e4f2886879b42baf85e05d53e2aceea9c3830673bdc4d081675fe76b994651af9c3f16b7513834fce4654f84558a8308fa677d05bffcc893d9813bf87c5ec520cd66ad58dc06f0c47d253cd36dfec82980fc8dbdcd4b1c037c2b30bef455984f3e8ed19d69e185fe4fbdda2c2517ec9abfbb4841252e650b6bf56fdeca9a4ee3c311de3c6859ec14cc00e95323c57c02fa894d83ea17944f3112fc19a7e11335d7951ec6dd5b4f06fb9b637313a230341ea5da6a7a959e707d0cd5fca60a6649c8df8d6c17e9a49d230e5775df14e4b43aa3420bd0b8814ec7360ab1910e69fab8932f7646d7998bdc2e8ec354c52da21ed83fb7582cb9d37bb95f144974f72c7b0ae7b42945768fa8ec0dd6daba72d05809670506ef1054282201b00906c8af64e3e13a10f180688c96549b2d3d6b04403fd571e7b132891dd4b7cf37aec25ca1e9190c17aaefbc31e059915c12c232fb7097e9fa6f35fbb265c7102db62e2264590c583ea90f1aee3f166af81430d9084eb0c760ebbb16049c9fd1fee6ce33c8ac205e3ac9c275531feadfa4054e0c027c26beb009f54aa72b864d39bb11753f77931bb960276db33021c65671e57b3708bbf979be222e8439d71f58ca87cec7a054517af398a42735b580717377a54f139e2c46813cbb03d98e49c26f4ed54d75e48573cd06145f913f4e313eeee837496dfff75aa722fd8486c45f9c959da12ae48ba4a10712120a203e2476c7b96031d8f8773f68344e6fa21831287655aabbd594e9f272eb1a7315d2d79b8bcd5e63004cd106f80b1e40a5d9e428a01bc58264f4d63c2ee9db6efa70607a642aeb883bf4b9fe009d7f09c16b05a2c9b73573e9019e161ebbdc1fc9b9cd0c5fe1b57adcba2d0f3a767ad59aafa159b3dd181f0601ff95e8af8b5410e56c81ffb8ab35b1e04af35dabf69f08572e69260b72bfd502c5a0de627fd3fee44bf1d4a261bd356056c5739398e3ff161beec1240a089625daffbc61dc5e660c274565477a0ff1797fefff04a98704802ab0674ab72d400686229608cbfd2ca20f4e62495e8b09de9d180c47375bbad72f4474b67d56104b4b466192be60f7aa668fd0a4338b856f114311842ee806d6488ab09098ed9de0e21bcc8b42a5d5713d15eca108fcc7a65d6b414a112524a6e1418644508dd957147a92d4399d13faaf01cacef40549cd11900f9aa32a8333f55796ef25d33c554a308da9797cd0ac25888311b0ac88eff0be7a36ddedcfc2b095abb4d5a6a4edbbad67b70cdf60c7ed0c5e040ced90edb3322ef684332358942ede9191b431c99b3abf8f9c50206479f0ac118c0a99df61fb9c90d846f41caa6a2448fb7e15640965e051c2af4ee72a5cc7c962bacff7019615c10e6c3054e2e5792df3aa6e2c33425552148466a88568cc79b6edebf0107b7d3d24423a665d20c3a1c0f1a6b34eb475bf875912115914cfabcf394f8a096d64e5dc95705074fe5e985497dcf052b9f748b9d4688859c0200fa43719e4722ed6c064c0efa7e07beb2a26fd724b63537fa0eb506365d5c029cd8dce7dd0a1cb9d9058c061739734af6be9e880fe7e28a211a4c368a7babd1107110ecbb384b274cc092b9511c4abde2ddd863162e2739984a9f3c0a76e3c530a27d5e385f4a3b87607b2a944e09d28239661d27719e22c0a657ea383c30859ca29cdb8fbc79bc83e995dcb361743a7e195650c37e570b768a0a1f0b118fa5be9b3c838326343ec5b376d5ee040ee29dfd868cccf9cfa4591151f519cd6e2ae1453a58aa92f90ee5be11ceb8511ab743f399be0a190eeddfd112336866831c3255ef6520d88b2581ea3767f3df01a38d9b4656f2a89c5df41443291a795da45c8a846015cd041bea0dfbe648348b10ae73ce43d9017182792cd9172eee642c549a530cc1f537f9aa70ca63792ba4a86a713ae09b917136e5bf1506ad7f367d8d2f77f47a2318facd109bba9b1327b5db9e4aeffbdcf414db761eeacc227a15cd72aa52c8ede33bdbab9de9aa1e8f470a388013d07f08777e2131bbd4856ab5c1c38d03ef407197ccf24e8b2a8db69e78f9d6623033c453541bb79f9e0be9a55588e2e54fce65fb785467064a146c4bf218068b5e3efdafaf93a98253becaef226cd79468ff1bbe0c9d43877f5cbb5844fd8957f15d3ef208aac11816585cdccf039c36b429d3d7fb634054fd0f09c8abea3746a6b7379142abde26d998ac7e39b94746c60c09f86ddbd7497849d1ef839730672449f35a3c3253666e9fc053ac1c518e44e0b84555be507f7c00fa9e4864b4bf40ac3d93f12001eb780a779e655d0633803268c094ae161a0efd652003d6ac47f9a6c28d866b56233f371627b01e0fe9361dca611a28841968d4e12cb73d49ce08fe25de4a90b2d34607202b20e71f5e1eed38e17d0a2748f548cf61735f4c9cead1cb93b11929d906d65fc60f88e6919b7b5a1014e6d408bce9c8cc832eecf9147708fe451891717d2ed99dee70773feaa97985102abd3dd05c904c28898afe060621db6564887bc4afe158fbe1d819136a1ac1dc9d8674798a93daf5255460b50c34496205834c668db4c764e76ebb6cdaf5fc44b881cc2ae87b4a7cc045143f96b1620abfd0f116e673b335beefdafa1e58d9194e010cb78956044646da5ba853ce981667f2b8e5001c2df437c9d597ccd2be7d2887f5cb7aad0539abb3f9db1c8f5cd4d7d831946ba1c1aa8737c114fec1ac9a82519f57cb48c49b7f62e9eaa89f448df33fb307cd0036c70b490ac340f7d04e14f32bfeebb08a9d5bc7bbef8f231ea09311d4c82cc55c90eb53c6c003cc98a34dd3c4ec2d8b3a655a78e16e908f368733d0a02b36fe963e2d80b5e6f7b2e3aae3013c900c76e4d56e8348bef221f8a642e692c23b12520fb68c793e789eeeceb4efb2097a4d5952d144094cd7be6edc933d257f6230e962d70ba42e1b07ad9eca0ccd60d3d9a6e06b73ccf96a8aa490ed3bd58bf4d79db65355ae145b54be004e464f4dd23fb8b1bf15e13838116083da67186513652608e37c8f847b2bcafb57bcefc7efc8c8182c7d708cce5d14695b4e618e77f8e7be81f27a05e415fd37ac21507a665b2558daee5c0b0859fedfede8c03f181ef5e0ec0da6caa3edf402dd73bcb4026c489a7cca8ab700d3e9f050006c36768a16e8a48e48ed5750b8cdb7ad1fd12d4cc8333d324d6c83905303fa7013fc02553b587544affe38f1a95e0c4c39740d63b6d387fc89b30bd5fd745cb64844b13897ccf5cca135f7d39e03ce8adcda919d86b25b52764b0a0c4f07f88df68868415de13863df84a7e8d355b09cf90e482eb4174fd01f1b371a4dc52f3c89fc3a70c71657aa5d7573ef9acf4d2b0b321c41ff2640515bb43637ba2288ca0bff2e2a3a998ad8294c52f9edfe0a4ee0a3f8ed5b4b5c43319bb9c58dd07ea3237d7bb62cb086e7ea4a81cba2cdeb28794a09c275a704963110b64720bd089e3737ee1a91e348b5e97b63e1724de1fa9f49961d653bbb47b6fa993b035cf59659bcd0306180645162568abf51127845cbe6e37cc3c19b9d69657db4258fa5e8428a73eff6506bff474c2e302ad5559ac8de44c6f0baba5e2e579e7d7f9d9ebf540674432ac11d92bfc9abdc24126888b533f43bd6f293b0bc315915743114a35308a0ee2e710522137918a2b09ddbbc7a2313a2a6b85a1ad26f14dd70072651c8300ddf6de29704b716ce1bc431c66ccc96731f46359a9f6850976c96dcb5e0ee47446f50b6b3ba90d45224066e123ad3854d877c0cdd9325000ac0d6813c30cd43d3e150335601724ca3666458dc4c04f6562296982353e155d5255c9008c0b46d21a678c8fcb3aa8d6574476e0458eb0a76a6cb50f929ed218cc4654cb4f95fb3afbc2548b74acc312563375a19e55d488599488dfed4dd31b39f29ad61dad343dfca3b45b316a34e7a7bebd2b0f562a9e69848d13fc80a4fa52d0f17bd15d9e1fd39a7dcc86128d14493805d105a745673bddea68ca74ac09d95cc7412d5be2cbd0a247a81dc9e148111e22cdf3375805469226ca3538f960a6ba6aa0eeeb87c784ffb1bfc09180a61be3c7c535fc6d593c3b3f4de21b8c3eccc9021e80fb07dce0aeb3b023bd55f24356f646791ba80e5ca21ac092a069ae0a22cfefc08c23cc7aa69b570bd17cce9de15871d363f167288f99f04761caa67f12c949466493f661d39ee4280c955446ff5a9bb14f2d1ae21cdb91a5868e0c52097cf380f571935b140562922763f1b79c3709b949c57a00b08828ce9e685f6b234b5fe3c62d9feb249ce75e81f5efd556c14d5da24dc0554723fdbe52659969a39f470e82c50c4777c908628436e31177af1125d5f70ff627462247e5bc20c47ef75f369174586d43d42f7eefdd47fefa745badebca2a881ccc018ea411cc8a7a0881422bee8704bb98e6bea9fbec63441fb45d7ccfd436909b57a2b60b788e15bda3ca7663b19bd84d0879deb639f10def9a99d42a4b9a4fd7fecbf6d2e7598678307ba9a5b6f143c27cf1ca41e3c904007bb762cd5df6e63c4cf422c2ba959e53bd8e5664cf5df6a91a4bc8cebc52b22f30060fcbc5ead53d38eabd160c1da4cab8aa95c3640ffd78074aa2cbb05cb8ea90a0c95a4a1b2be1ee94f238000f1faffa069d87039f13f5f84ff368aec5a0b10020232b9fc954a6c22573ef48459e574d48a4845837e1d6ef386738ccedd093d4d5bf3a3f790c875ba7449d03397642feb71100f2c25ab2cadf0b0802544a2095a51b19cdece623b17d420b173a99c081f8e229b6de3c680d6bb39bb98b479517d77cca581b81cf856753a44ebd64cff111fb8ca37ea45d217a3fca44a083e6c35b0fed9f8f7631178d15e88f86c85f1ce68c900afdd1f7e5b8bd4ef3f58c447b77d3befc49180df7a5eb2ae8ae33b4ef573f3a425da8a60cde84d8eeae6d6399b9fbbfa0fa8d448b25c7f79b7554d0b02b0decbc74ae8560f630af596313fb33d442a410061ace0aa7a440d5e31ca8bb2cc495c4f0b672edb011b0c5f16781836df7f4af8329143d5a1a99d7b18ef9f774c4199d635848cedebac82637a03a189c65bf667503737c75b6639ac65ad424ca475285437e6f19830b36549f607ffc387c8b11a34a838159376a6335afaa045bd2bb04e279dd72436331d07dfbd72e2436b27f0df23a266fd15cf56d1a9e93aaac8901cfe49a3219ae36c5c65c75e5c708fb82cac4d6a50726509ec3a7d32d54cf584ae353a5bff75a6de77a0b240cf8a0a72817c9d37699ca89c96e0e0d96a7665ac3a7d1febca1a1d79e2cbde8025c271360e2f90048b2d9fd56f45c013e001dad4b7785be69dc01f8a954ef7a84455986fc5c9d5167d91808efdb4476ed79f99563d887cfd4e99809d9e388501dea228cbb3cf3770082dc566455251fd9c2c742963c33500618c6ec99e0bef007408a0462a081237be4c6e5db0258d4be5fc9cf63fd1ace1f4166c053b0fb84fe24917da1255cf40bbb1b45644f6a7699cf802a35a932c374b1d62013e6afca3787627469994c02f622ab877ed5491fc2a89eea60e4e1628da89e3ad600ff6442e4ebf20e47304176b6a1703c094b3cf6d7fbbddd8d8fa5a00f28b4d8f43d88487e9d4531071512f2027198714a8d1cef126775547fc74f2a35840510f325e50361be76557767560055e084f2ecaefa0dd8ca8215301a7a887d2eaddaeb1f5c3dfdbd2cc1ba5f02d4426b98c0f861c5f724405758f442560ea6cd1d953456cc4aac6642ad61c03dbaffc2364d8ec2ef9f483c70355139d1fbd9617ab3c7eedf0b8963c1cfdab769180db43c416a90d9fdf3fd0eb2f81187642b4e2a09d6462d27527fdfda31f7b262501749dcfc6c184983f9923424131d05cc811cacf5c2c87e8e6f135349e68cde0e8997bf1dde248e5124d5dca2681abdbe58d327a8edd585821f03fdd4515728f1336495ba25c9bba56a3f706d60c35cbd0b40d0ac0583a981f9af08510ed8ed0a726e5472f8995af3837fbf1e89587633d2ef944868a153919165778e963710872af12faf96c0919c638e5affa97104471ba6e178d27602f96b9546ebe52190d91be245be08742b96389080676a566d3229e593e4f56a76ae4c58113c6adc1088703b1b92dafe32a5600e14ac1e71df829dfef425911f16a2b91f693599ecabf93065c6c4f5fefca8d4ed095599113529f65d9120d5252f577af95b404979508c343df54e4d239720e7d3a861f1dcabfa69e12d655c8a026c10a4df279b139fd222e561d205ac9b45c1054f8699eca594fb23886e0de565186597766dd5e40f74a423d5708dac254f4172f1089270988fb18715813f13ee4d131b64dd517c7e77f27f804b229f5339ac2f483b14739ac33a9645044d3010bd77ed18fb117f7b11bb51c4ed683b59e28bf25a58f123dfbeb1f0f21f03d9b57d8e61d59b311037a5b757b03ca5c95e0eb73922c6918530c99de4d6733640f2b8d13bebce31d4f5e27aab201101e48cde23a0d7e87b9511949d812e3187ee5ff11bc5858c022ed7b00790eba32f9ef7e134ce5f73a01269ca971b40e62133eca9d596a768686d6390b2c74602f6dc597faec3ed9d9658102d99c9624c1a97d00d63853578afaccc7e30a77fe054ebc23eec45f608f996fd015cd6bd50a111360f0790eff6ffb1ea59d13c8e29480bd96217188f97e53a1f5d9eae0a2badb4fea52f2bb4f8cb04d0afd99e7371a978a7d7ef473f77ea6738ff84af655313a12db24cff692ec7e282245ae9a42338db814593448f7115df3dc3f4e2faa2c2fdbd68f679d6aba01a15031347bb17d8bf8f1fad0ecf365e9dcd32e69803c5c05f4b47adbf8a21af7e9fb327f267df1c914486389a9820edf0a03bde6ef388c255761e439b2f7e1f9c1c3c95bd30c502197ab37f76b52f0d0675f366e919be19329853767bba34a540fb75bcdcc9596a4cda254a660e11bed5af9d8646ac4b7d6d7aa5d7c0005879b6d08058a56c3d3a4d3d401b883153fa7f2f6a6d34dd010f6b9e7b4e457b9ff5a5802d7723abb35f9dca0afc10f6791824dbe0a7725d534e7753445b7268d90145b6438b93fc475f44d5d678d79da6c5770f3a9106f3cffbabe4b88cbe7eda9b8a495be4f6717b0fbee6fec78c86031b6d878d47e357b2089de3e6dd19a265552553d1f7da53884ef84d0eebe782791c48a9c68a28d8ea3bb70c922b01dc20b2cd05cfb276e326651398f766f5faaea54a41da597cf6b50f3d5ebc634185b99069126b8d935c6bc42c47f2109de42091ef4ade3d87cc44aeb78709255501e64f34ac2d4b2725cf7777315f8ca9424bc9d61a896a93500faa6cf5a5aee1fb888e17b47a38a667be2ffa3bae46afa88bfd8b5b6e1186d6e41b9a4e490591043372c23f36fb48d80caff74cc349adc92bb25f701738c809ccf74c47afa193795ee67bc58ea7fd85542fa7e70218490fff212163401cfde016df2f42496bae403d5391e53fe200f758bbcdead0fe72c77861889b9632a257229c35bdfe8fa78375b4f5c768b9c60cafbde1f00aff6ca1879f6472f28001f5f13d4d9d6c3a90e04d8df09873550daa8262d39efbe96a79c697fbcc9a7f27c9f6d782d5d5f6d024b291376e9cc40d902f809072e1f0f2c2ab88ce3d074e88461f5971853e7be749943ab6e25e25e8afa5042dd73407f49b50841c7782c54eece62ec2beef1f16caf1ca5989427bd2726ca0fee33e303702e9892e4382e92c3f3a03a6188f39762db81819c7e12b424be8fd964dcdbfbac00139e8c5a6200506f13f484ac34ef3d26e7cadd53cf402117419c1618205bfa5382486094bd55448f2b1aa4dbec2289189b601b1bbf5792b2a641c6f5dd19cf24abc72fc5264cf11f6b44a4929267a02cd1de1b602b9de65a6c06640aa0f76109baa90d66eeb17295b1711365b7d6835a2dd55b7fe868c59453613240643c847a5b48d27897a58dda63e579c1bba58350550e147b190f0a2c9a5ce719d627ce3302028b4b6801bbfa8cd74874ffba35817c0eca034d19210950796807125fe6065dcd47d7c870ed2db5c00cff235e4154e2d89ec2a09a87551f9b7ca25d519b5603c0c33d2cf72878199ffab567fc5e093529b89d1163587f3564ba8291d2d96cf9762e7f568e786ea90849f6312c1a10f45d61600cd45c48e6870a7d76c913f9c4497374fc04401cbd11f7710740148234fe8f041f24d0278fcfd48846e6aa49f05016fc332dc5d46b4a26574fed5c0751cebb9f7ab4cdbc1ee011d82d6ef95c52c9df8eedac3ab5cf30805f23d88d4f707601f8e6c606b58f2fe234e948d6756d430a5c4ec76a33874886c8fb484059b47a9bd198a61a1896419288a9e81d0969dec778a53e8233f0f63bd0134e5f29825e7817e7c8ccb7d9acd8f86ac9d3af78c43df3036d7934dd294f2bb12063bee52c547d27a218145befb0ca96cbfaabd39fa245b51c39f4cd4cf8db105f9dc46a7aaa8f7d06fa208120ce1ac49326179618fa2c8596c44e174eb7a141056b1d17689c10dee089c8b0867b8a757ae12251bbd68db5fba2be341275fb6ee379309f5cde9b31242b0b2bac44da74776fac141936bd96e3177161f057c820a8c22cca8cce29b158eb55aed0260253fbee70a6dd281d9fca23e0b0a38d46c76a95e1262f1cafcf0fc37b52e649a1ba1e2c0f97d10bbf4d2b5632cf340bce56736071d5885ec9b4e17910744d3e63e2ca6deb21e43fc21e89c6865d3ad424ef4a14efe8843ff3168c99ee395400dcc8755719d290c567c95a5e7d28ec1190ceee240084d444265cc801cd960f69b368359bbf06b8a4ec23b47c7bf9d4b16c701a1c4fb9e81abb55bf49d450b566ce03de939fc6f5c51291380086f8c995cdd4fa15a325601c4846a69f15c77f55c900270bc9ea5f406480cb0e3e89bc869fe8b7cec4fbef7e76283d50c25ab1b4d34d093a7df062990a925a9c44aa2661abd7d381a4d6cdb64821ef624dd51b72e99af914bca2f80c25b82ac6945df7c7582e6d0ce2cd073e35f1fc120a68ba210410db64592a9aa319b30f2b818c495750e1cea0610e27d52be31e52e501a3bd51b501bc51c2ec8592f679b6e55b9aa58d513fd2bebadc83ba76eb45e5676f130193e9a666b8c8132c9f5141681fbab324b555c5c890d488ac2dd00feead0a20fbd8a46391438e3193edc6fb89161cd864fca98f4f39a2893c933dcd13bc8c5d5a548d24862e8161c0fad7f33aca8c86791d620815fe3f0daddb5defd933d0c10097a7a98e67625420b6c0db7c3e17ab07ea64e6f0f53fdc670799e06a2e3a871d6be363a2639e35339361311e0f528cc433eacea4f79bf217108c7b1d657840253ffdea18bdd1f93cdee63e7a9b8dbcb4ee06162b253e09ea0641f2771bd9823dd210905e9ea495f43194bb471cdeb690e8890b03b50835d53dde1b572dd123ccc8507bb57a45e46c0efb8fb3d5596bddf9782d86dd911636eae2cf64b5829cf8893faf789be3fa22859accf688f5b5da6c29cacc96d477e23b63cc934f685b6e42e1655c9a9b94d6d78402de22b8d9776e3915391aa258e57467d770d65480ba2f6a94b0337965a8c659c42b4e90b14da4697d0c0a6d74774c94c52d8ecb694eee747bdaa6c3a6d60739db18c6446090eebba72e62ab88b0e8b88e728ba8cb133d8524eda89a2bff1c8414da3edfa6f83788331c8a7e5a8af2dd3682d4752190a3c689949abdad8350111373e7fb46151f54a10f79d91940e37efb05f9f157bddcfacf018b65a38ab614807c34a2786af4a1d48c4d1c1abd31815715f9d1b103992207fc664f12c82fd923c57d8e7cfb9f4af55182318d055c704865cf484206d60e34cf7fe9b6ce60b1772c5c7cdacb6695227d80da18ec1f98a434b1aaf9c6b6d082f5663aed2bf267e559dca6b93d3ce34273846fc677f529690482df0a8f782b8ad7269f344f5f2b4d320a7ce2d2fa02284f8db634dc930c3e2b9a629245364acf35d41e9a14c88efde4e742ef1ea4b43d0caf2e70d4a617278823e6403934524debbd933e7676e441a48f630dc8bcccd55d9032d6bf3dea97d1669c39fb865b0e619eeb3f5461e517000f5aee3ef2abdb87d3a76b88e140eb4644a9fbddbdc9e20972cdfacf00bffa3a1ca5f84122c2ebc54067cdaa23967eaeb7bbbfe44e5843382b834fae1f62a066688595e4ee67c7ff9858672355abf7893ebeb4bcf88a62b2237c6e6cec9aebe3f28bfc310ced3a590e88d4bd0f53289206deb9addbf6f3c02115ce4980dadfc112683ae250c2d438fd9c0f2a090dbf122a0072828db798bdb868dcd47384dd3f5eeebc0307a5b268683cd51f312e8f02b5a7746b11a97ac43287d9b9765f03c720503cfe6e0117660a4c00d67895224c4d42b032000a10d7a743054758a8f54941fd5eaf72498b678d1579b3de4e5518f90f1e3d32517d09d7f5da9d180215e66218e9dd64036819cf12638ce82712a6cc79a9ddb36e86814b797d72c2bc58b18ba439e99965f745b4fb7de2878e3186e3e7b835c746b0935f6c67e92e3770bd8d5eb4f66d8175ceb7850e418c55e574db891639aa77fc62bc45dcb734681ede8484d4d4109a9adb8c3d00", 0x2000, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20, 0x0, 0x0, {0x0, 0x11}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r7 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x20d01, 0x0)
ioctl$DRM_IOCTL_GET_CLIENT(r7, 0xc0286405, 0x0)
ioctl$FS_IOC_GETFSLABEL(r3, 0x400452c8, &(0x7f0000000100))
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000012c0)=ANY=[@ANYBLOB="3800000010003704000000000000000000000100", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e00010069703665727370616e00000004000280"], 0x38}}, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in={0x2, 0x4e21, @loopback}], 0x10)
r8 = dup(r0)
write$RDMA_USER_CM_CMD_CREATE_ID(r8, &(0x7f00000004c0)={0x0, 0x18, 0xfa00, {0xfffffffffffffffa, 0x0, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(r8, &(0x7f0000000440)={0x0, 0x18, 0xfa00, {0x4, 0x0, 0x106}}, 0x20)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r8, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x0, 0x20}, 0xc)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r8, &(0x7f0000000180)={0x4, 0x8, 0xfa00, {0xffffffffffffffff, 0x4}}, 0x29fdf)

