last executing test programs:

13.095059222s ago: executing program 1 (id=5355):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x60400, 0x0)
futex(&(0x7f0000001240)=0x3, 0x5, 0xffff7ffc, 0x0, &(0x7f0000001200)=0x3, 0x85000000)
r1 = fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x4)
mknodat$loop(r2, &(0x7f0000000100)='./file0\x00', 0xffffc000, 0x1)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_io_uring_setup(0x3c89, &(0x7f0000000040)={0x0, 0x84df, 0x2028, 0x2, 0x3d1, 0x0, r2}, &(0x7f00000000c0)=<r4=>0x0, &(0x7f0000000140))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x118, &(0x7f0000000180)=0x9, 0x0, 0x4)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000080)={'syz0\x00', {}, 0x49, [0x0, 0x3, 0x403, 0x100001, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3, 0x10000000, 0x8, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000a, 0x0, 0x0, 0x7, 0x0, 0x0, 0xffffffff, 0x6, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xa9a4, 0x1], [0x0, 0x0, 0x0, 0x0, 0x2, 0x733, 0x0, 0xedc0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x2, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x2000000, 0x0, 0x0, 0x80000, 0x0, 0xfffffff8, 0x0, 0x0, 0x79, 0xfffffffd, 0x0, 0x0, 0x0, 0x2, 0x47, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x7fff0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x2, 0xfffffffc, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x20], [0x0, 0xfffffffc, 0x0, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0xffffffff, 0x200089, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80008000, 0x0, 0xfffffffe, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x351e, 0x0, 0xd, 0x0, 0x0, 0x4492, 0x8], [0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, 0x1200000, 0x0, 0x0, 0x800010, 0x0, 0x0, 0x804, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x2, 0x0, 0x4, 0x0, 0xfd32, 0x6, 0x0, 0x0, 0x0, 0x2, 0x5, 0x0, 0x0, 0x0, 0xfffffff7, 0x0, 0x6, 0x0, 0x4, 0x0, 0xffffffff, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x4, 0x0, 0x0, 0x0, 0x100000]}, 0x45c)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/mdstat\x00', 0x0, 0x0)
r5 = syz_io_uring_setup(0x5169, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000000))
io_uring_enter(r5, 0x7368, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
r6 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000)
write$FUSE_NOTIFY_DELETE(r6, &(0x7f0000000540)=ANY=[@ANYBLOB="2e00000006000000000000000000000004000000000000000300000000000000dfcc7a050000000000000073797a3a47b1ff733dbc5a5e46150b46d98fddb8be8907ab2265b9638fba69fa87ba1095c4c964bf7713ee0c08c9c21f146a23e31d70f640797db59a6dabf4f16a65048c7c5c8e96b14c3b85904adc9e56000ee85071d7485bae1c3f74419777cba53a3847791ccd925d67108518ae222b2987de5c095afeb003ee7a160285d4e37d5d5455450f6517d0bd98b6075680fc0150d62554c2eea5287be74c59f953d15e33743b51ec59dca7275b1809945de856f451aabae03c4ede906c8db1a3ef9c212ebbd6c35885ca635c99f8265a2df1f60dd561b1e44d4fe802000000000000000aa0a1e2a997441e3dee34b6448ac0f972f420e5ea77d1d03d84ea582842f5cafc40b29957b345606466a1e16c4b76c3d8f67c3e3f40191c77ff1b1c8769c15732389f1fb62dfe8e711b6ccaecaf4e5dcf32cb54"], 0x2e)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r7, &(0x7f0000002700)=""/102392, 0x18ff8)
ioprio_set$pid(0x1, 0x0, 0x0)
r8 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x42002, 0x0)
r9 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
syz_emit_ethernet(0xbe, &(0x7f00000008c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa0000000000000800450000b00000000000119078ac1414ffac1414aa00000000009c907801000000000000006fdfa0d2001efbb3e29a4ac275ca11b984ff5def6ed2e4ea9bc0eabdd34c732bdf23520b57e4c98679c7795a27c7bf3e7d776b600ba8d82d6ba417e219edd86fb7e8431efcf75501342d33e803412dae374281c25df814aa2e34e4f8a759805b7f3e2d69a8f476de686861a9850edbe32cfee9b9d5b0b2b171b5968f74963b0ce40ca7e0a7b4bbc4bc9720c8"], 0x0)
sendfile(r8, r9, 0x0, 0x20000023896)

11.687371537s ago: executing program 2 (id=5359):
syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000240)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4f3, 0x755, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x40, 0xb1, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x101, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x3ff, 0xc}}}}}]}}]}}, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
syz_emit_vhci(&(0x7f0000002f40)=ANY=[], 0x200)

11.375099745s ago: executing program 1 (id=5361):
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=@newsa={0x220, 0x10, 0x713, 0x10, 0x0, {{@in6=@local, @in6=@local}, {@in6=@remote, 0x0, 0x33}, @in=@remote, {0x0, 0x7, 0x0, 0x0, 0x0, 0x1}, {0x9}, {0x4}, 0x3, 0x0, 0x2, 0x4}, [@algo_aead={0x130, 0x12, {{'ccm_base(ecb-aes-aesni,nhpoly1305)\x00'}, 0x720, 0x0, "1c25c5e42f6e03ad2b713a2c62a14f0e5ddc9dc7e335062f7cb83d3214f5d3034d48afaa759525329dbe3103ffba406392cf476276d2f11b122b2d0c671ee1fdb8dc335cdf718190c85c98ce4577f266e831c4979dc8415fc8df27ffd9ad9c01dee011678ac418a15b2543cc31d586b2eb8a2da1820e58f65e48ab1589cbbaadb7cb24e4a801697619f16b7ee1c31fd2997d7a58d06f0f10321b2b096bccdffab55cbca57fd60b060b5a7f5e7fdafa5cacd39db41c6821b10b6674d98711bc915f24928152997620853e02468bc849eb38df90251202b459b33e1fec2b00ab3260a948d8"}}]}, 0x220}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_HYPERV_EVENTFD(r2, 0x4048aec9, &(0x7f0000000080)={0x4, 0xffffffffffffffff, 0x1})
sendmmsg$unix(0xffffffffffffffff, &(0x7f000000db40)=[{{0x0, 0x0, &(0x7f0000001700)=[{&(0x7f00000004c0)="99b7a9ebe6223393821b470b64bf7ab0865d263310163a50b4516a7623e6fd9504c0b06c70fc4cbdfccc59198e679bb54868938089f8ebfc292ce44cc7c10eae0631051af2fc8f869028bbabc316c913d547d1365acf98c2d9fd5e67feb3d214ee2d5fffc373c66c101c3ff6fc43a903a5793ca8fa8e12d3cbdb0c891e6b048e09ddd23541fcfb36b72557b9331db08ee1ec493c4db726b82d5004beb6d06363a20e6999c752884dc6a163230192f5e615422541f50289e1c261caebe29ad1fe246b8524f61eb68d192cdefe42b64c1d106afa562405b95ac48282e8d2956d240688c4a4f87d39d9a5ae445a927c1c05ae61dace1fb3221e82a7e50065fd3c7149d08860a759b48b8ed3b8a7d2f19e2d5a4db8e93b03a7142c7e853ef5b738eba29c51a7eb5d959c20b314a2daca9a0039e9f81cc33bf7535d90266f438539f724f152556484c946bb52cb41e8104e2169dda16aa910c35c8d5541ec508b825c352d53b1061ab75c14d13aa041e1f96e5b876c6fe6f1afd2fb480f3971d57b454346e0892c36329e93d245f9fbaccf534081031431af5349851fa30d6bed96fddd0c19aea06eb0ab70e609009e2a06dc6c3edf7a2b3ffe0601e5a536989c59d03034b289e644e13668704c297e7e881d8869b33867c3410435508c615cbce246c28cc7c6b71c9c39d64de3357b3885a90143189ae1e86be23e8bb9ce3893d658f6b694a8eabb5594b1f5e63d50e7745a815e1e8441bed84cb0328da3982ded10fb6a00d8db5547bcadd740031417cf5a060709cd224a3926df973c6b7d5329a7879b74bebbf260556e9d9838c5c673e7f69cb2b4f3809ac536f9271023f43be8d912c8878cdca44678d561a6accb3c09b95c6163c840", 0x276}], 0x1, 0x0, 0x0, 0x20004005}}], 0x1, 0x40000)
r3 = syz_usb_connect(0x0, 0x4a, &(0x7f0000000040)=ANY=[], 0x0)
syz_usb_control_io$hid(r3, &(0x7f0000000400)={0x24, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_ep_write$ath9k_ep1(r3, 0x82, 0xc38, &(0x7f0000000080)=ANY=[])
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x4000, 0x0)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x800)
pipe2(&(0x7f0000000200), 0x84800)
sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r4, &(0x7f00000003c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x3c, 0x0, 0x2, 0x70bd25, 0x25dfdbfd, {}, [@BATADV_ATTR_VLANID={0x6, 0x28, 0x2}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x7}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x75ba84d7}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x1968}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000}, 0x8081)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000006c0)=@newtaction={0x70, 0x30, 0xffffffffffffffff, 0x0, 0x25dfdbfd, {}, [{0x5c, 0x1, [@m_bpf={0x58, 0x1, 0x0, 0x0, {{0x8}, {0x30, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18, 0x2, {0x1, 0x0, 0x4}}, @TCA_ACT_BPF_FD={0x8}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x1}, @TCA_ACT_BPF_OPS={0x4}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x70}}, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000440)='block_bio_complete\x00', r6, 0x0, 0x1}, 0x18)
write$cgroup_int(r5, 0x0, 0x0)

10.12764053s ago: executing program 3 (id=5366):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f00000006c0)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x0, 0x100a, &(0x7f0000001400)=""/4106, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
fsopen(0x0, 0x0)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r5}, 0x4)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000280)='xen_cpu_write_ldt_entry\x00', r6, 0x0, 0x10}, 0x18)
shmctl$IPC_INFO(0x0, 0x3, 0x0)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0xffffffffffffffa0)
creat(&(0x7f0000000100)='./file0\x00', 0x0)
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
mount$fuseblk(&(0x7f0000002440), &(0x7f0000002480)='./file0\x00', &(0x7f00000024c0), 0x0, &(0x7f00000001c0)={{'fd', 0x3d, r7}, 0x2c, {'rootmode', 0x3d, 0xa000}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="34000000100001f8ffffff000000000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000000c002b8008000100", @ANYRES32=r0, @ANYBLOB="08001b"], 0x34}}, 0x4004010)

9.587036259s ago: executing program 2 (id=5367):
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
sendmsg$IPSET_CMD_TEST(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, 0x0, 0x0)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0)
r2 = dup(r1)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r4 = dup(r3)
sendfile(r4, r2, 0x0, 0x89ffc)

8.83356839s ago: executing program 3 (id=5369):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$IOCTL_VMCI_GET_CONTEXT_ID(r0, 0x7b3, &(0x7f0000000040)) (fail_nth: 1)

8.824622499s ago: executing program 2 (id=5370):
r0 = socket$netlink(0x10, 0x3, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) (async)
r3 = socket(0x848000000015, 0x6, 0x10000)
sendto$inet6(r3, 0x0, 0x0, 0x0, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @remote}, 0x1c) (async)
r4 = openat$cgroup_devices(0xffffffffffffffff, &(0x7f00000004c0)='devices.allow\x00', 0x2, 0x0) (async)
r5 = open$dir(&(0x7f0000000500)='./file0\x00', 0x40100, 0xaa) (async)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10002, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000740)) (async)
r7 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000100)=ANY=[@ANYBLOB="b40000001900010000000000000000001d0109004d0011806f9886ff8308eb1d7c03414adb7fa1c790a421ea2a089f6ab00ada4e5605b2e72655b3cc4c48e609000cf5329cb7f1821ec7ecca1db0eb2d7144f29af11fe655838a74d923d12c78e80000004d0010"], 0xb4}}, 0x0) (async, rerun: 32)
r8 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) (rerun: 32)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
dup(r9) (async)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000540)=<r10=>0x0) (async, rerun: 32)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000580)=<r11=>0x0) (rerun: 32)
r12 = getgid() (async)
r13 = getpid()
sched_setscheduler(r13, 0x2, &(0x7f0000000200)=0x7)
r14 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r14, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r15=>0x0}, &(0x7f0000cab000)=0xc)
lchown(&(0x7f0000000240)='./file0\x00', r15, 0xee00) (async, rerun: 32)
r16 = socket$pppl2tp(0x18, 0x1, 0x1) (async, rerun: 32)
r17 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000980)=ANY=[@ANYBLOB="18000000000000040000000000000000850000000e000000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000400)='io_uring_cqe_overflow\x00', r17}, 0x10)
sendmmsg$unix(r1, &(0x7f00000006c0)=[{{&(0x7f0000000080)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000140)=[{&(0x7f0000000100)="032ec7167d5548cb9f3290a4d802ee368a9fa9e7906968537001c56ad77f4b58a8de27e7b9894abd65e5607f7a5715036e1d208f8733ab164f141437df1d", 0x3e}], 0x1, 0x0, 0x0, 0x14}}, {{&(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000480)=[{&(0x7f0000000240)="0e6c4bda0e8091b537cafb87f5f9999a5fc730bb9fe53ffe60cb828c2fd5b73ca871759a71e93e4385ceddaaa66574114d76dd63c5e590e33c01e9abfa7baddca1a2bc95f9153b385116784cf3b182707570260635d127401ea80e8d0c3415644e148b781649f55a1327027a36bf8e6885ebc398d23568e3ef25da76c53a1f0b481b5dd1b83809b4", 0x88}, {&(0x7f0000000300)="be3f80b23a937e044407e8275ef2551c6db602dd38a47960c9e732e8f4dda0a4a9f5020db6a04f42632a3f0a93362a56f91f232d15797a452256a517aa940d3dbdae90c8386da8925d252659f9f8a444", 0x50}, {&(0x7f0000000380)="9e7015fb9d4eb0d5d2b2ff53d7292650579af17f153b61f013c48a131cb2e2411c6d2616da6baf5f6bc6175b67d841a619270a5d586025ccce73eca7979450a4fd4241dbde547c63e0cdbe4febcef190d9976dc50c4944f7151aaf659e1867549409cc133cb56796a88ab83eecbfa31c009869be8e31b50b2d3a019f783fbdd9f79d400e985cbee6bcd6f88d1086b2e7cfa4b7e39002a24ff335e63f3035d30fc5b8fb49b877b7540a40caccbdd74140b16c2c6d610966f23b534b2baacdf625516af6", 0xc3}], 0x3, &(0x7f00000005c0)=[@rights={{0x24, 0x1, 0x1, [r4, 0xffffffffffffffff, r5, r9, r3]}}, @cred={{0x1c, 0x1, 0x2, {r10, r11, r12}}}, @cred={{0x1c, 0x1, 0x2, {r13, r15, 0xee01}}}, @rights={{0x30, 0x1, 0x1, [r0, r16, r3, r3, r3, r1, r3, r17]}}, @rights={{0x18, 0x1, 0x1, [r1, r1]}}, @rights={{0x18, 0x1, 0x1, [r1, r3]}}], 0xc8}}], 0x2, 0x4000000) (async)
connect$unix(r2, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
close_range(r0, 0xffffffffffffffff, 0x0)

8.465920413s ago: executing program 3 (id=5371):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@can_delroute={0x2c, 0x19, 0x1, 0x70bd2a, 0x25dfdbff, {0x1d, 0x1, 0x6}, [@CGW_MOD_SET={0x15, 0x4, {{{0x3, 0x1, 0x1, 0x1}, 0x8, 0x1, 0x0, 0x0, "6698c13a70ca67e7"}, 0x2}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0)

8.465384209s ago: executing program 3 (id=5372):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000040)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1b, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r2}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
munlockall()
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r5, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r4, r6, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@textreal={0x8, 0x0}], 0x1, 0x5a, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

5.84867765s ago: executing program 4 (id=5373):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@can_delroute={0x2c, 0x19, 0x1, 0x70bd2a, 0x25dfdbff, {0x1d, 0x1, 0x6}, [@CGW_MOD_SET={0x15, 0x4, {{{0x3, 0x1, 0x1, 0x1}, 0x8, 0x1, 0x0, 0x0, "6698c13a70ca67e7"}, 0x2}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x800}, 0x0) (fail_nth: 1)

5.662015558s ago: executing program 4 (id=5375):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
io_setup(0x1, &(0x7f0000000340)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x10, r0, 0x0, 0x0, 0x8000000000006ed}]) (fail_nth: 1)

5.370928527s ago: executing program 1 (id=5376):
openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
r0 = openat$dsp1(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = syz_open_dev$radio(&(0x7f0000000000), 0x1, 0x2)
io_setup(0x8, &(0x7f0000004200)=<r2=>0x0)
r3 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8)
mkdir(&(0x7f0000000140)='./control\x00', 0x5)
close(r3)
r4 = inotify_init1(0x800)
r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r5, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r5, 0x4008af03, &(0x7f0000000380)={0x5, 0x0, [{0x2, 0xc5, &(0x7f0000000000)=""/197}, {0x0, 0x0, 0x0}, {0x3b38a004, 0x67, &(0x7f00000001c0)=""/103}, {0x2, 0x3c, &(0x7f0000000240)=""/60}, {0xd000, 0x5e, &(0x7f00000002c0)=""/94}]})
ioctl$VHOST_SET_MEM_TABLE(r5, 0x4008af03, &(0x7f0000000180))
fcntl$setstatus(r3, 0x4, 0x2c00)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000280)=ANY=[], 0x0, 0x3f, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
fcntl$setown(r3, 0x8, 0x0)
fcntl$setsig(r4, 0xa, 0xe)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
inotify_add_watch(r4, &(0x7f0000000340)='./control/../file0\x00', 0xa4000960)
rmdir(&(0x7f0000000100)='./control\x00')
r6 = epoll_create(0x2cf)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r1, &(0x7f0000000040)={0x2005})
io_submit(r2, 0x1, &(0x7f0000004540)=[0x0])
ioctl$VIDIOC_S_EXT_CTRLS(r1, 0xc0205648, &(0x7f00000001c0)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000080)={0xf0f041, 0x0, '\x00', @ptr}})
prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f)
r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
getsockname$l2tp6(r7, &(0x7f0000000200)={0xa, 0x0, 0x0, @local}, &(0x7f0000000240)=0x20)
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r7])
socket$nl_rdma(0x10, 0x3, 0x14)
prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f)

5.262852906s ago: executing program 3 (id=5377):
r0 = epoll_create1(0x0)
r1 = fcntl$dupfd(r0, 0x2, 0xffffffffffffffff)
bpf$BPF_PROG_ATTACH(0x9, &(0x7f0000000140)={@cgroup=r1, 0xffffffffffffffff, 0x11, 0x0, r1, @void, @value}, 0x11)
bind$alg(r1, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'poly1305\x00'}, 0x58)
r2 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="9f01000083667d1040206402d14e0102030109021b000100000000090400000190f19c000905f3ed"], 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
r3 = socket$inet(0xa, 0x1, 0x82)
connect$inet(r3, &(0x7f0000000440)={0x2, 0xfffd, @rand_addr=0x64010102}, 0x10)
listen(r3, 0x8)
r4 = socket$netlink(0x10, 0x3, 0x4)
writev(r4, &(0x7f0000000000)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560a84476080ffe00600000000590000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x40b}], 0x1)
syz_usb_control_io(r2, 0x0, 0x0)
syz_usb_control_io$printer(r2, 0x0, 0x0)
syz_usb_control_io(r2, 0x0, &(0x7f0000000600)={0x44, &(0x7f0000000340)={0x40, 0xf, 0x1, 'V'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r2, 0x0, 0x0)
bind$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
listen(0xffffffffffffffff, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r5}, 0x10)
ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560a, &(0x7f0000000000)={0x5, 0x0, 0x7fff, 0x0, 0x4, 0xfffc})
r6 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$SG_SET_RESERVED_SIZE(r6, 0x2275, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r6, 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x6, &(0x7f0000000080)={0x8, &(0x7f0000000040)=[{0x4, 0xa4, 0x7, 0x5}, {0x9, 0xfa, 0xf7, 0x4c71}, {0x9, 0x8e, 0x12, 0x8001}, {0x1, 0x94, 0x5, 0x2}, {0x80, 0x5, 0x8, 0x73}, {0x6, 0x81, 0x2, 0x42c2}, {0x2, 0x0, 0x5, 0x2}, {0x1, 0x10, 0x0, 0x6}]})
ioctl$KVM_SET_CPUID2(r9, 0x4048aecb, &(0x7f0000000100)=ANY=[@ANYBLOB="0500"])

5.180232868s ago: executing program 2 (id=5379):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$UI_ABS_SETUP(r1, 0x401c5504, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x0, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r4, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r4, 0x0)
preadv(r4, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000002700)=""/102392, 0x18ff8)
socket$inet6_sctp(0xa, 0x5, 0x84)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r6, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r7 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r7, 0x400448c8, &(0x7f0000000340)={r6, r6, 0x8, 0x1, &(0x7f0000000440)="e6", 0x29, 0x49, 0x46d, 0xa11, 0x0, 0x2, 0x7, 'syz0\x00'})
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000"/34, @ANYRES32=0x41424344], 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r8 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x14)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)

5.179232877s ago: executing program 4 (id=5380):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB], &(0x7f00000000c0)='GPL\x00', 0x0, 0x100a, &(0x7f0000001400)=""/4106, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
fsopen(0x0, 0x0)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r5}, 0x4)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000280)='xen_cpu_write_ldt_entry\x00', r6, 0x0, 0x10}, 0x18)
shmctl$IPC_INFO(0x0, 0x3, 0x0)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0xffffffffffffffa0)
creat(&(0x7f0000000100)='./file0\x00', 0x0)
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
mount$fuseblk(&(0x7f0000002440), &(0x7f0000002480)='./file0\x00', &(0x7f00000024c0), 0x0, &(0x7f00000001c0)={{'fd', 0x3d, r7}, 0x2c, {'rootmode', 0x3d, 0xa000}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="34000000100001f8ffffff000000000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000000c002b8008000100", @ANYRES32=r0, @ANYBLOB="08001b"], 0x34}}, 0x4004010)

5.11887757s ago: executing program 0 (id=5381):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x20, 0x30}, 0xc)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000040)="8d", 0x1}], 0x1)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000280), 0x800, 0x0)
close(0x3)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@nfs_export_on}]})
chdir(&(0x7f00000000c0)='./bus\x00')
creat(&(0x7f0000000440)='./file0\x00', 0x0)
setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000140)=0x3, 0x4)
writev(r0, &(0x7f0000000600)=[{&(0x7f0000000100)='^', 0x34000}], 0x1c)

5.01854014s ago: executing program 0 (id=5382):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6(0xa, 0x2, 0x3a)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0900000006000000080000000800000000000000", @ANYRES32, @ANYBLOB="fcffffff00000000000000000000c09bc1430000000042223a872d943e10a334b8cfc84a4731e65c473bc2a5e2f83e66d57bed8f3ed0e768880874", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000840)={&(0x7f00000004c0), 0x0, 0x0, 0x0, 0x8, r3}, 0x38)
r4 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x80000)
r5 = socket(0x2, 0x400000000002, 0x0)
setsockopt(r5, 0x0, 0x20, &(0x7f00000002c0)="0000762a1d2d2ed9fd270000", 0xc)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000000)={0x5, 0x2})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x2}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x6, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r7 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r8=>0x0})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r6, r8, 0x25, 0x16}, 0x14)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r9 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r9, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$unix(0x1, 0x5, 0x0)

4.15529483s ago: executing program 4 (id=5383):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x140, 0x82)
r1 = fanotify_init(0x4, 0x101801)
fanotify_mark(r1, 0x105, 0x40001032, r0, 0x0)
open(&(0x7f0000000180)='./file2\x00', 0x1cd842, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0)
fcntl$setlease(r2, 0x400, 0x1)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r3, 0x3fffff)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = eventfd2(0x0, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x19, 0xf, &(0x7f0000000080)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r7}, {}, {}, {0x85, 0x0, 0x0, 0xf}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0xba}}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r9, 0xae60)
ioctl$KVM_CREATE_PIT2(r9, 0x4040ae77, &(0x7f0000000040))
ioctl$KVM_SET_PIT(r9, 0x8048ae66, &(0x7f0000000080)={[{0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x6}, {}, {0xff, 0x4, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_HYPERV_EVENTFD(r5, 0x4018aebd, &(0x7f0000000140)={0x3, r6})
close_range(r4, 0xffffffffffffffff, 0x0)

4.048286549s ago: executing program 0 (id=5384):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_open_procfs(0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000015c0)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_group_source_req(r4, 0x29, 0x2e, &(0x7f0000000140)={0x0, {{0xa, 0x0, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xa}, 0x3}}}, 0x108)

4.047805332s ago: executing program 1 (id=5385):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x20, 0x30}, 0xc)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f00000003c0)="1a", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback, 0x2000000}, 0x1c)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000040)="8d", 0x1}], 0x1)
setsockopt$inet6_mtu(r0, 0x29, 0x17, 0x0, 0x0)
writev(r0, &(0x7f0000000600)=[{&(0x7f0000000100)='^', 0x34000}], 0x1c)

3.682719338s ago: executing program 1 (id=5386):
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=@newsa={0x220, 0x10, 0x713, 0x10, 0x0, {{@in6=@local, @in6=@local}, {@in6=@remote, 0x0, 0x33}, @in=@remote, {0x0, 0x7, 0x0, 0x0, 0x0, 0x1}, {0x9}, {0x4}, 0x3, 0x0, 0x2, 0x4}, [@algo_aead={0x130, 0x12, {{'ccm_base(ecb-aes-aesni,nhpoly1305)\x00'}, 0x720, 0x0, "1c25c5e42f6e03ad2b713a2c62a14f0e5ddc9dc7e335062f7cb83d3214f5d3034d48afaa759525329dbe3103ffba406392cf476276d2f11b122b2d0c671ee1fdb8dc335cdf718190c85c98ce4577f266e831c4979dc8415fc8df27ffd9ad9c01dee011678ac418a15b2543cc31d586b2eb8a2da1820e58f65e48ab1589cbbaadb7cb24e4a801697619f16b7ee1c31fd2997d7a58d06f0f10321b2b096bccdffab55cbca57fd60b060b5a7f5e7fdafa5cacd39db41c6821b10b6674d98711bc915f24928152997620853e02468bc849eb38df90251202b459b33e1fec2b00ab3260a948d8"}}]}, 0x220}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_HYPERV_EVENTFD(r2, 0x4048aec9, &(0x7f0000000080)={0x4, 0xffffffffffffffff, 0x1})
sendmmsg$unix(0xffffffffffffffff, &(0x7f000000db40)=[{{0x0, 0x0, &(0x7f0000001700)=[{&(0x7f00000004c0)="99b7a9ebe6223393821b470b64bf7ab0865d263310163a50b4516a7623e6fd9504c0b06c70fc4cbdfccc59198e679bb54868938089f8ebfc292ce44cc7c10eae0631051af2fc8f869028bbabc316c913d547d1365acf98c2d9fd5e67feb3d214ee2d5fffc373c66c101c3ff6fc43a903a5793ca8fa8e12d3cbdb0c891e6b048e09ddd23541fcfb36b72557b9331db08ee1ec493c4db726b82d5004beb6d06363a20e6999c752884dc6a163230192f5e615422541f50289e1c261caebe29ad1fe246b8524f61eb68d192cdefe42b64c1d106afa562405b95ac48282e8d2956d240688c4a4f87d39d9a5ae445a927c1c05ae61dace1fb3221e82a7e50065fd3c7149d08860a759b48b8ed3b8a7d2f19e2d5a4db8e93b03a7142c7e853ef5b738eba29c51a7eb5d959c20b314a2daca9a0039e9f81cc33bf7535d90266f438539f724f152556484c946bb52cb41e8104e2169dda16aa910c35c8d5541ec508b825c352d53b1061ab75c14d13aa041e1f96e5b876c6fe6f1afd2fb480f3971d57b454346e0892c36329e93d245f9fbaccf534081031431af5349851fa30d6bed96fddd0c19aea06eb0ab70e609009e2a06dc6c3edf7a2b3ffe0601e5a536989c59d03034b289e644e13668704c297e7e881d8869b33867c3410435508c615cbce246c28cc7c6b71c9c39d64de3357b3885a90143189ae1e86be23e8bb9ce3893d658f6b694a8eabb5594b1f5e63d50e7745a815e1e8441bed84cb0328da3982ded10fb6a00d8db5547bcadd740031417cf5a060709cd224a3926df973c6b7d5329a7879b74bebbf260556e9d9838c5c673e7f69cb2b4f3809ac536f9271023f43be8d912c8878cdca44678d561a6accb3c09b95c6163c840", 0x276}], 0x1, 0x0, 0x0, 0x20004005}}], 0x1, 0x40000)
r3 = syz_usb_connect(0x0, 0x4a, &(0x7f0000000040)=ANY=[], 0x0)
syz_usb_control_io$hid(r3, &(0x7f0000000400)={0x24, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_ep_write$ath9k_ep1(r3, 0x82, 0xc38, &(0x7f0000000080)=ANY=[])
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x4000, 0x0)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x800)
pipe2(&(0x7f0000000200), 0x84800)
sendmsg$BATADV_CMD_GET_TRANSTABLE_LOCAL(r4, &(0x7f00000003c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x3c, 0x0, 0x2, 0x70bd25, 0x25dfdbfd, {}, [@BATADV_ATTR_VLANID={0x6, 0x28, 0x2}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x7}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x75ba84d7}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x1968}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000}, 0x8081)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000006c0)=@newtaction={0x70, 0x30, 0xffffffffffffffff, 0x0, 0x25dfdbfd, {}, [{0x5c, 0x1, [@m_bpf={0x58, 0x1, 0x0, 0x0, {{0x8}, {0x30, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18, 0x2, {0x1, 0x0, 0x4}}, @TCA_ACT_BPF_FD={0x8}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x1}, @TCA_ACT_BPF_OPS={0x4}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x70}}, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000440)='block_bio_complete\x00', r6, 0x0, 0x1}, 0x18)
write$cgroup_int(r5, 0x0, 0x0)

3.609650315s ago: executing program 4 (id=5387):
faccessat2(0xffffffffffffff9c, 0x0, 0x5, 0x300)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xc063000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000000)={0x0, 0xb007}, 0x4)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000980)={'wg2\x00', <r4=>0x0})
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x11, 0x0, r4}, 0x14)
r5 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r5, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x1f}, 0x9}, 0x1c)
r6 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
sendmsg(r5, &(0x7f00000000c0)={0x0, 0x952f, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0x5dc}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)

2.732531932s ago: executing program 0 (id=5388):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000040)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1b, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r2}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
munlockall()
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r5, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r4, r6, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@textreal={0x8, 0x0}], 0x1, 0x5a, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

2.570128262s ago: executing program 4 (id=5389):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x1, 0x6476, 0xd})
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r0, 0x100000000)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000040260933334000000000010902240001000000000904000001030100000921000000012201000905810308"], 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io(r1, &(0x7f0000000080)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="000002"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r2 = syz_usb_connect$uac1(0x6, 0x0, 0x0, 0x0)
syz_usb_control_io$uac1(r2, &(0x7f0000000500)={0x14, 0x0, &(0x7f0000000740)={0x0, 0x3, 0xde, @string={0xde, 0x3, "0b06a2a4f18274ada4f99c2c898849506b77c3fe60278ae0d2b1bc70c8354b376f2816d2bf4d565ff0f55dc180dfd7892486561ebde902c342071f29d2d93933891167cc1f328d825dc3f9cd03f228b7c482cc269a9269a8335723612fb47703563a877011a9ca582bd008c0d96b082515fae5cdfac38ae496e4823e5c23a032e6be3475aec037d4d82f30beae0013ccd9bd9b0095a0e1d0002e16154e723e6433e1f190204064f23bc5c326e9bc6a4449be73fdd5a3e5eaa554ebd466e06104d4b368f10697e3f43ed02420589a430d296ef3b3f004d38108dcae5f"}}}, &(0x7f0000000a40)={0x44, 0x0, 0x0, &(0x7f00000008c0)={0x0, 0x8, 0x1, 0x11}, &(0x7f0000000900)={0x20, 0x81, 0x1, "03"}, &(0x7f0000000940)={0x20, 0x82, 0x3, "915a66"}, 0x0, 0x0, 0x0})
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_ep_write(r1, 0x81, 0xffffff75, &(0x7f00000002c0)="b9425b44651dd23241963599000000110000004a16941ff5f4b4f1f0add7fcf2b877fceafffffffffff1ffdf4cd9f5d3969890522c77157d88010000003a5bd5531d459dffff03000000000091ff000000e8f5b3371da3635b8b4fa637135800001f65e4b436aa9e50bc0f19b7d3372ff9ebcede1fb5e9428f54d5d1f0cc752cf246a5d2da34a5aa97dc14a469c3dd3e26b41c356484e46fd66e3f2c7807e8773eed7b94fa099ab84feadec2ea95f65bba452eae5b0900f98a979a88c517a2dc360a00237723e2f467af706ea17226296b3a10a351cb47aba2c6b836c90679b4dd859ddc9e4800448aab0000000000000d75f34bb50d8d7084")
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="9feb01001800000000000000200000002000000000000000000000000100000d000000000000000002000000010000000000000c00000000002e00"], &(0x7f0000000840)=""/254, 0x3b, 0xfe, 0x1, 0x0, 0x0, @void, @value}, 0x20)
mount$tmpfs(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x40082, &(0x7f0000000180)={[{@inode64}, {@nr_blocks={'nr_blocks', 0x3d, [0x70, 0x2e, 0x0, 0x0, 0x35, 0x37, 0x70, 0x36]}}], [{@euid_lt}, {@measure}]})
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080), 0x4a100, 0x0)
shutdown(r3, 0x1)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0), 0x2002, 0x0)

1.709103252s ago: executing program 0 (id=5390):
openat(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000786000/0x1000)=nil, 0x1000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf4f59000)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000180), 0x40000)
syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0xc0c00)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
close_range(r1, 0xffffffffffffffff, 0x400000000000000)

1.279829109s ago: executing program 2 (id=5391):
mount(&(0x7f0000000000)=@loop={'/dev/loop', 0x0}, &(0x7f0000000040)='./cgroup\x00', &(0x7f00000000c0)='ext2\x00', 0x208000, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0xea851000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x8000)
times(&(0x7f0000000340))
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000180)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@enum, @struct={0x0, 0x1, 0x0, 0x4, 0x1, 0x0, [{0x0, 0x1, 0x80000000}]}]}}, 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r1 = syz_open_dev$vcsu(&(0x7f0000000300), 0x5f84, 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, 0x0, &(0x7f0000000100)='//\xf2/\x06\b\xba\xdf/o\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b//\\\xf9\rm\x05\x00)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x8cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97Mn_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab\x01\x80\x00\x00\x00\x00\x00\x00\x00\xf9D\xd4\x82X5\x13\xaa\x87\xd9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e<#\xf8D\x96\xd6p\x01\xcc:\xa6\xc5nF?F\x95\x81\xe91\xbe}\xd1\x95\x1a\"\xf9\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x1bR\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xaf\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1aL\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o\b^\x12\x8e\xd5\x98~\b\xa5\xc9+\xdf\"~\x9b\x1b\xec\x80!\x10\xc6\xa8\xd8\xff\x06\xf2\xab\xa1\x10`Q\x06\t\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfc4\xbb\xee\x91\xab\xdb4\\\n!\xeb|Y\xed\xc86\x11\xd1\xd6\x87\x8d\x93\xa8\xb9\xf0\xd5\xe5\nU\xac\\El\a\xfa{\x12F\x17\xd6\x90\xa1\xb4G\xe8\xac\xb7\xef\xc2\b8\xd6\x18c\x8c\xc0\xa2\xb8\x02\xba\xec\" Z\x9ca\xe3\x90\x9d\xce\xf3\x8c\x8e91\xc1;K', 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x2041, 0x0)
ioctl$TCSETAF(r2, 0x5408, &(0x7f0000000080)={0x49de, 0x0, 0x0, 0xbfff, 0x0, "ec28a144f13d7607"})
write$binfmt_aout(r2, &(0x7f00000000c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r2, 0x40045431, &(0x7f0000000dc0)={0x0, 0x1, 0x80000001, 0x0, 0x13, "00fe00002300000000000000000000db981696"})
r3 = syz_open_pts(r2, 0x0)
dup3(r3, r2, 0x0)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0x6)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x3ff, 0x1, &(0x7f0000000080))
ioctl$SNDRV_TIMER_IOCTL_PAUSE(r0, 0x54a3)
creat(&(0x7f0000000040)='./file0\x00', 0x67)

1.236388049s ago: executing program 0 (id=5392):
syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000240)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4f3, 0x755, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x40, 0xb1, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x101, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x3ff, 0xc}}}}}]}}]}}, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
syz_emit_vhci(&(0x7f0000002f40)=ANY=[@ANYBLOB], 0x200)