5m18.492512329s ago: executing program 4 (id=4725):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
getsockopt$inet_opts(0xffffffffffffffff, 0x0, 0xc, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff})
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$KVM_GET_XCRS(0xffffffffffffffff, 0x8188aea6, &(0x7f0000000640))
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r2}, 0x10)
close(0xffffffffffffffff)
socket$packet(0x11, 0x0, 0x300)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x4c001, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_type(r3, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_type(r4, &(0x7f0000000280), 0x9)
r5 = openat$cgroup_procs(r3, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0)
write$cgroup_pid(r5, &(0x7f0000000c40), 0x12)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r7 = openat$cgroup_ro(r6, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
ioctl$TUNSETVNETBE(0xffffffffffffffff, 0x400454de, &(0x7f0000000080)=0x1)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0e00000004000000040000000200000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000001000"/28], 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000140)={r8, &(0x7f0000000400), 0x0}, 0x20)
write$cgroup_int(r7, &(0x7f0000000200)=0x1, 0x12)
write$cgroup_pid(r7, &(0x7f0000000140), 0x12)

5m17.644681065s ago: executing program 4 (id=4729):
r0 = syz_usb_connect$uac1(0x2, 0xb8, &(0x7f0000000100)=ANY=[@ANYBLOB="12010103000000106b1d01014000010203010902a600030156c0020904000000010100000a24010101bb02010211240601040507000a0008000300020005052405060f0f2406020504020002200a000a03000000020203020250800009010d2406050203078887000a00000924030101010505"], &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000480)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x20, 0x81, 0x1, "d6"}, 0x0, 0x0, 0x0, 0x0})
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000840)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x3ffffffffffffe, 0x9}, 0x0, 0x0, 0x0, 0x1}}, 0xb8}}, 0x0)
syz_emit_ethernet(0x7a, &(0x7f00000001c0)={@broadcast, @local, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "381f34", 0x44, 0x2f, 0x0, @private0, @mcast2, {[], {{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8100, 0x0, 0x892f}, {}, {}, {0xa888}}}}}}}, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000640)={0x44, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x20, 0x83, 0x2, "81f4"}, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f00000007c0)={0x84, &(0x7f0000000980)=ANY=[@ANYBLOB="201532"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f0000000c80)={0x84, &(0x7f00000009c0)={0x40, 0x7, 0x2, "facd"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$sierra_net(r0, 0x0, &(0x7f0000000280)={0x1c, &(0x7f00000006c0)={0x40, 0x12, 0x2, "00a3"}, 0x0, 0x0})
r2 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi4\x00', 0x44041, 0x0)
ioctl$COMEDI_CMDTEST(r2, 0x8050640a, &(0x7f00000001c0)={0xae, 0x80, 0xffffffff, 0x0, 0x40, 0x1, 0x1, 0xf9a, 0x10, 0x5, 0x10, 0x4, &(0x7f00000000c0)=[0x1, 0x40, 0x6726], 0x3, &(0x7f0000000380)="9483a467cf4f7ef292c19750d5c88781dc756696592bdf3ddb847da856ee6e20879ec1c0557562fe15c25ec6d4a448d0c1c7d57d5686923d8ad20f3f064a53e7c7de9c99fd72ef172fe379151589a773ee4551cb06914710c54dd256435abd5912d81a65d9ece1f32de80ea77f2a31064af53e0e4ecdee9dbe23b922fc9308ce3eb128650a1c76e0d2b08084efc15197330ac99d1a2ab34b147b5437db0f63202bb17b6a4e57c79b8c655d51f2cb67b858b7b432a38ae1687f1618d7174d835e7d52b82a71c636266999da322d644364f2b516b8099cdc99c0c42d1b75ab0c7dd2e2d7e145b8d0aad4aff441a9a80a39ebb5c0", 0xf3})
syz_usb_control_io(r0, 0x0, &(0x7f0000000e40)={0x84, &(0x7f0000000180)={0x20, 0x39, 0x2, "e78e"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

5m15.895584547s ago: executing program 4 (id=4735):
r0 = syz_io_uring_setup(0x2cea, &(0x7f0000000180)={0x0, 0x7a71, 0x40, 0x0, 0x385}, &(0x7f0000000080), &(0x7f0000000240))
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r1, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x2}}, './file0\x00'})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40086602, &(0x7f00000002c0)=0x20)
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x0, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f00000008c0)='./file4\x00', 0xffffffffffffff9c, &(0x7f0000000900)='./file7\x00', 0x0)
io_uring_register$IORING_REGISTER_NAPI(r0, 0x1b, 0x0, 0x1)

5m15.824157268s ago: executing program 4 (id=4736):
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
syz_emit_ethernet(0x0, 0x0, 0x0)
syz_emit_ethernet(0x74, 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x8924, 0x0)
r1 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000010c0)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
getsockopt$bt_hci(r1, 0x84, 0x6d, &(0x7f0000001100)=""/4112, &(0x7f0000001040)=0x1010)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
setsockopt$bt_l2cap_L2CAP_LM(0xffffffffffffffff, 0x6, 0x3, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f000001aa40)=""/102400, 0x19000)
writev(0xffffffffffffffff, 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000180), 0x40400, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={0x38, 0x1403, 0x1, 0x70bd29, 0x25dfdbff, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'veth0_to_bridge\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8081}, 0x20000014)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0) (async)
socket$nl_rdma(0x10, 0x3, 0x14) (async)
syz_emit_ethernet(0x0, 0x0, 0x0) (async)
syz_emit_ethernet(0x74, 0x0, 0x0) (async)
ioctl$TCSETA(0xffffffffffffffff, 0x8924, 0x0) (async)
socket(0x2, 0x80805, 0x0) (async)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000010c0)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10) (async)
getsockopt$bt_hci(r1, 0x84, 0x6d, &(0x7f0000001100)=""/4112, &(0x7f0000001040)=0x1010) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3) (async)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) (async)
setsockopt$bt_l2cap_L2CAP_LM(0xffffffffffffffff, 0x6, 0x3, 0x0, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) (async)
read$msr(r2, &(0x7f000001aa40)=""/102400, 0x19000) (async)
writev(0xffffffffffffffff, 0x0, 0x0) (async)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000180), 0x40400, 0x0) (async)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={0x38, 0x1403, 0x1, 0x70bd29, 0x25dfdbff, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'veth0_to_bridge\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8081}, 0x20000014) (async)

5m0.509886117s ago: executing program 33 (id=4736):
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
syz_emit_ethernet(0x0, 0x0, 0x0)
syz_emit_ethernet(0x74, 0x0, 0x0)
ioctl$TCSETA(0xffffffffffffffff, 0x8924, 0x0)
r1 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000010c0)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
getsockopt$bt_hci(r1, 0x84, 0x6d, &(0x7f0000001100)=""/4112, &(0x7f0000001040)=0x1010)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
setsockopt$bt_l2cap_L2CAP_LM(0xffffffffffffffff, 0x6, 0x3, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f000001aa40)=""/102400, 0x19000)
writev(0xffffffffffffffff, 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000180), 0x40400, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={0x38, 0x1403, 0x1, 0x70bd29, 0x25dfdbff, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'veth0_to_bridge\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8081}, 0x20000014)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0) (async)
socket$nl_rdma(0x10, 0x3, 0x14) (async)
syz_emit_ethernet(0x0, 0x0, 0x0) (async)
syz_emit_ethernet(0x74, 0x0, 0x0) (async)
ioctl$TCSETA(0xffffffffffffffff, 0x8924, 0x0) (async)
socket(0x2, 0x80805, 0x0) (async)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000010c0)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10) (async)
getsockopt$bt_hci(r1, 0x84, 0x6d, &(0x7f0000001100)=""/4112, &(0x7f0000001040)=0x1010) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3) (async)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) (async)
setsockopt$bt_l2cap_L2CAP_LM(0xffffffffffffffff, 0x6, 0x3, 0x0, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) (async)
read$msr(r2, &(0x7f000001aa40)=""/102400, 0x19000) (async)
writev(0xffffffffffffffff, 0x0, 0x0) (async)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000180), 0x40400, 0x0) (async)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={0x38, 0x1403, 0x1, 0x70bd29, 0x25dfdbff, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'veth0_to_bridge\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8081}, 0x20000014) (async)

10.536283361s ago: executing program 6 (id=5773):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$ENABLE_STATS(0x20, &(0x7f0000000080), 0x4)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001540)=ANY=[@ANYBLOB="b702000008000000bfa300000000000007030000ffffffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000000000095000000000000006623848adf1dc9a764ab51a064caff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b81ddaa52e8756ad60a07d6f27c125e16d024098f755d8583da60f27c162dbba0700002ac9170f50f2568836077b7f711a18ebf608d87b885297b6b6981978d51514b00dcc4a2748b376358c33c9753beab62bdf27dc04e4cb4bc598affd989b1ca58949a54d5827df14feecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b770009524edd5fa5c53e9c37251709f1ff7f0000f07bf7f53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd88345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1757b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d0842835e81c35af41e5b5b924275cb1749289b44e9728e7a73f148ac8206afe120c1437490d9900000011000003971b32fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cecec38126247b27113ad4c7915c8f82c333a7b350802f0311807010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d677d406160ffaffffffb4e0bde6749aa52c408b74251914c5d3255fd88a42e7ebb69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000000ac376e0a4649a8a84e1d293a6b109c5e59b366bca5cc3d936c53d4a48c05099e6fc37e5aa23bff8cce0600000000000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68f536a03353a55a8a8e176e5d48887d31c8e0f77f2c1e68ec7c01bd5a2028a8fc107007f5f4c67600a6ade3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f942cc750399d9029f071fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2b4492510134552f0b076b168394f8417f25cc82ae04007193cbe69de8bf35e4bebd15412426b2020ab1f05fc44ae9ae094c1b81d3ef947692b44d2afb09c7498dedf0f87c38bbcab7357836f03e8a7c392e535694a3ead2de11e6b1781e2a017ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f6c3652c423ce6ecc1be5d4e8133fc32f68ea86a2df1e7df98a0ae216c405d0ae9eed114ff2d6fe27dfdff1cf9194849c4cc0da9533e5983863e526a7dc0d8728f3b573ca4427bdb44df9341e9b8420e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c0000000000000000000000000000c87bcc2ac5aed9467b51d92e0993af4beaf1f3d47dcdfab9165f98155d93e383d6b85158b54675c1585037508c1e9461a1c3d1a6e2402045cae150a7016f716eebbdf6afc4414d900be0bdf19f4a273f44f4357380b4387f1c8b104f0e406b2f04e5ed88631be6411f9927fe9f83412b7c5a676ceec8b454ebf6481c98e86b6933a02daea0b4ec0be5b3d916bd70208b4588626c27c318475802e2c62681bd1a331422a6e47bbd40857d52c4894944fae5c5000000000000000000000000e0c47613e950b6aefeae054fc723f62ac7d13941de11b018f1f48ac50335df91c771729f81929128135b2803562c1171ee00a3f4a31281aa363e087d53d86dd85e3ff979a7e72d16fdd7e1a0f07a1c8e6085d280d760f74975ceb3a5be6cfb4da8e0aeb769b8b75f4aad803ed77d34872eed2711aa40a3b38099dc2752e8ec9b520faf39e416752aa0830206736570f5d41a4df848c9052551cf8dcb1be000000000eb2577188e8e96bd825d462350905d3eb916b397d2a46a64081e85661d7a5a2716cc87cb1976d15d9b6418e94f165911803e43830432226c660f4da67bb7c8ceb3755c07197d8b80b8d16b12c2ec63bebe107aa2350a7ae564bf69a6c52a2da1496016dd66a1c1b112"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000880), 0x10}, 0x94)
r1 = socket$caif_stream(0x25, 0x1, 0x3)
shutdown(r1, 0x1)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x300, 0x22, 0x0, &(0x7f0000000040)="3d6ee2e04b91ab10143d9abe86dd", 0x0, 0xfffc, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

10.21254473s ago: executing program 6 (id=5774):
fcntl$getown(0xffffffffffffffff, 0x9)
read$FUSE(0xffffffffffffffff, &(0x7f0000000540)={0x2020, 0x0, 0x0, <r0=>0x0, 0x0, <r1=>0x0}, 0x2020)
r2 = syz_open_procfs(r1, &(0x7f0000000000)='fdinfo\x00')
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="120100007516b7108c0d0e008f8e0018030109021b000100000000090408000103"], 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000002580)=ANY=[@ANYBLOB="0900000004000000dd0000000a00000000000000", @ANYRES8, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES8=r0, @ANYRESOCT=r2], 0x50)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00')
read$eventfd(r3, &(0x7f0000000080), 0x8)
fchdir(r2)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)

8.550599409s ago: executing program 1 (id=5783):
mprotect(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x1)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000002c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[], 0x4c}}, 0x0)
close(r0)
syz_clone(0x80001000, 0x0, 0x0, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNGETDEVNETNS(r0, 0xff0a, 0x0) (fail_nth: 7)

8.164349416s ago: executing program 1 (id=5784):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = epoll_create1(0x0)
syz_io_uring_setup(0x748, &(0x7f00000002c0)={0x0, 0x9537, 0x1000, 0x3, 0x303}, &(0x7f0000000340), &(0x7f0000000380))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
r4 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
pwritev(0xffffffffffffffff, 0x0, 0x0, 0x800000, 0x0)
r5 = syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r5, 0x40045532, &(0x7f0000000040))
r6 = openat$audio(0xffffffffffffff9c, &(0x7f0000000080), 0x40000000048601, 0x0)
r7 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
ioctl$SNDRV_PCM_IOCTL_REWIND(r7, 0x40084146, &(0x7f0000000000)=0x8)
ioctl$LOOP_CHANGE_FD(r4, 0x4c06, r4)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4}, 0x6e)
sendmmsg$unix(r9, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r10 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r10)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r10, 0x4008af60, &(0x7f00000003c0)={@host})
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r11 = fcntl$dupfd(r1, 0x0, r2)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r11, &(0x7f0000000040)={0x20000001})
setsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r10, 0x84, 0x7, &(0x7f0000000180)={0xa6e}, 0x4)

8.147968264s ago: executing program 6 (id=5785):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f0000004a40)=[{{&(0x7f0000000100)=@ieee802154={0x24, @long}, 0x80, &(0x7f0000001580)=[{&(0x7f0000000180)=""/133, 0x85}, {&(0x7f0000000240)=""/96, 0x60}, {&(0x7f00000002c0)=""/127, 0x7f}, {&(0x7f0000004c80)=""/159, 0x9f}, {&(0x7f0000000400)=""/4096, 0x1000}, {&(0x7f0000001400)=""/173, 0xad}, {&(0x7f00000014c0)=""/146, 0x92}], 0x7, &(0x7f0000001600)=""/60, 0x3c}, 0x8}, {{0x0, 0x0, &(0x7f0000001700)=[{&(0x7f0000001640)=""/42, 0x2a}, {&(0x7f0000001680)}, {&(0x7f00000016c0)=""/30, 0x1e}], 0x3, &(0x7f0000000340)=""/15, 0xf}, 0x5}, {{&(0x7f0000001780)=@x25, 0x80, &(0x7f0000001b80)=[{&(0x7f0000001800)=""/54, 0x36}, {&(0x7f0000001880)=""/58, 0x3a}, {&(0x7f00000018c0)=""/179, 0xb3}, {&(0x7f0000001980)=""/167, 0xa7}, {&(0x7f0000001a40)=""/2, 0x2}, {&(0x7f0000001a80)=""/147, 0x93}, {&(0x7f0000000380)=""/53, 0x35}], 0x7}, 0x3}, {{&(0x7f0000001c00)=@pptp={0x18, 0x2, {0x0, @private}}, 0x80, &(0x7f0000002ec0)=[{&(0x7f0000001c80)=""/18, 0x12}, {&(0x7f0000001cc0)=""/181, 0xb5}, {&(0x7f0000001d80)=""/38, 0x26}, {&(0x7f0000001dc0)=""/4096, 0x1000}, {&(0x7f0000002dc0)=""/53, 0x35}, {&(0x7f0000002e00)=""/131, 0x83}], 0x6, &(0x7f0000002f40)=""/224, 0xe0}}, {{0x0, 0x0, &(0x7f0000003180)=[{&(0x7f0000003040)=""/227, 0xe3}, {&(0x7f0000003140)=""/1, 0x1}], 0x2, &(0x7f00000031c0)=""/4096, 0x1000}, 0x8}, {{&(0x7f00000041c0)=@sco, 0x80, &(0x7f0000004400)=[{&(0x7f0000004c00)=""/68, 0x44}, {&(0x7f0000004280)=""/87, 0x57}, {&(0x7f0000004300)=""/199, 0xc7}], 0x3}, 0xd}, {{&(0x7f0000004440)=@ethernet={0x0, @local}, 0x80, &(0x7f00000048c0)=[{&(0x7f00000044c0)=""/139, 0x8b}, {&(0x7f0000004580)=""/238, 0xee}, {&(0x7f0000004680)=""/25, 0x19}, {&(0x7f00000046c0)}, {&(0x7f0000004700)=""/239, 0xef}, {&(0x7f0000004800)=""/175, 0xaf}], 0x6, &(0x7f0000004940)=""/194, 0xc2}, 0x1}], 0x7, 0x2, 0x0)
lsetxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040), &(0x7f00000000c0)=@v2={0x2000000, [{0x0, 0x1000}, {0x3ff, 0x8f77}]}, 0x14, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/vmallocinfo\x00', 0x0, 0x0)
r3 = dup(r2)
lseek(r3, 0x200000008, 0x3)
fsmount(0xffffffffffffffff, 0x0, 0x0)

8.130853063s ago: executing program 0 (id=5786):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f00000000c0)={0x1d, r1}, 0x18)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffd58, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102392, 0x18ff8)
ioctl$MEDIA_REQUEST_IOC_QUEUE(0xffffffffffffffff, 0x7c80, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000600)={0x0}}, 0x0)
connect$can_j1939(r0, &(0x7f0000000140)={0x1d, r1, 0x0, {0x1, 0xf1, 0xa8fe8ad4eea2351f}, 0x2}, 0x18)
setsockopt$SO_J1939_ERRQUEUE(r0, 0x6b, 0x4, &(0x7f00000003c0)=0x5, 0x4)
prctl$PR_SET_MM(0x23, 0x9, &(0x7f0000fff000/0x1000)=nil)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000100)={0x3, 0x0, &(0x7f0000000000)={&(0x7f00000006c0)=ANY=[@ANYBLOB="020200020e4f000000000000000000000000080008000000f100000000000000020001000000000000000500000000a0050006003c0000000a004e210010000700000008000000000000ffffac1414aa000800000000000005000500000000000a004e240000000e00000000000000000000ffffe0000002280b000000000000b7d4df7797030049478adb09298cdc6c1f57358505ef1e55e7a744bf7fd894c8d403e67cc2462d1398d16ca2ee4dbd93741162d6e39fb8032cd07935732d4bb6e92f705adeb1b351215635d98f5f3c4ffce12077de5f7424eb869af61265b12c5c225addc11b3b13bdfffa6c0b393e883af46836a9b33c5294a2f903a7c8a4c46ff79528f21f1d6ab67209393c"], 0x80}, 0x1, 0x7}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0xc081}, 0x4000000)
r6 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="120100003f7a7e40720c12009622010203010902120001000000000904"], 0x0)
syz_usb_control_io$uac1(r6, 0x0, &(0x7f0000000640)={0x44, &(0x7f00000004c0)={0x40, 0xf}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r6, 0x0, 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), r4)
r7 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r7, &(0x7f0000000000)={0x1a, 0x1, 0x0, 0x0, 0x81, 0x42, @random="d52126503fe8"}, 0x10)

6.754338239s ago: executing program 2 (id=5789):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, 0x0, 0x0)
r4 = accept4(r3, 0x0, 0x0, 0x80800)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e005", 0x26}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd", 0x59}], 0x3}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0xf0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)

6.687998831s ago: executing program 6 (id=5790):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='cdg', 0x3)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, 0x0, 0x0)
ioctl$int_in(r0, 0x5421, &(0x7f0000000100)=0x9)
connect$inet(r0, &(0x7f0000000280)={0x2, 0x4e21, @dev}, 0x10)
close(r0)

6.527163209s ago: executing program 6 (id=5791):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000440)=ANY=[@ANYBLOB="12011f00abbe6740e9174e8b089c000000010902120001000000000904000000ff"], 0x0)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
r2 = syz_io_uring_setup(0x10e, &(0x7f00000000c0)={0x0, 0x8d2dc, 0x0, 0xffffffff}, &(0x7f00000003c0)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x0, 0x5, r1, 0x0, 0x0, 0x0, 0x80000})
io_uring_enter(r2, 0x47f5, 0x0, 0x0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000340)={0x2c, &(0x7f0000000000)=ANY=[@ANYBLOB="201006000000065f01"], 0x0, 0x0, 0x0, 0x0}, 0x0)

6.308224462s ago: executing program 1 (id=5793):
r0 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f0000000000)={0x4e, 0x1, 0x1, "ff00000000000000050040000000000700ef3809000000000000000000000004", 0x59455247})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r2, &(0x7f0000000180)=ANY=[@ANYBLOB="0e0001000200"], 0x8)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000100)='asymmetric\x00', &(0x7f0000000000)=@secondary)
keyctl$get_persistent(0x16, 0x0, r0)

6.274673995s ago: executing program 1 (id=5794):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000140)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="340000003c00070100000000000000000100"], 0x34}, 0x1, 0x0, 0x0, 0xc000}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SEG6_CMD_SETHMAC(r4, &(0x7f00000004c0)={0x0, 0xf0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x34, r5, 0x1, 0x0, 0x0, {}, [@SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x1}, @SEG6_ATTR_SECRET={0x8, 0x4, [0x0]}, @SEG6_ATTR_ALGID={0x5, 0x6, 0x1}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x1}]}, 0x34}}, 0x0)
sendmsg$SEG6_CMD_SET_TUNSRC(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)={0x94, r5, 0x0, 0x70bd26, 0x25dfdbfb, {}, [@SEG6_ATTR_DST={0x14, 0x1, @local}, @SEG6_ATTR_DST={0x14, 0x1, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @SEG6_ATTR_SECRET={0x18, 0x4, [0x7, 0x8, 0x6, 0x7, 0xd4f]}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x5}, @SEG6_ATTR_SECRET={0x8, 0x4, [0x4]}, @SEG6_ATTR_DST={0x14, 0x1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x4}, @SEG6_ATTR_DST={0x14, 0x1, @local}]}, 0x94}}, 0x20000080)
sendmsg$SEG6_CMD_DUMPHMAC(r2, 0x0, 0x0)
syz_io_uring_setup(0x3edf, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0}, 0x0, 0x0)
r6 = syz_io_uring_setup(0x10f, &(0x7f0000000380)={0x0, 0x211a, 0x80, 0x1, 0x309}, 0x0, &(0x7f0000000280)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000040)=0xffefffdc, 0x0, 0x4)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB='>'], 0x38}}, 0x80)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r8, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r8, 0x0)
syz_io_uring_submit(0x0, r7, &(0x7f0000000000)=@IORING_OP_ACCEPT={0xd, 0x8, 0x1, 0xffffffffffffffff, 0x0})
r9 = syz_clone(0x10000, &(0x7f0000000400)="f28416d68585f1ef54715d228fe7ff4da8b8f3146edb60e328b868d53a20eb36049fec02b0445661b8e0bf045ed054a6a8cfbbfe6f019990428a668498441ccc380fb1b094d186c41c09489fa6718a8de4204d53324970", 0x57, &(0x7f0000000100), &(0x7f0000000240), &(0x7f0000000500)="00d7c2e4b12d5414f72f8d423998d6f30f588170ec41db3d52c76c6f95b2668a5013226eefc92f0ee76f798794539dd40819b35325a560f26d98086e5b84501b673af630b0a3feb443e5cef1b12f9677ff69ec7be5bd9835ef68f1618c8efe4b40ca2ca1710129e001c0d35e864040464863d6c667ff3a05d2bf94ee28aaec3565fcd1b3904210e5e2859a837e6231e0d75b485ac7a891096f534cb658919fee11560cdf4d63e54112e2ac36ea7a94358ab0df065444c79b8a9c0076b2a80221988e87d16c780686bc8c2cadc871143eab51399db719378c717ca502675ec39dcd94d410a71bf3ea40ca7a7bf2b99a55aad730e196db")
capget(&(0x7f00000002c0)={0x20080522, r9}, &(0x7f0000000480)={0x1, 0x4, 0xa42, 0xc, 0xd, 0x52})
r10 = socket(0xa, 0x3, 0xff)
setsockopt$sock_int(r10, 0x1, 0x28, &(0x7f0000000040)=0x81, 0x4)
syz_emit_ethernet(0x3e, &(0x7f00000001c0)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x39}, @void, {@ipv6={0x86dd, @generic={0xc, 0x6, "370c89", 0x8, 0x2b, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @local, {[@hopopts={0xff}]}}}}}, 0x0)
io_uring_enter(r6, 0x3516, 0xc2de, 0x8, 0x0, 0x0)