1.216351818s ago: executing program 3 (id=5393):
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000), 0x88281, 0x0)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x101002, 0x0)
ioctl$RFKILL_IOCTL_NOINPUT(r1, 0x5201)
syz_usb_connect$hid(0x6, 0x3f, &(0x7f0000000080)=ANY=[], 0x0)
syz_usb_connect$cdc_ncm(0x2, 0x8b, &(0x7f0000000280)=ANY=[@ANYBLOB="12011001020000202505a1a4400001020301090279000201b570400904000001020d000008240600010bbd8905240002000d240f01040000005f00f900090624f708001010240708050001fe080006000a001000052415b30005240101010905810308000900ec0904010000020d000009040101ae020d000009058202ff03070801090503020000080493"], &(0x7f0000000340)={0xa, &(0x7f0000000040)={0xa, 0x6, 0x250, 0x0, 0x41, 0x10, 0x40, 0x2}, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="0500000000"], 0x1, [{0x4, &(0x7f0000000140)=@lang_id={0x4, 0x3, 0x421}}]})
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000fff000/0x1000)=nil, 0x1000, &(0x7f0000000000)='#\\\x00')
futex_waitv(&(0x7f0000001d40)=[{0xc43d, 0x0, 0x2}], 0x1, 0x0, &(0x7f0000002600), 0x2)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r2 = inotify_init1(0x0)
inotify_add_watch(r2, &(0x7f0000000440)='.\x00', 0x12000021)
r3 = socket(0x10, 0x2, 0x0)
r4 = syz_open_dev$vcsu(&(0x7f0000000240), 0x5, 0x21e140)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r4, 0x4040942c, &(0x7f00000005c0)={0x0, 0x2, [0x200, 0x5, 0x5, 0x6, 0xfffffffffffffffb, 0x7]})
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000ffd000/0x1000)=nil, 0x1000}, 0x1})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f0000000480)={'ip6gre0\x00', &(0x7f00000009c0)={'syztnl1\x00', 0x0, 0x0, 0xfd, 0x0, 0x4, 0x15, @empty, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x0, 0x0, 0x8}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r3, 0x89f3, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000180)={'ip6_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x64, @empty, @empty}})
fcntl$setflags(r0, 0x2, 0x0)
ioctl$RFKILL_IOCTL_NOINPUT(r0, 0x5201)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r5, &(0x7f0000000040)={0x1f, 0x0, @any, 0xfffa}, 0xe)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000280)=ANY=[@ANYBLOB="7f454c461c02f9b7ff7f00000000000002000300fffeffffdf02"], 0x78)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
connect$bt_l2cap(r5, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0xe}, 0xe)
r7 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
ioctl$sock_bt_bnep_BNEPCONNADD(r7, 0x400442c8, &(0x7f00000000c0)=ANY=[@ANYRES32=r5])
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r8)

554.40049ms ago: executing program 1 (id=5394):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB], &(0x7f00000000c0)='GPL\x00', 0x0, 0x100a, &(0x7f0000001400)=""/4106, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
fsopen(0x0, 0x0)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r5}, 0x4)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000280)='xen_cpu_write_ldt_entry\x00', r6, 0x0, 0x10}, 0x18)
shmctl$IPC_INFO(0x0, 0x3, 0x0)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0xffffffffffffffa0)
creat(&(0x7f0000000100)='./file0\x00', 0x0)
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
mount$fuseblk(&(0x7f0000002440), &(0x7f0000002480)='./file0\x00', &(0x7f00000024c0), 0x0, &(0x7f00000001c0)={{'fd', 0x3d, r7}, 0x2c, {'rootmode', 0x3d, 0xa000}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="34000000100001f8ffffff000000000000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000000c002b8008000100", @ANYRES32=r0, @ANYBLOB="08001b"], 0x34}}, 0x4004010)

0s ago: executing program 2 (id=5395):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x800, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000900)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xb, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000006020207b1af8ff00000000bf"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f0000000180)=r5, 0x4)
sendmsg$unix(r3, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0)
ioctl$TCSETA(r2, 0x5406, &(0x7f00000001c0)={0x7d8, 0x6, 0x1, 0x8006, 0x8e, "25a2581fffffef00"})
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000240)=0xff)
pread64(0xffffffffffffffff, &(0x7f00000002c0)=""/37, 0x25, 0x800000000000004)
syz_emit_vhci(&(0x7f0000000780)=ANY=[@ANYBLOB="04222e0300000000000080000cd5195cf448eaefcdcdc2f761fc2f058ec0de10346b6ab1000006ffffffffffff08007fe0bc57faff0284b2e50607514ba65239f7cee7ee09524109a9689f712ee2c89501f94f8be01efc6e4b26260a5bfd707cf134a6a1debbe331ac472a611fb58be0806a671e7162e2131df60744227ff1535b300860c97fe410d0f40a254946090840ea7040c893ac653c6249edd48c3b16cae725b8b3e8795a222c8fede6c57db193"], 0x31)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x60, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_EXPR={0x2c, 0x11, 0x0, 0x1, @limit={{0xa}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_LIMIT_UNIT={0xc, 0x2, 0x1, 0x0, 0x3}, @NFTA_LIMIT_RATE={0xc, 0x1, 0x1, 0x0, 0x101}]}}}]}, @NFT_MSG_NEWSETELEM={0x3c, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x80000001}]}]}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x8, 0x3, 0x0, 0x1, [{0x4}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xe4}}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/asound/timers\x00', 0x0, 0x0)
lseek(r7, 0x164, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="58000000020603000000000000000000000000000500040001000000050001000700000011000300686173683a69702c706f7274000000000900020073797a3100000000050005000a0000000c000780050014"], 0x58}}, 0x0)
r8 = add_key$user(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x3}, &(0x7f0000000140)="ee91d0b57c76cc3f94d18931914731baff00207ffecffd7d9612474aadc7570cb5d14eb40385e841c31410cbfaccf00320d7573cc07b563b20e8cf6dd3311c365992f6e6c12921fa5a123a7b2509417610a9263222eb6551b8d076a75e7476c5d474bd938f1251d38da551778bd446b43e2a01d6e7126740fc8f3e871f4ec637411968bac70ee9d73ad2b7120e529956b66029937df58444751c639484c1be84e8f90fccd9d0a4dc0aa4", 0xaa, 0xfffffffffffffff8)
keyctl$instantiate_iov(0x14, 0x0, &(0x7f0000000040)=[{&(0x7f0000001280)="a03c142f32ae04baf8efb552004cf80f25431f31c0553dca015b948d49a0800abe1a9d6912b1488a3d38ef4b577680c121d65ae44fe1a6031d856a0d78871836eeee0b75702b026af74d2b9067e90e6de85fa48e92a88cc46b9d719e35885999871c48d34328fda5dd296478d8c2fdd71c698f5e194ccf195118c92eface7caca991c594dece110847a63df144fad8c6383168822f5f39fd2d66ad685162c6792e884488fdb2af366c4061d73431f13caef48a06d27f61acf2ac55abda7e62e4ba43534adf4d6025b5a1afb420cf34922dfae98154c96748fbb965dcf941311e131eca706467fe68938f6e50f904e4a37344421b9b722e616d402d46f7a6b0b4b3ca87bb7ca4124b2d3bcc48611e0dcb75678ff52c2778c932502f3cd4419c0ebace4b5a2a362fbe78b680a68e8892c78853cedbef9052c0bb230dc28fa21fe88521a69888330665abab8fd1e52d93bd5fcdc33fe68b11ca3f21b9426b28afe9df3351a76e45ab9e0fee511a314c9a9134ee3f61f6f828c47b4c50fc280a62dff528d510015ec8327169fded8b9c44914aaf3c35f79e418ce22fab5dc0f3c9d734c8569c59ba80637c3d2c7b7cc52d182c28a539bd4be5ac00045b12663be01ddd5b5b0e3b6bd520cf597cbb4402fb079ea3a5ad5a7ae3cd05fad25f274a88d461d6b748d9e4ebdfab582f287fbf9bb708c15eca36bb5a0659442068d5e3ec387f002ab197ccf26f7efb80bc2234f6a588886913857312e639044293cb8fb27639a1bb6d800cc817612249cb51980b61deb7eb66cc456a3d5c673b7785054bb771ca69fcd224047e24758852f0790f824506a5066646d0e9053217487541c933f974fcf5edeb460abaf573b98e6437d52cff6412fcab0facf9a37c9abbb25658abd25851123f8365fd6b97a872a8cb84b5500c24f2a761e5b8dc767574a4d2337f5524ac60fa0839da0dbf1246ce60b136d856e845e67eeb00eddb6103d65eb53475fce961bbf1c2d5647c33d56312fd876db9755a0a8526389887778ac1aea5986337837c6c822a7342eb165aff11c106c958e7a712e2184658c0818a4539c9404c4a5c7ce6f1c746bb1c559ac7209a2c0a07fd30f978e51bd4a65b3a8418b0e9dbd24961e598c888e8b96262ff21e07022221037e855c4d1c7fe430c83b71e7fa9284fcdcaadfdcccab8347b69a9befcb3e5056f018571bf52bc80f9a02dc34dcdc222aa7992fe25d17b7866820d3f9b8869291d66b5795bea3248fa2b73f2a3785a8e482c6a87637a490b234e79dfab79ad47e265003e890a2d274b919051a55be89558f90d0d9047ae5ca30861320142950b3872c5485a944f2b3bf6b740e48780c42df0848eda52080cae9e6792a373d6f3e18a7f6d0f2660a53d384208255d7ebad3223df69036851313ce52f954d4992f21bef964591e9fab0a23d745895c66b1a128765e5572d33d46b85d66f2e68608a76292f2cca2ce82907ae5fef588184269061a473e9890ea5e368cb7538e892dc444b29ec35a48e0acebd483b6286bfcf422c8011c00ef7d02a83abfe0de735f0b28d10742ec328d1867a129be26657dd16171046d400edeb5ef46b64bb6e14796bd60cb026765470719f946e057f6ea36e57e169ca5b583e1068c51aa8ede26d3b369c6ee9ef1cf106e05eba91576806ce6e425b3125d1da05a14d6584b624fdc28e21240a890239e6d3c5aa7fe3883f67f7d803dce4ede8f73cbe44048997c703c9d7e3156ecc3bf05f61264fcc5e93265ef7cd8a7ced24d09bcf758328270623508f5d206acfab7e601d24f7981fa2a2af7d4721931e67a6ad50d1ee045ab972013764b31d4d714a46d92dbeecfe8c39824675649d5a4e5a3776c6caefd724dee2c53e0c50f1aac0ddc251b8b12069a466f25e1ae71a2e0bdadda4c0f0f120ed73b0e59dd8279c33b727b0c2a3af045fdf017c35e41cc553902ce33c524967749478cd8149c4963cda02f921d00422c2e86e8b4bcc9c84729fa6a6903672ed38ca94fdd9ae8c20698240bfbd2ddacf181b03690a6d36d38ba2c019e8e1ae582f158a377709256becd1e61a31a6e0dc86e2607e4bc20f7a6abacd7e3102755e9abf9d86a6f17490902656e5c9bd7e2a9dac400f87b61101239e4a28c1244a74f33a3788705ce1964de5a625341c8da696f42983c80634f0319180314e484ba6df0725268c1456ddd31abba959ea4729c1baeeec8543e83757b371106b2e2b1724306338db6ee13dc27ab9dc9ea69d0958ae4bd8965d923e9fe0630fab4bb34c494abc944805a7bc6b7033636b3c1b13b853690812d1bc83220a264619233e252d7efbdb992e0d2463a38f7564b088d9c9191852468fffa80ef84f3be1b4bc487dfcd4942fc9c75b41bacb192d4ff5c519b8dc650cc18ea6a415705ea6f32e8d5c289f222c234ecd5dae3eb28030ceb47f3f5c6e4864e484604846918846204ca293a296e4a0328109ff28d2edafb5e3b67c2957d20f2f94f955410fd3ac2aa9513a0b39fe94a727e17248db80292b08e3358578ae5236e7478b4b2aeb690a4034c828340cca402bc3f74bf014d677a39ea70af21b69fd4e0a915ec032f1a14af3999e044b518fd886c8e9c0dcb9c151661bfdeda5c893b1c991f04cf4c5acb069d80b7c436609109ebd055aa7baee65ebc681de37667d5e69cc421167c5e59d14ffc81c155042f6d9fb27d53307af67b773f45068f36c675bea6a4a653be557cc9e4714b3483ab075c149f7fd021e50bf605aef7b49f7d3361f6f9c0a2e70e338ca9e7a3d246db26dcbd6430246077e6c6da4c51648e8a26d7a816b04c9a83358e7fceda80cfb115e634168718c68f335111eee537124a520b095b909509ceeae4b79f3065e3f99174a14fe2dae6b32c4649305a7256832caa18c31cd3e815a2e7d7cfc71d3be23c92da57cd1cc359132a53673f61c34aae691758d028a3512632c2db1e3900a8d745177287da11c4ee743a925ca5c52a366d0f1bae5273eb48bada47e4a976ee1a77fb72459727c43b4936bd38278563aa21eee53a2e361bd6d10fd0df28e3450691575abfbbeffa75803dc4d6ffd97aaaa4b0b83035e2ec3981abccfcf4a313ed205c708e0f2453e061866ed724576ca90e8d0e543b05e679b6c0492f522f663436972dac81532293691d2a14bf9b78fcc8411ef76307b24fd58394de3136d5c45fcefe62b9da3615c713a436d97b50a09adaf231d2dd4e6e009a54eb82adc666febc9c2f8ff25a6a78ab076c48504d3be9798bbf15c3bc76b5396cf28f5f2c5d0f9640c628be2f0898adbb55166582e7c0fcf2dc2f218e824e53c1b1438ad4e9a0f64632cc87deb9e8c840fc11324f3e2c5615ac4985a7d78f27da7ba71744415afac71d4102021ea012652c0717ea67ce29a928d53c2a11bdcc768adc2a42a21ee1ef32a2a96f06478030877efcc3ee1c7e5b89dacf9f340e60817aeefc61e73940be84cd4bf84ef95f85298630bfac0d252bbde9da2af160184aa437b560577a64378a022164a2e2d4a3bf96271502f958aea90bdb25718febde8019ee0818af46944f7259822a8e1b892415f7ab946b037552200e56fffa395ed9b98482acb53a5ac353b8e84473ae92088bffe0285cf87c3e179e25e6135f4fdab324762af84da9b01f8daa8251028ad0811985030526478c60acf4bd8866873c25c77b681bd6830ba2be54df943d39f9c48ddcdff3fb86dc3b9b72c37088f8a5df0bc3c3df7c38ef93fdb1ed21bf814dd22a44ef591d179a0656a4e9f56fd98268ea547d4126f6c6ec2e505464250bd84e26d8abba76b218d6f3d0a2c8239f6a8727d409058e05359b9ebe136fa1bd27401833cff654ef10f7b893b22841442e9f744a37a87f6ac3e4ae1673271e51722a9a5f82455f9e66c01ef735b1b3b3cba2db2ea659531769980650a6ae54c1de599399acc86877ca315e9304d55b177dc728e5ccf0dc92847674efb78668108230262e913ac38e95c93a319e05bddde437f13317c089a5fe9239328f033e740e752c203f6b16450cb7d2dd7f05e5e0bb0757dde4d20488006797c1bbd12c9d60b7756815430e0855e8f02d5579e929bba68bf3db9c902b16ce9605eb6e78f541f52d46ad3c6a3b4eb34f7367268db210acfe87538599e44059355f3c96b1c5f0e8ead11579330226e77bb19ea826d64e62221078a100a97e9fb4adb86b091fb19cd765005f1a3b4fbb42764d3b491c643f85598dcabe723012f9d733c48d6d4b4689db196151a83f000ebfd33f9ea82d9c6c3d7e643492411030243eb6e23a32c866c94b25b4dcf239373a5f0630cfafdbbb7bd2ed87ec441629ad8c645b849dae87d5f2f11c997c5fa1654fd0d00d4838917da8f5724e91b62ddd1373a87d740c4df32d6f6e32b0d9b7aac17ae2bf8dfc7d44cf850066b7663afc6c9a8e09f6b3b3ec48e84757a80ebd97bbf5300657e53a221e509dd15c0ed035a1040bf2b4ba87b350d319ce42b4f37c194abd52a8656c573efbe61a5adb5dd2c469b15e342a32028d79cc2645ec4ef3e7a31eedeab86453ececfc3ea5e53c5a45dce1209bdc3e02047428dce51912781d4163aeffbc609a457c980acf4c6d30970dbc96ef8e8374b2abe1597887b7e3cda39e10d6369b071c3f5817956e506324f94b76f6547418f7f4164d6934e1d3ed61564cc25a9c6fcfd92aea7791f84aa900c45710c70e8a7127dc97e4fda9dcd5cda8892411f9be7d725be07d2b75148c6e214337e39714c30893d90eb0ae628fc7277420503bf44d8087d8cab6295e59163cc01821962a0d37fccb9715f93ed1c7b20cd11f997fdd247bcbcd1cfe751d2405b3367d13cb5de1de329a963f6f3b5fe1f02aa5ee9f73d97817617ce6828057becbc8d586abc25540f2d22cb8ddd7aa4a6c658c0717d49201cc8ddcae0ac414407fa55f207a96faf55226951291d42e059cc626d0199e949f3eaa7b1ffde79636a5a42c030dd7afb7e6be1ebfd45724c0cd42ee16d6f94c8f21b2aee6f4797e688ef9c107b08050417eff101fef0b4acf9ad91865edb9f89e95ed1de19a3ef68107e999c09dcfea1579a6ba074685f21c289695219c54309a0daaded4dda1633bf4d0aeed121fcf1b9be08ceb49542b164fe0a4201679f89bd5ea3fd4ec197101593c861a8619025d791202f1886589e6eb9cd49c6917942441e1c1c386a22c4c4fbb58f48b71f9bef72a6e824d45ee324eebc8fbbcc0cf2f70e9c87453e2e3dc56fd77981b0ee20b28f11926a8fd63164bc8451a5631c3bbf7590c28247866b44020187850ff1be9aadb4b746afff51a9764df823eca33cc5160f6cbb395e021b9574ed920edb763e2f39ef83847a4e9df0b11834109bdca12c21cf0843d0882f4f775f0a350c572d50d00a1ce97986c52475d14f49c7d8ee6633b6b65ccec6a6a77171b6a61e2d483afff96ffdba2a580c44934051967f5e4c513ea9e5442880cb61909d4473689129461c1a1804074122a6bb5095177e7b00a31ef0f429fa20ca454bc180b90450409cb12c24e6fbec4b4d9f6ea5f43edd50a0a4d9a8929e0f6b3aa5f0e90f42b083e8a9e98534ab67161b41772fecdd93b23a0830fbc6732693183ddbec454a83e20972a031a0958fda6386be69b96bad6df1b7780be39242f6d5e70278e2e8e530d524afaec2a72855fb99855757be7b7c7d9c0918e04a8511578aadf20a96667e8a065061377d04b5e45ed4df965cfc55ed92179900670b1b491bc469749b09c3f7bf9c82e8875e881ff8cc435529200", 0x1000}], 0x1, r8)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)={0x64, 0x2, 0x6, 0x5, 0xa, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x10, 0x3, 'bitmap:port\x00'}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6}, @IPSET_ATTR_PORT_TO={0x6}, @IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x5}]}]}, 0x64}}, 0x0)