5.795985239s ago: executing program 2 (id=5795):
setxattr$trusted_overlay_upper(0x0, 0x0, &(0x7f0000000140)=ANY=[], 0x841, 0x1)
prlimit64(0x0, 0x7, &(0x7f0000000000)={0x0, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x43c9, 0x0)
r1 = socket(0x1e, 0x2, 0x0)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102389, 0x18ff5)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$IP_VS_SO_GET_SERVICES(r2, 0x0, 0x482, &(0x7f00000000c0)=""/22, &(0x7f0000000240)=0x16)
r3 = syz_open_dev$evdev(0x0, 0x3, 0xc40e82)
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x3f, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
write$char_usb(r3, 0x0, 0x0)
syz_open_dev$ndb(&(0x7f0000000080), 0x0, 0x10000)
r4 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$SO_TIMESTAMP(r4, 0x1, 0x52, &(0x7f0000000040)=0x2, 0x4)
sendto$inet6(r4, 0x0, 0x0, 0x44000, 0x0, 0x0)
recvmmsg(r4, 0x0, 0x0, 0x0, 0x0)
setxattr$trusted_overlay_upper(0x0, &(0x7f0000000100), 0x0, 0x381, 0x1)
ioctl$FS_IOC_MEASURE_VERITY(0xffffffffffffffff, 0xc0046686, &(0x7f0000000300)={0x1, 0x68, "5bcd0981bda095d7543f11dc43aff49a26b30b6a15d68215a03b11223918aedb05f08a15bc1eb02181c418e029de209e494ea8443e1aace5bda1af011c1c38b2b3b83e66661a300e90123123471457db54747373342e79a527cb5e9aecea012523e72e9dc9ae1a2e"})
r5 = socket$inet6(0xa, 0x2, 0x9)
recvmmsg(r5, &(0x7f0000000940)=[{{0x0, 0xfffffffffffffff8, 0x0, 0xffffffffffffffd2, 0x0, 0x3e}, 0xdb22}], 0x1, 0x40010101, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000280), 0x7d9841)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
r7 = syz_init_net_socket$llc(0x1a, 0x4, 0x0)
connect$llc(r7, &(0x7f0000000180)={0x1a, 0x206, 0xf9, 0x8, 0x0, 0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3e}}, 0x10)

5.580460102s ago: executing program 2 (id=5797):
add_key$keyring(&(0x7f00000001c0), &(0x7f00000002c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd)
openat$tun(0xffffffffffffff9c, &(0x7f0000000580), 0x802, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
accept4(r0, 0x0, 0x0, 0x800)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x60042, 0x0)
write$binfmt_elf64(r1, &(0x7f00000005c0)=ANY=[@ANYBLOB="7f454c460e02f9b7ff7f00000000000002000300fffeffffdf020000000000004000000083c10000030300000007000000000000080038000100040004000d00030000000080000000000000000000000700000000000000080000000000000005000000000000000204"], 0x78)
ioctl$SNDCTL_SEQ_SYNC(r1, 0x5101)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet_udp(0x2, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000240), 0xffffffffffffffff)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000004c00)=""/102392, 0x18ff8)
syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x80800)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x4)
r4 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setlease(r4, 0x400, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)

5.080253142s ago: executing program 0 (id=5798):
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ff5000/0x8000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f000000b000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff7000/0x1000)=nil, &(0x7f0000007000/0x3000)=nil, &(0x7f0000004000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="050000e204affb00df7f00000100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000180)={0x0, 0x0, 0x0, &(0x7f0000001340), 0x2931b90f, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = dup2(r1, r0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x80)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
syz_emit_ethernet(0x32, &(0x7f00000001c0)={@multicast, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x11, 0x0, @dev, @multicast1}, {0x0, 0x4e20, 0x10, 0x0, @gue={{0x2}}}}}}}, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x80, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000440)='./bus\x00')
r6 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)
write$FUSE_CREATE_OPEN(r6, &(0x7f00000007c0)={0xa0, 0xffffffffffffffda, 0x0, {{0x1000000000003, 0x3, 0x8000000000007, 0x7, 0x5, 0x1, {0x0, 0x181, 0x2101, 0x5, 0x87, 0xd615, 0x9, 0x7fffffff, 0xfffffffe, 0x8000, 0x0, 0xee00, 0x0, 0xcea, 0x1}}, {0x0, 0x11}}}, 0xa0)
r7 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r7, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r7, &(0x7f0000000040)={&(0x7f0000000280)=@caif=@dgm={0x25, 0x9, 0xa}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000680)="62042700590200000000002f1eafbcf706e12b30087f5c582d26116642c47a5f8786ee601e65ab3c06d4b8bf4a81cb3e247345af215542f41ddf82f618438a34f90186cee8441e2305e495d04ad68ab8fef69df82de6456fbb48b63f60c9c9097be968ea872c4801e5d0711b4373c7224ed7a9cbd49d40f82bdb6afc0036824be26fc96e49a70e90797e6caa1b38ddacb3cb2b3eac7c068a185b644582f25edfa3d6a46e2a894ca809a422a6a29b0700000000000000484d6a710292ea0c3f97b7cbff701684b13c5593262534a7af9eab48f2ca2d74d9a4de33", 0xda}, {&(0x7f0000000c40)="294f28dfe56d2c8ba23606bc7ecd1f634665cb5bed07ba98af556e8c2ddb016926910c5a0c653b0106869a8049d2a44ce42557b2e72e2bd367e9d01a5e7380cc4fc8e7c9044cc4115b978ca7427d749beaefdf2e4849ca344324fd155ed26bb161297c7e56a3e83e91b379c179017f8b4657d1b22eca6bca33036d33e1a684059c5301001ca6637ac780ab2bcfc22a666cd4e5876f11e9aee4724b7cb59731c97e70ebd7f7483994eb07de2f5d6a9448c3206cff6d290b433f331c2399e99ee3bdecf5689eddc3e54908000000a933bbc47b65ca6e9d7efbee6e3b1dbe87313111e85336d6890002db17751b6044f964dc90ea466f90856112be7f0a54b39a3f66cc4c39544300093158af39cdde429f50d8c7fbc0efaccca18e94b87dc586ee60baa55469755ab00e92b607f2aeee00ad72fb29c1847f85b2f8ec3a34864b18eaaa131a4940c9af11606e5d9360c3f4a2c8308d50c34b1bbaac018469ae", 0x15e}], 0x2}, 0x8001)

5.07224229s ago: executing program 2 (id=5799):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000300)=[@increfs], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000480)={0x18, 0x0, &(0x7f0000000000)=[@request_death, @decrefs], 0x0, 0x1000000, 0x0})
r2 = signalfd(r0, &(0x7f0000000040)={[0x4]}, 0x8)
clock_gettime(0x0, &(0x7f0000000080)={<r3=>0x0, <r4=>0x0})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000002700)=""/102392, 0x18ff8)
ioctl$UI_SET_ABSBIT(0xffffffffffffffff, 0x40045567, 0x0)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
io_setup(0x9, &(0x7f0000000340)=<r7=>0x0)
r8 = socket$inet_smc(0x2b, 0x1, 0x0)
io_submit(r7, 0x1, &(0x7f0000000280)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0x0, r8, 0x0, 0x0, 0x0, 0x0, 0x2}])
read$FUSE(0xffffffffffffffff, &(0x7f00000387c0)={0x2020, 0x0, 0x0, 0x0, <r9=>0x0}, 0x2020)
read$FUSE(0xffffffffffffffff, &(0x7f000003a800)={0x2020, 0x0, 0x0, 0x0, 0x0, <r10=>0x0}, 0x2020)
fcntl$getownex(r6, 0x10, &(0x7f00000004c0)={0x0, <r11=>0x0})
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000500)={{0x0, 0x0, 0x0, 0x0, r9, 0x88, 0x6}, 0x0, 0x0, 0xf, 0x3ff, 0x101, 0x5, 0x9b65, 0x9, 0x8, 0xfff8, r10, r11})
sendto$inet(r8, 0x0, 0x0, 0x200047ee, &(0x7f0000000080)={0x2, 0x4e22, @loopback}, 0x10)
r12 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r12, 0xc0184800, &(0x7f0000000100)={0x20004, <r13=>r6, 0x80000})
r14 = syz_open_dev$dri(&(0x7f0000000040), 0x1ff, 0x80000)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r14, 0xc00c642e, &(0x7f00000000c0)={0x0, 0x0, r13})
write$input_event(r2, &(0x7f0000000140)={{r3, r4/1000+10000}, 0x16, 0x3, 0x80}, 0x18)

4.923900244s ago: executing program 1 (id=5800):
socket$alg(0x26, 0x5, 0x0)
fcntl$lock(0xffffffffffffffff, 0x11, 0x0)
socket$l2tp6(0xa, 0x2, 0x73)
syz_io_uring_setup(0x1757, &(0x7f0000000440)={0x0, 0x711, 0x802c, 0x0, 0x248}, 0x0, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r1, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev={0xfe, 0x80, '\x00', 0xff}, @in=@empty, 0x0, 0x0, 0x1, 0x4, 0xa}, {0xbd1, 0x0, 0x3}, {0x81, 0x2}, 0x1fffffc, 0x0, 0x1, 0x0, 0x0, 0x2}, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x8000, 0x33}, 0x0, @in6=@empty, 0x1, 0x0, 0x0, 0x7, 0x6, 0x0, 0x10001}}, 0xe8)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0xffe0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
socket$packet(0x11, 0x2, 0x300)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
syz_emit_ethernet(0xd83, &(0x7f0000001f40)=ANY=[@ANYBLOB], 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
writev(r2, &(0x7f0000000100)=[{&(0x7f0000000000)='4', 0x1}], 0x1)

4.883919277s ago: executing program 5 (id=5801):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
openat$fb0(0xffffffffffffff9c, 0x0, 0x101, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x20000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f0000001440)=ANY=[], 0xffffff6a)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0e00"], 0x48)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x44003)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r3, 0xc0a85320, &(0x7f0000001400)={{0x80}, 'port1\x00', 0xe3, 0x1b1c07, 0x0, 0x0, 0x0, 0x2000})
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x7, 0x4, 0x8, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000181200", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
r6 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$SNDCTL_DSP_SPEED(r6, 0xc0045002, &(0x7f0000000080)=0xf7e)
read$dsp(r6, &(0x7f00000002c0)=""/4096, 0x1000)
write$dsp(r5, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYRESDEC=r4], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r7}, 0x10)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x0}, &(0x7f0000000140)='_', 0x1, 0xfffffffffffffffe)
add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)

4.054916319s ago: executing program 0 (id=5802):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$fuse(0x0, 0x0, 0x0, 0x8, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=0x0])
mount(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000280)='autofs\x00', 0x2410804, &(0x7f0000000040))
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x101000, 0x10b)
ioctl$AUTOFS_IOC_CATATONIC(r1, 0x9362, 0x0)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='contention_begin\x00', r3}, 0x18)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r2, 0xc0189379, &(0x7f0000000000)={{0x1, 0x1, 0x18, r1}, './file0\x00'})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="01000000040000000800", @ANYRES32, @ANYBLOB, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000001000"/25], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000500)={{}, &(0x7f00000001c0), &(0x7f0000000400)}, 0x20)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000006040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000050000000900010073797a30000000002c000000030a01010000000000000000050000000900010073797a30000000000900030073797a300000000068000000060a010400000000000000000500400008000b4000000000400004803c0001800b00010074756e6e656c00002c0002800800034000000000080001400000000108000340000000020800014000000000080002400000000c0900010073797a30"], 0x5d54}}, 0x0)
io_setup(0x4, &(0x7f0000000080)=<r5=>0x0)
io_submit(r5, 0x2, &(0x7f0000000380)=[0x0, 0x0])
socket$pppoe(0x18, 0x1, 0x0)

3.164690826s ago: executing program 5 (id=5803):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$BLKRAGET(0xffffffffffffffff, 0x1263, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x4)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
r5 = socket$phonet(0x23, 0x2, 0x1)
sendto$phonet(r5, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x23, 0x26, 0xfd, 0x6}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, 0x0, 0x4)
connect$inet(r4, &(0x7f0000001980)={0x2, 0x1, @loopback}, 0x10)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
getrlimit(0xb, &(0x7f00000000c0))
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000000)=0x655e, 0x4)
recvmmsg(0xffffffffffffffff, &(0x7f00000049c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2000, 0x0)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r6)
sendmsg$NLBL_MGMT_C_ADDDEF(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000600)={0x1c, r7, 0x1, 0x703d25, 0x25dfdbfb, {}, [@NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x7}]}, 0x1c}}, 0x2400c842)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r8)
syncfs(r0)

3.126281955s ago: executing program 6 (id=5804):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="6c0000001000010400d201000072f60000020000", @ANYRES64, @ANYBLOB="0524060000000000300012800b0001006272696467650000200002800c002e00fffff6ffffffffff050007"], 0x6c}}, 0x0)
r0 = socket(0x3, 0x3, 0xb233)
sendmmsg$alg(r0, &(0x7f0000000140), 0x4924b68, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380), 0x2900, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0x3)
ioctl$BTRFS_IOC_START_SYNC(r2, 0x540b, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_usb_connect(0x3, 0x24, &(0x7f0000000100)={{0x12, 0x1, 0x0, 0x34, 0x70, 0x9d, 0x40, 0x55f, 0xc230, 0xb6ac, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xf2, 0xa7, 0xcc}}]}}]}}, 0x0)
syz_usb_control_io(r6, 0x0, &(0x7f00000006c0)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)={0x40, 0x21, 0x1, 0x9}})
syz_usb_control_io$rtl8150(r6, 0x0, &(0x7f0000000340)={0x2c, &(0x7f00000003c0)=ANY=[@ANYBLOB="0009005b69de4db91b0000"], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$lan78xx(r6, 0x0, 0x0)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x20, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}]}, 0x20}}, 0x80)
r10 = openat$kvm(0xffffff9c, &(0x7f0000000000), 0x40080, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(r11, 0x4048aec9, &(0x7f0000000640)={0x3, 0x0, @ioapic={0xeeef0000, 0x2, 0x1, 0x7, 0x0, [{0x6, 0x5, 0xe7, '\x00', 0x2}, {0x59, 0xb, 0x3, '\x00', 0x4}, {0x7, 0x3, 0x1, '\x00', 0x6}, {0xb, 0x7f, 0x10, '\x00', 0x6}, {0xff, 0x3, 0x9, '\x00', 0x2}, {0x4, 0x8, 0x6, '\x00', 0x1}, {0x80, 0x3, 0x6, '\x00', 0x1a}, {0x1, 0x5, 0xf, '\x00', 0x7}, {0x5, 0x9, 0x4, '\x00', 0x2}, {0xff, 0x1, 0xe3, '\x00', 0x7}, {0x5, 0x1, 0x2, '\x00', 0x3}, {0x6b, 0x25, 0x81, '\x00', 0x25}, {0xfd, 0x67, 0x81, '\x00', 0x6}, {0x2, 0x7, 0x5, '\x00', 0x81}, {0x3, 0x3, 0x0, '\x00', 0x2}, {0x3, 0x5, 0x5, '\x00', 0x6}, {0x7, 0x2, 0x87, '\x00', 0x96}, {0x2, 0xc, 0xa0, '\x00', 0x1}, {0x0, 0x5, 0x9, '\x00', 0x4}, {0x80, 0xa, 0x45, '\x00', 0x5}, {0x7, 0x3, 0x9, '\x00', 0x4}, {0x0, 0x8, 0x4, '\x00', 0xf7}, {0x2, 0x40, 0x5, '\x00', 0xfa}, {0x9, 0x5, 0x9, '\x00', 0x40}]}})
r12 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000180), 0x40, 0x0)
ioctl$TIOCSETD(r12, 0x5423, &(0x7f0000000040)=0x5)
r13 = dup(r12)
sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(r13, &(0x7f0000000300)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x50060}, 0x4)
ioctl$SIOCSIFHWADDR(r13, 0x8926, &(0x7f0000002640)={'team_slave_0\x00', @random="76f64c34b99d"})
ioctl$SCSI_IOCTL_SEND_COMMAND(r13, 0x1, &(0x7f0000000180)=ANY=[@ANYBLOB="5f0000000000000004000000394c643768c323f0b4b814d6d9bd96964781119082e1f3e5a8387e4b4cc0a1e36764fa23e5ba7aa25716b6fa5d63060000002df0f837964b03e783fd184ec23dbe515496f76a675084463bb1106b3ee3975607f97993b57141288fb685496f"])
r14 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r14, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000c80)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000003a00000008000300", @ANYRES32=r4, @ANYBLOB="05005b"], 0x24}}, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)

2.283366425s ago: executing program 2 (id=5805):
openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
socket$inet6(0xa, 0x2, 0x3a)
write$binfmt_register(0xffffffffffffffff, &(0x7f0000000180)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0x24f3, 0x3a, ']\x01{:\xb6%*{!+', 0x3a, 'syz1\xc9\t\x00\x00\x00\x00\x00\x00\x00\x13\x9f\x06W\x96\xa7\x03-r\x80nw\x06 U:\x94', 0x3a, './file0'}, 0x4f)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r5 = dup(r4)
ioctl$KVM_SET_MSRS(r5, 0xc008ae88, 0x0)
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
syz_open_pts(0xffffffffffffffff, 0x248401)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x400, &(0x7f0000000080)=ANY=[@ANYBLOB='mpol=prefer>0,\x00'])
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r5, 0x7a8, 0x0)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)

2.07255292s ago: executing program 5 (id=5806):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, 0x0, 0x0)
r4 = accept4(r3, 0x0, 0x0, 0x80800)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e005", 0x26}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd", 0x59}], 0x3}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0xf0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)

1.681918693s ago: executing program 0 (id=5807):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@remote, @in=@broadcast, 0xfffc, 0x8000, 0x0, 0x0, 0xa, 0x0, 0x100}, {0x0, 0x0, 0xbc8, 0x0, 0x800000000}, {}, 0x0, 0x0, 0x1}, {{@in6=@mcast2, 0x0, 0x2b}, 0x0, @in=@remote, 0x0, 0x2}}, 0xe8)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000640)=ANY=[@ANYBLOB="34000000100001002abd70e20000000000000000", @ANYRES32=0x0, @ANYBLOB="8021000000000000140003006e657464657673696d30000000000000"], 0x34}, 0x1, 0x0, 0x0, 0x4040000}, 0x800)
socket$tipc(0x1e, 0x5, 0x0)
r2 = inotify_init()
inotify_add_watch(r2, &(0x7f0000000000)='.\x00', 0x400017e)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000100)='./file1\x00', 0x13b)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
ptrace$pokeuser(0x6, r3, 0xa0, 0xe000000000000000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000004c00)=""/102392, 0x18ff8)
r5 = syz_open_dev$dri(&(0x7f00000000c0), 0x100001fe, 0x80800)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)=[<r6=>0x0], 0x0, 0x0, 0x0, 0x1})
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000001300)='./file0/file0\x00', 0x1ea)
mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x1805406, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x80000, 0x0)
mount$9p_unix(&(0x7f0000000100)='./file0\x00', &(0x7f00000001c0)='./file0/file0\x00', 0x0, 0x12d7498, 0x0)
umount2(&(0x7f00000010c0)='./file0/file0\x00', 0x1)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r5, 0xc05064a7, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6})
r7 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000caaffb), 0x0)

1.679779554s ago: executing program 1 (id=5808):
r0 = syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0)
syz_usb_connect(0x1, 0x3d, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000bdce4208110f80106afc0000000109022b000100000000090437"], 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
getsockopt$bt_BT_CHANNEL_POLICY(r0, 0x112, 0xa, &(0x7f00000001c0)=0xffffff80, &(0x7f0000000500)=0x4)
open(&(0x7f0000000440)='./file0\x00', 0x40, 0x0)
mq_timedreceive(0xffffffffffffffff, 0x0, 0x0, 0x400000000000, 0x0)
r5 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r5, 0x89f1, &(0x7f0000000180)={'ip6_vti0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @empty, @private2={0xfc, 0x2, '\x00', 0x1}, 0x7800, 0x80, 0xfffffffc, 0xdc67}})

1.322445616s ago: executing program 2 (id=5809):
r0 = syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0)
syz_usb_connect(0x1, 0x3d, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000bdce4208110f80106afc0000000109022b00010000000009043700022ee5cd0009058010ff037f7902"], 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
getsockopt$bt_BT_CHANNEL_POLICY(r0, 0x112, 0xa, &(0x7f00000001c0)=0xffffff80, &(0x7f0000000500)=0x4)
open(&(0x7f0000000440)='./file0\x00', 0x40, 0x0)
mq_timedreceive(0xffffffffffffffff, 0x0, 0x0, 0x400000000000, 0x0)
r5 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r5, 0x89f1, &(0x7f0000000180)={'ip6_vti0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @empty, @private2={0xfc, 0x2, '\x00', 0x1}, 0x7800, 0x80, 0xfffffffc, 0xdc67}})

1.218627916s ago: executing program 5 (id=5810):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=@updpolicy={0xc4, 0x19, 0xfd3649826d894c67, 0x0, 0x0, {{@in6=@empty, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x1, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0xfffffffffffffffc}, {0x0, 0xacb0, 0x400000000}, 0x400}, [@policy_type={0xa, 0x10, {0x1}}]}, 0xc4}}, 0x4c050)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r1=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRESDEC, @ANYRES32, @ANYRES8=r0], 0x0, 0xe, 0x0, 0x0, 0x40f00, 0x0, '\x00', r1, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000}, 0x94)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="4400000010000304000000000000000000007400", @ANYRES32=r2, @ANYBLOB="0000000000000000240012800b000100627269646765000014000280060027"], 0x44}, 0x1, 0x0, 0x0, 0x40800}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r3 = socket$inet6(0x10, 0x3, 0x0)
sendmsg$inet(r3, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0)

1.09006951s ago: executing program 0 (id=5811):
fcntl$getown(0xffffffffffffffff, 0x9)
read$FUSE(0xffffffffffffffff, &(0x7f0000000540)={0x2020, 0x0, 0x0, <r0=>0x0, 0x0, <r1=>0x0}, 0x2020)
r2 = syz_open_procfs(r1, &(0x7f0000000000)='fdinfo\x00')
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="120100007516b7108c0d0e008f8e0018030109021b000100000000090408000103"], 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000002580)=ANY=[@ANYBLOB="0900000004000000dd0000000a00000000000000", @ANYRES8, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES8=r0, @ANYRESOCT=r2], 0x50)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00')
read$eventfd(r3, &(0x7f0000000080), 0x8)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)

938.6008ms ago: executing program 5 (id=5812):
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ff5000/0x8000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f000000b000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff7000/0x1000)=nil, &(0x7f0000007000/0x3000)=nil, &(0x7f0000004000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="050000e204affb00df7f00000100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000180)={0x0, 0x0, 0x0, &(0x7f0000001340), 0x2931b90f, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = dup2(r1, r0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x80)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
syz_emit_ethernet(0x32, &(0x7f00000001c0)={@multicast, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x11, 0x0, @dev, @multicast1}, {0x0, 0x4e20, 0x10, 0x0, @gue={{0x2}}}}}}}, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x80, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000440)='./bus\x00')
r6 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)
write$FUSE_CREATE_OPEN(r6, &(0x7f00000007c0)={0xa0, 0xffffffffffffffda, 0x0, {{0x1000000000003, 0x3, 0x8000000000007, 0x7, 0x5, 0x1, {0x0, 0x181, 0x2101, 0x5, 0x87, 0xd615, 0x9, 0x7fffffff, 0xfffffffe, 0x8000, 0x0, 0xee00, 0x0, 0xcea, 0x1}}, {0x0, 0x11}}}, 0xa0)
r7 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r7, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r7, &(0x7f0000000040)={&(0x7f0000000280)=@caif=@dgm={0x25, 0x9, 0xa}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000680)="62042700590200000000002f1eafbcf706e12b30087f5c582d26116642c47a5f8786ee601e65ab3c06d4b8bf4a81cb3e247345af215542f41ddf82f618438a34f90186cee8441e2305e495d04ad68ab8fef69df82de6456fbb48b63f60c9c9097be968ea872c4801e5d0711b4373c7224ed7a9cbd49d40f82bdb6afc0036824be26fc96e49a70e90797e6caa1b38ddacb3cb2b3eac7c068a185b644582f25edfa3d6a46e2a894ca809a422a6a29b0700000000000000484d6a710292ea0c3f97b7cbff701684b13c5593262534a7af9eab48f2ca2d74d9a4de33", 0xda}, {&(0x7f0000000c40)="294f28dfe56d2c8ba23606bc7ecd1f634665cb5bed07ba98af556e8c2ddb016926910c5a0c653b0106869a8049d2a44ce42557b2e72e2bd367e9d01a5e7380cc4fc8e7c9044cc4115b978ca7427d749beaefdf2e4849ca344324fd155ed26bb161297c7e56a3e83e91b379c179017f8b4657d1b22eca6bca33036d33e1a684059c5301001ca6637ac780ab2bcfc22a666cd4e5876f11e9aee4724b7cb59731c97e70ebd7f7483994eb07de2f5d6a9448c3206cff6d290b433f331c2399e99ee3bdecf5689eddc3e54908000000a933bbc47b65ca6e9d7efbee6e3b1dbe87313111e85336d6890002db17751b6044f964dc90ea466f90856112be7f0a54b39a3f66cc4c39544300093158af39cdde429f50d8c7fbc0efaccca18e94b87dc586ee60baa55469755ab00e92b607f2aeee00ad72fb29c1847f85b2f8ec3a34864b18eaaa131a4940c9af11606e5d9360c3f4a2c8308d50c34b1bbaac018469ae", 0x15e}], 0x2}, 0x8001)

839.82258ms ago: executing program 0 (id=5813):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
openat$fb0(0xffffffffffffff9c, 0x0, 0x101, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x20000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f0000001440)=ANY=[], 0xffffff6a)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0e00"], 0x48)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x44003)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r3, 0xc0a85320, &(0x7f0000001400)={{0x80}, 'port1\x00', 0xe3, 0x1b1c07, 0x0, 0x0, 0x0, 0x2000})
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x7, 0x4, 0x8, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000181200", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
r6 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$SNDCTL_DSP_SPEED(r6, 0xc0045002, &(0x7f0000000080)=0xf7e)
read$dsp(r6, &(0x7f00000002c0)=""/4096, 0x1000)
write$dsp(r5, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYRESDEC=r4], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r7}, 0x10)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x0}, &(0x7f0000000140)='_', 0x1, 0xfffffffffffffffe)
add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)

282.268223ms ago: executing program 34 (id=5813):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
openat$fb0(0xffffffffffffff9c, 0x0, 0x101, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x20000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
write$P9_RGETLOCK(0xffffffffffffffff, &(0x7f0000001440)=ANY=[], 0xffffff6a)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0e00"], 0x48)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x44003)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r3, 0xc0a85320, &(0x7f0000001400)={{0x80}, 'port1\x00', 0xe3, 0x1b1c07, 0x0, 0x0, 0x0, 0x2000})
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x7, 0x4, 0x8, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000181200", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
r6 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$SNDCTL_DSP_SPEED(r6, 0xc0045002, &(0x7f0000000080)=0xf7e)
read$dsp(r6, &(0x7f00000002c0)=""/4096, 0x1000)
write$dsp(r5, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYRESDEC=r4], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r7}, 0x10)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x0}, &(0x7f0000000140)='_', 0x1, 0xfffffffffffffffe)
add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)

0s ago: executing program 5 (id=5815):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000003000083850000002d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kfree\x00', r0}, 0x18)
r1 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x2082)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$SG_IO(r2, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x300, 0x0, 0x0, 0x0})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xc36e5000)
syz_emit_ethernet(0x4d, &(0x7f0000000400)={@local, @link_local, @void, {@llc_tr={0x11, {@llc={0x7e, 0x0, "a0a2", "97b7d11182e8d8952f4d06bf5031da0f50cd7ac1387d2778b4dc7714f452a4c0ac6a678bf127a0cc0a4e35de64c002cf80d28ec48be536a6b37bbc"}}}}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_START_AP(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)={0x90, r9, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r10}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x41, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac=@broadcast}, 0x0, @random=0x7, 0x1, @void, @void, @void, @val={0x4, 0x6, {0xf0, 0x2, 0x7f, 0xa70a}}, @val={0x6, 0x2, 0x6}, @void, @val={0x25, 0x3, {0x1, 0x8c, 0x8}}, @void, @void, @void, @val={0x72, 0x6}, @void, @void}}, @NL80211_ATTR_BEACON_TAIL={0x1f, 0xf, [@measure_req={0x26, 0x3, {0x9, 0xd, 0x1a}}, @ibss={0x6, 0x2, 0xd}, @mic={0x8c, 0x10, {0x827, "2807619e8109", @short="6f55ab81222e2478"}}]}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x90}, 0x1, 0x0, 0x0, 0x20004090}, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(r7, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000180)={&(0x7f00000002c0)={0x88, 0x0, 0x100, 0x70bd26, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r10}, @val={0xc, 0x99, {0x7, 0x46}}}}, [@NL80211_ATTR_4ADDR={0x5}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x4}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x6}, @mon_options=[@NL80211_ATTR_MNTR_FLAGS={0x10, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_OTHER_BSS={0x4}, @NL80211_MNTR_FLAG_FCSFAIL={0x4}]}, @NL80211_ATTR_MNTR_FLAGS={0x10, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_CONTROL={0x4}, @NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_ACTIVE={0x4}]}, @NL80211_ATTR_MU_MIMO_GROUP_DATA={0x1c, 0xe7, "de96cef0f441fec4b411795b99a3695c79f9eaca2f36475c"}, @NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR={0xa, 0xe8, @broadcast}]]}, 0x88}, 0x1, 0x0, 0x0, 0x844}, 0x40000)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r11 = socket$inet(0xa, 0x801, 0x84)
listen(r11, 0x8)
accept4(r11, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