kernel console output (not intermixed with test programs):

ferent from the interface descriptor's value: 2
[ 1543.704544][T23461] usb 4-1: config 1 interface 0 has no altsetting 0
[ 1543.867813][T23461] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1543.914229][T23461] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1543.933804][T23461] usb 4-1: Product: syz
[ 1543.948201][T23461] usb 4-1: Manufacturer: syz
[ 1543.968914][T23461] usb 4-1: SerialNumber: syz
[ 1543.976693][T24248] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1543.983927][T24248] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1544.339037][T14025] usb 3-1: new high-speed USB device number 113 using dummy_hcd
[ 1544.499466][T14025] usb 3-1: Using ep0 maxpacket: 16
[ 1544.520417][T14025] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1544.541206][T14025] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 1544.558547][T14025] usb 3-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[ 1544.581964][T14025] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1544.601144][T14025] usb 3-1: config 0 descriptor??
[ 1544.613834][T14025] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[ 1544.627170][T14025] dvb-usb: bulk message failed: -22 (3/0)
[ 1544.641886][T14025] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1544.657919][T14025] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[ 1544.671367][T14025] usb 3-1: media controller created
[ 1544.707638][T14025] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1544.739524][T14025] dvb-usb: bulk message failed: -22 (6/0)
[ 1544.750241][T14025] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[ 1544.760642][T14025] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input147
[ 1544.786791][T14025] dvb-usb: schedule remote query interval to 150 msecs.
[ 1544.794682][T14025] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[ 1544.948950][T14025] dvb-usb: bulk message failed: -22 (1/0)
[ 1544.963670][T14025] dvb-usb: error while querying for an remote control event.
[ 1545.191311][T14025] dvb-usb: bulk message failed: -22 (1/0)
[ 1545.197196][T14025] dvb-usb: error while querying for an remote control event.
[ 1545.298296][T23461] cdc_ether 4-1:1.0: probe with driver cdc_ether failed with error -22
[ 1545.322002][T23461] usb 4-1: USB disconnect, device number 5
[ 1545.468937][T14025] dvb-usb: bulk message failed: -22 (1/0)
[ 1545.487579][T14025] dvb-usb: error while querying for an remote control event.
[ 1545.564643][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[ 1545.583674][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[ 1545.583771][T24284] tmpfs: Unknown parameter 'usrquota'½r'
[ 1545.650519][T13364] usb 3-1: USB disconnect, device number 113
[ 1546.436399][T13364] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[ 1549.788972][T14025] usb 2-1: new high-speed USB device number 108 using dummy_hcd
[ 1549.958973][T14025] usb 2-1: Using ep0 maxpacket: 8
[ 1549.981975][T14025] usb 2-1: New USB device found, idVendor=0763, idProduct=2080, bcdDevice=d0.ab
[ 1549.997396][T14025] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1550.025161][T14025] usb 2-1: Product: syz
[ 1550.046349][T14025] usb 2-1: Manufacturer: syz
[ 1550.051136][T14025] usb 2-1: SerialNumber: syz
[ 1550.104613][T14025] usb 2-1: config 0 descriptor??
[ 1551.271563][T14025] usb 2-1: USB disconnect, device number 108
[ 1551.944543][T24331] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4984'.
[ 1552.085762][T24339] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4985'.
[ 1552.095483][T24339] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4985'.
[ 1552.882943][T13538] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1553.920188][T24356] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1553.950528][T24356] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1553.960402][T14025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1553.968504][T24356] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1554.010801][T24356] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1554.019353][T24356] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1554.028055][T24359] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1554.069006][T24356] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1554.210839][T24361] FAULT_INJECTION: forcing a failure.
[ 1554.210839][T24361] name failslab, interval 1, probability 0, space 0, times 0
[ 1554.225158][T24361] CPU: 0 UID: 0 PID: 24361 Comm: syz.2.4993 Not tainted 6.14.0-rc7-syzkaller-00179-gb3ee1e460951 #0
[ 1554.225180][T24361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1554.225191][T24361] Call Trace:
[ 1554.225196][T24361]  <TASK>
[ 1554.225203][T24361]  dump_stack_lvl+0x16c/0x1f0
[ 1554.225230][T24361]  should_fail_ex+0x50a/0x650
[ 1554.225259][T24361]  should_failslab+0xc2/0x120
[ 1554.225278][T24361]  kmem_cache_alloc_noprof+0x6e/0x3d0
[ 1554.225296][T24361]  ? skb_clone+0x190/0x3f0
[ 1554.225323][T24361]  skb_clone+0x190/0x3f0
[ 1554.225347][T24361]  netlink_deliver_tap+0xabd/0xd30
[ 1554.225373][T24361]  netlink_unicast+0x5e1/0x7f0
[ 1554.225397][T24361]  ? __pfx_netlink_unicast+0x10/0x10
[ 1554.225426][T24361]  netlink_sendmsg+0x8b8/0xd70
[ 1554.225451][T24361]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1554.225483][T24361]  ____sys_sendmsg+0xaaf/0xc90
[ 1554.225502][T24361]  ? copy_msghdr_from_user+0x10b/0x160
[ 1554.225525][T24361]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1554.225553][T24361]  ___sys_sendmsg+0x135/0x1e0
[ 1554.225577][T24361]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1554.225611][T24361]  ? __pfx_lock_release+0x10/0x10
[ 1554.225632][T24361]  ? trace_lock_acquire+0x14e/0x1f0
[ 1554.225658][T24361]  ? __fget_files+0x206/0x3a0
[ 1554.225682][T24361]  __sys_sendmsg+0x16e/0x220
[ 1554.225705][T24361]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1554.225744][T24361]  do_syscall_64+0xcd/0x250
[ 1554.225768][T24361]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1554.225790][T24361] RIP: 0033:0x7facfa78d169
[ 1554.225803][T24361] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1554.225819][T24361] RSP: 002b:00007facfb63a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1554.225835][T24361] RAX: ffffffffffffffda RBX: 00007facfa9a5fa0 RCX: 00007facfa78d169
[ 1554.225845][T24361] RDX: 0000000000004050 RSI: 0000200000000040 RDI: 0000000000000004
[ 1554.225855][T24361] RBP: 00007facfb63a090 R08: 0000000000000000 R09: 0000000000000000
[ 1554.225863][T24361] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1554.225872][T24361] R13: 0000000000000000 R14: 00007facfa9a5fa0 R15: 00007fff444f7178
[ 1554.225892][T24361]  </TASK>
[ 1554.249082][T14025] usb 5-1: new high-speed USB device number 93 using dummy_hcd
[ 1554.516608][T24367] netlink: 112 bytes leftover after parsing attributes in process `syz.2.4995'.
[ 1554.521600][   T30] audit: type=1400 audit(1742571711.543:1843): avc:  denied  { read } for  pid=24362 comm="syz.2.4995" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[ 1554.639150][T14025] usb 5-1: Using ep0 maxpacket: 16
[ 1554.680841][T14025] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1554.701842][T14025] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 1554.753327][T14025] usb 5-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[ 1554.822880][T14025] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1554.876243][T14025] usb 5-1: config 0 descriptor??
[ 1554.888985][T13364] usb 3-1: new high-speed USB device number 114 using dummy_hcd
[ 1554.893029][T14025] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[ 1554.912350][T14025] dvb-usb: bulk message failed: -22 (3/0)
[ 1554.921272][T14025] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1554.933682][T14025] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[ 1554.942662][T14025] usb 5-1: media controller created
[ 1555.024928][T23461] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1555.079056][T13364] usb 3-1: Using ep0 maxpacket: 16
[ 1556.257637][T23974] Bluetooth: hci5: command 0x041b tx timeout
[ 1556.263321][T14025] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1556.295265][T13364] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1557.337381][T13364] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1557.350466][T13364] usb 3-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[ 1557.359629][T13364] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1557.614113][T14025] dvb-usb: bulk message failed: -22 (6/0)
[ 1557.614526][T13364] usb 3-1: config 0 descriptor??
[ 1557.619925][T14025] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[ 1557.621069][T14025] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input148
[ 1557.628997][T13364] usb 3-1: can't set config #0, error -71
[ 1557.650962][T13364] usb 3-1: USB disconnect, device number 114
[ 1557.805316][T14025] dvb-usb: schedule remote query interval to 150 msecs.
[ 1557.812447][T14025] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[ 1557.906896][T24385] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1557.915773][T24385] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1558.356875][T23461] dvb-usb: bulk message failed: -22 (1/0)
[ 1558.371226][T23461] dvb-usb: error while querying for an remote control event.
[ 1558.389216][T14025] usb 5-1: USB disconnect, device number 93
[ 1558.607458][T23461] net_ratelimit: 4 callbacks suppressed
[ 1558.607473][T23461] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1558.695321][T24392] Option 'D' to dns_resolver key: bad/missing value
[ 1558.822628][T14025] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[ 1558.855543][T24395] netlink: 'syz.0.5002': attribute type 19 has an invalid length.
[ 1559.239123][T17340] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1559.288973][T14025] usb 5-1: new high-speed USB device number 94 using dummy_hcd
[ 1559.312284][   T30] audit: type=1400 audit(1742571716.343:1844): avc:  denied  { wake_alarm } for  pid=24394 comm="syz.0.5002" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 1560.718951][T14025] usb 5-1: Using ep0 maxpacket: 8
[ 1560.804619][T23461] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1560.805384][   T30] audit: type=1326 audit(1742571717.803:1845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24398 comm="syz.3.5003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ee978d169 code=0x7ffc0000
[ 1560.841900][   T30] audit: type=1326 audit(1742571717.803:1846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24398 comm="syz.3.5003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ee978d169 code=0x7ffc0000
[ 1560.869881][   T30] audit: type=1326 audit(1742571717.873:1847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24398 comm="syz.3.5003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3ee978d169 code=0x7ffc0000
[ 1560.933871][   T30] audit: type=1326 audit(1742571717.873:1848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24398 comm="syz.3.5003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3ee978d169 code=0x7ffc0000
[ 1560.990524][   T30] audit: type=1326 audit(1742571717.873:1849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24398 comm="syz.3.5003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3ee978d169 code=0x7ffc0000
[ 1561.031662][T14025] usb 5-1: config 127 has an invalid interface number: 171 but max is 1
[ 1561.040077][T14025] usb 5-1: config 127 has no interface number 1
[ 1561.046344][T14025] usb 5-1: config 127 interface 171 has no altsetting 0
[ 1561.053348][T14025] usb 5-1: config 127 interface 0 has no altsetting 0
[ 1561.060363][   T30] audit: type=1326 audit(1742571717.873:1850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24398 comm="syz.3.5003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3ee978d169 code=0x7ffc0000
[ 1561.088208][T14025] usb 5-1: New USB device found, idVendor=04e2, idProduct=1414, bcdDevice=c5.b9
[ 1561.097535][T14025] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1561.106084][T14025] usb 5-1: Product: syz
[ 1561.110325][T14025] usb 5-1: Manufacturer: syz
[ 1561.114971][T14025] usb 5-1: SerialNumber: syz
[ 1561.125436][   T30] audit: type=1326 audit(1742571717.873:1851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24398 comm="syz.3.5003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3ee978d169 code=0x7ffc0000
[ 1561.325184][T24405] FAULT_INJECTION: forcing a failure.
[ 1561.325184][T24405] name failslab, interval 1, probability 0, space 0, times 0
[ 1561.338114][T24405] CPU: 0 UID: 0 PID: 24405 Comm: syz.2.5004 Not tainted 6.14.0-rc7-syzkaller-00179-gb3ee1e460951 #0
[ 1561.338138][T24405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1561.338148][T24405] Call Trace:
[ 1561.338154][T24405]  <TASK>
[ 1561.338161][T24405]  dump_stack_lvl+0x16c/0x1f0
[ 1561.338188][T24405]  should_fail_ex+0x50a/0x650
[ 1561.338217][T24405]  should_failslab+0xc2/0x120
[ 1561.338238][T24405]  kmem_cache_alloc_noprof+0x6e/0x3d0
[ 1561.338257][T24405]  ? skb_clone+0x190/0x3f0
[ 1561.338286][T24405]  skb_clone+0x190/0x3f0
[ 1561.338312][T24405]  netlink_deliver_tap+0xabd/0xd30
[ 1561.338341][T24405]  netlink_unicast+0x5e1/0x7f0
[ 1561.338367][T24405]  ? __pfx_netlink_unicast+0x10/0x10
[ 1561.338391][T24405]  ? netlink_sendmsg+0x822/0xd70
[ 1561.338421][T24405]  netlink_sendmsg+0x8b8/0xd70
[ 1561.338449][T24405]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1561.338483][T24405]  ____sys_sendmsg+0xaaf/0xc90
[ 1561.338503][T24405]  ? copy_msghdr_from_user+0x10b/0x160
[ 1561.338529][T24405]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1561.338560][T24405]  ___sys_sendmsg+0x135/0x1e0
[ 1561.338588][T24405]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1561.338623][T24405]  ? __pfx_lock_release+0x10/0x10
[ 1561.338646][T24405]  ? trace_lock_acquire+0x14e/0x1f0
[ 1561.338673][T24405]  ? __fget_files+0x206/0x3a0
[ 1561.338697][T24405]  __sys_sendmsg+0x16e/0x220
[ 1561.338723][T24405]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1561.338764][T24405]  do_syscall_64+0xcd/0x250
[ 1561.338789][T24405]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1561.338812][T24405] RIP: 0033:0x7facfa78d169
[ 1561.338825][T24405] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1561.338841][T24405] RSP: 002b:00007facfb619038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1561.338857][T24405] RAX: ffffffffffffffda RBX: 00007facfa9a6080 RCX: 00007facfa78d169
[ 1561.338870][T24405] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[ 1561.338880][T24405] RBP: 00007facfb619090 R08: 0000000000000000 R09: 0000000000000000
[ 1561.338889][T24405] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1561.338898][T24405] R13: 0000000000000000 R14: 00007facfa9a6080 R15: 00007fff444f7178
[ 1561.338920][T24405]  </TASK>
[ 1562.140444][   T30] audit: type=1326 audit(1742571717.873:1852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24398 comm="syz.3.5003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3ee978d169 code=0x7ffc0000
[ 1562.158036][T13538] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1562.164455][   T30] audit: type=1326 audit(1742571717.873:1853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24398 comm="syz.3.5003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3ee978d169 code=0x7ffc0000
[ 1562.240737][T14025] usb 5-1: can't set config #127, error -71
[ 1562.248779][T14025] usb 5-1: USB disconnect, device number 94
[ 1562.268953][   T30] audit: type=1326 audit(1742571717.873:1854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24398 comm="syz.3.5003" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3ee978d169 code=0x7ffc0000
[ 1562.294339][T13364] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1562.712193][T24412] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1563.059058][T13364] usb 5-1: new high-speed USB device number 95 using dummy_hcd
[ 1563.101852][T24416] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5008'.
[ 1563.163919][T14025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1563.219902][T13364] usb 5-1: Using ep0 maxpacket: 32
[ 1563.246725][T13364] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[ 1563.262087][T13364] usb 5-1: config 0 has no interface number 0
[ 1563.648963][T13364] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[ 1563.657999][T13364] usb 5-1: config 0 has no interface number 0
[ 1563.682764][T13364] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[ 1563.697872][T13364] usb 5-1: config 0 has no interface number 0
[ 1563.721131][T13364] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1563.735930][T13364] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1563.747927][T13364] usb 5-1: Product: syz
[ 1563.754368][T13364] usb 5-1: Manufacturer: syz
[ 1563.761380][T13364] usb 5-1: SerialNumber: syz
[ 1563.770764][T13364] usb 5-1: config 0 descriptor??
[ 1563.790436][T24425] Invalid logical block size (32)
[ 1563.799981][T13364] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1564.003537][T13364] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[ 1564.013701][T13364] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[ 1564.208757][T23461] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1564.406931][    C0] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71
[ 1564.407754][T23461] usb 5-1: USB disconnect, device number 95
[ 1564.579830][T23974] Bluetooth: hci5: command 0x041b tx timeout
[ 1564.991061][T23461] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[ 1565.029245][T23461] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[ 1565.075498][T23461] quatech2 5-1:0.51: device disconnected
[ 1565.291869][T24438] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1565.300734][T24438] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1565.736122][T13364] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1565.744278][T13538] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1565.748287][ T5821] Bluetooth: hci5: Received unexpected HCI Event 0x00
[ 1565.759514][T17340] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1566.061575][T17340] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[ 1566.239098][T17340] usb 4-1: Using ep0 maxpacket: 32
[ 1566.251369][T17340] usb 4-1: config 0 has an invalid descriptor of length 189, skipping remainder of the config
[ 1566.270322][T17340] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1566.299080][T17340] usb 4-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[ 1566.309114][T17340] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1566.320042][T17340] usb 4-1: config 0 descriptor??
[ 1566.336428][T17340] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[ 1566.368989][T23461] usb 2-1: new full-speed USB device number 109 using dummy_hcd
[ 1566.514639][T24449] syz1: rxe_newlink: already configured on syz_tun
[ 1566.541658][T23461] usb 2-1: not running at top speed; connect to a high speed hub
[ 1566.563867][T23461] usb 2-1: config 1 interface 0 altsetting 8 endpoint 0x81 has invalid maxpacket 512, setting to 64
[ 1566.604489][T23461] usb 2-1: config 1 interface 0 altsetting 8 endpoint 0x82 has invalid maxpacket 512, setting to 64
[ 1566.618946][T23461] usb 2-1: config 1 interface 0 altsetting 8 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1566.639065][T23461] usb 2-1: config 1 interface 0 has no altsetting 0
[ 1566.647867][T23461] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1566.657069][T23461] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1566.665157][T23461] usb 2-1: Product: syz
[ 1566.669480][T23461] usb 2-1: Manufacturer: syz
[ 1566.674128][T23461] usb 2-1: SerialNumber: syz
[ 1566.687137][T24443] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[ 1566.694559][T24443] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[ 1566.703072][T17340] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1566.780326][T18523] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1566.923880][T23461] cdc_ether 2-1:1.0: probe with driver cdc_ether failed with error -22
[ 1566.935152][T23461] usb 2-1: USB disconnect, device number 109
[ 1566.998203][T24461] ubi: mtd0 is already attached to ubi31
[ 1567.706416][T24465] rdma_rxe: rxe_newlink: failed to add syz_tun
[ 1567.803093][T13538] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1568.793046][T13538] usb 3-1: new high-speed USB device number 115 using dummy_hcd
[ 1568.801702][T17340] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1568.877921][T24480] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1568.887082][T24480] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1569.310132][ T5821] Bluetooth: hci5: Received unexpected HCI Event 0x00
[ 1569.325528][T23461] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1569.329540][   T10] usb 4-1: USB disconnect, device number 6
[ 1569.410073][T13538] usb 3-1: Using ep0 maxpacket: 8
[ 1569.416432][T13538] usb 3-1: config 127 has an invalid interface number: 171 but max is 1
[ 1569.425013][T13538] usb 3-1: config 127 has no interface number 1
[ 1569.431681][T13538] usb 3-1: config 127 interface 171 has no altsetting 0
[ 1569.438727][T13538] usb 3-1: config 127 interface 0 has no altsetting 0
[ 1569.453695][T13538] usb 3-1: New USB device found, idVendor=04e2, idProduct=1414, bcdDevice=c5.b9
[ 1569.462853][T13538] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1569.472994][T13538] usb 3-1: Product: syz
[ 1569.478976][T13538] usb 3-1: Manufacturer: syz
[ 1569.531949][T13538] usb 3-1: SerialNumber: syz
[ 1569.608974][T23461] usb 5-1: new high-speed USB device number 96 using dummy_hcd
[ 1570.049003][T23461] usb 5-1: Using ep0 maxpacket: 8
[ 1570.158833][T23461] usb 5-1: New USB device found, idVendor=0763, idProduct=2080, bcdDevice=d0.ab
[ 1570.173068][T23461] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1570.254246][T23461] usb 5-1: Product: syz
[ 1570.258415][T23461] usb 5-1: Manufacturer: syz
[ 1570.268923][T23461] usb 5-1: SerialNumber: syz
[ 1570.275449][T23461] usb 5-1: config 0 descriptor??
[ 1570.351307][T24493] netlink: 'syz.0.5029': attribute type 10 has an invalid length.
[ 1570.369458][T18523] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1570.396003][   T30] kauditd_printk_skb: 59 callbacks suppressed
[ 1570.396017][   T30] audit: type=1400 audit(1742572239.422:1914): avc:  denied  { mount } for  pid=24494 comm="syz.1.5030" name="/" dev="configfs" ino=1120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[ 1570.540938][   T30] audit: type=1400 audit(1742572239.422:1915): avc:  denied  { setattr } for  pid=24494 comm="syz.1.5030" name="/" dev="configfs" ino=1120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[ 1570.724793][   T30] audit: type=1400 audit(1742572239.562:1916): avc:  denied  { read } for  pid=24494 comm="syz.1.5030" name="/" dev="configfs" ino=1120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[ 1570.752125][   T30] audit: type=1400 audit(1742572239.562:1917): avc:  denied  { open } for  pid=24494 comm="syz.1.5030" path="/351/file0" dev="configfs" ino=1120 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[ 1570.777115][T23461] usb 5-1: USB disconnect, device number 96
[ 1570.783652][T13538] xr_serial 3-1:127.171: xr_serial converter detected
[ 1570.796396][T13538] xr_serial ttyUSB0: Failed to set reg 0x1a: -71
[ 1570.816878][T13538] xr_serial ttyUSB0: probe with driver xr_serial failed with error -71
[ 1570.831759][T13538] usb 3-1: USB disconnect, device number 115
[ 1570.846024][T13538] xr_serial 3-1:127.171: device disconnected
[ 1571.308937][   T30] audit: type=1400 audit(1742572496.335:1918): avc:  denied  { unmount } for  pid=18245 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[ 1571.525330][T13538] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1571.565395][T24518] kvm: requested 5028 ns i8254 timer period limited to 200000 ns
[ 1572.409337][T13364] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1572.459081][   T10] usb 2-1: new high-speed USB device number 110 using dummy_hcd
[ 1572.468038][T24519] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1572.477000][T24519] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1572.931330][T13538] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1573.083726][T17340] kernel write not supported for file /1345/net/netstat (pid: 17340 comm: kworker/0:0)
[ 1573.281925][   T10] usb 2-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[ 1573.293009][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1573.301871][   T30] audit: type=1400 audit(1742572498.325:1919): avc:  denied  { map } for  pid=24527 comm="syz.2.5040" path="socket:[96273]" dev="sockfs" ino=96273 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[ 1573.302598][   T10] usb 2-1: config 0 descriptor??
[ 1573.379202][   T30] audit: type=1400 audit(1742572498.325:1920): avc:  denied  { getopt } for  pid=24527 comm="syz.2.5040" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1573.474838][T24538] fuse: Unknown parameter '0x0000000000000004'
[ 1574.208296][T23461] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1574.467477][T13364] usb 5-1: new high-speed USB device number 97 using dummy_hcd
[ 1574.573933][   T10] elan 0003:04F3:0755.004C: unknown main item tag 0x0
[ 1574.580906][   T10] elan 0003:04F3:0755.004C: item fetching failed at offset 3/5
[ 1574.590184][   T10] elan 0003:04F3:0755.004C: Hid Parse failed
[ 1574.596221][   T10] elan 0003:04F3:0755.004C: probe with driver elan failed with error -22
[ 1574.619051][T24548] fuse: Bad value for 'user_id'
[ 1574.624184][T24548] fuse: Bad value for 'user_id'
[ 1574.655956][T18523] usb 2-1: USB disconnect, device number 110
[ 1574.722295][T13364] usb 5-1: Using ep0 maxpacket: 8
[ 1574.793379][T24550] random: crng reseeded on system resumption
[ 1574.902420][T13364] usb 5-1: New USB device found, idVendor=0763, idProduct=2080, bcdDevice=d0.ab
[ 1574.955007][T13364] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1575.038333][T13364] usb 5-1: Product: syz
[ 1575.046295][T13364] usb 5-1: Manufacturer: syz
[ 1575.060019][T13364] usb 5-1: SerialNumber: syz
[ 1575.066111][T13364] usb 5-1: config 0 descriptor??
[ 1575.074498][T24548] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5046'.
[ 1575.249161][T18523] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1575.311580][T13364] usb 5-1: USB disconnect, device number 97
[ 1575.479745][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1576.293557][T13538] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1576.301697][T13538] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1576.618958][T13364] usb 2-1: new high-speed USB device number 111 using dummy_hcd
[ 1577.330240][T13538] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1577.340659][T13364] usb 2-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[ 1577.369634][T13364] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1577.383806][T13364] usb 2-1: config 0 descriptor??
[ 1577.554878][T24584] kvm: requested 5028 ns i8254 timer period limited to 200000 ns
[ 1577.820504][T13364] elan 0003:04F3:0755.004D: unknown main item tag 0x0
[ 1577.843244][T13364] elan 0003:04F3:0755.004D: item fetching failed at offset 3/5
[ 1577.851606][T13364] elan 0003:04F3:0755.004D: Hid Parse failed
[ 1577.857637][T13364] elan 0003:04F3:0755.004D: probe with driver elan failed with error -22
[ 1577.949142][T13538] usb 3-1: new full-speed USB device number 116 using dummy_hcd
[ 1578.146432][ T5821] Bluetooth: hci5: unexpected event 0x2f length: 509 > 260
[ 1578.338813][T23461] usb 2-1: USB disconnect, device number 111
[ 1578.394287][T18523] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1578.538847][T13364] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1578.628010][T13538] usb 3-1: not running at top speed; connect to a high speed hub
[ 1578.698512][T13538] usb 3-1: config 1 interface 0 altsetting 8 endpoint 0x81 has invalid maxpacket 512, setting to 64
[ 1578.756560][T13538] usb 3-1: config 1 interface 0 altsetting 8 endpoint 0x82 has invalid maxpacket 512, setting to 64
[ 1578.806870][T13538] usb 3-1: config 1 interface 0 altsetting 8 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1578.889968][T13538] usb 3-1: config 1 interface 0 has no altsetting 0
[ 1578.975817][T13538] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1579.053788][T13538] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1579.111962][T13538] usb 3-1: Product: syz
[ 1579.159569][T13538] usb 3-1: Manufacturer: syz
[ 1579.196954][T13538] usb 3-1: SerialNumber: syz
[ 1579.262546][T24581] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[ 1579.269780][T24581] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[ 1579.502205][T13538] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -22
[ 1579.660440][T13538] usb 3-1: USB disconnect, device number 116
[ 1580.317832][T23461] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1580.368369][T24601] fuse: Bad value for 'fd'
[ 1580.469021][T14025] usb 5-1: new high-speed USB device number 98 using dummy_hcd
[ 1580.639450][T14025] usb 5-1: Using ep0 maxpacket: 16
[ 1580.650999][T14025] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1580.737763][T14025] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 1581.319691][T23461] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1581.444297][T14025] usb 5-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[ 1581.474228][T24613] random: crng reseeded on system resumption
[ 1581.481979][T14025] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1581.508798][T14025] usb 5-1: config 0 descriptor??
[ 1581.521689][T14025] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[ 1581.559157][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1581.583651][T14025] dvb-usb: bulk message failed: -22 (3/0)
[ 1581.599822][T24619] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5061'.
[ 1581.615127][T14025] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1581.945224][T14025] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[ 1581.952682][T14025] usb 5-1: media controller created
[ 1581.974393][T14025] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1581.999229][T14025] dvb-usb: bulk message failed: -22 (6/0)
[ 1582.006474][T14025] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[ 1582.054798][T14025] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input150
[ 1582.154380][T14025] dvb-usb: schedule remote query interval to 150 msecs.
[ 1582.161363][T14025] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[ 1582.318961][T14025] dvb-usb: bulk message failed: -22 (1/0)
[ 1582.324755][T14025] dvb-usb: error while querying for an remote control event.
[ 1582.359149][T23461] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1582.498969][T14025] dvb-usb: bulk message failed: -22 (1/0)
[ 1582.510002][T14025] dvb-usb: error while querying for an remote control event.
[ 1582.689034][T14025] dvb-usb: bulk message failed: -22 (1/0)
[ 1582.694759][T14025] dvb-usb: error while querying for an remote control event.
[ 1582.729694][T14025] usb 5-1: USB disconnect, device number 98
[ 1582.905474][T24636] fuse: Bad value for 'user_id'
[ 1582.929088][T24636] fuse: Bad value for 'user_id'
[ 1582.954058][T14025] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[ 1582.963767][T24637] kvm: requested 5028 ns i8254 timer period limited to 200000 ns
[ 1583.183694][T24641] random: crng reseeded on system resumption
[ 1583.414784][T14025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1583.486708][T24636] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5069'.
[ 1584.439275][T23461] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1584.766275][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1584.919390][T24657] rdma_rxe: rxe_newlink: failed to add syz_tun
[ 1585.029250][T23461] usb 5-1: new high-speed USB device number 99 using dummy_hcd
[ 1585.091697][   T10] usb 3-1: new high-speed USB device number 117 using dummy_hcd
[ 1585.211904][T23461] usb 5-1: Using ep0 maxpacket: 16
[ 1585.233307][T23461] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[ 1585.248898][T23461] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1585.277583][T23461] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1585.277644][   T10] usb 3-1: Using ep0 maxpacket: 8
[ 1585.301807][   T10] usb 3-1: New USB device found, idVendor=0763, idProduct=2080, bcdDevice=d0.ab
[ 1585.311106][T23461] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1585.319358][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1585.339039][T13538] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[ 1585.357797][   T10] usb 3-1: Product: syz
[ 1585.367302][   T10] usb 3-1: Manufacturer: syz
[ 1585.373676][T23461] usb 5-1: Product: syz
[ 1585.388104][   T10] usb 3-1: SerialNumber: syz
[ 1585.392817][T23461] usb 5-1: Manufacturer: syz
[ 1585.392836][T23461] usb 5-1: SerialNumber: syz
[ 1585.394207][T23461] usb 5-1: config 0 descriptor??
[ 1585.412420][   T10] usb 3-1: config 0 descriptor??
[ 1585.489127][T14025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1585.503448][T23461] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 1585.531422][T23461] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class)
[ 1585.550397][T13538] usb 4-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[ 1585.574642][T13538] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1585.605578][T13538] usb 4-1: config 0 descriptor??
[ 1585.654988][T24667] fuse: Bad value for 'fd'
[ 1585.837991][T24669] random: crng reseeded on system resumption
[ 1585.949699][T13364] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1585.996322][   T10] usb 3-1: USB disconnect, device number 117
[ 1586.177221][T24667] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5079'.
[ 1586.190928][T13538] elan 0003:04F3:0755.004E: unknown main item tag 0x0
[ 1586.200125][T13538] elan 0003:04F3:0755.004E: item fetching failed at offset 3/5
[ 1586.208153][T13538] elan 0003:04F3:0755.004E: Hid Parse failed
[ 1586.214436][T13538] elan 0003:04F3:0755.004E: probe with driver elan failed with error -22
[ 1586.276493][T23461] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[ 1586.289075][T23461] em28xx 5-1:0.0: Config register raw data: 0xfffffffb
[ 1586.379116][   T30] audit: type=1400 audit(1742572511.388:1921): avc:  denied  { read } for  pid=24675 comm="syz.2.5080" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[ 1586.488035][   T10] usb 4-1: USB disconnect, device number 7
[ 1586.512352][T23461] em28xx 5-1:0.0: AC97 chip type couldn't be determined
[ 1586.529919][T23461] em28xx 5-1:0.0: No AC97 audio processor
[ 1586.598067][T23461] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1586.617150][T23974] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1586.641840][T24660] syz_tun (unregistering): left allmulticast mode
[ 1586.660484][T23974] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1586.668584][T23974] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1586.679624][T23974] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1586.690983][T23974] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1586.699464][T23974] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1586.735510][   T30] audit: type=1400 audit(1742572511.768:1922): avc:  denied  { mounton } for  pid=24672 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[ 1586.819914][T24686] kvm: requested 5028 ns i8254 timer period limited to 200000 ns
[ 1586.833976][T24672] lo speed is unknown, defaulting to 1000
[ 1587.268132][T24698] fuse: Unknown parameter '0x0000000000000004'
[ 1587.310566][T24694] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5085'.
[ 1587.363200][   T30] audit: type=1400 audit(1742572512.398:1923): avc:  denied  { open } for  pid=24691 comm="syz.2.5085" path="/dev/ptyq8" dev="devtmpfs" ino=127 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[ 1587.365942][T24672] chnl_net:caif_netlink_parms(): no params data found
[ 1587.975829][T13364] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1587.984019][T13364] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1588.152592][T13538] usb 5-1: USB disconnect, device number 99
[ 1588.159430][T13538] em28xx 5-1:0.0: Disconnecting em28xx
[ 1588.166045][T13538] em28xx 5-1:0.0: Freeing device
[ 1588.177176][T24672] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1588.204294][T24672] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1588.205083][T24713] rdma_rxe: rxe_newlink: failed to add syz_tun
[ 1588.227000][T24672] bridge_slave_0: entered allmulticast mode
[ 1588.258538][T24672] bridge_slave_0: entered promiscuous mode
[ 1588.581528][T24672] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1588.602681][T24672] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1588.619051][T24672] bridge_slave_1: entered allmulticast mode
[ 1588.630025][T24672] bridge_slave_1: entered promiscuous mode
[ 1588.745791][T24720] loop2: detected capacity change from 0 to 7
[ 1588.756651][T24720] Dev loop2: unable to read RDB block 7
[ 1588.762355][ T5821] Bluetooth: hci2: command tx timeout
[ 1588.779369][T24720]  loop2: unable to read partition table
[ 1588.785923][T24720] loop2: partition table beyond EOD, truncated
[ 1588.796911][T24720] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[ 1588.831250][T24672] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1588.849441][T24672] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1588.999289][T13538] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1590.039388][T13538] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1590.054894][T24672] team0: Port device team_slave_0 added
[ 1590.095138][T24672] team0: Port device team_slave_1 added
[ 1590.154643][T24672] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1590.161684][T24672] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1590.210665][T24672] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1590.288233][T24672] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1590.316113][T24672] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1590.342184][T24672] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1590.502075][T24672] hsr_slave_0: entered promiscuous mode
[ 1590.529670][T24672] hsr_slave_1: entered promiscuous mode
[ 1590.549405][T24672] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1590.575110][T24672] Cannot create hsr debugfs directory
[ 1590.740621][T24672] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1590.758973][T13364] usb 2-1: new high-speed USB device number 112 using dummy_hcd
[ 1590.773696][T24672] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1590.848925][ T5821] Bluetooth: hci2: command tx timeout
[ 1590.954699][T13364] usb 2-1: Using ep0 maxpacket: 8
[ 1590.966813][T13364] usb 2-1: New USB device found, idVendor=0763, idProduct=2080, bcdDevice=d0.ab
[ 1590.980154][T24672] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1590.990418][T13364] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1590.990442][T13364] usb 2-1: Product: syz
[ 1590.990457][T13364] usb 2-1: Manufacturer: syz
[ 1590.990471][T13364] usb 2-1: SerialNumber: syz
[ 1591.014432][T13364] usb 2-1: config 0 descriptor??
[ 1591.056658][T24672] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1591.081000][ T5864] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1591.089348][T13538] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1591.186891][T24672] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1591.207493][T24672] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1591.337770][T24672] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1591.367389][T13364] usb 2-1: USB disconnect, device number 112
[ 1591.367702][T24672] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1591.435586][T24744] tmpfs: Unknown parameter 'usrquota'½r'
[ 1591.568706][T24672] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1591.577166][T24672] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1591.590525][T24672] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1591.604768][T24672] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1591.764005][T24672] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1591.796418][T24672] 8021q: adding VLAN 0 to HW filter on device team0
[ 1591.809855][T11552] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1591.816968][T11552] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1591.830994][ T6374] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1591.838089][ T6374] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1591.902788][T24672] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1591.948992][T24672] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1592.185847][T14025] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[ 1592.343587][T22316] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1592.723245][T14025] usb 4-1: config 133 has an invalid interface number: 92 but max is 0
[ 1592.735684][T14025] usb 4-1: config 133 has no interface number 0
[ 1592.742370][T14025] usb 4-1: config 133 interface 92 altsetting 252 endpoint 0x6 has invalid maxpacket 512, setting to 64
[ 1592.973040][T14025] usb 4-1: config 133 interface 92 has no altsetting 0
[ 1592.980266][ T5821] Bluetooth: hci2: command tx timeout
[ 1592.993290][T14025] usb 4-1: New USB device found, idVendor=0499, idProduct=500c, bcdDevice=10.ee
[ 1593.013031][T14025] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1593.290143][T24773] netlink: 'syz.1.5104': attribute type 1 has an invalid length.
[ 1593.452406][T24773] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link
[ 1593.659938][T24752] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5100'.
[ 1593.671063][T23461] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1593.696221][T24752] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5100'.
[ 1593.771683][T24774] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1593.896773][T24752] bond1: entered promiscuous mode