SB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1677.780489][    T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1677.806362][T26561] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5167'.
[ 1677.815795][T26561] netlink: 'syz.5.5167': attribute type 30 has an invalid length.
[ 1677.827524][    T9] usb 7-1: config 0 descriptor??
[ 1678.979464][T26580] netlink: 27 bytes leftover after parsing attributes in process `syz.2.5173'.
[ 1679.073129][T26584] tmpfs: Cannot retroactively limit inodes
[ 1679.380100][T26593] netlink: 16 bytes leftover after parsing attributes in process `syz.2.5179'.
[ 1679.986348][T26604] netlink: 16402 bytes leftover after parsing attributes in process `syz.5.5183'.
[ 1680.703580][T18949] usb 7-1: USB disconnect, device number 10
[ 1680.713056][T24232] usb 1-1: new full-speed USB device number 19 using dummy_hcd
[ 1680.792349][T26611] netlink: 9 bytes leftover after parsing attributes in process `syz.6.5186'.
[ 1680.907595][T26611] gretap0: entered promiscuous mode
[ 1680.924122][T24232] usb 1-1: config 0 has an invalid interface number: 120 but max is 0
[ 1680.950783][T24232] usb 1-1: config 0 has no interface number 0
[ 1681.059073][T24232] usb 1-1: config 0 interface 120 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[ 1681.103632][T24232] usb 1-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice= 0.58
[ 1681.302130][T24232] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1681.321390][T24232] usb 1-1: config 0 descriptor??
[ 1681.345966][T26615] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5185'.
[ 1681.359347][T26615] netlink: 'syz.1.5185': attribute type 30 has an invalid length.
[ 1682.490566][    T9] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[ 1682.817443][T15030] usb 1-1: USB disconnect, device number 19
[ 1682.869851][    T9] usb 7-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96
[ 1682.943970][    T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1683.010547][    T9] usb 7-1: Product: syz
[ 1683.027406][   T30] audit: type=1400 audit(1759395110.765:1793): avc:  denied  { ioctl } for  pid=26642 comm="syz.2.5194" path="socket:[92978]" dev="sockfs" ino=92978 ioctlcmd=0x7452 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 1683.027538][    T9] usb 7-1: Manufacturer: syz
[ 1683.182551][    T9] usb 7-1: SerialNumber: syz
[ 1683.207637][    T9] usb 7-1: config 0 descriptor??
[ 1683.240501][T15030] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[ 1683.463392][   T30] audit: type=1400 audit(1759395111.205:1794): avc:  denied  { bind } for  pid=26629 comm="syz.6.5189" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[ 1683.465706][    T9] peak_usb 7-1:0.0 can0: unable to request usb[type=0 value=1] err=-32
[ 1683.536281][T15030] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1683.562345][T26651] netlink: 16402 bytes leftover after parsing attributes in process `syz.5.5195'.
[ 1683.900951][T15030] usb 1-1: New USB device found, idVendor=05ac, idProduct=0323, bcdDevice= 0.00
[ 1683.910097][    T9] peak_usb 7-1:0.0: unable to read PCAN-USB FD firmware info (err -32)
[ 1683.918464][T15030] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1683.929877][T15030] usb 1-1: config 0 descriptor??
[ 1684.226705][T26654] tmpfs: Bad value for 'mpol'
[ 1684.574873][    T9] peak_usb 7-1:0.0: probe with driver peak_usb failed with error -32
[ 1685.370277][T15030] magicmouse 0003:05AC:0323.0024: item fetching failed at offset 5/7
[ 1685.435848][T15030] magicmouse 0003:05AC:0323.0024: magicmouse hid parse failed
[ 1685.453942][T15030] magicmouse 0003:05AC:0323.0024: probe with driver magicmouse failed with error -22
[ 1685.541420][T26663] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5197'.
[ 1685.558824][T18949] usb 7-1: USB disconnect, device number 11
[ 1685.602790][T26663] netlink: 'syz.5.5197': attribute type 30 has an invalid length.
[ 1685.680016][T26669] No control pipe specified
[ 1686.390784][T18949] usb 1-1: USB disconnect, device number 20
[ 1686.669300][T26692] overlayfs: missing 'workdir'
[ 1686.792871][T26694] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.5207'.
[ 1688.125877][T24232] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[ 1688.160317][T26706] overlayfs: failed to clone upperpath
[ 1688.211163][T26707] netlink: 16402 bytes leftover after parsing attributes in process `syz.0.5205'.
[ 1689.083722][T24232] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1689.102512][T24232] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1689.129018][T24232] usb 7-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[ 1689.447692][T24232] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1689.527450][T24232] usb 7-1: config 0 descriptor??
[ 1690.208192][T26719] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5211'.
[ 1690.217543][T26719] netlink: 'syz.0.5211': attribute type 30 has an invalid length.
[ 1690.836563][T24232] usb 7-1: can't set config #0, error -71
[ 1690.869326][T24232] usb 7-1: USB disconnect, device number 12
[ 1692.226252][T24232] libceph: connect (1)[c::]:6789 error -101
[ 1692.233210][T24232] libceph: mon0 (1)[c::]:6789 connect error
[ 1692.290543][T15030] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[ 1692.358599][T26752] ceph: No mds server is up or the cluster is laggy
[ 1692.451027][T15030] usb 7-1: Using ep0 maxpacket: 16
[ 1692.521185][T15030] usb 7-1: config 0 has an invalid interface number: 8 but max is 0
[ 1692.529409][T15030] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1692.540181][T15030] usb 7-1: config 0 has no interface number 0
[ 1692.546392][T15030] usb 7-1: config 0 interface 8 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1692.570930][T15030] usb 7-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[ 1692.580126][T15030] usb 7-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[ 1692.588430][T15030] usb 7-1: Product: syz
[ 1692.604150][T15030] usb 7-1: SerialNumber: syz
[ 1692.657048][T15030] usb 7-1: config 0 descriptor??
[ 1692.676541][T15030] usbhid 7-1:0.8: couldn't find an input interrupt endpoint
[ 1694.752789][   T30] audit: type=1400 audit(1759395122.495:1795): avc:  denied  { mount } for  pid=26785 comm="syz.2.5232" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[ 1695.054229][T24232] usb 7-1: USB disconnect, device number 13
[ 1695.096442][T26791] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5233'.
[ 1695.105595][T26791] netlink: 'syz.0.5233': attribute type 30 has an invalid length.
[ 1697.911431][T24232] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[ 1698.174644][T24232] usb 7-1: config 2 has an invalid interface number: 174 but max is 0
[ 1698.183269][T24232] usb 7-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[ 1698.197037][T24232] usb 7-1: config 2 has no interface number 0
[ 1698.206156][T24232] usb 7-1: New USB device found, idVendor=0424, idProduct=012c, bcdDevice=22.7e
[ 1698.216467][T24232] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1698.232189][T24232] usb 7-1: Product: syz
[ 1698.238517][T24232] usb 7-1: Manufacturer: syz
[ 1698.248227][T24232] usb 7-1: SerialNumber: syz
[ 1698.517734][T24232] usb 7-1: probing VID:PID(0424:012C)   
[ 1698.529022][T24232] usb 7-1: Could not find two sets of bulk-in/out endpoint pairs
[ 1698.538963][T24232] vub300 7-1:2.174: probe with driver vub300 failed with error -22
[ 1698.549948][T24232] usb 7-1: USB disconnect, device number 14
[ 1698.830988][T26840] fuse: Bad value for 'fd'
[ 1698.895608][T26843] delete_channel: no stack
[ 1698.955764][T26845] delete_channel: no stack
[ 1699.080565][T15030] usb 2-1: new low-speed USB device number 38 using dummy_hcd
[ 1700.534456][T15030] usb 2-1: config 0 has an invalid interface number: 55 but max is 0
[ 1700.576467][T15030] usb 2-1: config 0 has no interface number 0
[ 1700.613339][T15030] usb 2-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1700.626872][T15030] usb 2-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[ 1700.638775][T15030] usb 2-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1700.668323][T15030] usb 2-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 1700.679959][T15030] usb 2-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[ 1700.751966][T15030] usb 2-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1700.785539][T15030] usb 2-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1700.802367][T15030] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1700.851533][T15030] usb 2-1: config 0 descriptor??
[ 1700.857120][T26842] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 1700.878592][T26842] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 1700.918243][T15030] ldusb 2-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1701.123922][T26877] fuse: Bad value for 'fd'
[ 1701.262761][T26881] fuse: Unknown parameter 'fd^�d���C5N����S|��e��R/&�1<}�������?���lTO�%�$+��@
[ 1701.262761][T26881] �M�k�����'
[ 1702.841713][T15030] usb 2-1: USB disconnect, device number 38
[ 1702.923621][T15030] ldusb 2-1:0.55: LD USB Device #0 now disconnected
[ 1702.945115][T26892] delete_channel: no stack
[ 1703.024624][T26906] fuse: Bad value for 'fd'
[ 1703.251462][T26913] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1703.260383][T26913] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1703.730613][T15030] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[ 1704.100552][T15030] usb 2-1: Using ep0 maxpacket: 32
[ 1704.111368][T15030] usb 2-1: config 5 has an invalid interface number: 87 but max is 0
[ 1704.192786][T26921] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5275'.
[ 1704.655378][T15030] usb 2-1: config 5 has no interface number 0
[ 1704.684834][T15030] usb 2-1: config 5 interface 87 altsetting 255 bulk endpoint 0x3 has invalid maxpacket 1023
[ 1704.695691][T15030] usb 2-1: config 5 interface 87 altsetting 255 has a duplicate endpoint with address 0x3, skipping
[ 1704.745454][T15030] usb 2-1: config 5 interface 87 altsetting 255 endpoint 0xE has invalid maxpacket 1024, setting to 64
[ 1705.030349][T15030] usb 2-1: config 5 interface 87 altsetting 255 endpoint 0x4 has invalid maxpacket 25636, setting to 64
[ 1705.100373][T15030] usb 2-1: config 5 interface 87 has no altsetting 0
[ 1705.320750][T15030] usb 2-1: New USB device found, idVendor=1740, idProduct=3701, bcdDevice= b.8e
[ 1705.340687][T15030] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1705.358048][T15030] usb 2-1: Product: ᰊ
[ 1705.363059][T15030] usb 2-1: Manufacturer: ခ
[ 1705.367660][T15030] usb 2-1: SerialNumber: syz
[ 1705.412904][T26901] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 1705.620560][T26655] usb 7-1: new low-speed USB device number 15 using dummy_hcd
[ 1705.782594][T26655] usb 7-1: config 0 has an invalid interface number: 55 but max is 0
[ 1705.793731][T26655] usb 7-1: config 0 has no interface number 0
[ 1705.966656][T26655] usb 7-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1706.758379][T26655] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[ 1706.769093][T26655] usb 7-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1706.802623][T26655] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 1707.307013][T15030] usb 2-1: USB disconnect, device number 39
[ 1707.317098][T26655] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[ 1707.328125][T26655] usb 7-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1707.343646][T26655] usb 7-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1707.352958][T26655] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1707.391742][T26655] usb 7-1: config 0 descriptor??
[ 1707.400879][T26934] raw-gadget.2 gadget.6: fail, usb_ep_enable returned -22
[ 1707.408068][T26934] raw-gadget.2 gadget.6: fail, usb_ep_enable returned -22
[ 1707.452656][T26655] ldusb 7-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1708.497625][   T30] audit: type=1400 audit(1759395136.235:1796): avc:  denied  { unmount } for  pid=26959 comm="syz.0.5285" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[ 1709.304234][T26967] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1709.313489][T26967] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1709.869572][T26655] usb 7-1: USB disconnect, device number 15
[ 1709.886243][T26655] ldusb 7-1:0.55: LD USB Device #0 now disconnected
[ 1710.140673][T26972] netlink: 'syz.1.5288': attribute type 1 has an invalid length.
[ 1712.931772][T15561] Bluetooth: hci5: command 0x0406 tx timeout
[ 1712.937863][T26982] Bluetooth: hci5: Opcode 0x0c1a failed: -110
[ 1713.144900][T26977] delete_channel: no stack
[ 1713.169409][T26982] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1713.194282][T26993] netlink: 'syz.1.5294': attribute type 4 has an invalid length.
[ 1713.222142][T26982] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1713.239013][T26982] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1713.248666][T26982] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1713.530675][  T973] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[ 1713.769818][  T973] usb 2-1: Using ep0 maxpacket: 16
[ 1713.780035][  T973] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1713.792072][  T973] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1713.801150][  T973] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1713.810182][  T973] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1713.823030][  T973] usb 2-1: config 0 descriptor??
[ 1715.041351][T26399] Bluetooth: hci1: command 0x0406 tx timeout
[ 1715.310541][T26399] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1715.317650][T26399] Bluetooth: hci0: command 0x0406 tx timeout
[ 1715.324322][T26399] Bluetooth: hci2: command 0x0405 tx timeout
[ 1716.728051][  T973] usb 2-1: USB disconnect, device number 40
[ 1717.099208][T27034] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1717.108417][T27034] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1717.201121][T24232] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[ 1717.416465][T15561] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1717.462111][T27037] 9pnet_fd: Insufficient options for proto=fd
[ 1717.635815][T24232] usb 7-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96
[ 1717.659613][T24232] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1717.668891][T24232] usb 7-1: Product: syz
[ 1717.675955][T24232] usb 7-1: Manufacturer: syz
[ 1717.681985][T24232] usb 7-1: SerialNumber: syz
[ 1717.763573][T15030] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[ 1717.783228][T24232] usb 7-1: config 0 descriptor??
[ 1717.932482][T15030] usb 2-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[ 1717.945242][T27043] netlink: 'syz.2.5308': attribute type 4 has an invalid length.
[ 1717.955953][T15030] usb 2-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18
[ 1718.014557][T24232] peak_usb 7-1:0.0: PEAK-System PCAN-USB FD v0 fw v0.0.0 (1 channels)
[ 1718.024778][T15030] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1718.071840][T15030] gspca_main: stv0680-2.14.0 probing 041e:4007
[ 1718.192629][   T30] audit: type=1326 audit(1759395145.935:1797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27048 comm="syz.2.5310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c6b8eec9 code=0x7ffc0000
[ 1718.260688][T24232] peak_usb 7-1:0.0 can0: sending command failure: -22
[ 1718.267640][T24232] peak_usb 7-1:0.0 can0: sending command failure: -22
[ 1718.277976][T24232] peak_usb 7-1:0.0 can0: sending command failure: -22
[ 1718.297678][   T30] audit: type=1326 audit(1759395145.935:1798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27048 comm="syz.2.5310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c6b8eec9 code=0x7ffc0000
[ 1718.331905][   T30] audit: type=1326 audit(1759395145.965:1799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27048 comm="syz.2.5310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7fc7c6b8eec9 code=0x7ffc0000
[ 1718.357214][T27052] delete_channel: no stack
[ 1718.362792][T24232] peak_usb 7-1:0.0: probe with driver peak_usb failed with error -22
[ 1718.381474][   T30] audit: type=1326 audit(1759395145.965:1800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27048 comm="syz.2.5310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c6b8eec9 code=0x7ffc0000
[ 1718.458277][   T30] audit: type=1326 audit(1759395145.965:1801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27048 comm="syz.2.5310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc7c6b8eec9 code=0x7ffc0000
[ 1718.481959][   T30] audit: type=1326 audit(1759395145.965:1802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27048 comm="syz.2.5310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c6b8eec9 code=0x7ffc0000
[ 1718.643376][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1718.679925][   T30] audit: type=1326 audit(1759395145.965:1803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27048 comm="syz.2.5310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fc7c6b8eec9 code=0x7ffc0000
[ 1718.708098][   T30] audit: type=1326 audit(1759395145.965:1804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27048 comm="syz.2.5310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c6b8eec9 code=0x7ffc0000
[ 1718.731574][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1719.319505][  T973] usb 7-1: USB disconnect, device number 16
[ 1719.341346][   T30] audit: type=1326 audit(1759395145.965:1805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27048 comm="syz.2.5310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc7c6b8eec9 code=0x7ffc0000
[ 1719.397535][T15030] stv0680 2-1:4.0: STV(e): camera ping failed!!
[ 1719.405182][   T30] audit: type=1326 audit(1759395145.965:1806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=27048 comm="syz.2.5310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7c6b8eec9 code=0x7ffc0000
[ 1719.428632][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1719.610505][T15030] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71
[ 1719.618698][T15030] stv0680 2-1:4.0: last error: 242,  command = 0x24
[ 1719.632246][T15030] usb 2-1: USB disconnect, device number 41
[ 1719.794953][T27068] netlink: 'syz.0.5317': attribute type 4 has an invalid length.
[ 1719.802917][T27068] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5317'.
[ 1720.327963][T27077] netlink: 'syz.1.5321': attribute type 4 has an invalid length.
[ 1720.933840][T27069] delete_channel: no stack
[ 1720.938616][T27071] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1720.945144][T27071] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1720.955761][T27071] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1720.970942][T27071] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1720.977735][T27071] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1721.397844][T27088] delete_channel: no stack
[ 1721.674047][T27104] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5326'.
[ 1721.762820][T27103] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5327'.
[ 1721.811992][T27103] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1722.142122][T24364] Bluetooth: hci5: command 0x0406 tx timeout
[ 1722.157556][T27103] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1722.997219][T15030] usb 7-1: new full-speed USB device number 17 using dummy_hcd
[ 1723.020505][T24364] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1723.026567][T24364] Bluetooth: hci0: command 0x0406 tx timeout
[ 1723.032936][T24364] Bluetooth: hci2: command 0x0405 tx timeout
[ 1723.038932][T24364] Bluetooth: hci1: command 0x0406 tx timeout
[ 1723.155806][T15030] usb 7-1: unable to get BOS descriptor set
[ 1723.166471][T15030] usb 7-1: not running at top speed; connect to a high speed hub
[ 1723.494730][T15030] usb 7-1: config 1 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1723.692876][T15030] usb 7-1: config 1 interface 0 has no altsetting 0
[ 1723.884366][T27142] delete_channel: no stack
[ 1723.899262][T15030] usb 7-1: New USB device found, idVendor=046d, idProduct=c227, bcdDevice= 0.40
[ 1723.908507][T15030] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1723.924728][T15030] usb 7-1: Product: syz
[ 1723.928912][T15030] usb 7-1: Manufacturer: syz
[ 1723.951962][T24232] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[ 1723.961136][T15030] usb 7-1: SerialNumber: syz
[ 1724.096717][T27144] delete_channel: no stack
[ 1724.186654][T24232] usb 1-1: Using ep0 maxpacket: 32
[ 1724.577643][T24232] usb 1-1: config 0 has an invalid interface number: 85 but max is 0
[ 1724.592075][T24232] usb 1-1: config 0 has no interface number 0
[ 1724.598276][T15030] usbhid 7-1:1.0: can't add hid device: -71
[ 1724.605423][T24232] usb 1-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1724.624372][T24232] usb 1-1: config 0 interface 85 has no altsetting 0
[ 1724.633656][T15030] usbhid 7-1:1.0: probe with driver usbhid failed with error -71
[ 1724.679081][T24232] usb 1-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[ 1724.687845][T15030] usb 7-1: USB disconnect, device number 17
[ 1724.701152][T24232] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1724.710217][T24232] usb 1-1: Product: syz
[ 1724.715263][T24232] usb 1-1: Manufacturer: syz
[ 1724.728055][T24232] usb 1-1: SerialNumber: syz
[ 1724.759882][T24232] usb 1-1: config 0 descriptor??
[ 1725.348255][T24232] appletouch 1-1:0.85: Failed to read mode from device.
[ 1725.369094][T24232] appletouch 1-1:0.85: probe with driver appletouch failed with error -5
[ 1725.454608][T27158] netlink: 'syz.6.5341': attribute type 4 has an invalid length.
[ 1725.458290][T24232] usb 1-1: USB disconnect, device number 21
[ 1725.654795][T27164] FAULT_INJECTION: forcing a failure.
[ 1725.654795][T27164] name failslab, interval 1, probability 0, space 0, times 0
[ 1725.667617][T27164] CPU: 0 UID: 0 PID: 27164 Comm: syz.1.5339 Not tainted syzkaller #0 PREEMPT(full) 
[ 1725.667635][T27164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1725.667642][T27164] Call Trace:
[ 1725.667647][T27164]  <TASK>
[ 1725.667652][T27164]  dump_stack_lvl+0x16c/0x1f0
[ 1725.667672][T27164]  should_fail_ex+0x512/0x640
[ 1725.667686][T27164]  ? __kvmalloc_node_noprof+0x124/0x620
[ 1725.667704][T27164]  should_failslab+0xc2/0x120
[ 1725.667716][T27164]  __kvmalloc_node_noprof+0x137/0x620
[ 1725.667737][T27164]  ? io_sqe_buffers_register+0x12c/0x860
[ 1725.667755][T27164]  ? io_sqe_buffers_register+0x12c/0x860
[ 1725.667768][T27164]  io_sqe_buffers_register+0x12c/0x860
[ 1725.667782][T27164]  ? __lock_acquire+0xb97/0x1ce0
[ 1725.667796][T27164]  ? __pfx_io_sqe_buffers_register+0x10/0x10
[ 1725.667813][T27164]  ? __mutex_trylock_common+0xe9/0x250
[ 1725.667825][T27164]  ? __pfx___mutex_trylock_common+0x10/0x10
[ 1725.667839][T27164]  __io_uring_register+0x22e2/0x2440
[ 1725.667852][T27164]  ? trace_contention_end+0xdd/0x130
[ 1725.667864][T27164]  ? __pfx___io_uring_register+0x10/0x10
[ 1725.667880][T27164]  ? __pfx___mutex_lock+0x10/0x10
[ 1725.667899][T27164]  ? __fget_files+0x20e/0x3c0
[ 1725.667920][T27164]  __x64_sys_io_uring_register+0x169/0x280
[ 1725.667935][T27164]  do_syscall_64+0xcd/0x4e0
[ 1725.667952][T27164]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1725.667964][T27164] RIP: 0033:0x7fe22738eec9
[ 1725.667973][T27164] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1725.667984][T27164] RSP: 002b:00007fe22821e038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab
[ 1725.667995][T27164] RAX: ffffffffffffffda RBX: 00007fe2275e6090 RCX: 00007fe22738eec9
[ 1725.668002][T27164] RDX: 0000200000000780 RSI: 0000000000000000 RDI: 0000000000000006
[ 1725.668009][T27164] RBP: 00007fe22821e090 R08: 0000000000000000 R09: 0000000000000000
[ 1725.668015][T27164] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001
[ 1725.668022][T27164] R13: 00007fe2275e6128 R14: 00007fe2275e6090 R15: 00007ffd60665bf8
[ 1725.668036][T27164]  </TASK>
[ 1729.276263][T15030] usb 7-1: new full-speed USB device number 18 using dummy_hcd
[ 1729.483330][T15030] usb 7-1: config 8 has an invalid interface number: 177 but max is 0
[ 1729.495695][T15030] usb 7-1: config 8 has no interface number 0
[ 1729.502401][T15030] usb 7-1: config 8 interface 177 altsetting 9 endpoint 0x8 has invalid maxpacket 1023, setting to 64
[ 1729.519023][T15030] usb 7-1: config 8 interface 177 has no altsetting 0
[ 1729.533460][T15030] usb 7-1: New USB device found, idVendor=04d8, idProduct=fd08, bcdDevice=59.b1
[ 1729.555186][T15030] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1729.567563][T27180] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1729.793132][T27187] delete_channel: no stack
[ 1729.800699][T27190] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1729.806939][T27190] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1729.826812][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1729.954791][T27201] netlink: 256 bytes leftover after parsing attributes in process `syz.6.5346'.
[ 1730.085863][T27190] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1730.142847][T27190] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1730.148864][T27190] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1730.183435][T15030] usb 7-1: string descriptor 0 read error: -71
[ 1730.192502][    C0] ir_toy 7-1:8.177: out urb status: -71
[ 1730.291795][T27206] netlink: 9 bytes leftover after parsing attributes in process `syz.5.5353'.
[ 1730.349782][T27196] syz.0.5351 (27196): drop_caches: 2
[ 1730.577306][T27217] netlink: 'syz.0.5357': attribute type 4 has an invalid length.
[ 1730.780745][T15030] ir_toy 7-1:8.177: could not write reset command: -110
[ 1730.787930][T15030] ir_toy 7-1:8.177: probe with driver ir_toy failed with error -110
[ 1730.899650][T15030] usb 7-1: USB disconnect, device number 18
[ 1730.997263][T27225] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5356'.
[ 1731.006521][T27225] netlink: 'syz.2.5356': attribute type 30 has an invalid length.
[ 1731.330480][T24364] Bluetooth: hci5: command 0x0406 tx timeout
[ 1731.510496][T15030] usb 7-1: new high-speed USB device number 19 using dummy_hcd
[ 1731.710480][T15030] usb 7-1: Using ep0 maxpacket: 16
[ 1731.841978][T27238] tmpfs: Bad value for 'mpol'
[ 1731.892101][T24364] Bluetooth: hci1: command 0x0406 tx timeout
[ 1732.169246][T24364] Bluetooth: hci2: command 0x0405 tx timeout
[ 1732.231417][T15561] Bluetooth: hci0: command 0x0406 tx timeout
[ 1732.237959][T24364] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1732.625184][T15030] usb 7-1: config 28 has an invalid interface number: 40 but max is 0
[ 1732.641279][T15030] usb 7-1: config 28 has no interface number 0
[ 1732.647572][T15030] usb 7-1: config 28 interface 40 has no altsetting 0
[ 1733.150702][  T973] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[ 1733.632822][  T973] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1733.650838][  T973] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1733.668910][  T973] usb 2-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[ 1733.840449][  T973] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1733.857649][  T973] usb 2-1: config 0 descriptor??
[ 1733.869436][  T973] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[ 1735.000436][T27266] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5369'.
[ 1735.292419][T15030] usb 7-1: string descriptor 0 read error: -71
[ 1735.313885][T15030] usb 7-1: New USB device found, idVendor=1608, idProduct=000e, bcdDevice=ed.b1
[ 1735.348687][T15030] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1735.374590][T15030] usb 7-1: rejected 1 configuration due to insufficient available bus power
[ 1735.396784][T15030] usb 7-1: no configuration chosen from 1 choice
[ 1735.416556][T15030] usb 7-1: USB disconnect, device number 19
[ 1735.531051][T27272] netlink: 'syz.6.5371': attribute type 4 has an invalid length.
[ 1735.999259][   T30] kauditd_printk_skb: 7 callbacks suppressed
[ 1735.999274][   T30] audit: type=1400 audit(1759395163.735:1814): avc:  denied  { read write } for  pid=27276 comm="syz.6.5373" name="usbmon7" dev="devtmpfs" ino=736 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[ 1736.032010][   T30] audit: type=1400 audit(1759395163.735:1815): avc:  denied  { open } for  pid=27276 comm="syz.6.5373" path="/dev/usbmon7" dev="devtmpfs" ino=736 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[ 1738.235310][T15030] usb 2-1: USB disconnect, device number 42
[ 1739.460659][T15030] usb 7-1: new high-speed USB device number 20 using dummy_hcd
[ 1740.286414][T15030] usb 7-1: Using ep0 maxpacket: 32
[ 1740.625431][T15030] usb 7-1: config 0 has an invalid interface number: 85 but max is 0
[ 1740.646833][T27321] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5383'.
[ 1740.656388][T15030] usb 7-1: config 0 has no interface number 0
[ 1740.683411][T15030] usb 7-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1740.696810][T15030] usb 7-1: config 0 interface 85 has no altsetting 0
[ 1740.770030][T27321] netlink: 32 bytes leftover after parsing attributes in process `syz.0.5383'.
[ 1740.829164][T27325] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5381'.
[ 1740.841460][T15030] usb 7-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[ 1740.854315][T15030] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1740.863234][T27325] netlink: 'syz.5.5381': attribute type 30 has an invalid length.
[ 1741.209861][T15030] usb 7-1: Product: syz
[ 1741.325917][T15030] usb 7-1: Manufacturer: syz
[ 1741.342022][T15030] usb 7-1: SerialNumber: syz
[ 1741.401033][T15030] usb 7-1: config 0 descriptor??
[ 1741.440532][T15030] usb 7-1: can't set config #0, error -71
[ 1741.500664][T15030] usb 7-1: USB disconnect, device number 20
[ 1742.736355][T27354] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5390'.
[ 1743.061931][T27359] [U] ���1WT`8�����H$�0�����9\
[ 1743.068837][T27359] [U] ;2}U��GV�ĥ��#�O9��ե>-��ߴ�S�ݢ��P
[ 1743.086894][   T30] audit: type=1400 audit(1759395170.805:1816): avc:  denied  { setopt } for  pid=27356 comm="syz.6.5393" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[ 1743.101348][T27359] [U] 4��XZ^Y����)������M�C��.�O�Ȟ�P�O��W
[ 1743.106679][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1743.174178][T27359] [U] �ä%�Z
[ 1743.177508][T27359] [U] �8`�}�[T��J#Z�~��3µݥI~�D�%8@7J���|{9D��C���E+�O�K?%�6
[ 1743.202678][T27358] [U] ��P>BЍ̖�Z%
[ 1743.279143][   T30] audit: type=1400 audit(1759395170.915:1817): avc:  denied  { write } for  pid=27358 comm="syz.1.5392" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[ 1743.834406][T27376] fuse: Bad value for 'fd'
[ 1744.313775][T27367] delete_channel: no stack
[ 1744.318773][T27371] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1744.336263][T27371] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1744.344879][T27371] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1744.352064][T27371] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1744.358202][T27371] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1744.445024][T27394] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[ 1744.458296][   T30] audit: type=1400 audit(1759395172.195:1818): avc:  denied  { relabelto } for  pid=27393 comm="syz.0.5401" name="421" dev="tmpfs" ino=2265 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[ 1744.599403][   T30] audit: type=1400 audit(1759395172.195:1819): avc:  denied  { associate } for  pid=27393 comm="syz.0.5401" name="421" dev="tmpfs" ino=2265 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:fsadm_exec_t:s0"
[ 1745.570731][   T30] audit: type=1400 audit(1759395173.305:1820): avc:  denied  { remove_name } for  pid=18724 comm="syz-executor" name="binderfs" dev="tmpfs" ino=2269 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[ 1745.617388][   T30] audit: type=1400 audit(1759395173.305:1821): avc:  denied  { rmdir } for  pid=18724 comm="syz-executor" name="421" dev="tmpfs" ino=2265 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[ 1745.900743][T24364] Bluetooth: hci5: command 0x0406 tx timeout
[ 1746.090281][T27415] netdevsim netdevsim5 ������: renamed from netdevsim0 (while UP)
[ 1746.370730][T24364] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1746.370750][T15561] Bluetooth: hci0: command 0x0406 tx timeout
[ 1746.380945][T26399] Bluetooth: hci2: command 0x0405 tx timeout
[ 1746.382765][T19509] Bluetooth: hci1: command 0x0406 tx timeout
[ 1746.485486][T27425] bridge0: port 3(team0) entered blocking state
[ 1746.492198][T27425] bridge0: port 3(team0) entered disabled state
[ 1746.499345][T27425] team0: entered allmulticast mode
[ 1746.504587][T27425] team_slave_0: entered allmulticast mode
[ 1746.510347][T27425] team_slave_1: entered allmulticast mode
[ 1746.516138][T27425] geneve1: entered allmulticast mode
[ 1746.531234][T27425] team0: entered promiscuous mode
[ 1746.536348][T27425] team_slave_0: entered promiscuous mode
[ 1746.543199][T27425] team_slave_1: entered promiscuous mode
[ 1746.550317][T27425] geneve1: entered promiscuous mode
[ 1746.803170][  T973] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[ 1746.970783][  T973] usb 2-1: Using ep0 maxpacket: 16
[ 1746.981961][  T973] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1746.994902][  T973] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1747.015137][  T973] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1747.035801][  T973] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1747.136177][  T973] usb 2-1: config 0 descriptor??
[ 1747.311454][T27433] overlayfs: failed to clone upperpath
[ 1747.395782][T27437] 9pnet: p9_errstr2errno: server reported unknown error ��n
[ 1749.074827][T27466] netlink: 16402 bytes leftover after parsing attributes in process `syz.5.5422'.
[ 1750.006804][T27471] overlayfs: failed to clone upperpath
[ 1750.398408][  T973] usb 2-1: USB disconnect, device number 43
[ 1751.564014][T27477] RDS: rds_bind could not find a transport for ::ffff:10.1.1.1, load rds_tcp or rds_rdma?
[ 1751.592693][   T30] audit: type=1400 audit(1759395179.325:1822): avc:  denied  { getopt } for  pid=27476 comm="syz.1.5426" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[ 1751.878192][T27491] fuse: Invalid rootmode
[ 1754.064867][T27517] netlink: 9 bytes leftover after parsing attributes in process `syz.5.5435'.
[ 1754.677161][T27519] delete_channel: no stack
[ 1755.320577][T15030] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[ 1755.519615][T15030] usb 1-1: Using ep0 maxpacket: 32
[ 1755.620624][    T9] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[ 1755.628278][T15030] usb 1-1: config 0 has an invalid interface number: 85 but max is 0
[ 1755.674996][T15030] usb 1-1: config 0 has no interface number 0
[ 1755.681544][T15030] usb 1-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1755.694273][T15030] usb 1-1: config 0 interface 85 has no altsetting 0
[ 1755.719260][T15030] usb 1-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[ 1755.814706][T15030] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1755.823045][    T9] usb 2-1: Using ep0 maxpacket: 16
[ 1755.834582][T15030] usb 1-1: Product: syz
[ 1755.839087][T15030] usb 1-1: Manufacturer: syz
[ 1755.844381][T15030] usb 1-1: SerialNumber: syz
[ 1755.844482][    T9] usb 2-1: config 0 has an invalid interface number: 8 but max is 0
[ 1755.858423][    T9] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1756.306996][T15030] usb 1-1: config 0 descriptor??
[ 1756.313823][    T9] usb 2-1: config 0 has no interface number 0
[ 1756.320098][T15030] usb 1-1: can't set config #0, error -71
[ 1756.325975][    T9] usb 2-1: config 0 interface 8 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1756.342028][T15030] usb 1-1: USB disconnect, device number 22
[ 1756.352278][    T9] usb 2-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[ 1756.376769][    T9] usb 2-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[ 1756.400628][    T9] usb 2-1: Product: syz
[ 1756.404924][    T9] usb 2-1: SerialNumber: syz
[ 1756.418741][    T9] usb 2-1: config 0 descriptor??
[ 1756.435214][    T9] usbhid 2-1:0.8: couldn't find an input interrupt endpoint
[ 1756.644582][T24232] usb 2-1: USB disconnect, device number 44
[ 1756.960928][  T973] usb 7-1: new high-speed USB device number 21 using dummy_hcd
[ 1757.120857][  T973] usb 7-1: Using ep0 maxpacket: 16
[ 1757.165339][  T973] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1757.206484][  T973] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1757.238436][  T973] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1757.250534][  T973] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1757.544867][  T973] usb 7-1: config 0 descriptor??
[ 1757.757814][T27545] delete_channel: no stack
[ 1757.768370][T27547] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1757.786220][T27547] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1757.794410][T27547] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1758.263914][T27547] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1758.284168][T27547] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1759.765324][T27565] delete_channel: no stack
[ 1759.885531][T19509] Bluetooth: hci2: command 0x0405 tx timeout
[ 1759.885628][T15561] Bluetooth: hci1: command 0x0406 tx timeout
[ 1759.911321][T27570] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1759.917334][T27570] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1760.369228][T27570] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1760.390102][T15561] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1760.397938][T19509] Bluetooth: hci0: command 0x0406 tx timeout
[ 1760.410320][T27570] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1760.478559][T27570] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1760.658009][T15030] usb 7-1: USB disconnect, device number 21
[ 1761.196623][T15561] Bluetooth: hci5: command 0x0406 tx timeout
[ 1761.475480][   T30] audit: type=1800 audit(1759395189.205:1823): pid=27597 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.0.5460" name="SYSV00000000" dev="hugetlbfs" ino=7 res=0 errno=0
[ 1761.514881][T27599] netlink: 9 bytes leftover after parsing attributes in process `syz.5.5461'.
[ 1761.670316][T27604] netlink: 9 bytes leftover after parsing attributes in process `syz.0.5463'.
[ 1761.921093][T27608] netlink: 16402 bytes leftover after parsing attributes in process `syz.5.5464'.
[ 1761.970535][T15561] Bluetooth: hci1: command 0x0406 tx timeout
[ 1762.450714][T15561] Bluetooth: hci2: command 0x0405 tx timeout
[ 1762.453927][   T30] audit: type=1400 audit(1759395190.185:1824): avc:  denied  { listen } for  pid=27611 comm="syz.0.5465" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1762.477373][T15561] Bluetooth: hci0: command 0x0406 tx timeout
[ 1762.568227][T15561] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1762.810558][   T30] audit: type=1400 audit(1759395190.505:1825): avc:  denied  { accept } for  pid=27611 comm="syz.0.5465" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 1762.910613][T15030] usb 7-1: new high-speed USB device number 22 using dummy_hcd
[ 1762.923338][T27622] delete_channel: no stack
[ 1763.180121][T15030] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1763.207812][T15030] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1763.275594][T15030] usb 7-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[ 1763.308695][T15030] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1763.362825][T15030] usb 7-1: config 0 descriptor??
[ 1763.442200][T27642] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5469'.
[ 1763.474436][T15030] usbhid 7-1:0.0: couldn't find an input interrupt endpoint
[ 1763.789338][T27647] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5470'.
[ 1763.806665][T27647] netlink: 'syz.2.5470': attribute type 30 has an invalid length.
[ 1764.662676][T27636] ALSA: mixer_oss: invalid OSS volume ''
[ 1765.030470][  T973] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[ 1765.180797][  T973] usb 1-1: Using ep0 maxpacket: 16
[ 1765.195025][  T973] usb 1-1: config 0 has an invalid interface number: 107 but max is 0
[ 1765.361090][  T973] usb 1-1: config 0 has no interface number 0
[ 1765.509371][T27674] netlink: 9 bytes leftover after parsing attributes in process `syz.2.5476'.
[ 1765.534782][  T973] usb 1-1: config 0 interface 107 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7
[ 1765.587726][  T973] usb 1-1: config 0 interface 107 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[ 1765.636053][  T973] usb 1-1: New USB device found, idVendor=06cd, idProduct=0131, bcdDevice=16.60
[ 1765.645398][  T973] usb 1-1: New USB device strings: Mfr=175, Product=2, SerialNumber=3
[ 1765.657410][   T30] audit: type=1400 audit(1759395193.395:1826): avc:  denied  { ioctl } for  pid=27679 comm="syz.5.5477" path="socket:[97352]" dev="sockfs" ino=97352 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 1765.711747][T27681] delete_channel: no stack
[ 1765.730828][  T973] usb 1-1: Product: syz
[ 1765.735070][  T973] usb 1-1: Manufacturer: syz
[ 1765.780998][  T973] usb 1-1: SerialNumber: syz
[ 1765.810884][  T973] usb 1-1: config 0 descriptor??
[ 1765.833812][T15030] usb 7-1: USB disconnect, device number 22
[ 1765.845786][  T973] keyspan 1-1:0.107: Keyspan 4 port adapter converter detected
[ 1765.863315][T27689] fuse: Bad value for 'fd'
[ 1765.868170][  T973] keyspan 1-1:0.107: found no endpoint descriptor for endpoint 81
[ 1765.887852][  T973] keyspan 1-1:0.107: found no endpoint descriptor for endpoint 1
[ 1765.916464][  T973] usb 1-1: Keyspan 4 port adapter converter now attached to ttyUSB0
[ 1765.941912][  T973] keyspan 1-1:0.107: found no endpoint descriptor for endpoint 2
[ 1766.038323][  T973] usb 1-1: Keyspan 4 port adapter converter now attached to ttyUSB1
[ 1766.048113][T27663] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1766.528942][T27663] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1766.539262][  T973] keyspan 1-1:0.107: found no endpoint descriptor for endpoint 4
[ 1766.550630][  T973] usb 1-1: Keyspan 4 port adapter converter now attached to ttyUSB2
[ 1766.686936][  T973] keyspan 1-1:0.107: found no endpoint descriptor for endpoint 6
[ 1767.177700][T27703] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5479'.
[ 1767.186841][T27703] netlink: 'syz.2.5479': attribute type 30 has an invalid length.
[ 1767.329395][  T973] usb 1-1: Keyspan 4 port adapter converter now attached to ttyUSB3
[ 1768.227397][  T973] usb 1-1: USB disconnect, device number 23
[ 1769.158915][T27706] delete_channel: no stack
[ 1769.171081][T27709] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1769.190200][T27709] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1769.267783][  T973] keyspan_4 ttyUSB0: Keyspan 4 port adapter converter now disconnected from ttyUSB0
[ 1769.982513][T15561] Bluetooth: hci5: command 0x0406 tx timeout
[ 1769.986424][T27709] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1770.011830][T27709] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1770.296081][T27709] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1770.318688][  T973] keyspan_4 ttyUSB1: Keyspan 4 port adapter converter now disconnected from ttyUSB1
[ 1770.359776][  T973] keyspan_4 ttyUSB2: Keyspan 4 port adapter converter now disconnected from ttyUSB2
[ 1770.768401][T27725] delete_channel: no stack
[ 1770.779768][  T973] keyspan_4 ttyUSB3: Keyspan 4 port adapter converter now disconnected from ttyUSB3
[ 1770.867786][  T973] keyspan 1-1:0.107: device disconnected
[ 1771.250687][T19509] Bluetooth: hci1: command 0x0406 tx timeout
[ 1771.876186][T27735] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5492'.
[ 1772.157858][T19509] Bluetooth: hci0: command 0x0406 tx timeout
[ 1772.164023][T15561] Bluetooth: hci2: command 0x0405 tx timeout
[ 1772.192101][   T30] audit: type=1400 audit(1759395199.925:1827): avc:  denied  { accept } for  pid=27739 comm="syz.0.5491" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[ 1772.394859][T15561] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1772.646371][T27733] ALSA: mixer_oss: invalid OSS volume ''
[ 1773.550429][T27755] netlink: 'syz.0.5495': attribute type 4 has an invalid length.
[ 1773.558189][T27755] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5495'.
[ 1774.942531][T27768] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[ 1775.793329][T27790] netlink: 9 bytes leftover after parsing attributes in process `syz.1.5503'.
[ 1776.340498][T24232] usb 7-1: new high-speed USB device number 23 using dummy_hcd
[ 1776.900488][T24232] usb 7-1: Using ep0 maxpacket: 16
[ 1776.909367][T24232] usb 7-1: config 0 has an invalid interface number: 9 but max is 1
[ 1776.942773][T24232] usb 7-1: config 0 has an invalid interface number: 9 but max is 1
[ 1777.011893][T24232] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 1777.021589][T24232] usb 7-1: config 0 has no interface number 0
[ 1777.027696][T24232] usb 7-1: config 0 interface 9 has no altsetting 0
[ 1777.036656][T24232] usb 7-1: config 0 interface 9 has no altsetting 1
[ 1777.046543][T24232] usb 7-1: New USB device found, idVendor=1199, idProduct=6891, bcdDevice=89.a0
[ 1777.095463][T24232] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1777.120476][T24232] usb 7-1: Product: syz
[ 1777.124682][T24232] usb 7-1: Manufacturer: syz
[ 1777.129279][T24232] usb 7-1: SerialNumber: syz
[ 1777.248060][T24232] usb 7-1: config 0 descriptor??
[ 1778.397463][   T30] audit: type=1400 audit(1759395206.135:1828): avc:  denied  { ioctl } for  pid=27810 comm="syz.1.5509" path="/dev/usbmon7" dev="devtmpfs" ino=736 ioctlcmd=0x9207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[ 1779.232973][T27822] bridge0: entered promiscuous mode
[ 1779.238539][T27822] macvlan2: entered promiscuous mode
[ 1779.270276][T27823] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5508'.
[ 1779.436526][T24232] usb 7-1: selecting invalid altsetting 1
[ 1779.444361][T24232] sierra 7-1:0.9: Sierra USB modem converter detected
[ 1779.523020][T24232] usb 7-1: Sierra USB modem converter now attached to ttyUSB0
[ 1779.576772][T24232] usb 7-1: USB disconnect, device number 23
[ 1779.585630][T24232] sierra ttyUSB0: Sierra USB modem converter now disconnected from ttyUSB0
[ 1779.598596][T24232] sierra 7-1:0.9: device disconnected
[ 1779.918716][T27842] FAULT_INJECTION: forcing a failure.
[ 1779.918716][T27842] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1779.933332][T27842] CPU: 1 UID: 0 PID: 27842 Comm: syz.0.5517 Not tainted syzkaller #0 PREEMPT(full) 
[ 1779.933358][T27842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1779.933369][T27842] Call Trace:
[ 1779.933375][T27842]  <TASK>
[ 1779.933382][T27842]  dump_stack_lvl+0x16c/0x1f0
[ 1779.933411][T27842]  should_fail_ex+0x512/0x640
[ 1779.933436][T27842]  _copy_from_user+0x2e/0xd0
[ 1779.933460][T27842]  restore_altstack+0x93/0x170
[ 1779.933478][T27842]  ? __pfx_restore_altstack+0x10/0x10
[ 1779.933496][T27842]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1779.933517][T27842]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1779.933538][T27842]  ? _raw_spin_unlock_irq+0x2e/0x50
[ 1779.933556][T27842]  ? set_current_blocked+0xdd/0x120
[ 1779.933577][T27842]  __do_sys_rt_sigreturn+0x13c/0x230
[ 1779.933603][T27842]  ? __pfx___do_sys_rt_sigreturn+0x10/0x10
[ 1779.933635][T27842]  do_syscall_64+0xcd/0x4e0
[ 1779.933660][T27842]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1779.933678][T27842] RIP: 0033:0x7f8b65f2af79
[ 1779.933692][T27842] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[ 1779.933708][T27842] RSP: 002b:00007f8b66e2c340 EFLAGS: 00000206 ORIG_RAX: 000000000000000f
[ 1779.933725][T27842] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00007f8b65f2af79
[ 1779.933737][T27842] RDX: 00007f8b66e2c340 RSI: 00007f8b66e2c470 RDI: 0000000000000021
[ 1779.933748][T27842] RBP: 00007f8b66e2d090 R08: 0000000000000000 R09: 00007f8b66e2cdf7
[ 1779.933759][T27842] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000003
[ 1779.933769][T27842] R13: 00007f8b661e6038 R14: 00007f8b661e5fa0 R15: 00007ffc32bbfd98
[ 1779.933793][T27842]  </TASK>
[ 1780.535667][T27834] delete_channel: no stack
[ 1780.558450][T27835] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1780.564523][T27835] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1780.570728][T27835] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1780.576676][T27835] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1780.684641][T27854] netlink: 92 bytes leftover after parsing attributes in process `syz.1.5523'.
[ 1780.719517][T27854] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5523'.
[ 1781.008737][T27867] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5525'.
[ 1781.018151][T27867] netlink: 'syz.5.5525': attribute type 30 has an invalid length.
[ 1781.291374][    T9] usb 7-1: new high-speed USB device number 24 using dummy_hcd
[ 1781.650837][T24364] Bluetooth: hci5: command 0x0406 tx timeout
[ 1782.025819][    T9] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1782.036823][    T9] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1782.079491][    T9] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1782.109384][    T9] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1782.317799][   T30] audit: type=1400 audit(1759395209.935:1829): avc:  denied  { write } for  pid=27875 comm="syz.2.5527" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1
[ 1782.338791][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1782.475127][T27881] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.5528'.
[ 1782.610529][T24364] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1782.616755][T24364] Bluetooth: hci2: command 0x0405 tx timeout
[ 1782.624313][T24364] Bluetooth: hci1: command 0x0406 tx timeout
[ 1782.804046][    T9] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1782.822421][    T9] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1782.842636][    T9] usb 7-1: Manufacturer: syz
[ 1782.866331][    T9] usb 7-1: config 0 descriptor??
[ 1783.287604][T27896] delete_channel: no stack
[ 1783.516157][    T9] hid_parser_main: 246 callbacks suppressed
[ 1783.516171][    T9] appleir 0003:05AC:8243.0025: unknown main item tag 0x0
[ 1783.614327][T27904] overlayfs: failed to clone upperpath
[ 1783.975007][    T9] appleir 0003:05AC:8243.0025: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.6-1/input0
[ 1784.966024][T27936] netlink: 16402 bytes leftover after parsing attributes in process `syz.5.5541'.
[ 1785.720692][T26655] usb 7-1: reset high-speed USB device number 24 using dummy_hcd
[ 1785.762122][T27939] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5540'.
[ 1785.771197][T27939] netlink: 'syz.2.5540': attribute type 30 has an invalid length.
[ 1786.742801][    T9] usb 7-1: USB disconnect, device number 24
[ 1787.021014][T27954] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5542'.
[ 1787.709158][T27947] delete_channel: no stack
[ 1787.717507][T27948] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1787.723624][T27948] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1787.729624][T27948] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1787.735620][T27948] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1787.824187][T27964] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.5547'.
[ 1789.238352][T15561] Bluetooth: hci5: command 0x0406 tx timeout
[ 1789.703695][T27982] dlm: no locking on control device
[ 1789.829398][T15561] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1789.829410][T19509] Bluetooth: hci1: command 0x0406 tx timeout
[ 1789.829456][T24364] Bluetooth: hci2: command 0x0405 tx timeout
[ 1789.848736][T27980] delete_channel: no stack
[ 1789.890484][  T973] usb 1-1: new low-speed USB device number 24 using dummy_hcd
[ 1790.043142][  T973] usb 1-1: config 0 has an invalid interface number: 55 but max is 0
[ 1790.054006][  T973] usb 1-1: config 0 has no interface number 0
[ 1790.060888][  T973] usb 1-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1790.073993][  T973] usb 1-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[ 1790.085932][  T973] usb 1-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1790.099991][  T973] usb 1-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 1790.114634][  T973] usb 1-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[ 1790.128820][  T973] usb 1-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1790.156026][  T973] usb 1-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1790.166931][  T973] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1790.218818][  T973] usb 1-1: config 0 descriptor??
[ 1790.250596][T27977] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[ 1790.263187][T27977] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[ 1790.286230][  T973] ldusb 1-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1791.254005][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1792.537270][T28010] netlink: 'syz.2.5561': attribute type 21 has an invalid length.
[ 1792.546518][T28010] netlink: 132 bytes leftover after parsing attributes in process `syz.2.5561'.
[ 1792.676160][  T973] usb 1-1: USB disconnect, device number 24
[ 1792.782034][T28010] netlink: 100 bytes leftover after parsing attributes in process `syz.2.5561'.
[ 1792.786418][  T973] ldusb 1-1:0.55: LD USB Device #0 now disconnected
[ 1793.377570][T28011] delete_channel: no stack
[ 1793.386725][T28013] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1793.395602][T28013] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1793.411508][T28013] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1793.429282][T28013] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1793.528482][T28032] netlink: 9 bytes leftover after parsing attributes in process `syz.2.5565'.
[ 1793.763729][T28036] netlink: 9 bytes leftover after parsing attributes in process `syz.1.5567'.
[ 1795.010899][T24364] Bluetooth: hci5: command 0x0406 tx timeout
[ 1795.032560][  T973] usb 3-1: USB disconnect, device number 100
[ 1795.124071][T15561] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1795.136603][T15561] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1795.144889][T15561] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1795.152384][T15561] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1795.159996][T15561] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1795.419910][T15561] Bluetooth: hci1: command 0x0406 tx timeout
[ 1795.490498][T24364] Bluetooth: hci2: command 0x0405 tx timeout
[ 1795.496880][T15561] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1795.618602][  T973] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[ 1795.799253][  T973] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1795.820457][  T973] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1795.847704][T28074] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5576'.
[ 1795.860502][  T973] usb 1-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[ 1795.869570][  T973] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1795.896117][  T973] usb 1-1: config 0 descriptor??
[ 1795.903420][  T973] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[ 1795.936547][   T30] audit: type=1400 audit(1759395223.675:1830): avc:  denied  { map } for  pid=28072 comm="syz.1.5576" path="/dev/usbmon0" dev="devtmpfs" ino=715 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[ 1795.960278][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1796.030573][T15030] usb 7-1: new high-speed USB device number 25 using dummy_hcd
[ 1796.226437][T28082] netlink: 212376 bytes leftover after parsing attributes in process `syz.5.5577'.
[ 1796.623942][T28065] chnl_net:caif_netlink_parms(): no params data found
[ 1796.805951][T15030] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1796.828864][T15030] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[ 1796.903951][T15030] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1796.944979][T15030] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[ 1797.007135][T15030] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[ 1797.132269][T15030] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1797.155189][T15030] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1797.227681][T15030] usb 7-1: Product: syz
[ 1797.251113][T15561] Bluetooth: hci3: command tx timeout
[ 1797.258046][T15030] usb 7-1: Manufacturer: syz
[ 1797.299534][T15030] cdc_wdm 7-1:1.0: skipping garbage
[ 1797.312426][T15030] cdc_wdm 7-1:1.0: skipping garbage
[ 1797.358856][T15030] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[ 1797.383018][T15030] cdc_wdm 7-1:1.0: Unknown control protocol
[ 1797.695028][T24393] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1797.784308][T24393] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1797.822337][T24393] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 48846 - 0
[ 1797.863093][   T30] audit: type=1400 audit(1759395225.605:1831): avc:  denied  { read write } for  pid=28058 comm="syz.6.5573" name="cdc-wdm0" dev="devtmpfs" ino=5055 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:modem_device_t tclass=chr_file permissive=1
[ 1797.919190][   T30] audit: type=1400 audit(1759395225.625:1832): avc:  denied  { open } for  pid=28058 comm="syz.6.5573" path="/dev/cdc-wdm0" dev="devtmpfs" ino=5055 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:modem_device_t tclass=chr_file permissive=1
[ 1797.943105][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1798.030557][   T30] audit: type=1400 audit(1759395225.755:1833): avc:  denied  { associate } for  pid=28099 comm="syz.6.5573" name="core" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[ 1798.108056][T24393] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1798.131646][T24393] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1798.320653][T24393] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 48846 - 0
[ 1798.335779][T28065] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1798.346754][T24232] usb 1-1: USB disconnect, device number 25
[ 1798.386278][T28065] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1798.412247][T28065] bridge_slave_0: entered allmulticast mode
[ 1798.419440][T28065] bridge_slave_0: entered promiscuous mode
[ 1798.500541][  T973] usb 2-1: new full-speed USB device number 45 using dummy_hcd
[ 1798.515868][T24393] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1798.539062][T24393] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1798.562022][T24393] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 48846 - 0
[ 1798.629544][T28065] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1798.642050][T28065] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1798.651990][T28065] bridge_slave_1: entered allmulticast mode
[ 1798.663690][T28065] bridge_slave_1: entered promiscuous mode
[ 1798.670778][  T973] usb 2-1: unable to read config index 0 descriptor/start: -61
[ 1798.684017][  T973] usb 2-1: can't read configurations, error -61
[ 1798.709769][T28102] delete_channel: no stack
[ 1798.730015][T24393] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1798.774411][T24393] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1798.855028][  T973] usb 2-1: new full-speed USB device number 46 using dummy_hcd
[ 1798.865313][T24393] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 48846 - 0
[ 1798.991735][T28065] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1799.013660][T28065] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1799.034035][  T973] usb 2-1: unable to read config index 0 descriptor/start: -61
[ 1799.052213][  T973] usb 2-1: can't read configurations, error -61
[ 1799.092721][  T973] usb usb2-port1: attempt power cycle
[ 1799.250180][T28065] team0: Port device team_slave_0 added
[ 1799.260020][T28065] team0: Port device team_slave_1 added
[ 1799.330635][T15561] Bluetooth: hci3: command tx timeout
[ 1799.430534][T26655] usb 7-1: USB disconnect, device number 25
[ 1799.490472][  T973] usb 2-1: new full-speed USB device number 47 using dummy_hcd
[ 1799.537806][T28065] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1799.656627][  T973] usb 2-1: unable to read config index 0 descriptor/start: -61
[ 1799.667555][T28065] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1799.707758][  T973] usb 2-1: can't read configurations, error -61
[ 1799.710626][T28065] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1799.755281][T28065] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1799.762578][T28065] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1799.809071][T28065] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1799.930597][  T973] usb 2-1: new full-speed USB device number 48 using dummy_hcd
[ 1800.078318][  T973] usb 2-1: unable to read config index 0 descriptor/start: -61
[ 1800.608504][T24393] veth1_to_bridge: left allmulticast mode
[ 1800.617711][T24393] veth1_to_bridge: left promiscuous mode
[ 1800.627236][T24393] bridge0: port 1(veth1_to_bridge) entered disabled state
[ 1800.663653][  T973] usb 2-1: can't read configurations, error -61
[ 1800.714074][  T973] usb usb2-port1: unable to enumerate USB device
[ 1801.633650][T15561] Bluetooth: hci3: command tx timeout
[ 1802.598007][T24393] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1802.608405][T24393] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1802.618469][T24393] bond0 (unregistering): Released all slaves
[ 1802.634029][T28065] hsr_slave_0: entered promiscuous mode
[ 1802.640160][T28065] hsr_slave_1: entered promiscuous mode
[ 1802.646472][T28065] debugfs: 'hsr0' already exists in 'hsr'
[ 1802.652814][T28065] Cannot create hsr debugfs directory
[ 1802.667223][T28161] netlink: 9 bytes leftover after parsing attributes in process `syz.1.5597'.
[ 1802.684950][T24232] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[ 1802.888808][T24232] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[ 1802.910983][T24232] usb 1-1: config 0 has no interface number 0
[ 1802.917244][T24232] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1802.933302][T24232] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1802.947632][T24232] usb 1-1: config 0 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1802.962720][T24232] usb 1-1: New USB device found, idVendor=28bd, idProduct=0042, bcdDevice= 0.00
[ 1802.973767][T24232] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1803.004832][T24232] usb 1-1: config 0 descriptor??
[ 1803.090610][  T973] usb 7-1: new full-speed USB device number 26 using dummy_hcd
[ 1803.251509][  T973] usb 7-1: not running at top speed; connect to a high speed hub
[ 1803.276129][  T973] usb 7-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 1803.302339][  T973] usb 7-1: config 1 has no interface number 1
[ 1803.317022][  T973] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1803.359103][  T973] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1803.385875][  T973] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1803.410025][  T973] usb 7-1: Product: syz
[ 1803.423864][  T973] usb 7-1: Manufacturer: syz
[ 1803.429743][  T973] usb 7-1: SerialNumber: syz
[ 1803.463488][T24393] hsr_slave_0: left promiscuous mode
[ 1803.475119][T24393] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1803.494157][T24393] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1803.526696][T24393] veth1_macvtap: left promiscuous mode