[ 1593.955338][T24752] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1594.129997][T17340] usb 5-1: new high-speed USB device number 100 using dummy_hcd
[ 1594.136484][T14025] usb 4-1: string descriptor 0 read error: -71
[ 1594.226911][T14025] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[ 1594.232970][T24672] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1594.250997][T13364] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1594.258413][T14025] snd-usb-audio 4-1:133.92: probe with driver snd-usb-audio failed with error -2
[ 1594.352607][T14025] usb 4-1: USB disconnect, device number 8
[ 1594.461277][T17340] usb 5-1: Using ep0 maxpacket: 32
[ 1594.496586][T17340] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[ 1594.518631][T17340] usb 5-1: config 0 has no interface number 0
[ 1594.545077][T17340] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[ 1594.566447][T17340] usb 5-1: config 0 has no interface number 0
[ 1594.595211][T17340] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[ 1594.620338][T17340] usb 5-1: config 0 has no interface number 0
[ 1594.659748][T17340] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1594.690286][T23461] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1594.705494][T17340] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1594.760950][T17340] usb 5-1: Product: syz
[ 1594.788960][T17340] usb 5-1: Manufacturer: syz
[ 1594.827228][T17340] usb 5-1: SerialNumber: syz
[ 1594.920054][T17340] usb 5-1: config 0 descriptor??
[ 1595.007442][T17340] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1595.008940][ T5821] Bluetooth: hci2: command tx timeout
[ 1595.765610][T23461] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1595.799260][T13364] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1595.824818][T17340] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[ 1595.887825][T24672] veth0_vlan: entered promiscuous mode
[ 1596.036119][T17340] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[ 1596.186558][T24672] veth1_vlan: entered promiscuous mode
[ 1596.597684][T24672] veth0_macvtap: entered promiscuous mode
[ 1596.913622][    C0] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71
[ 1596.914809][T13538] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1596.929636][T23461] usb 5-1: USB disconnect, device number 100
[ 1596.937023][T24672] veth1_macvtap: entered promiscuous mode
[ 1596.953048][T23461] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[ 1596.977505][T24672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1597.008586][T24672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1597.026437][T23461] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[ 1597.041604][T24672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1597.139643][T24672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1597.150071][T24672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1597.160587][T24672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1597.170434][T24672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1597.180988][T24672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1597.191111][T24672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1597.201598][T24672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1597.214082][T23461] quatech2 5-1:0.51: device disconnected
[ 1598.142624][T13538] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1598.150901][T13538] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1598.159384][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1598.171078][ T5864] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1598.179211][ T5864] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1598.228619][T24672] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1598.283963][T24672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1598.299023][T24672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1598.309199][T24672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1598.319740][T24672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1598.359020][T24672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1598.406144][T24672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1598.442995][T24672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1599.199669][T24672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1599.229091][T24672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1599.239939][T24672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1599.249362][T23461] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1599.981631][T24672] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1600.097036][T24672] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1600.129681][T24672] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1600.162113][T24672] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1600.189209][T24672] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1600.358375][T13538] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1600.878564][T16268] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1600.956864][T16268] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1601.269366][T17340] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1601.290873][T16268] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1601.325832][T16268] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1601.350645][T17340] hid-generic 0005:046D:0A11.004F: item fetching failed at offset 0/1
[ 1601.438814][   T30] audit: type=1400 audit(1742572526.468:1924): avc:  denied  { mounton } for  pid=24672 comm="syz-executor" path="/root/syzkaller.8YxK74/syz-tmp" dev="sda1" ino=1960 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[ 1601.484899][T17340] hid-generic 0005:046D:0A11.004F: probe with driver hid-generic failed with error -22
[ 1601.495271][T23461] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1601.576615][   T30] audit: type=1400 audit(1742572526.478:1925): avc:  denied  { mounton } for  pid=24672 comm="syz-executor" path="/root/syzkaller.8YxK74/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[ 1601.693847][   T30] audit: type=1400 audit(1742572526.478:1926): avc:  denied  { mounton } for  pid=24672 comm="syz-executor" path="/root/syzkaller.8YxK74/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=98687 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[ 1601.783618][   T30] audit: type=1400 audit(1742572526.528:1927): avc:  denied  { mounton } for  pid=24672 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=2728 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[ 1601.842092][   T30] audit: type=1400 audit(1742572526.528:1928): avc:  denied  { mount } for  pid=24672 comm="syz-executor" name="/" dev="gadgetfs" ino=7527 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[ 1602.004960][   T30] audit: type=1400 audit(1742572526.608:1929): avc:  denied  { mounton } for  pid=24672 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[ 1602.879068][T23461] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1603.250970][   T30] audit: type=1400 audit(1742572528.268:1930): avc:  denied  { mounton } for  pid=24838 comm="syz.0.5119" path="/1/file0" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=file permissive=1
[ 1603.346945][   T30] audit: type=1400 audit(1742572528.378:1931): avc:  denied  { setattr } for  pid=24838 comm="syz.0.5119" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1603.399428][T24852] fuse: Bad value for 'user_id'
[ 1603.404460][   T30] audit: type=1400 audit(1742572528.418:1932): avc:  denied  { write } for  pid=24838 comm="syz.0.5119" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1603.425207][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1603.436736][T24852] fuse: Bad value for 'user_id'
[ 1603.869925][   T30] audit: type=1400 audit(1742572528.418:1933): avc:  denied  { open } for  pid=24838 comm="syz.0.5119" path="/1/file0" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1603.891993][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1603.959418][T13538] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1604.123627][T24853] random: crng reseeded on system resumption
[ 1604.236693][ T5864] usb 5-1: new high-speed USB device number 101 using dummy_hcd
[ 1604.705305][T24854] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5123'.
[ 1604.741759][T14025] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[ 1604.750697][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1604.930447][T14025] usb 4-1: Using ep0 maxpacket: 16
[ 1604.939816][T14025] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[ 1604.939836][T14025] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1604.942396][T14025] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1604.942411][T14025] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1604.942422][T14025] usb 4-1: Product: syz
[ 1604.942430][T14025] usb 4-1: Manufacturer: syz
[ 1604.942438][T14025] usb 4-1: SerialNumber: syz
[ 1604.943384][T14025] usb 4-1: config 0 descriptor??
[ 1604.944771][T14025] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 1604.944796][T14025] em28xx 4-1:0.0: Audio interface 0 found (Vendor Class)
[ 1604.948726][ T5864] usb 5-1: Using ep0 maxpacket: 8
[ 1604.979086][ T5864] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x99, changing to 0x89
[ 1604.979116][ T5864] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[ 1604.986689][ T5864] usb 5-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[ 1604.986715][ T5864] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1604.986735][ T5864] usb 5-1: Product: syz
[ 1604.986752][ T5864] usb 5-1: Manufacturer: syz
[ 1604.986767][ T5864] usb 5-1: SerialNumber: syz
[ 1604.988271][ T5864] usb 5-1: config 0 descriptor??
[ 1604.999552][T13538] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1605.048927][ T5864] rc_core: IR keymap rc-streamzap not found
[ 1605.048947][ T5864] Registered IR keymap rc-empty
[ 1605.049373][ T5864] rc rc0: Streamzap PC Remote Infrared Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[ 1605.050101][ T5864] input: Streamzap PC Remote Infrared Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input153
[ 1605.454624][ T5864] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1605.466040][T17340] usb 5-1: USB disconnect, device number 101
[ 1606.289724][T23461] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1606.400180][T14025] em28xx 4-1:0.0: unknown em28xx chip ID (0)
[ 1606.402221][T14025] em28xx 4-1:0.0: Config register raw data: 0xfffffffb
[ 1606.910898][T14025] em28xx 4-1:0.0: AC97 chip type couldn't be determined
[ 1606.918049][T14025] em28xx 4-1:0.0: No AC97 audio processor
[ 1606.970371][T14025] usb 4-1: USB disconnect, device number 9
[ 1607.008034][T14025] em28xx 4-1:0.0: Disconnecting em28xx
[ 1607.014494][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[ 1607.021470][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[ 1607.133768][T14025] em28xx 4-1:0.0: Freeing device
[ 1607.349064][T13538] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1608.646132][ T5864] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1608.670329][T14025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1609.296997][T24924] fuse: Bad value for 'fd'
[ 1609.414643][ T5864] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[ 1609.589090][T13364] usb 3-1: new high-speed USB device number 118 using dummy_hcd
[ 1609.695912][T24925] random: crng reseeded on system resumption
[ 1609.720391][T23461] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1609.729949][ T5864] usb 4-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[ 1609.748910][ T5864] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1609.759017][T13364] usb 3-1: Using ep0 maxpacket: 16
[ 1609.777989][T13364] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[ 1609.800036][ T5864] usb 4-1: config 0 descriptor??
[ 1609.808145][T13364] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1609.863290][T13364] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1609.872586][T13364] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1609.896195][T13364] usb 3-1: Product: syz
[ 1609.912191][T13364] usb 3-1: Manufacturer: syz
[ 1609.925545][T13364] usb 3-1: SerialNumber: syz
[ 1609.941411][T13364] usb 3-1: config 0 descriptor??
[ 1609.958562][T13364] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 1609.982664][T13364] em28xx 3-1:0.0: Audio interface 0 found (Vendor Class)
[ 1610.020412][T24924] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5140'.
[ 1610.277579][ T5864] elan 0003:04F3:0755.0050: unknown main item tag 0x0
[ 1610.288234][ T5864] elan 0003:04F3:0755.0050: item fetching failed at offset 3/5
[ 1610.304046][ T5864] elan 0003:04F3:0755.0050: Hid Parse failed
[ 1610.312791][ T5864] elan 0003:04F3:0755.0050: probe with driver elan failed with error -22
[ 1610.510854][T23461] usb 4-1: USB disconnect, device number 10
[ 1611.061715][T13364] em28xx 3-1:0.0: unknown em28xx chip ID (0)
[ 1611.068482][T23461] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1611.083108][T13364] em28xx 3-1:0.0: Config register raw data: 0xfffffffb
[ 1611.161890][T24955] fuse: Bad value for 'user_id'
[ 1611.166835][T24955] fuse: Bad value for 'user_id'
[ 1611.734530][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1611.735930][T24963] random: crng reseeded on system resumption
[ 1611.979102][T13364] em28xx 3-1:0.0: AC97 chip type couldn't be determined
[ 1611.992501][T13364] em28xx 3-1:0.0: No AC97 audio processor
[ 1612.559157][T23461] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1612.716575][T13364] usb 3-1: USB disconnect, device number 118
[ 1612.729432][T13364] em28xx 3-1:0.0: Disconnecting em28xx
[ 1612.847744][T13364] em28xx 3-1:0.0: Freeing device
[ 1612.953410][T24975] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1612.962321][T24975] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1613.639698][T14025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1613.799411][T24955] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5148'.
[ 1614.098731][T24990] netlink: 112 bytes leftover after parsing attributes in process `syz.0.5157'.
[ 1614.314725][T13364] usb 3-1: new high-speed USB device number 119 using dummy_hcd
[ 1614.599033][T13364] usb 3-1: Using ep0 maxpacket: 8
[ 1614.685203][T23461] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1614.697021][T17340] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1614.706094][T13364] usb 3-1: config 127 has an invalid interface number: 171 but max is 1
[ 1614.729092][T13364] usb 3-1: config 127 has no interface number 1
[ 1614.737283][T13364] usb 3-1: config 127 interface 171 has no altsetting 0
[ 1614.744888][T13364] usb 3-1: config 127 interface 0 has no altsetting 0
[ 1614.755824][T13364] usb 3-1: New USB device found, idVendor=04e2, idProduct=1414, bcdDevice=c5.b9
[ 1614.765680][T17340] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1614.787233][T13364] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1614.807524][T13364] usb 3-1: Product: syz
[ 1614.820452][T13364] usb 3-1: Manufacturer: syz
[ 1614.840288][T13364] usb 3-1: SerialNumber: syz
[ 1615.509757][T25002] kvm: requested 5028 ns i8254 timer period limited to 200000 ns
[ 1615.786205][T22316] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1615.835343][T25013] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1615.895790][T13364] xr_serial 3-1:127.171: xr_serial converter detected
[ 1615.903510][T13364] xr_serial ttyUSB0: Failed to set reg 0x1a: -71
[ 1615.918243][T13364] xr_serial ttyUSB0: probe with driver xr_serial failed with error -71
[ 1615.946107][T13364] usb 3-1: USB disconnect, device number 119
[ 1615.968066][T13364] xr_serial 3-1:127.171: device disconnected
[ 1616.007883][T25018] openvswitch: netlink: Duplicate or invalid key (type 0).
[ 1616.027194][T25018] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1616.124131][T25022] kvm: requested 5028 ns i8254 timer period limited to 200000 ns
[ 1616.244450][T25025] fuse: Bad value for 'user_id'
[ 1616.250267][T25025] fuse: Bad value for 'user_id'
[ 1616.279321][T17340] usb 2-1: new high-speed USB device number 113 using dummy_hcd
[ 1616.360161][   T10] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[ 1616.638480][T25025] random: crng reseeded on system resumption
[ 1616.710750][   T10] usb 4-1: device descriptor read/64, error -71
[ 1616.736860][T17340] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1616.747051][T17340] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1616.760638][T17340] usb 2-1: Product: syz
[ 1616.764825][T17340] usb 2-1: Manufacturer: syz
[ 1616.771195][T17340] usb 2-1: SerialNumber: syz
[ 1616.779289][T17340] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1616.798083][T13364] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1616.839472][T14025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1617.219665][   T10] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[ 1617.276203][T14025] hid-generic 0005:046D:0A11.0051: item fetching failed at offset 0/1
[ 1617.284849][T14025] hid-generic 0005:046D:0A11.0051: probe with driver hid-generic failed with error -22
[ 1617.468101][   T10] usb 4-1: device descriptor read/64, error -71
[ 1617.509752][T14025] usb 2-1: USB disconnect, device number 113
[ 1617.579657][   T10] usb usb4-port1: attempt power cycle
[ 1617.952594][T13364] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive
[ 1618.007341][T23650] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1618.015876][   T10] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[ 1618.066950][T13364] ath9k_htc: Failed to initialize the device
[ 1618.071078][T22316] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1618.099608][   T10] usb 4-1: device descriptor read/8, error -71
[ 1618.106011][T14025] usb 2-1: ath9k_htc: USB layer deinitialized
[ 1618.354620][   T10] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[ 1618.515704][   T10] usb 4-1: device descriptor read/8, error -71
[ 1618.689119][   T10] usb usb4-port1: unable to enumerate USB device
[ 1618.926359][T13364] usb 5-1: new high-speed USB device number 102 using dummy_hcd
[ 1619.080745][T14025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1619.292595][T13364] usb 5-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[ 1619.314601][T13364] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1619.380061][T13364] usb 5-1: config 0 descriptor??
[ 1619.586031][   T30] audit: type=1400 audit(1742572544.618:1934): avc:  denied  { map } for  pid=25055 comm="syz.0.5176" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=740 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[ 1619.654457][T25062] netlink: 260 bytes leftover after parsing attributes in process `syz.3.5177'.
[ 1620.119240][T14025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1620.178822][T13364] usbhid 5-1:0.0: can't add hid device: -71
[ 1620.185928][T13364] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1620.214406][T13364] usb 5-1: USB disconnect, device number 102
[ 1620.346361][T25061] sp0: Synchronizing with TNC
[ 1620.613199][   T10] usb 3-1: new high-speed USB device number 120 using dummy_hcd
[ 1620.988605][T25073] syzkaller1: entered promiscuous mode
[ 1620.999016][   T10] usb 3-1: Using ep0 maxpacket: 8
[ 1621.068297][   T10] usb 3-1: New USB device found, idVendor=0763, idProduct=2080, bcdDevice=d0.ab
[ 1621.131784][T25073] syzkaller1: entered allmulticast mode
[ 1621.299371][T14025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1621.308902][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1621.317381][   T10] usb 3-1: Product: syz
[ 1621.422396][T23650] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1621.455895][   T10] usb 3-1: Manufacturer: syz
[ 1622.331230][   T10] usb 3-1: SerialNumber: syz
[ 1622.338022][T11542] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1622.348534][T13538] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1622.363500][   T10] usb 3-1: config 0 descriptor??
[ 1622.432124][T12311] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1622.440236][T14025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1622.610920][   T10] usb 3-1: USB disconnect, device number 120
[ 1622.897280][T25089] fuse: Bad value for 'fd'
[ 1623.037719][T25090] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5183'.
[ 1623.601231][T14025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1623.685511][T25092] lo speed is unknown, defaulting to 1000
[ 1623.694220][T25092] lo speed is unknown, defaulting to 1000
[ 1623.700170][T25092] lo speed is unknown, defaulting to 1000
[ 1623.742834][T25092] infiniband s
z1: set active
[ 1623.747510][T25092] infiniband s
z1: added lo
[ 1623.754038][   T10] lo speed is unknown, defaulting to 1000
[ 1623.761080][   T30] audit: type=1400 audit(1742572548.718:1935): avc:  denied  { connect } for  pid=25085 comm="syz.3.5184" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[ 1623.788446][T25092] RDS/IB: s
z1: added
[ 1623.792922][T25092] smc: adding ib device s