[ 1803.534081][T24393] veth0_macvtap: left promiscuous mode
[ 1803.540179][T24393] veth1_vlan: left promiscuous mode
[ 1803.636368][T24393] pim6reg (unregistering): left allmulticast mode
[ 1803.650546][T15561] Bluetooth: hci3: command tx timeout
[ 1803.670718][  T973] usb 7-1: 2:1: invalid format type 0x1002 is detected, processed as PCM
[ 1803.684332][  T973] usb 7-1: failed to enable PITCH for EP 0x82
[ 1803.721927][  T973] usb 7-1: USB disconnect, device number 26
[ 1803.821486][T28186] udevd[28186]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1803.841601][T24232] input: HID 28bd:0042 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.1/0003:28BD:0042.0026/input/input125
[ 1804.013365][T24232] uclogic 0003:28BD:0042.0026: input,hidraw0: USB HID v0.00 Keypad [HID 28bd:0042] on usb-dummy_hcd.0-1/input1
[ 1804.254393][T28196] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1804.280290][T28196] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1804.480636][T24232] usb 2-1: new high-speed USB device number 49 using dummy_hcd
[ 1804.590956][T24393] team0 (unregistering): Port device team_slave_1 removed
[ 1804.648678][T24393] team0 (unregistering): Port device team_slave_0 removed
[ 1804.661839][T24232] usb 2-1: config 0 has an invalid interface number: 156 but max is 0
[ 1804.680407][T24232] usb 2-1: config 0 has no interface number 0
[ 1804.690078][T24232] usb 2-1: config 0 interface 156 altsetting 0 endpoint 0x1 has invalid maxpacket 1023, setting to 64
[ 1804.718441][T24232] usb 2-1: New USB device found, idVendor=1435, idProduct=0826, bcdDevice=bc.33
[ 1804.730094][T24232] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1804.739422][T24232] usb 2-1: Product: syz
[ 1804.746197][T24232] usb 2-1: Manufacturer: syz
[ 1804.750883][T24232] usb 2-1: SerialNumber: syz
[ 1804.761678][T24232] usb 2-1: config 0 descriptor??
[ 1804.774969][T24232] usb 2-1: Could not find all expected endpoints
[ 1804.821196][T28201] ptrace attach of "./syz-executor exec"[25079] was attempted by "./syz-executor exec"[28201]
[ 1804.985095][T24232] usb 2-1: USB disconnect, device number 49
[ 1805.047901][T28204] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5603'.
[ 1805.057032][T28204] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5603'.
[ 1805.903686][    T9] usb 1-1: USB disconnect, device number 26
[ 1806.247016][   T30] audit: type=1400 audit(1759395233.985:1834): avc:  denied  { create } for  pid=28214 comm="syz.0.5607" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[ 1807.428284][T28208] netlink: 16402 bytes leftover after parsing attributes in process `syz.5.5604'.
[ 1808.090866][T15030] usb 7-1: new high-speed USB device number 27 using dummy_hcd
[ 1808.389245][T15030] usb 7-1: config 0 has an invalid interface number: 63 but max is 0
[ 1808.434062][T15030] usb 7-1: config 0 has no interface number 0
[ 1808.442591][T15030] usb 7-1: config 0 interface 63 has no altsetting 0
[ 1808.979020][T15030] usb 7-1: New USB device found, idVendor=04dd, idProduct=8001, bcdDevice=c0.12
[ 1809.145134][T15030] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1809.276511][T15030] usb 7-1: config 0 descriptor??
[ 1809.299324][T15030] safe_serial 7-1:0.63: safe_serial converter detected
[ 1809.309826][T15030] safe_serial 7-1:0.63: probe with driver safe_serial failed with error -22
[ 1809.346606][T28241] delete_channel: no stack
[ 1809.454866][T28243] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1809.460054][T24393] IPVS: stop unused estimator thread 0...
[ 1809.462130][   T30] audit: type=1400 audit(1759395237.195:1835): avc:  denied  { ioctl } for  pid=28259 comm="syz.5.5616" path="socket:[99193]" dev="sockfs" ino=99193 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1809.495556][T28243] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1809.504823][T28243] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1809.514713][T28262] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5616'.
[ 1809.525115][T28243] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1809.534165][T28243] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1809.566456][T28243] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1809.575854][T28262] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5616'.
[ 1809.607099][T28254] delete_channel: no stack
[ 1809.667550][  T973] usb 7-1: USB disconnect, device number 27
[ 1810.014343][T28065] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1810.043465][T28065] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1810.075234][T28065] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1810.106968][T28065] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1810.217899][T28065] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1810.244630][T28065] 8021q: adding VLAN 0 to HW filter on device team0
[ 1810.262941][T24390] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1810.270119][T24390] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1810.290392][T24390] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1810.297533][T24390] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1810.532117][T28267] delete_channel: no stack
[ 1810.536924][T28269] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1810.546424][T28269] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1810.558725][T28269] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1810.586248][T28269] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1810.589815][T28065] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1810.838665][T28065] veth0_vlan: entered promiscuous mode
[ 1810.854531][T28065] veth1_vlan: entered promiscuous mode
[ 1810.908589][T28065] veth0_macvtap: entered promiscuous mode
[ 1810.973461][T28065] veth1_macvtap: entered promiscuous mode
[ 1811.054119][T28065] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1811.087672][T28065] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1811.137364][T24390] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1811.195588][T28325] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5621'.
[ 1811.215042][T28325] netlink: 'syz.5.5621': attribute type 30 has an invalid length.
[ 1811.263360][T24390] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1811.285390][T24390] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1811.368294][T24390] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1811.661097][T24390] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1811.668939][T24390] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1811.809818][T24388] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1811.957659][T24388] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1812.050838][T15561] Bluetooth: hci1: command 0x0406 tx timeout
[ 1812.650486][T15561] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1812.660565][T24364] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1812.660605][T24364] Bluetooth: hci2: command 0x0405 tx timeout
[ 1813.621313][  T976] usb 3-1: new high-speed USB device number 101 using dummy_hcd
[ 1814.037841][  T976] usb 3-1: Using ep0 maxpacket: 32
[ 1814.087461][  T976] usb 3-1: config 5 has an invalid interface number: 87 but max is 0
[ 1814.098294][  T976] usb 3-1: config 5 has no interface number 0
[ 1814.104815][  T976] usb 3-1: config 5 interface 87 altsetting 255 bulk endpoint 0x3 has invalid maxpacket 1023
[ 1814.163628][  T976] usb 3-1: config 5 interface 87 altsetting 255 has a duplicate endpoint with address 0x3, skipping
[ 1814.178948][  T976] usb 3-1: config 5 interface 87 altsetting 255 endpoint 0xE has invalid maxpacket 1024, setting to 64
[ 1814.423515][  T976] usb 3-1: config 5 interface 87 altsetting 255 endpoint 0x4 has invalid maxpacket 25636, setting to 64
[ 1814.931348][  T976] usb 3-1: config 5 interface 87 has no altsetting 0
[ 1814.947938][T19509] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1814.983487][  T976] usb 3-1: New USB device found, idVendor=1740, idProduct=3701, bcdDevice= b.8e
[ 1815.031258][  T976] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1815.054708][  T976] usb 3-1: Product: ᰊ
[ 1815.069594][  T976] usb 3-1: Manufacturer: ခ
[ 1815.082537][  T976] usb 3-1: SerialNumber: syz
[ 1815.120813][T28347] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1815.258541][T28364] comedi comedi3: pcl812: I/O port conflict (0x4f27,16)
[ 1817.306509][T19509] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1817.737015][  T976] usb 3-1: USB disconnect, device number 101
[ 1817.920429][  T973] usb 7-1: new high-speed USB device number 28 using dummy_hcd
[ 1818.762885][  T973] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1818.773274][  T973] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1818.786822][  T973] usb 7-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[ 1818.796591][  T973] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1818.852602][  T973] usb 7-1: config 0 descriptor??
[ 1818.868530][  T973] usbhid 7-1:0.0: couldn't find an input interrupt endpoint
[ 1819.493506][T26655] usb 7-1: USB disconnect, device number 28
[ 1821.025441][   T30] audit: type=1400 audit(1759395248.035:1836): avc:  denied  { create } for  pid=28404 comm="syz.1.5643" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_nflog_socket permissive=1
[ 1822.313585][T28415] 9pnet_fd: Insufficient options for proto=fd
[ 1822.529710][T28429] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[ 1822.541379][T28429] cramfs: wrong magic
[ 1822.545884][   T30] audit: type=1400 audit(1759395250.265:1837): avc:  denied  { append } for  pid=28418 comm="syz.2.5646" name="nullb0" dev="devtmpfs" ino=695 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[ 1823.047983][T28434] CIFS mount error: No usable UNC path provided in device string!
[ 1823.047983][T28434] 
[ 1823.058109][T28434] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1823.070275][T28434] binder: 28431:28434 ioctl c0046209 9999999999999999 returned -22
[ 1823.247777][  T976] usb 2-1: new full-speed USB device number 50 using dummy_hcd
[ 1824.125726][  T976] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1824.257794][  T976] usb 2-1: New USB device found, idVendor=057e, idProduct=200e, bcdDevice= 0.00
[ 1824.277323][  T976] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1824.350866][  T976] usb 2-1: config 0 descriptor??
[ 1824.669351][   T30] audit: type=1400 audit(1759395252.405:1838): avc:  denied  { unmount } for  pid=28065 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[ 1824.872106][  T976] hid (null): bogus close delimiter
[ 1824.934435][  T976] nintendo 0003:057E:200E.0027: bogus close delimiter
[ 1825.060487][  T973] usb 3-1: new high-speed USB device number 102 using dummy_hcd
[ 1825.175652][  T976] nintendo 0003:057E:200E.0027: item 0 0 2 10 parsing failed
[ 1825.203992][  T976] nintendo 0003:057E:200E.0027: HID parse failed
[ 1825.211900][  T973] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1825.221004][  T973] usb 3-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[ 1825.244773][  T973] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1825.252252][  T976] nintendo 0003:057E:200E.0027: probe - fail = -22
[ 1825.267787][  T976] nintendo 0003:057E:200E.0027: probe with driver nintendo failed with error -22
[ 1825.267838][  T973] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[ 1825.293208][  T973] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[ 1825.308742][  T973] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1825.309910][  T976] usb 2-1: USB disconnect, device number 50
[ 1825.320095][  T973] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1825.367929][  T973] usb 3-1: Product: syz
[ 1825.374043][  T973] usb 3-1: Manufacturer: syz
[ 1825.388003][  T973] cdc_wdm 3-1:1.0: skipping garbage
[ 1825.410553][T15030] usb 7-1: new high-speed USB device number 29 using dummy_hcd
[ 1825.423006][  T973] cdc_wdm 3-1:1.0: skipping garbage
[ 1825.434843][  T973] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[ 1825.444084][  T973] cdc_wdm 3-1:1.0: Unknown control protocol
[ 1825.500428][T24232] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[ 1825.562982][T15030] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1825.573565][T15030] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1825.609551][T15030] usb 7-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[ 1825.618741][T15030] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1825.645737][T15030] usb 7-1: config 0 descriptor??
[ 1825.651461][T24232] usb 1-1: Using ep0 maxpacket: 32
[ 1825.658186][T24232] usb 1-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[ 1825.667703][T24232] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1825.683947][T24232] usb 1-1: config 0 descriptor??
[ 1825.688810][T15030] usbhid 7-1:0.0: couldn't find an input interrupt endpoint
[ 1825.702961][T24232] gspca_main: nw80x-2.14.0 probing 055f:d001
[ 1825.877575][T15030] usb 3-1: USB disconnect, device number 102
[ 1825.896179][   T24] usb 7-1: USB disconnect, device number 29
[ 1825.980795][  T973] usb 2-1: new high-speed USB device number 51 using dummy_hcd
[ 1826.140436][  T973] usb 2-1: Using ep0 maxpacket: 16
[ 1826.146983][  T973] usb 2-1: config 0 has an invalid interface number: 8 but max is 0
[ 1826.155167][  T973] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1826.165336][  T973] usb 2-1: config 0 has no interface number 0
[ 1826.171612][  T973] usb 2-1: config 0 interface 8 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1826.187186][  T973] usb 2-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[ 1826.196398][  T973] usb 2-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[ 1826.204524][  T973] usb 2-1: Product: syz
[ 1826.208772][  T973] usb 2-1: SerialNumber: syz
[ 1826.216685][  T973] usb 2-1: config 0 descriptor??
[ 1826.225199][  T973] usbhid 2-1:0.8: couldn't find an input interrupt endpoint
[ 1826.448067][T15030] usb 2-1: USB disconnect, device number 51
[ 1826.543227][T28452] comedi comedi3: aio_aio12_8: I/O port conflict (0x4f27,32)
[ 1826.709440][T24232] gspca_nw80x: reg_r err -71
[ 1826.717353][T24232] nw80x 1-1:0.0: probe with driver nw80x failed with error -71
[ 1826.816703][T24232] usb 1-1: USB disconnect, device number 27
[ 1827.021835][T28464] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5657'.
[ 1827.030837][T28464] netlink: 'syz.2.5657': attribute type 30 has an invalid length.
[ 1827.086861][T24393] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1827.130128][T24393] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1827.140215][T24393] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1827.152109][T24393] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1827.979463][   T30] audit: type=1326 audit(1759395255.715:1839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28466 comm="syz.6.5659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6fe338eec9 code=0x7fc00000
[ 1829.245400][T28496] overlayfs: failed to clone upperpath
[ 1829.594342][T28480] delete_channel: no stack
[ 1829.622086][T28485] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1829.640584][T28485] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1829.652342][T28485] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1829.677230][T28485] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1830.040487][   T30] audit: type=1400 audit(1759395257.775:1840): avc:  denied  { write } for  pid=28500 comm="syz.1.5668" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[ 1830.450623][T19509] Bluetooth: hci1: command 0x0406 tx timeout
[ 1830.669089][T28512] delete_channel: no stack
[ 1831.120409][T26655] usb 3-1: new high-speed USB device number 103 using dummy_hcd
[ 1831.223317][T28529] netlink: 9 bytes leftover after parsing attributes in process `syz.6.5675'.
[ 1831.291784][T26655] usb 3-1: Using ep0 maxpacket: 16
[ 1831.298638][T26655] usb 3-1: config 0 has an invalid interface number: 9 but max is 1
[ 1831.306827][T26655] usb 3-1: config 0 has an invalid interface number: 9 but max is 1
[ 1831.319137][T26655] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 1831.330172][T26655] usb 3-1: config 0 has no interface number 0
[ 1831.455288][T26655] usb 3-1: config 0 interface 9 has no altsetting 0
[ 1831.575863][T24232] usb 2-1: new high-speed USB device number 52 using dummy_hcd
[ 1831.674907][T19509] Bluetooth: hci2: command 0x0405 tx timeout
[ 1831.725193][T26655] usb 3-1: config 0 interface 9 has no altsetting 1
[ 1831.740940][T19509] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1831.748039][T15561] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1831.757587][T26655] usb 3-1: New USB device found, idVendor=1199, idProduct=6891, bcdDevice=89.a0
[ 1831.767844][T26655] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1831.860384][T24232] usb 2-1: Using ep0 maxpacket: 32
[ 1831.866913][T24232] usb 2-1: config 0 has an invalid interface number: 85 but max is 0
[ 1831.900480][T26655] usb 3-1: Product: syz
[ 1831.914836][T26655] usb 3-1: Manufacturer: syz
[ 1831.919483][T26655] usb 3-1: SerialNumber: syz
[ 1831.932280][T24232] usb 2-1: config 0 has no interface number 0
[ 1831.938578][T24232] usb 2-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1831.949197][T26655] usb 3-1: config 0 descriptor??
[ 1831.975317][T24232] usb 2-1: config 0 interface 85 has no altsetting 0
[ 1832.000199][T24232] usb 2-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[ 1832.013165][T24232] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1832.022906][T24232] usb 2-1: Product: syz
[ 1832.387863][T24232] usb 2-1: Manufacturer: syz
[ 1832.392291][T26655] usb 3-1: selecting invalid altsetting 1
[ 1832.417124][T26655] sierra 3-1:0.9: Sierra USB modem converter detected
[ 1832.474472][T24232] usb 2-1: SerialNumber: syz
[ 1832.556966][T24232] usb 2-1: config 0 descriptor??
[ 1832.588970][T26655] usb 3-1: Sierra USB modem converter now attached to ttyUSB0
[ 1832.636848][T28547] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1832.662840][T26655] usb 3-1: USB disconnect, device number 103
[ 1832.694337][T28547] batadv_slave_0: entered promiscuous mode
[ 1832.694423][T26655] sierra ttyUSB0: Sierra USB modem converter now disconnected from ttyUSB0
[ 1832.711473][T26655] sierra 3-1:0.9: device disconnected
[ 1832.809466][T24232] appletouch 2-1:0.85: Failed to read mode from device.
[ 1832.849096][T24232] appletouch 2-1:0.85: probe with driver appletouch failed with error -5
[ 1833.983168][T28556] delete_channel: no stack
[ 1833.991681][T28558] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1834.006375][T28558] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1834.018722][T28558] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1834.029171][T28558] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1834.306525][T18949] usb 7-1: new full-speed USB device number 30 using dummy_hcd
[ 1834.450051][T28572] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5685'.
[ 1834.576262][T18949] usb 7-1: New USB device found, idVendor=07c9, idProduct=0012, bcdDevice=c2.f4
[ 1834.589326][T24232] usb 2-1: USB disconnect, device number 52
[ 1834.616874][T18949] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1834.657848][T18949] usb 7-1: Product: syz
[ 1834.662412][T18949] usb 7-1: Manufacturer: syz
[ 1834.667426][T18949] usb 7-1: SerialNumber: syz
[ 1834.678468][T18949] usb 7-1: config 0 descriptor??
[ 1834.945616][T28583] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5688'.
[ 1834.959650][T28583] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5688'.
[ 1835.188503][T28590] netlink: 16 bytes leftover after parsing attributes in process `syz.6.5686'.
[ 1835.702700][T19509] Bluetooth: hci1: command 0x0406 tx timeout
[ 1835.746153][   T30] audit: type=1400 audit(1759395263.485:1841): avc:  denied  { write } for  pid=28564 comm="syz.6.5686" name="mouse0" dev="devtmpfs" ino=988 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[ 1836.060940][T15561] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1836.073056][T15561] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1836.079362][T19509] Bluetooth: hci2: command 0x0405 tx timeout
[ 1836.379718][   T30] audit: type=1400 audit(1759395264.105:1842): avc:  denied  { mounton } for  pid=28606 comm="syz.5.5695" path="/403/file0" dev="tmpfs" ino=2199 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1
[ 1837.166077][   T30] audit: type=1326 audit(1759395264.745:1843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28616 comm="syz.2.5697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5d898eec9 code=0x7ffc0000
[ 1837.250580][   T30] audit: type=1326 audit(1759395264.745:1844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28616 comm="syz.2.5697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7ff5d898eec9 code=0x7ffc0000
[ 1837.275147][   T30] audit: type=1326 audit(1759395264.745:1845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28616 comm="syz.2.5697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5d898eec9 code=0x7ffc0000
[ 1837.771381][   T30] audit: type=1326 audit(1759395264.745:1846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28616 comm="syz.2.5697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7ff5d898eec9 code=0x7ffc0000
[ 1837.841012][T28628] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5699'.
[ 1838.044182][   T30] audit: type=1326 audit(1759395264.755:1847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28616 comm="syz.2.5697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5d898eec9 code=0x7ffc0000
[ 1838.093661][   T30] audit: type=1326 audit(1759395264.755:1848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28616 comm="syz.2.5697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7ff5d898eec9 code=0x7ffc0000
[ 1838.210633][T18949] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[ 1838.284507][T28635] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5701'.
[ 1838.330799][   T30] audit: type=1326 audit(1759395264.755:1849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28616 comm="syz.2.5697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5d898eec9 code=0x7ffc0000
[ 1838.385716][T28635] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5701'.
[ 1838.411463][T18949] usb 1-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96
[ 1838.414399][   T30] audit: type=1326 audit(1759395264.755:1850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=28616 comm="syz.2.5697" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff5d898eec9 code=0x7ffc0000
[ 1838.600731][T18949] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1838.639930][T18949] usb 1-1: Product: syz
[ 1838.650514][T15030] usb 2-1: new high-speed USB device number 53 using dummy_hcd
[ 1838.673656][T18949] usb 1-1: Manufacturer: syz
[ 1838.680520][T18949] usb 1-1: SerialNumber: syz
[ 1838.689541][T26655] usb 7-1: USB disconnect, device number 30
[ 1838.796510][T18949] usb 1-1: config 0 descriptor??
[ 1838.800499][T15030] usb 2-1: Using ep0 maxpacket: 32
[ 1838.834284][T15030] usb 2-1: config 5 has an invalid interface number: 87 but max is 0
[ 1838.844197][T15030] usb 2-1: config 5 has no interface number 0
[ 1839.269047][T15030] usb 2-1: config 5 interface 87 altsetting 255 bulk endpoint 0x3 has invalid maxpacket 1023
[ 1839.282446][T15030] usb 2-1: config 5 interface 87 altsetting 255 has a duplicate endpoint with address 0x3, skipping
[ 1839.325548][T28638] delete_channel: no stack
[ 1839.336445][T18949] peak_usb 1-1:0.0: PEAK-System PCAN-USB FD v0 fw v0.0.0 (1 channels)
[ 1839.346724][T28640] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1839.357496][T15030] usb 2-1: config 5 interface 87 altsetting 255 endpoint 0xE has invalid maxpacket 1024, setting to 64
[ 1839.373184][T28640] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1839.387038][T28640] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1839.393810][T15030] usb 2-1: config 5 interface 87 altsetting 255 endpoint 0x4 has invalid maxpacket 25636, setting to 64
[ 1839.405186][T15030] usb 2-1: config 5 interface 87 has no altsetting 0
[ 1839.414947][T28640] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1839.450937][T15030] usb 2-1: New USB device found, idVendor=1740, idProduct=3701, bcdDevice= b.8e
[ 1839.462512][T15030] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1839.480526][T15030] usb 2-1: Product: ᰊ
[ 1839.484841][T15030] usb 2-1: Manufacturer: ခ
[ 1839.490488][T15030] usb 2-1: SerialNumber: syz
[ 1839.602135][T28637] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[ 1839.615672][T18949] peak_usb 1-1:0.0 can0: sending command failure: -22
[ 1839.627067][T18949] peak_usb 1-1:0.0 can0: sending command failure: -22
[ 1839.647198][T18949] peak_usb 1-1:0.0 can0: sending command failure: -22
[ 1839.731643][T18949] peak_usb 1-1:0.0: probe with driver peak_usb failed with error -22
[ 1839.806783][T18949] usb 1-1: USB disconnect, device number 28
[ 1840.650579][T19509] Bluetooth: hci1: command 0x0406 tx timeout
[ 1840.993093][T28675] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5712'.
[ 1841.349842][T28678] netlink: 16402 bytes leftover after parsing attributes in process `syz.5.5713'.
[ 1841.430400][T28679] netlink: 'syz.6.5711': attribute type 5 has an invalid length.
[ 1841.466969][T19509] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1841.473607][T19509] Bluetooth: hci2: command 0x0405 tx timeout
[ 1841.507112][T19509] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1841.862377][T15030] usb 2-1: USB disconnect, device number 53
[ 1842.594519][   T30] kauditd_printk_skb: 35 callbacks suppressed
[ 1842.594548][   T30] audit: type=1400 audit(1759395269.955:1886): avc:  denied  { create } for  pid=28684 comm="syz.1.5715" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[ 1842.780669][T14254] usb 1-1: new full-speed USB device number 29 using dummy_hcd
[ 1843.001999][T14254] usb 1-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 65535, setting to 64
[ 1843.017717][T14254] usb 1-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7
[ 1843.097203][T14254] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1843.116949][T28683] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1843.370514][T24232] usb 7-1: new high-speed USB device number 31 using dummy_hcd
[ 1843.648895][T24232] usb 7-1: config 0 has an invalid interface number: 63 but max is 0
[ 1843.659033][T24232] usb 7-1: config 0 has no interface number 0
[ 1843.665745][T24232] usb 7-1: config 0 interface 63 has no altsetting 0
[ 1843.672704][T24232] usb 7-1: New USB device found, idVendor=04dd, idProduct=8001, bcdDevice=c0.12
[ 1843.683300][T24232] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1844.381298][T24232] usb 7-1: config 0 descriptor??
[ 1844.397912][T24232] safe_serial 7-1:0.63: safe_serial converter detected
[ 1844.439874][T24232] safe_serial 7-1:0.63: probe with driver safe_serial failed with error -22
[ 1844.743607][T28714] tmpfs: Bad value for 'mpol'
[ 1845.018421][T28704] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1845.040597][T28704] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1845.065225][T18949] hid-generic 0000:2000:0000.0028: unknown main item tag 0x0
[ 1845.777272][T18949] hid-generic 0000:2000:0000.0028: unknown main item tag 0x0
[ 1845.786731][T18949] hid-generic 0000:2000:0000.0028: unknown main item tag 0x0
[ 1845.841936][T14254] usb 1-1: string descriptor 0 read error: -71
[ 1845.879597][T18949] hid-generic 0000:2000:0000.0028: unknown main item tag 0x0
[ 1845.903603][T14254] usb 1-1: USB disconnect, device number 29
[ 1845.941150][T18949] hid-generic 0000:2000:0000.0028: unknown main item tag 0x0
[ 1845.952652][T18949] hid-generic 0000:2000:0000.0028: unknown main item tag 0x0
[ 1845.962015][T27831] udevd[27831]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:32.0/sound/card3/controlC3/../uevent} for writing: No such device
[ 1845.991398][T18949] hid-generic 0000:2000:0000.0028: unknown main item tag 0x0
[ 1846.019666][T18949] hid-generic 0000:2000:0000.0028: unknown main item tag 0x0
[ 1846.036079][T18949] hid-generic 0000:2000:0000.0028: unknown main item tag 0x0
[ 1846.047657][T18949] hid-generic 0000:2000:0000.0028: unknown main item tag 0x0
[ 1846.080764][T18949] hid-generic 0000:2000:0000.0028: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1846.115423][T15030] usb 7-1: USB disconnect, device number 31
[ 1846.178121][T28727] fido_id[28727]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1846.280411][T14254] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[ 1846.463414][T14254] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 1846.475339][T14254] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1846.499399][T28734] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5727'.
[ 1846.508423][T28734] netlink: 'syz.1.5727': attribute type 30 has an invalid length.
[ 1846.584636][T14254] usb 1-1: config 0 descriptor??
[ 1846.944056][T14254] udl 1-1:0.0: [drm] Unrecognized vendor firmware descriptor
[ 1847.227722][T14254] [drm] Initialized udl 0.0.1 for 1-1:0.0 on minor 2
[ 1847.268279][T14254] [drm] Initialized udl on minor 2
[ 1847.364809][T15030] usb 7-1: new high-speed USB device number 32 using dummy_hcd
[ 1847.376192][T14254] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed
[ 1847.396698][T14254] udl 1-1:0.0: [drm] Cannot find any crtc or sizes
[ 1847.522138][T15030] usb 7-1: Using ep0 maxpacket: 32
[ 1847.534377][T15030] usb 7-1: config 5 has an invalid interface number: 87 but max is 0
[ 1847.542846][T15030] usb 7-1: config 5 has no interface number 0
[ 1847.559157][T15030] usb 7-1: config 5 interface 87 altsetting 255 bulk endpoint 0x3 has invalid maxpacket 1023
[ 1847.592310][T26655] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1847.592529][   T24] usb 1-1: USB disconnect, device number 30
[ 1847.621873][T26655] udl 1-1:0.0: [drm] Cannot find any crtc or sizes
[ 1847.631416][T15030] usb 7-1: config 5 interface 87 altsetting 255 has a duplicate endpoint with address 0x3, skipping
[ 1847.662419][T15030] usb 7-1: config 5 interface 87 altsetting 255 endpoint 0xE has invalid maxpacket 1024, setting to 64
[ 1847.675961][T15030] usb 7-1: config 5 interface 87 altsetting 255 endpoint 0x4 has invalid maxpacket 25636, setting to 64
[ 1847.688330][T15030] usb 7-1: config 5 interface 87 has no altsetting 0
[ 1847.698385][T15030] usb 7-1: New USB device found, idVendor=1740, idProduct=3701, bcdDevice= b.8e
[ 1847.710133][T15030] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1847.728939][T15030] usb 7-1: Product: ᰊ
[ 1847.739970][T15030] usb 7-1: Manufacturer: ခ
[ 1847.754895][T15030] usb 7-1: SerialNumber: syz
[ 1847.885434][T28743] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1849.711071][T14254] usb 3-1: new high-speed USB device number 104 using dummy_hcd
[ 1850.830408][T14254] usb 3-1: Using ep0 maxpacket: 16
[ 1850.927511][T14254] usb 3-1: config 2 has an invalid interface number: 185 but max is 0
[ 1850.940077][T15030] usb 7-1: USB disconnect, device number 32
[ 1850.954566][T14254] usb 3-1: config 2 has no interface number 0
[ 1850.986461][T14254] usb 3-1: New USB device found, idVendor=05ac, idProduct=120a, bcdDevice=60.45
[ 1851.088055][T14254] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1851.096357][T14254] usb 3-1: Product: syz
[ 1851.101284][T14254] usb 3-1: Manufacturer: syz
[ 1851.105888][T14254] usb 3-1: SerialNumber: syz
[ 1851.118730][T14254] usb-storage 3-1:2.185: USB Mass Storage device detected
[ 1851.132083][   T24] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[ 1851.134251][T14254] usb-storage 3-1:2.185: Quirks match for vid 05ac pid 120a: 10