z1 with port count 1
[ 1623.799088][T25092] smc:    ib device s
z1 port 1 has pnetid 
[ 1623.805324][T25092] lo speed is unknown, defaulting to 1000
[ 1623.853156][T25092] lo speed is unknown, defaulting to 1000
[ 1623.896433][T25092] lo speed is unknown, defaulting to 1000
[ 1623.936594][T25092] lo speed is unknown, defaulting to 1000
[ 1623.976744][T25092] lo speed is unknown, defaulting to 1000
[ 1624.017226][T25092] lo speed is unknown, defaulting to 1000
[ 1624.059293][   T10] lo speed is unknown, defaulting to 1000
[ 1624.099204][   T30] audit: type=1400 audit(1742572548.718:1936): avc:  denied  { shutdown } for  pid=25085 comm="syz.3.5184" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[ 1624.176218][T25099] random: crng reseeded on system resumption
[ 1624.279411][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1624.543912][T25106] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5185'.
[ 1624.679217][T14025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1625.412765][T25119] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[ 1625.412765][T25119] The task syz.1.5192 (25119) triggered the difference, watch for misbehavior.
[ 1625.448956][T14025] usb 4-1: new full-speed USB device number 15 using dummy_hcd
[ 1625.479254][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1625.611897][T14025] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[ 1625.624516][T14025] usb 4-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[ 1625.633818][T14025] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1625.654310][T14025] usb 4-1: config 0 descriptor??
[ 1625.661064][T25105] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1625.710395][T23650] hid-generic 0005:046D:0A11.0052: item fetching failed at offset 0/1
[ 1625.720106][T22316] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1625.737868][T23650] hid-generic 0005:046D:0A11.0052: probe with driver hid-generic failed with error -22
[ 1625.813342][   T10] usb 3-1: new high-speed USB device number 121 using dummy_hcd
[ 1626.060360][   T10] usb 3-1: Using ep0 maxpacket: 16
[ 1626.073082][   T10] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1626.083437][   T10] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 1626.092346][   T10] usb 3-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[ 1626.101550][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1626.112419][   T10] usb 3-1: config 0 descriptor??
[ 1626.119144][   T10] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[ 1626.125868][   T10] dvb-usb: bulk message failed: -22 (3/0)
[ 1626.147122][   T10] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1626.159673][   T10] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[ 1626.166953][T14025] elan 0003:04F3:0755.0053: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.3-1/input0
[ 1626.177923][   T10] usb 3-1: media controller created
[ 1626.194389][   T10] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1626.218308][   T10] dvb-usb: bulk message failed: -22 (6/0)
[ 1626.228235][   T10] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[ 1626.250195][   T10] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input157
[ 1626.301630][   T10] dvb-usb: schedule remote query interval to 150 msecs.
[ 1626.311868][   T10] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[ 1626.421738][T22316] usb 4-1: USB disconnect, device number 15
[ 1626.620122][   T10] dvb-usb: bulk message failed: -22 (1/0)
[ 1626.645678][   T10] dvb-usb: error while querying for an remote control event.
[ 1626.776911][T22316] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1626.787469][T14025] usb 3-1: USB disconnect, device number 121
[ 1627.092446][T14025] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[ 1627.420043][   T10] usb 5-1: new high-speed USB device number 103 using dummy_hcd
[ 1627.671632][   T10] usb 5-1: Using ep0 maxpacket: 8
[ 1627.814395][T14025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1628.080760][   T10] usb 5-1: device descriptor read/all, error -71
[ 1628.132627][T25157] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1628.315672][T25159] tmpfs: Unknown parameter 'usrquota'½r'
[ 1628.519218][T12311] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1628.899672][T14025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1631.559116][T13538] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1631.809690][T23650] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1631.901803][T25174] netlink: 'syz.2.5209': attribute type 10 has an invalid length.
[ 1632.004765][T25174] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1632.011983][T25174] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1632.034473][T25174] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1632.041605][T25174] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1632.048995][T25174] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1632.056107][T25174] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1632.058080][T25180] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5209'.
[ 1632.616047][T22316] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1632.648053][T25174] bond0: (slave bridge0): Enslaving as an active interface with an up link
[ 1632.667797][T25180] bridge_slave_1: left allmulticast mode
[ 1632.679078][T13538] usb 2-1: new full-speed USB device number 114 using dummy_hcd
[ 1632.679303][T25180] bridge_slave_1: left promiscuous mode
[ 1632.707649][T25180] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1632.737431][T25180] bridge_slave_0: left allmulticast mode
[ 1632.745146][T25180] bridge_slave_0: left promiscuous mode
[ 1632.751643][T25180] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1632.793650][T25180] bond0: (slave bridge0): Releasing backup interface
[ 1632.889743][T13538] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[ 1632.972821][T13538] usb 2-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[ 1633.051665][T13538] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1633.146393][T13538] usb 2-1: config 0 descriptor??
[ 1633.174924][T25176] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1633.263220][T25187] random: crng reseeded on system resumption
[ 1633.432919][T25197] netlink: 112 bytes leftover after parsing attributes in process `syz.2.5214'.
[ 1633.698122][ T2147] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1633.827731][   T10] hid-generic 0005:046D:0A11.0054: item fetching failed at offset 0/1
[ 1633.927811][   T10] hid-generic 0005:046D:0A11.0054: probe with driver hid-generic failed with error -22
[ 1633.956191][T13364] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1633.976137][ T6374] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1633.985456][T13364] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1633.994106][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1634.013857][T13538] elan 0003:04F3:0755.0055: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.1-1/input0
[ 1634.114146][   T30] audit: type=1400 audit(1742572559.148:1937): avc:  denied  { ioctl } for  pid=25186 comm="syz.3.5211" path="/dev/snapshot" dev="devtmpfs" ino=92 ioctlcmd=0x3314 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[ 1634.152027][T25202] input: syz1 as /devices/virtual/input/input160
[ 1634.180093][   T30] audit: type=1400 audit(1742572559.218:1938): avc:  denied  { connect } for  pid=25201 comm="syz.2.5215" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[ 1634.212240][T13364] usb 2-1: USB disconnect, device number 114
[ 1634.252258][   T30] audit: type=1400 audit(1742572559.288:1939): avc:  denied  { ioctl } for  pid=25205 comm="syz.2.5217" path="socket:[101356]" dev="sockfs" ino=101356 ioctlcmd=0xae68 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[ 1634.322888][T25210] netlink: 12 bytes leftover after parsing attributes in process `syz.2.5218'.
[ 1634.332062][T25210] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1634.339273][T25210] IPv6: NLM_F_CREATE should be set when creating new route
[ 1634.346485][T25210] IPv6: NLM_F_CREATE should be set when creating new route
[ 1634.439581][T13538] usb 5-1: new high-speed USB device number 105 using dummy_hcd
[ 1636.174775][ T2147] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1636.185345][T13364] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1636.619016][T13538] usb 5-1: Using ep0 maxpacket: 8
[ 1636.637865][T13538] usb 5-1: New USB device found, idVendor=0763, idProduct=2080, bcdDevice=d0.ab
[ 1636.671040][T13538] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1636.714190][ T5821] Bluetooth: hci4: unexpected event 0x2f length: 509 > 260
[ 1636.836275][T13538] usb 5-1: Product: syz
[ 1636.847779][T13538] usb 5-1: Manufacturer: syz
[ 1636.852419][T13538] usb 5-1: SerialNumber: syz
[ 1636.858365][T13538] usb 5-1: config 0 descriptor??
[ 1637.425304][ T2147] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1637.522596][T13538] usb 5-1: USB disconnect, device number 105
[ 1638.203973][T25256] fuse: Bad value for 'user_id'
[ 1638.210243][T25256] fuse: Bad value for 'user_id'
[ 1638.388904][T12311] usb 2-1: new full-speed USB device number 115 using dummy_hcd
[ 1638.440212][ T2147] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1638.509182][T13364] usb 3-1: new high-speed USB device number 122 using dummy_hcd
[ 1638.610348][T25256] random: crng reseeded on system resumption
[ 1638.711869][T12311] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[ 1638.725618][T12311] usb 2-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[ 1638.735689][T12311] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1638.743858][T13364] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1638.755572][T13364] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1638.765765][T12311] usb 2-1: config 0 descriptor??
[ 1638.770801][T13364] usb 3-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[ 1638.780178][T25252] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 1638.787427][T13364] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1638.800390][T13364] usb 3-1: config 0 descriptor??
[ 1639.199300][T12311] elan 0003:04F3:0755.0056: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.1-1/input0
[ 1639.215156][T13364] arvo 0003:1E7D:30D4.0057: item fetching failed at offset 5/7
[ 1639.229986][T13364] arvo 0003:1E7D:30D4.0057: parse failed
[ 1639.236350][T13364] arvo 0003:1E7D:30D4.0057: probe with driver arvo failed with error -22
[ 1639.245051][T12311] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1639.398522][ T2147] usb 2-1: USB disconnect, device number 115
[ 1639.421319][T25249] bond0: entered promiscuous mode
[ 1639.426472][T25249] bond_slave_0: entered promiscuous mode
[ 1639.432283][T25249] bond_slave_1: entered promiscuous mode
[ 1639.475823][T25249] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1639.479852][T22316] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1639.484657][T25249] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1639.639632][T11552] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1639.683760][ T2147] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1639.702128][T12311] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1639.959907][T12311] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[ 1640.081272][T13364] usb 3-1: USB disconnect, device number 122
[ 1640.105232][T25271] lo speed is unknown, defaulting to 1000
[ 1640.150166][T12311] usb 4-1: Using ep0 maxpacket: 8
[ 1640.171844][T12311] usb 4-1: New USB device found, idVendor=0763, idProduct=2080, bcdDevice=d0.ab
[ 1640.176800][T25271] lo speed is unknown, defaulting to 1000
[ 1640.193554][T12311] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1640.215365][T12311] usb 4-1: Product: syz
[ 1640.226934][T12311] usb 4-1: Manufacturer: syz
[ 1640.242169][T12311] usb 4-1: SerialNumber: syz
[ 1640.260368][T12311] usb 4-1: config 0 descriptor??
[ 1640.500610][T12311] usb 4-1: USB disconnect, device number 16
[ 1640.526084][ T2147] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1641.385225][   T30] audit: type=1400 audit(1742572566.418:1940): avc:  denied  { create } for  pid=25290 comm="syz.2.5247" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[ 1641.559235][T13538] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1642.279169][T23650] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1642.608547][T25318] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5252'.
[ 1642.624003][T22316] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1642.636127][   T30] audit: type=1400 audit(1742572567.638:1941): avc:  denied  { ioctl } for  pid=25303 comm="syz.4.5252" path="/dev/ptyqd" dev="devtmpfs" ino=132 ioctlcmd=0x5423 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[ 1644.455846][T22316] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1644.576026][T25335] netlink: 20 bytes leftover after parsing attributes in process `syz.4.5259'.
[ 1645.490964][T22316] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1646.614447][T12311] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1646.849262][ T2147] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1647.882884][T13538] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1647.883346][T25354] netlink: 112 bytes leftover after parsing attributes in process `syz.2.5263'.
[ 1648.343153][T13364] IPVS: starting estimator thread 0...
[ 1648.356136][   T30] audit: type=1400 audit(1742572573.388:1942): avc:  denied  { write } for  pid=25361 comm="syz.3.5267" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[ 1648.628955][T25363] IPVS: using max 29 ests per chain, 69600 per kthread
[ 1649.273610][T23461] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1649.281743][T23461] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1649.381090][T22316] usb 2-1: new full-speed USB device number 116 using dummy_hcd
[ 1649.564101][T22316] usb 2-1: not running at top speed; connect to a high speed hub
[ 1649.610853][T22316] usb 2-1: config 1 interface 0 altsetting 8 endpoint 0x81 has invalid maxpacket 512, setting to 64
[ 1649.649639][T12311] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1649.736085][T22316] usb 2-1: config 1 interface 0 altsetting 8 endpoint 0x82 has invalid maxpacket 512, setting to 64
[ 1649.886808][T22316] usb 2-1: config 1 interface 0 altsetting 8 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1650.142687][T22316] usb 2-1: config 1 interface 0 has no altsetting 0
[ 1650.172487][T22316] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1650.206044][T22316] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1650.228915][T22316] usb 2-1: Product: syz
[ 1650.233094][T22316] usb 2-1: Manufacturer: syz
[ 1650.237689][T22316] usb 2-1: SerialNumber: syz
[ 1650.279274][T23461] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1650.320083][T25369] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1650.328965][T25369] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1651.185861][T23461] usb 3-1: new high-speed USB device number 123 using dummy_hcd
[ 1651.359079][T23461] usb 3-1: Using ep0 maxpacket: 16
[ 1651.420197][T14025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1651.471296][T23461] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1651.687156][T23461] usb 3-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[ 1651.778015][T23461] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1651.802283][T23461] usb 3-1: config 0 descriptor??
[ 1651.848487][   T30] audit: type=1400 audit(1742572576.878:1943): avc:  denied  { accept } for  pid=25403 comm="syz.4.5280" lport=36476 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 1652.029098][T25397] netlink: 8 bytes leftover after parsing attributes in process `syz.2.5278'.
[ 1652.058552][T12311] usb 3-1: USB disconnect, device number 123
[ 1652.103393][T22316] cdc_ether 2-1:1.0: probe with driver cdc_ether failed with error -22
[ 1652.126781][T22316] usb 2-1: USB disconnect, device number 116
[ 1652.479884][T23461] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1652.650408][T25415] netlink: 44 bytes leftover after parsing attributes in process `syz.1.5283'.
[ 1652.661961][T25415] FAULT_INJECTION: forcing a failure.
[ 1652.661961][T25415] name failslab, interval 1, probability 0, space 0, times 0
[ 1652.674645][T25415] CPU: 1 UID: 0 PID: 25415 Comm: syz.1.5283 Not tainted 6.14.0-rc7-syzkaller-00179-gb3ee1e460951 #0
[ 1652.674666][T25415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1652.674677][T25415] Call Trace:
[ 1652.674683][T25415]  <TASK>
[ 1652.674689][T25415]  dump_stack_lvl+0x16c/0x1f0
[ 1652.674717][T25415]  should_fail_ex+0x50a/0x650
[ 1652.674743][T25415]  ? fs_reclaim_acquire+0xae/0x150
[ 1652.674769][T25415]  ? tomoyo_realpath_from_path+0xb9/0x720
[ 1652.674794][T25415]  should_failslab+0xc2/0x120
[ 1652.674814][T25415]  __kmalloc_noprof+0xcb/0x510
[ 1652.674831][T25415]  ? __pfx_lock_acquire.part.0+0x10/0x10
[ 1652.674860][T25415]  tomoyo_realpath_from_path+0xb9/0x720
[ 1652.674884][T25415]  ? tomoyo_path_number_perm+0x235/0x590
[ 1652.674907][T25415]  ? tomoyo_path_number_perm+0x235/0x590
[ 1652.674931][T25415]  tomoyo_path_number_perm+0x248/0x590
[ 1652.674952][T25415]  ? tomoyo_path_number_perm+0x235/0x590
[ 1652.674975][T25415]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1652.675021][T25415]  ? __pfx_lock_release+0x10/0x10
[ 1652.675044][T25415]  ? trace_lock_acquire+0x14e/0x1f0
[ 1652.675066][T25415]  ? lock_acquire+0x2f/0xb0
[ 1652.675088][T25415]  ? __fget_files+0x40/0x3a0
[ 1652.675114][T25415]  ? __fget_files+0x206/0x3a0
[ 1652.675148][T25415]  security_file_ioctl+0x9b/0x240
[ 1652.675174][T25415]  __x64_sys_ioctl+0xb7/0x200
[ 1652.675200][T25415]  do_syscall_64+0xcd/0x250
[ 1652.675226][T25415]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1652.675249][T25415] RIP: 0033:0x7fdcb1b8d169
[ 1652.675263][T25415] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1652.675278][T25415] RSP: 002b:00007fdcb2922038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1652.675295][T25415] RAX: ffffffffffffffda RBX: 00007fdcb1da6160 RCX: 00007fdcb1b8d169
[ 1652.675306][T25415] RDX: 00002000000005c0 RSI: 00000000c0845657 RDI: 0000000000000008
[ 1652.675317][T25415] RBP: 00007fdcb2922090 R08: 0000000000000000 R09: 0000000000000000
[ 1652.675326][T25415] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1652.675336][T25415] R13: 0000000000000000 R14: 00007fdcb1da6160 R15: 00007ffec0615398
[ 1652.675359][T25415]  </TASK>
[ 1652.675382][T25415] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1652.841011][T12311] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1653.279097][T22316] usb 3-1: new high-speed USB device number 124 using dummy_hcd
[ 1653.560069][T23461] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1653.719792][T22316] usb 3-1: Using ep0 maxpacket: 16
[ 1653.726193][T22316] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[ 1653.888098][T22316] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1653.892064][T22316] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1653.892095][T22316] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1653.892114][T22316] usb 3-1: Product: syz
[ 1653.892127][T22316] usb 3-1: Manufacturer: syz
[ 1653.892141][T22316] usb 3-1: SerialNumber: syz
[ 1653.893550][T22316] usb 3-1: config 0 descriptor??
[ 1653.895655][T22316] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 1653.895681][T22316] em28xx 3-1:0.0: Audio interface 0 found (Vendor Class)
[ 1654.108964][T25430] netlink: 44 bytes leftover after parsing attributes in process `syz.1.5286'.
[ 1654.111484][T23461] usb 5-1: new high-speed USB device number 106 using dummy_hcd
[ 1654.451832][T23461] usb 5-1: Using ep0 maxpacket: 16
[ 1654.453376][T23461] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[ 1654.453403][T23461] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1654.464136][T23461] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1654.464159][T23461] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1654.464177][T23461] usb 5-1: Product: syz
[ 1654.464191][T23461] usb 5-1: Manufacturer: syz
[ 1654.464206][T23461] usb 5-1: SerialNumber: syz
[ 1654.466741][T23461] usb 5-1: config 0 descriptor??
[ 1654.469073][T23461] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 1654.469099][T23461] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class)
[ 1654.648506][ T2147] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1654.718168][T22316] em28xx 3-1:0.0: unknown em28xx chip ID (0)
[ 1654.779384][T22316] em28xx 3-1:0.0: Config register raw data: 0xfffffffb
[ 1655.251569][T22316] em28xx 3-1:0.0: AC97 chip type couldn't be determined
[ 1655.262324][T22316] em28xx 3-1:0.0: No AC97 audio processor
[ 1655.322060][T12311] usb 3-1: USB disconnect, device number 124
[ 1655.331377][T23461] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[ 1655.331774][T12311] em28xx 3-1:0.0: Disconnecting em28xx
[ 1655.338226][T23461] em28xx 5-1:0.0: Config register raw data: 0xfffffffb