[ 1851.492009][   T24] usb 1-1: Using ep0 maxpacket: 16
[ 1851.643988][   T24] usb 1-1: config 0 has an invalid interface number: 8 but max is 0
[ 1851.656946][   T24] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1851.677218][   T24] usb 1-1: config 0 has no interface number 0
[ 1851.687704][   T24] usb 1-1: config 0 interface 8 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1851.696401][T14254] apple-mfi-fastcharge 3-1: USB disconnect, device number 104
[ 1851.733276][   T24] usb 1-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[ 1851.753892][   T24] usb 1-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[ 1851.783096][   T24] usb 1-1: Product: syz
[ 1851.794627][   T24] usb 1-1: SerialNumber: syz
[ 1851.816776][   T24] usb 1-1: config 0 descriptor??
[ 1852.053987][   T24] usbhid 1-1:0.8: couldn't find an input interrupt endpoint
[ 1852.582122][   T24] usb 1-1: USB disconnect, device number 31
[ 1852.705225][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1853.050405][T14254] usb 3-1: new high-speed USB device number 105 using dummy_hcd
[ 1853.154429][   T30] audit: type=1400 audit(1759395280.895:1887): avc:  denied  { bind } for  pid=28791 comm="syz.0.5744" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1853.186279][   T30] audit: type=1400 audit(1759395280.895:1888): avc:  denied  { name_bind } for  pid=28791 comm="syz.0.5744" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1
[ 1853.207804][   T30] audit: type=1400 audit(1759395280.915:1889): avc:  denied  { node_bind } for  pid=28791 comm="syz.0.5744" saddr=2001::2 src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[ 1853.233043][T14254] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1853.251273][T14254] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1853.313257][T14254] usb 3-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[ 1853.334243][T14254] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1853.503082][T14254] usb 3-1: config 0 descriptor??
[ 1854.094580][T14254] usbhid 3-1:0.0: can't add hid device: -71
[ 1854.100657][T14254] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1854.139044][T14254] usb 3-1: USB disconnect, device number 105
[ 1854.429436][T28811] comedi comedi3: pcmmio: I/O port conflict (0x4f27,32)
[ 1854.472977][   T30] audit: type=1400 audit(1759395282.185:1890): avc:  denied  { write } for  pid=28804 comm="syz.0.5748" path="socket:[101848]" dev="sockfs" ino=101848 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[ 1855.072951][T28821] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1855.495138][T28816] delete_channel: no stack
[ 1855.500091][T28818] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1855.528501][T28818] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1855.536020][T28818] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1855.548560][T28818] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1855.820828][T24232] usb 3-1: new high-speed USB device number 106 using dummy_hcd
[ 1856.460470][T24232] usb 3-1: Using ep0 maxpacket: 16
[ 1856.474864][T24232] usb 3-1: config 0 has an invalid interface number: 8 but max is 0
[ 1856.521000][T24232] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1856.551226][T24232] usb 3-1: config 0 has no interface number 0
[ 1856.559747][T24232] usb 3-1: config 0 interface 8 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1856.580473][T15030] usb 7-1: new high-speed USB device number 33 using dummy_hcd
[ 1856.582438][T24232] usb 3-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[ 1856.598003][T24232] usb 3-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[ 1856.606435][T24232] usb 3-1: Product: syz
[ 1856.611235][T24232] usb 3-1: SerialNumber: syz
[ 1856.643896][T24232] usb 3-1: config 0 descriptor??
[ 1856.655690][T24232] usbhid 3-1:0.8: couldn't find an input interrupt endpoint
[ 1856.865383][T15030] usb 7-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96
[ 1856.867840][T24232] usb 3-1: USB disconnect, device number 106
[ 1856.895042][T15030] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1856.904626][T15030] usb 7-1: Product: syz
[ 1856.909123][T15030] usb 7-1: Manufacturer: syz
[ 1856.933317][T15030] usb 7-1: SerialNumber: syz
[ 1857.039128][T15030] usb 7-1: config 0 descriptor??
[ 1857.100431][T15561] Bluetooth: hci1: command 0x0406 tx timeout
[ 1857.149612][T28850] overlayfs: failed to clone upperpath
[ 1857.562281][T15030] peak_usb 7-1:0.0: PEAK-System PCAN-USB FD v0 fw v0.0.0 (1 channels)
[ 1857.570672][T15561] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1857.570715][T15561] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1857.570743][T15561] Bluetooth: hci2: command 0x0405 tx timeout
[ 1857.821662][T15030] peak_usb 7-1:0.0 can0: sending command failure: -22
[ 1857.828592][T15030] peak_usb 7-1:0.0 can0: sending command failure: -22
[ 1857.835713][T15030] peak_usb 7-1:0.0 can0: sending command failure: -22
[ 1858.094542][T15030] peak_usb 7-1:0.0: probe with driver peak_usb failed with error -22
[ 1858.120204][T15030] usb 7-1: USB disconnect, device number 33
[ 1859.080444][T24232] usb 2-1: new high-speed USB device number 54 using dummy_hcd
[ 1860.224466][T24232] usb 2-1: config 0 has an invalid interface number: 63 but max is 0
[ 1860.273541][T24232] usb 2-1: config 0 has no interface number 0
[ 1860.301756][T24232] usb 2-1: config 0 interface 63 has no altsetting 0
[ 1860.319611][T24232] usb 2-1: New USB device found, idVendor=04dd, idProduct=8001, bcdDevice=c0.12
[ 1860.359939][T24232] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1860.409563][T24232] usb 2-1: config 0 descriptor??
[ 1860.423978][   T30] audit: type=1400 audit(1759395288.165:1891): avc:  denied  { shutdown } for  pid=28881 comm="syz.6.5773" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[ 1860.472013][T24232] safe_serial 2-1:0.63: safe_serial converter detected
[ 1860.479072][T24232] safe_serial 2-1:0.63: probe with driver safe_serial failed with error -22
[ 1860.607236][T28889] netlink: 76 bytes leftover after parsing attributes in process `syz.2.5771'.
[ 1860.693035][T28870] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1860.704681][T28870] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1860.731872][T15030] hid_parser_main: 246 callbacks suppressed
[ 1860.731893][T15030] hid-generic 0000:2000:0000.0029: unknown main item tag 0x0
[ 1860.847182][T18949] usb 7-1: new high-speed USB device number 34 using dummy_hcd
[ 1861.175963][T15030] hid-generic 0000:2000:0000.0029: unknown main item tag 0x0
[ 1861.185123][T15030] hid-generic 0000:2000:0000.0029: unknown main item tag 0x0
[ 1861.199763][T15030] hid-generic 0000:2000:0000.0029: unknown main item tag 0x0
[ 1861.222222][T15030] hid-generic 0000:2000:0000.0029: unknown main item tag 0x0
[ 1861.229626][T15030] hid-generic 0000:2000:0000.0029: unknown main item tag 0x0
[ 1861.237673][T15030] hid-generic 0000:2000:0000.0029: unknown main item tag 0x0
[ 1861.245215][T15030] hid-generic 0000:2000:0000.0029: unknown main item tag 0x0
[ 1861.252687][T15030] hid-generic 0000:2000:0000.0029: unknown main item tag 0x0
[ 1861.260065][T15030] hid-generic 0000:2000:0000.0029: unknown main item tag 0x0
[ 1861.260513][T18949] usb 7-1: Using ep0 maxpacket: 16
[ 1861.279378][T15030] hid-generic 0000:2000:0000.0029: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1861.305777][T18949] usb 7-1: config 0 has an invalid interface number: 8 but max is 0
[ 1861.319783][T15030] usb 2-1: USB disconnect, device number 54
[ 1861.327184][T18949] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1861.353082][T18949] usb 7-1: config 0 has no interface number 0
[ 1861.365797][T18949] usb 7-1: config 0 interface 8 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1861.369637][T28893] fido_id[28893]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1861.468179][T18949] usb 7-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[ 1861.487701][T18949] usb 7-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[ 1861.496096][T18949] usb 7-1: Product: syz
[ 1861.500254][T18949] usb 7-1: SerialNumber: syz
[ 1861.507836][T18949] usb 7-1: config 0 descriptor??
[ 1861.526537][T18949] usbhid 7-1:0.8: couldn't find an input interrupt endpoint
[ 1861.599060][T28902] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5777'.
[ 1861.855323][T28904] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5778'.
[ 1861.871640][T15030] usb 7-1: USB disconnect, device number 34
[ 1861.879420][T28904] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5778'.
[ 1862.204142][T28915] FAULT_INJECTION: forcing a failure.
[ 1862.204142][T28915] name failslab, interval 1, probability 0, space 0, times 0
[ 1862.230274][T28915] CPU: 1 UID: 0 PID: 28915 Comm: syz.1.5783 Not tainted syzkaller #0 PREEMPT(full) 
[ 1862.230304][T28915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1862.230314][T28915] Call Trace:
[ 1862.230320][T28915]  <TASK>
[ 1862.230326][T28915]  dump_stack_lvl+0x16c/0x1f0
[ 1862.230354][T28915]  should_fail_ex+0x512/0x640
[ 1862.230375][T28915]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 1862.230403][T28915]  should_failslab+0xc2/0x120
[ 1862.230422][T28915]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1862.230447][T28915]  ? security_file_alloc+0x34/0x2b0
[ 1862.230474][T28915]  security_file_alloc+0x34/0x2b0
[ 1862.230497][T28915]  init_file+0x93/0x4c0
[ 1862.230530][T28915]  alloc_empty_file+0x73/0x1e0
[ 1862.230553][T28915]  dentry_open+0x46/0xd0
[ 1862.230574][T28915]  open_namespace+0x100/0x190
[ 1862.230591][T28915]  ? __pfx_open_namespace+0x10/0x10
[ 1862.230610][T28915]  ? do_raw_spin_unlock+0x172/0x230
[ 1862.230636][T28915]  pidfd_ioctl+0xbe8/0x2740
[ 1862.230664][T28915]  ? __pfx_pidfd_ioctl+0x10/0x10
[ 1862.230689][T28915]  ? hook_file_ioctl_common+0x145/0x410
[ 1862.230722][T28915]  ? selinux_file_ioctl+0x180/0x270
[ 1862.230744][T28915]  ? selinux_file_ioctl+0xb4/0x270
[ 1862.230765][T28915]  ? __pfx_pidfd_ioctl+0x10/0x10
[ 1862.230791][T28915]  __x64_sys_ioctl+0x18b/0x210
[ 1862.230816][T28915]  do_syscall_64+0xcd/0x4e0
[ 1862.230841][T28915]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1862.230859][T28915] RIP: 0033:0x7fe22738eec9
[ 1862.230875][T28915] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1862.230892][T28915] RSP: 002b:00007fe22823f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1862.230910][T28915] RAX: ffffffffffffffda RBX: 00007fe2275e5fa0 RCX: 00007fe22738eec9
[ 1862.230922][T28915] RDX: 0000000000000000 RSI: 000000000000ff0a RDI: 0000000000000003
[ 1862.230934][T28915] RBP: 00007fe22823f090 R08: 0000000000000000 R09: 0000000000000000
[ 1862.230945][T28915] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1862.230954][T28915] R13: 00007fe2275e6038 R14: 00007fe2275e5fa0 R15: 00007ffd60665bf8
[ 1862.230977][T28915]  </TASK>
[ 1862.440217][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1862.950400][T15030] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[ 1863.209464][T28935] overlayfs: failed to clone upperpath
[ 1863.741845][T15030] usb 1-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96
[ 1863.752927][T15030] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1863.772458][T15030] usb 1-1: Product: syz
[ 1863.780240][T15030] usb 1-1: Manufacturer: syz
[ 1863.790125][T15030] usb 1-1: SerialNumber: syz
[ 1863.812209][T15030] usb 1-1: config 0 descriptor??
[ 1864.190547][T15030] peak_usb 1-1:0.0: PEAK-System PCAN-USB FD v0 fw v0.0.0 (1 channels)
[ 1864.385795][T15030] peak_usb 1-1:0.0 can0: sending command failure: -22
[ 1864.394458][T15030] peak_usb 1-1:0.0 can0: sending command failure: -22
[ 1864.407361][T15030] peak_usb 1-1:0.0 can0: sending command failure: -22
[ 1864.450570][T24232] usb 7-1: new high-speed USB device number 35 using dummy_hcd
[ 1864.471704][T15030] peak_usb 1-1:0.0: probe with driver peak_usb failed with error -22
[ 1864.564460][T28955] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5794'.
[ 1864.615327][T24232] usb 7-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 1864.628686][T24232] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1864.629343][T15030] usb 1-1: USB disconnect, device number 32
[ 1864.644931][T24232] usb 7-1: config 0 descriptor??
[ 1865.022427][T24232] udl 7-1:0.0: [drm] Unrecognized vendor firmware descriptor
[ 1865.655082][T24232] [drm:udl_init] *ERROR* Selecting channel failed
[ 1865.787733][T24232] [drm] Initialized udl 0.0.1 for 7-1:0.0 on minor 2
[ 1865.795189][T24232] [drm] Initialized udl on minor 2
[ 1865.802683][T24232] udl 7-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1865.813492][T24232] udl 7-1:0.0: [drm] Cannot find any crtc or sizes
[ 1866.293328][   T24] udl 7-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1866.337056][T24232] usb 7-1: USB disconnect, device number 35
[ 1866.377849][   T24] udl 7-1:0.0: [drm] Cannot find any crtc or sizes
[ 1868.799481][T28998] tmpfs: Bad value for 'mpol'
[ 1868.994861][   T24] usb 7-1: new high-speed USB device number 36 using dummy_hcd
[ 1869.567407][   T24] usb 7-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac
[ 1869.579084][   T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1869.588045][   T24] usb 7-1: Product: syz
[ 1869.595673][   T24] usb 7-1: Manufacturer: syz
[ 1869.600747][   T24] usb 7-1: SerialNumber: syz
[ 1869.620121][   T24] usb 7-1: config 0 descriptor??
[ 1869.638141][   T24] gspca_main: sunplus-2.14.0 probing 055f:c230
[ 1869.705640][T29011] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5810'.
[ 1869.750532][  T973] usb 2-1: new low-speed USB device number 55 using dummy_hcd
[ 1869.960385][T24232] usb 3-1: new low-speed USB device number 107 using dummy_hcd
[ 1870.035911][T29018] overlayfs: failed to clone upperpath
[ 1870.059650][  T973] usb 2-1: config 0 has an invalid interface number: 55 but max is 0
[ 1870.147579][  T973] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1870.229159][T24232] usb 3-1: config 0 has an invalid interface number: 55 but max is 0
[ 1870.278978][  T973] usb 2-1: config 0 has no interface number 0
[ 1870.320141][T24232] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1870.336101][   T24] gspca_sunplus: reg_r err -32
[ 1870.343044][  T973] usb 2-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1870.352963][   T24] sunplus 7-1:0.0: probe with driver sunplus failed with error -32
[ 1870.361942][T24232] usb 3-1: config 0 has no interface number 0
[ 1870.368168][  T973] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1870.371564][T28459] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1870.381383][T24232] usb 3-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1870.408351][  T973] usb 2-1: config 0 descriptor??
[ 1870.413325][T28459] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1870.438005][T24232] usb 3-1: config 0 interface 55 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1870.461076][T24232] usb 3-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1870.476028][  T973] ldusb 2-1:0.55: Interrupt in endpoint not found
[ 1870.505238][T29022] mkiss: ax0: crc mode is auto.
[ 1870.520400][T24232] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1870.542316][T24232] usb 3-1: config 0 descriptor??
[ 1870.555845][T24232] ldusb 3-1:0.55: Interrupt in endpoint not found
[ 1870.575364][T28459] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1870.586115][T28459] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1870.762539][T24364] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1870.762975][T28459] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1870.936445][T28459] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1870.952352][T24364] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1870.966730][T14254] usb 7-1: USB disconnect, device number 36
[ 1871.000748][T24364] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1871.011344][T24364] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1871.020821][T24364] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1871.514493][T28459] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1871.525133][T28459] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1872.075961][T28459] team0: left allmulticast mode
[ 1872.130083][T28459] team_slave_0: left allmulticast mode
[ 1872.137296][T28459] team_slave_1: left allmulticast mode
[ 1872.145587][T28459] geneve1: left allmulticast mode
[ 1872.151962][T28459] team0: left promiscuous mode
[ 1872.156847][T28459] team_slave_0: left promiscuous mode
[ 1872.164776][T28459] team_slave_1: left promiscuous mode
[ 1872.171484][T28459] geneve1: left promiscuous mode
[ 1872.176825][T28459] bridge0: port 3(team0) entered disabled state
[ 1872.189639][T28459] bridge_slave_1: left allmulticast mode
[ 1872.198483][T28459] bridge_slave_1: left promiscuous mode
[ 1872.206572][T28459] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1872.218190][T28459] bridge_slave_0: left allmulticast mode
[ 1872.226486][T28459] bridge_slave_0: left promiscuous mode
[ 1872.234773][T28459] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1872.554392][T18949] usb 2-1: USB disconnect, device number 55
[ 1873.001978][  T976] usb 3-1: USB disconnect, device number 107
[ 1873.049234][T28459] team0: Port device geneve1 removed
[ 1873.090921][T24364] Bluetooth: hci2: command tx timeout
[ 1873.467513][T28459] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1873.477552][T28459] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1873.488452][T28459] bond0 (unregistering): Released all slaves
[ 1873.530713][  T976] usb 7-1: new high-speed USB device number 37 using dummy_hcd
[ 1873.622805][T24232] usb 3-1: new high-speed USB device number 108 using dummy_hcd
[ 1873.647915][T28459] bond1 (unregistering): (slave veth3): Releasing active interface
[ 1873.657153][T28459] bond1 (unregistering): Released all slaves
[ 1873.670710][T29042] netlink: 20 bytes leftover after parsing attributes in process `syz.5.5819'.
[ 1873.690570][  T976] usb 7-1: Using ep0 maxpacket: 16
[ 1873.702961][  T976] usb 7-1: config 0 has an invalid interface number: 8 but max is 0
[ 1873.727894][  T976] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1873.744261][  T976] usb 7-1: config 0 has no interface number 0
[ 1873.753001][  T976] usb 7-1: config 0 interface 8 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1873.791255][  T976] usb 7-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[ 1873.808738][  T976] usb 7-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[ 1873.812951][T24232] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1873.828906][  T976] usb 7-1: Product: syz
[ 1873.840165][  T976] usb 7-1: SerialNumber: syz
[ 1873.845416][T24232] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1873.868790][T24232] usb 3-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[ 1873.890028][  T976] usb 7-1: config 0 descriptor??
[ 1873.891735][T24232] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1873.911107][T24232] usb 3-1: config 0 descriptor??
[ 1873.931176][T24232] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[ 1873.932292][  T976] usbhid 7-1:0.8: couldn't find an input interrupt endpoint
[ 1874.009749][T29023] chnl_net:caif_netlink_parms(): no params data found
[ 1874.138202][T24232] usb 7-1: USB disconnect, device number 37
[ 1874.185208][T29023] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1874.194323][T29023] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1874.202282][T29023] bridge_slave_0: entered allmulticast mode
[ 1874.209635][T29023] bridge_slave_0: entered promiscuous mode
[ 1874.218170][T29023] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1874.228653][T29023] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1874.237541][T29023] bridge_slave_1: entered allmulticast mode
[ 1874.249253][T29023] bridge_slave_1: entered promiscuous mode
[ 1874.293150][T29023] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1874.310134][T29023] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1874.356773][T29023] team0: Port device team_slave_0 added
[ 1874.365787][T29023] team0: Port device team_slave_1 added
[ 1874.404142][T29023] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1874.412043][T29023] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1874.438618][T29023] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1874.451565][T29023] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1874.458730][T29023] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1874.486501][T29023] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1874.525966][T29023] hsr_slave_0: entered promiscuous mode
[ 1874.532481][T29023] hsr_slave_1: entered promiscuous mode
[ 1874.538455][T29023] debugfs: 'hsr0' already exists in 'hsr'
[ 1874.544540][T29023] Cannot create hsr debugfs directory
[ 1874.818753][T29023] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1874.833545][T29023] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1874.844600][T29023] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1874.860046][T29023] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1874.955863][T29023] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1874.984116][T29023] 8021q: adding VLAN 0 to HW filter on device team0
[ 1875.002074][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1875.009250][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1875.025647][T24394] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1875.032851][T24394] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1875.170458][T24364] Bluetooth: hci2: command tx timeout
[ 1875.264868][T29023] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1875.558858][T29023] veth0_vlan: entered promiscuous mode
[ 1875.573034][T29023] veth1_vlan: entered promiscuous mode
[ 1875.612225][T29023] veth0_macvtap: entered promiscuous mode
[ 1875.622965][T29023] veth1_macvtap: entered promiscuous mode
[ 1875.642958][T29023] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1875.658800][T29023] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1875.678082][T24390] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1875.688067][T24390] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1875.711477][T24390] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1875.723303][T24390] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1875.806883][T24395] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1875.825285][T24395] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1875.863455][T24395] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1875.875281][T24395] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1876.226773][T29146] delete_channel: no stack
[ 1876.280231][T24232] usb 3-1: USB disconnect, device number 108
[ 1877.250756][T24364] Bluetooth: hci2: command tx timeout
[ 1879.330679][T24364] Bluetooth: hci2: command tx timeout
[ 1914.133760][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1975.572287][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1998.130873][T15561] Bluetooth: hci2: command 0x0406 tx timeout
[ 2031.250939][   T31] INFO: task kworker/u8:0:28459 blocked for more than 143 seconds.
[ 2031.258911][   T31]       Not tainted syzkaller #0
[ 2031.264091][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2031.272991][   T31] task:kworker/u8:0    state:D stack:24736 pid:28459 tgid:28459 ppid:2      task_flags:0x4208060 flags:0x00080000
[ 2031.285112][   T31] Workqueue: netns cleanup_net
[ 2031.289890][   T31] Call Trace:
[ 2031.293245][   T31]  <TASK>
[ 2031.296196][   T31]  __schedule+0x1190/0x5de0
[ 2031.300786][   T31]  ? __lock_acquire+0xb97/0x1ce0
[ 2031.305750][   T31]  ? __lock_acquire+0x62e/0x1ce0
[ 2031.310767][   T31]  ? __pfx___schedule+0x10/0x10
[ 2031.315614][   T31]  ? find_held_lock+0x2b/0x80
[ 2031.320350][   T31]  ? schedule+0x2d7/0x3a0
[ 2031.324870][   T31]  schedule+0xe7/0x3a0
[ 2031.328941][   T31]  afs_cell_purge+0x41f/0x4f0
[ 2031.333692][   T31]  ? __try_to_del_timer_sync+0x115/0x170
[ 2031.339400][   T31]  ? __pfx_afs_cell_purge+0x10/0x10
[ 2031.344632][   T31]  ? __pfx_var_wake_function+0x10/0x10
[ 2031.350095][   T31]  ? __timer_delete_sync+0x108/0x1b0
[ 2031.355429][   T31]  ? __pfx_afs_net_exit+0x10/0x10
[ 2031.360526][   T31]  afs_net_exit+0x83/0x140
[ 2031.364939][   T31]  ops_undo_list+0x2ee/0xab0
[ 2031.369507][   T31]  ? __pfx_ops_undo_list+0x10/0x10
[ 2031.374655][   T31]  ? cleanup_net+0x347/0x8b0
[ 2031.379240][   T31]  ? idr_destroy+0x62/0x2e0
[ 2031.383798][   T31]  cleanup_net+0x41b/0x8b0
[ 2031.388214][   T31]  ? __pfx_cleanup_net+0x10/0x10
[ 2031.393213][   T31]  ? rcu_is_watching+0x12/0xc0
[ 2031.397991][   T31]  process_one_work+0x9cf/0x1b70
[ 2031.402990][   T31]  ? __pfx_batadv_nc_worker+0x10/0x10
[ 2031.408364][   T31]  ? __pfx_process_one_work+0x10/0x10
[ 2031.414070][   T31]  ? assign_work+0x1a0/0x250
[ 2031.418662][   T31]  worker_thread+0x6c8/0xf10
[ 2031.423618][   T31]  ? __kthread_parkme+0x19e/0x250
[ 2031.428930][   T31]  ? __pfx_worker_thread+0x10/0x10
[ 2031.434221][   T31]  kthread+0x3c5/0x780
[ 2031.438286][   T31]  ? __pfx_kthread+0x10/0x10
[ 2031.442961][   T31]  ? rcu_is_watching+0x12/0xc0
[ 2031.447797][   T31]  ? __pfx_kthread+0x10/0x10
[ 2031.452447][   T31]  ret_from_fork+0x56a/0x730
[ 2031.457032][   T31]  ? __pfx_kthread+0x10/0x10
[ 2031.461673][   T31]  ret_from_fork_asm+0x1a/0x30
[ 2031.466438][   T31]  </TASK>
[ 2031.469465][   T31] 
[ 2031.469465][   T31] Showing all locks held in the system:
[ 2031.477280][   T31] 1 lock held by khungtaskd/31:
[ 2031.482146][   T31]  #0: ffffffff8e1c34a0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0
[ 2031.492057][   T31] 1 lock held by klogd/5183:
[ 2031.496734][   T31]  #0: ffff8880b873a318 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x29/0x130
[ 2031.506738][   T31] 2 locks held by getty/5581:
[ 2031.511449][   T31]  #0: ffff88814e29e0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[ 2031.521258][   T31]  #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0
[ 2031.531561][   T31] 3 locks held by kworker/u8:38/24392:
[ 2031.537009][   T31]  #0: ffff8880b873a318 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x29/0x130
[ 2031.546988][   T31]  #1: ffffc9000475fd10 ((work_completion)(&(&bat_priv->nc.work)->work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[ 2031.559578][   T31]  #2: ffff8880b873a318 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x29/0x130
[ 2031.569562][   T31] 4 locks held by kworker/u8:40/24394:
[ 2031.575166][   T31] 3 locks held by kworker/u8:0/28459:
[ 2031.580565][   T31]  #0: ffff88801beec148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[ 2031.590961][   T31]  #1: ffffc900044e7d10 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[ 2031.600947][   T31]  #2: ffffffff8feb0450 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xad/0x8b0
[ 2031.610328][   T31] 
[ 2031.612639][   T31] =============================================
[ 2031.612639][   T31] 
[ 2031.621066][   T31] NMI backtrace for cpu 0
[ 2031.621080][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[ 2031.621100][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 2031.621110][   T31] Call Trace:
[ 2031.621117][   T31]  <TASK>
[ 2031.621125][   T31]  dump_stack_lvl+0x116/0x1f0
[ 2031.621152][   T31]  nmi_cpu_backtrace+0x27b/0x390
[ 2031.621169][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 2031.621188][   T31]  nmi_trigger_cpumask_backtrace+0x29c/0x300
[ 2031.621207][   T31]  watchdog+0xf0e/0x1260
[ 2031.621235][   T31]  ? __pfx_watchdog+0x10/0x10
[ 2031.621256][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2031.621280][   T31]  ? __kthread_parkme+0x19e/0x250
[ 2031.621308][   T31]  ? __pfx_watchdog+0x10/0x10
[ 2031.621330][   T31]  kthread+0x3c5/0x780
[ 2031.621350][   T31]  ? __pfx_kthread+0x10/0x10
[ 2031.621371][   T31]  ? rcu_is_watching+0x12/0xc0
[ 2031.621394][   T31]  ? __pfx_kthread+0x10/0x10
[ 2031.621415][   T31]  ret_from_fork+0x56a/0x730
[ 2031.621434][   T31]  ? __pfx_kthread+0x10/0x10
[ 2031.621454][   T31]  ret_from_fork_asm+0x1a/0x30
[ 2031.621489][   T31]  </TASK>
[ 2031.621496][   T31] Sending NMI from CPU 0 to CPUs 1:
[ 2031.736755][    C1] NMI backtrace for cpu 1
[ 2031.736769][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted syzkaller #0 PREEMPT(full) 
[ 2031.736785][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 2031.736793][    C1] RIP: 0010:pv_native_safe_halt+0xf/0x20
[ 2031.736818][    C1] Code: e9 5b 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d b3 b8 19 00 fb f4 <e9> cc 09 03 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
[ 2031.736831][    C1] RSP: 0018:ffffc90000197df8 EFLAGS: 000002c2
[ 2031.736843][    C1] RAX: 000000000a3db58d RBX: 0000000000000001 RCX: ffffffff8b504f49
[ 2031.736853][    C1] RDX: 0000000000000000 RSI: ffffffff8d9b7ba6 RDI: ffffffff8bd008c0
[ 2031.736861][    C1] RBP: ffffed1003b5d490 R08: 0000000000000001 R09: ffffed10170e6655
[ 2031.736870][    C1] R10: ffff8880b87332ab R11: 0000000000000000 R12: 0000000000000001
[ 2031.736879][    C1] R13: ffff88801daea480 R14: ffffffff905f6090 R15: 0000000000000000
[ 2031.736888][    C1] FS:  0000000000000000(0000) GS:ffff888124f71000(0000) knlGS:0000000000000000
[ 2031.736902][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2031.736911][    C1] CR2: 00005593da368660 CR3: 000000000df82000 CR4: 00000000003526f0
[ 2031.736920][    C1] DR0: 0000000000000002 DR1: 000000000000af51 DR2: 0000000000000800
[ 2031.736928][    C1] DR3: 000000007fffffff DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 2031.736937][    C1] Call Trace:
[ 2031.736942][    C1]  <TASK>
[ 2031.736947][    C1]  default_idle+0x13/0x20
[ 2031.736965][    C1]  default_idle_call+0x6c/0xb0
[ 2031.736983][    C1]  do_idle+0x38d/0x500
[ 2031.737002][    C1]  ? __pfx_do_idle+0x10/0x10
[ 2031.737019][    C1]  ? trace_sched_exit_tp+0x2f/0x120
[ 2031.737037][    C1]  cpu_startup_entry+0x4f/0x60
[ 2031.737053][    C1]  start_secondary+0x21d/0x2b0
[ 2031.737065][    C1]  ? __pfx_start_secondary+0x10/0x10
[ 2031.737087][    C1]  common_startup_64+0x13e/0x148
[ 2031.737107][    C1]  </TASK>
[ 2031.737875][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[ 2031.929881][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[ 2031.938974][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 2031.949010][   T31] Call Trace:
[ 2031.952270][   T31]  <TASK>
[ 2031.955186][   T31]  dump_stack_lvl+0x3d/0x1f0
[ 2031.959776][   T31]  vpanic+0x6e8/0x7a0
[ 2031.963742][   T31]  ? __pfx_vpanic+0x10/0x10
[ 2031.968228][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 2031.974208][   T31]  panic+0xca/0xd0
[ 2031.977944][   T31]  ? __pfx_panic+0x10/0x10
[ 2031.982343][   T31]  ? preempt_schedule_thunk+0x16/0x30
[ 2031.987702][   T31]  ? nmi_trigger_cpumask_backtrace+0x1b1/0x300
[ 2031.993836][   T31]  ? watchdog+0xd78/0x1260
[ 2031.998237][   T31]  ? watchdog+0xd6b/0x1260
[ 2032.002638][   T31]  watchdog+0xd89/0x1260
[ 2032.006868][   T31]  ? __pfx_watchdog+0x10/0x10
[ 2032.011542][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2032.016732][   T31]  ? __kthread_parkme+0x19e/0x250
[ 2032.021767][   T31]  ? __pfx_watchdog+0x10/0x10
[ 2032.026431][   T31]  kthread+0x3c5/0x780
[ 2032.030483][   T31]  ? __pfx_kthread+0x10/0x10
[ 2032.035071][   T31]  ? rcu_is_watching+0x12/0xc0
[ 2032.039822][   T31]  ? __pfx_kthread+0x10/0x10
[ 2032.044396][   T31]  ret_from_fork+0x56a/0x730
[ 2032.048970][   T31]  ? __pfx_kthread+0x10/0x10
[ 2032.053569][   T31]  ret_from_fork_asm+0x1a/0x30
[ 2032.058327][   T31]  </TASK>
[ 2032.061437][   T31] Kernel Offset: disabled
[ 2032.065735][   T31] Rebooting in 86400 seconds..