[ 1655.359739][T12311] em28xx 3-1:0.0: Freeing device
[ 1656.008643][T13364] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1656.223360][T22316] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1656.231800][T23461] em28xx 5-1:0.0: AC97 chip type couldn't be determined
[ 1656.239362][T23461] em28xx 5-1:0.0: No AC97 audio processor
[ 1656.597220][T13364] usb 5-1: USB disconnect, device number 106
[ 1656.683038][T13364] em28xx 5-1:0.0: Disconnecting em28xx
[ 1656.904621][T13364] em28xx 5-1:0.0: Freeing device
[ 1657.019981][T25466] kvm: requested 5028 ns i8254 timer period limited to 200000 ns
[ 1657.280193][T22316] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1657.739039][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1657.808994][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1658.068771][T25483] kAFS: No cell specified
[ 1658.200507][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1658.218991][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1658.394970][T23461] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1658.648973][   T30] audit: type=1400 audit(1742572583.628:1944): avc:  denied  { validate_trans } for  pid=25488 comm="syz.2.5303" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[ 1658.799058][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1659.489255][T13364] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1659.556905][T23461] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1659.565217][T13364] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1659.816631][T12311] usb 2-1: new high-speed USB device number 117 using dummy_hcd
[ 1660.085749][T25503] FAULT_INJECTION: forcing a failure.
[ 1660.085749][T25503] name failslab, interval 1, probability 0, space 0, times 0
[ 1660.099027][T25503] CPU: 0 UID: 0 PID: 25503 Comm: syz.2.5308 Not tainted 6.14.0-rc7-syzkaller-00179-gb3ee1e460951 #0
[ 1660.099046][T25503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1660.099055][T25503] Call Trace:
[ 1660.099061][T25503]  <TASK>
[ 1660.099068][T25503]  dump_stack_lvl+0x16c/0x1f0
[ 1660.099093][T25503]  should_fail_ex+0x50a/0x650
[ 1660.099118][T25503]  should_failslab+0xc2/0x120
[ 1660.099136][T25503]  kmem_cache_alloc_noprof+0x6e/0x3d0
[ 1660.099151][T25503]  ? trace_lock_acquire+0x14e/0x1f0
[ 1660.099168][T25503]  ? skb_clone+0x190/0x3f0
[ 1660.099192][T25503]  skb_clone+0x190/0x3f0
[ 1660.099214][T25503]  dev_queue_xmit_nit+0x38f/0xbc0
[ 1660.099238][T25503]  ? netif_skb_features+0x3b0/0xd50
[ 1660.099260][T25503]  dev_hard_start_xmit+0x283/0x7b0
[ 1660.099290][T25503]  __dev_queue_xmit+0x7f0/0x43e0
[ 1660.099318][T25503]  ? __pfx___dev_queue_xmit+0x10/0x10
[ 1660.099362][T25503]  ? __skb_clone+0x570/0x760
[ 1660.099388][T25503]  netlink_deliver_tap+0xa87/0xd30
[ 1660.099414][T25503]  netlink_unicast+0x5e1/0x7f0
[ 1660.099437][T25503]  ? __pfx_netlink_unicast+0x10/0x10
[ 1660.099466][T25503]  netlink_sendmsg+0x8b8/0xd70
[ 1660.099493][T25503]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1660.099524][T25503]  ____sys_sendmsg+0xaaf/0xc90
[ 1660.099543][T25503]  ? copy_msghdr_from_user+0x10b/0x160
[ 1660.099566][T25503]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1660.099594][T25503]  ___sys_sendmsg+0x135/0x1e0
[ 1660.099616][T25503]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1660.099647][T25503]  ? __pfx_lock_release+0x10/0x10
[ 1660.099668][T25503]  ? trace_lock_acquire+0x14e/0x1f0
[ 1660.099693][T25503]  ? __fget_files+0x206/0x3a0
[ 1660.099715][T25503]  __sys_sendmsg+0x16e/0x220
[ 1660.099737][T25503]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1660.099774][T25503]  do_syscall_64+0xcd/0x250
[ 1660.099797][T25503]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1660.099818][T25503] RIP: 0033:0x7facfa78d169
[ 1660.099831][T25503] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1660.099845][T25503] RSP: 002b:00007facfb63a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1660.099861][T25503] RAX: ffffffffffffffda RBX: 00007facfa9a5fa0 RCX: 00007facfa78d169
[ 1660.099871][T25503] RDX: 0000000000000010 RSI: 00002000000002c0 RDI: 0000000000000004
[ 1660.099880][T25503] RBP: 00007facfb63a090 R08: 0000000000000000 R09: 0000000000000000
[ 1660.099889][T25503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1660.099898][T25503] R13: 0000000000000000 R14: 00007facfa9a5fa0 R15: 00007fff444f7178
[ 1660.099920][T25503]  </TASK>
[ 1660.611806][T23461] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1660.640290][T12311] usb 2-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[ 1660.657296][T12311] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1660.729945][T12311] usb 2-1: config 0 descriptor??
[ 1660.973957][T12311] usbhid 2-1:0.0: can't add hid device: -71
[ 1660.986165][T12311] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1661.130346][T12311] usb 2-1: USB disconnect, device number 117
[ 1661.200403][T25515] random: crng reseeded on system resumption
[ 1661.730190][T14025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1661.759178][T16268] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1661.768005][T13364] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1661.776813][T23461] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1662.158310][T25533] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1663.807139][T25546] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1663.831553][   T30] audit: type=1400 audit(1742572588.868:1945): avc:  denied  { ioctl } for  pid=25545 comm="syz.2.5320" path="socket:[104856]" dev="sockfs" ino=104856 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1663.879022][T14025] net_ratelimit: 2 callbacks suppressed
[ 1663.879036][T14025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1663.916020][   T30] audit: type=1400 audit(1742572588.948:1946): avc:  denied  { write } for  pid=25547 comm="syz.4.5321" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 1663.960135][   T30] audit: type=1400 audit(1742572588.988:1947): avc:  denied  { connect } for  pid=25547 comm="syz.4.5321" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1664.234979][T25552] random: crng reseeded on system resumption
[ 1664.352105][T25552] Restarting kernel threads ... done.
[ 1664.533730][   T30] audit: type=1400 audit(1742572589.558:1948): avc:  denied  { unmount } for  pid=18586 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[ 1665.189838][T14025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1665.253746][T13364] hid-generic 0005:046D:0A11.0058: item fetching failed at offset 0/1
[ 1665.275927][T13364] hid-generic 0005:046D:0A11.0058: probe with driver hid-generic failed with error -22
[ 1665.565033][T25573] FAULT_INJECTION: forcing a failure.
[ 1665.565033][T25573] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1665.580330][T25573] CPU: 1 UID: 0 PID: 25573 Comm: syz.2.5329 Not tainted 6.14.0-rc7-syzkaller-00179-gb3ee1e460951 #0
[ 1665.580352][T25573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1665.580362][T25573] Call Trace:
[ 1665.580367][T25573]  <TASK>
[ 1665.580374][T25573]  dump_stack_lvl+0x16c/0x1f0
[ 1665.580400][T25573]  should_fail_ex+0x50a/0x650
[ 1665.580429][T25573]  strncpy_from_user+0x3b/0x2d0
[ 1665.580454][T25573]  getname_flags.part.0+0x8f/0x550
[ 1665.580478][T25573]  getname_flags+0x93/0xf0
[ 1665.580502][T25573]  user_path_at+0x24/0x60
[ 1665.580517][T25573]  __x64_sys_mount+0x1fd/0x310
[ 1665.580536][T25573]  ? __pfx___x64_sys_mount+0x10/0x10
[ 1665.580559][T25573]  do_syscall_64+0xcd/0x250
[ 1665.580583][T25573]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1665.580606][T25573] RIP: 0033:0x7facfa78d169
[ 1665.580619][T25573] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1665.580634][T25573] RSP: 002b:00007facfb63a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1665.580650][T25573] RAX: ffffffffffffffda RBX: 00007facfa9a5fa0 RCX: 00007facfa78d169
[ 1665.580661][T25573] RDX: 0000200000000080 RSI: 00002000000002c0 RDI: 0000200000000100
[ 1665.580671][T25573] RBP: 00007facfb63a090 R08: 0000000000000000 R09: 0000000000000000
[ 1665.580680][T25573] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1665.580689][T25573] R13: 0000000000000000 R14: 00007facfa9a5fa0 R15: 00007fff444f7178
[ 1665.580710][T25573]  </TASK>
[ 1665.747569][T13364] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1666.088944][T23461] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[ 1666.204608][T22316] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1666.308975][T23461] usb 4-1: Using ep0 maxpacket: 16
[ 1666.322624][T23461] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1666.333401][T23461] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 1666.499603][T23461] usb 4-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[ 1666.515647][T23461] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1666.851017][T23461] usb 4-1: config 0 descriptor??
[ 1666.891426][T23461] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[ 1666.912071][T23461] dvb-usb: bulk message failed: -22 (3/0)
[ 1666.954496][T23461] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1666.997410][T23461] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[ 1667.020256][T23461] usb 4-1: media controller created
[ 1667.170000][T11542] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1667.211145][T22316] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1667.245249][T14025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1667.265479][T23461] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1667.821955][T23461] dvb-usb: bulk message failed: -22 (6/0)
[ 1667.869342][T23461] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[ 1668.388044][T23461] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input163
[ 1668.753836][T23461] dvb-usb: schedule remote query interval to 150 msecs.
[ 1668.817012][ T1291] ieee802154 phy0 wpan0: encryption failed: -22
[ 1668.842786][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[ 1668.864557][T23461] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[ 1668.874531][T14025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1668.882625][T13364] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1669.102557][T23461] dvb-usb: bulk message failed: -22 (1/0)
[ 1669.108414][T23461] dvb-usb: error while querying for an remote control event.
[ 1669.233012][T12311] usb 4-1: USB disconnect, device number 17
[ 1669.268950][T23461] dvb-usb: bulk message failed: -22 (1/0)
[ 1669.274756][T23461] dvb-usb: error while querying for an remote control event.
[ 1669.346408][T13364] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1669.549543][T12311] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[ 1669.879242][T13538] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1670.172192][T25606] openvswitch: netlink: Actions may not be safe on all matching packets
[ 1670.923881][T23461] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1671.446268][   T30] audit: type=1400 audit(1742572596.038:1949): avc:  denied  { mount } for  pid=25624 comm="syz.3.5346" name="/" dev="rpc_pipefs" ino=105178 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1
[ 1671.970988][T13538] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1672.007357][T12311] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1672.069634][T25631] kvm: requested 5028 ns i8254 timer period limited to 200000 ns
[ 1672.194684][T25643] fuse: Bad value for 'fd'
[ 1672.539720][T25649] random: crng reseeded on system resumption
[ 1672.588061][T13364] usb 5-1: new high-speed USB device number 107 using dummy_hcd
[ 1672.708777][T25643] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5350'.
[ 1672.778901][T13364] usb 5-1: Using ep0 maxpacket: 16
[ 1672.790585][T13364] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1672.823675][T13364] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1672.852476][T13364] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1672.884214][T13364] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[ 1672.908796][T13364] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1672.931475][T11523] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1672.939662][T13364] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1672.949037][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1672.957419][T13364] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1672.972860][T13364] usb 5-1: Manufacturer: syz
[ 1672.982969][T13538] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1672.984445][T13364] usb 5-1: config 0 descriptor??
[ 1673.469558][   T10] usb 4-1: new full-speed USB device number 18 using dummy_hcd
[ 1673.666218][T13364] rc_core: IR keymap rc-hauppauge not found
[ 1673.675107][T13364] Registered IR keymap rc-empty
[ 1673.680467][T13364] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 1673.699015][T13364] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 1674.039097][T13538] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1674.267015][T13364] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[ 1674.286589][   T10] usb 4-1: config 0 has an invalid interface number: 8 but max is 0
[ 1674.393046][   T10] usb 4-1: config 0 has no interface number 0
[ 1674.462283][T13364] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input165
[ 1674.481014][   T10] usb 4-1: New USB device found, idVendor=100d, idProduct=cb01, bcdDevice=27.41
[ 1674.513711][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1674.577104][T13364] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 1674.609073][T13364] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 1674.779054][   T10] usb 4-1: config 0 descriptor??
[ 1674.803279][   T10] cxacru 4-1:0.8: usbatm_usb_probe: bind failed: -19!
[ 1674.810886][T13364] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 1674.839058][T13364] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 1674.869328][T13364] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 1674.911108][T13364] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 1674.939029][T13364] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 1675.081609][T13538] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1675.090504][T25042] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1675.099008][T13364] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 1675.118962][T13364] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 1675.135277][T25648] input: syz1 as /devices/virtual/input/input166
[ 1675.195314][T25680] FAULT_INJECTION: forcing a failure.
[ 1675.195314][T25680] name failslab, interval 1, probability 0, space 0, times 0
[ 1675.208070][T25680] CPU: 1 UID: 0 PID: 25680 Comm: syz.0.5360 Not tainted 6.14.0-rc7-syzkaller-00179-gb3ee1e460951 #0
[ 1675.208092][T25680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1675.208102][T25680] Call Trace:
[ 1675.208108][T25680]  <TASK>
[ 1675.208114][T25680]  dump_stack_lvl+0x16c/0x1f0
[ 1675.208146][T25680]  should_fail_ex+0x50a/0x650
[ 1675.208171][T25680]  ? fs_reclaim_acquire+0xae/0x150
[ 1675.208198][T25680]  should_failslab+0xc2/0x120
[ 1675.208217][T25680]  kmem_cache_alloc_lru_noprof+0x73/0x3d0
[ 1675.208235][T25680]  ? ksys_write+0x12b/0x250
[ 1675.208248][T25680]  ? sock_alloc_inode+0x25/0x1c0
[ 1675.208268][T25680]  ? __pfx_sock_alloc_inode+0x10/0x10
[ 1675.208284][T25680]  sock_alloc_inode+0x25/0x1c0
[ 1675.208301][T25680]  alloc_inode+0x5d/0x230
[ 1675.208319][T25680]  sock_alloc+0x40/0x280
[ 1675.208336][T25680]  do_accept+0xf8/0x530
[ 1675.208358][T25680]  ? do_raw_spin_lock+0x12d/0x2c0
[ 1675.208375][T25680]  ? __pfx_do_accept+0x10/0x10
[ 1675.208410][T25680]  __sys_accept4+0xfe/0x1b0
[ 1675.208432][T25680]  ? __pfx___sys_accept4+0x10/0x10
[ 1675.208455][T25680]  ? __pfx_ksys_write+0x10/0x10
[ 1675.208475][T25680]  __x64_sys_accept4+0x96/0x100
[ 1675.208495][T25680]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1675.208518][T25680]  do_syscall_64+0xcd/0x250
[ 1675.208541][T25680]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1675.208564][T25680] RIP: 0033:0x7ffa86f8d169
[ 1675.208578][T25680] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1675.208594][T25680] RSP: 002b:00007ffa87d4a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000120
[ 1675.208611][T25680] RAX: ffffffffffffffda RBX: 00007ffa871a6160 RCX: 00007ffa86f8d169
[ 1675.208623][T25680] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005
[ 1675.208633][T25680] RBP: 00007ffa87d4a090 R08: 0000000000000000 R09: 0000000000000000
[ 1675.208643][T25680] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000001
[ 1675.208653][T25680] R13: 0000000000000000 R14: 00007ffa871a6160 R15: 00007ffcfeeb70f8
[ 1675.208674][T25680]  </TASK>
[ 1675.458910][T13364] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 1675.499786][T13364] mceusb 5-1:0.0: Registered 424242424242 with mce emulator interface version 1
[ 1675.514126][T13364] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[ 1675.522621][   T10] usb 3-1: new high-speed USB device number 125 using dummy_hcd
[ 1675.565649][   T30] audit: type=1400 audit(1742572600.598:1950): avc:  denied  { ioctl } for  pid=5178 comm="acpid" path="/dev/input/event5" dev="devtmpfs" ino=4198 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1675.607586][T13364] usb 4-1: USB disconnect, device number 18
[ 1675.980624][   T10] usb 3-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[ 1675.998914][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1676.035564][   T10] usb 3-1: config 0 descriptor??
[ 1676.058552][T13538] usb 5-1: USB disconnect, device number 107
[ 1676.119091][T23461] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1676.279097][T25042] usb 2-1: new high-speed USB device number 118 using dummy_hcd
[ 1676.286867][   T10] usbhid 3-1:0.0: can't add hid device: -71
[ 1676.293615][   T10] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1676.320620][   T10] usb 3-1: USB disconnect, device number 125
[ 1676.459244][T13364] hid-generic 0005:046D:0A11.0059: item fetching failed at offset 0/1
[ 1676.469004][T25042] usb 2-1: device descriptor read/64, error -71
[ 1676.485340][T13364] hid-generic 0005:046D:0A11.0059: probe with driver hid-generic failed with error -22
[ 1676.738960][T25042] usb 2-1: new high-speed USB device number 119 using dummy_hcd
[ 1676.892642][T25042] usb 2-1: device descriptor read/64, error -71
[ 1677.471759][T13538] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1677.472030][T25042] usb usb2-port1: attempt power cycle
[ 1677.709996][T25715] FAULT_INJECTION: forcing a failure.
[ 1677.709996][T25715] name failslab, interval 1, probability 0, space 0, times 0
[ 1677.723681][T25715] CPU: 1 UID: 0 PID: 25715 Comm: syz.3.5369 Not tainted 6.14.0-rc7-syzkaller-00179-gb3ee1e460951 #0
[ 1677.723704][T25715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1677.723714][T25715] Call Trace:
[ 1677.723720][T25715]  <TASK>
[ 1677.723727][T25715]  dump_stack_lvl+0x16c/0x1f0
[ 1677.723755][T25715]  should_fail_ex+0x50a/0x650
[ 1677.723781][T25715]  ? fs_reclaim_acquire+0xae/0x150
[ 1677.723807][T25715]  ? tomoyo_realpath_from_path+0xb9/0x720
[ 1677.723831][T25715]  should_failslab+0xc2/0x120
[ 1677.723867][T25715]  __kmalloc_noprof+0xcb/0x510
[ 1677.723885][T25715]  ? __pfx_lock_acquire.part.0+0x10/0x10
[ 1677.723913][T25715]  tomoyo_realpath_from_path+0xb9/0x720
[ 1677.723936][T25715]  ? tomoyo_path_number_perm+0x235/0x590
[ 1677.723959][T25715]  ? tomoyo_path_number_perm+0x235/0x590
[ 1677.723983][T25715]  tomoyo_path_number_perm+0x248/0x590
[ 1677.724003][T25715]  ? tomoyo_path_number_perm+0x235/0x590
[ 1677.724026][T25715]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1677.724073][T25715]  ? __pfx_lock_release+0x10/0x10
[ 1677.724094][T25715]  ? trace_lock_acquire+0x14e/0x1f0
[ 1677.724116][T25715]  ? lock_acquire+0x2f/0xb0
[ 1677.724137][T25715]  ? __fget_files+0x40/0x3a0
[ 1677.724157][T25715]  ? __fget_files+0x206/0x3a0
[ 1677.724177][T25715]  security_file_ioctl+0x9b/0x240
[ 1677.724203][T25715]  __x64_sys_ioctl+0xb7/0x200
[ 1677.724229][T25715]  do_syscall_64+0xcd/0x250
[ 1677.724255][T25715]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1677.724277][T25715] RIP: 0033:0x7f3ee978d169
[ 1677.724292][T25715] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1677.724307][T25715] RSP: 002b:00007f3eea569038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1677.724324][T25715] RAX: ffffffffffffffda RBX: 00007f3ee99a5fa0 RCX: 00007f3ee978d169
[ 1677.724336][T25715] RDX: 0000200000000040 RSI: 00000000000007b3 RDI: 0000000000000003
[ 1677.724346][T25715] RBP: 00007f3eea569090 R08: 0000000000000000 R09: 0000000000000000
[ 1677.724356][T25715] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1677.724366][T25715] R13: 0000000000000000 R14: 00007f3ee99a5fa0 R15: 00007ffe9b265718
[ 1677.724390][T25715]  </TASK>
[ 1677.724417][T25715] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1678.029077][T25042] usb 2-1: new high-speed USB device number 120 using dummy_hcd
[ 1678.049377][T25042] usb 2-1: device descriptor read/8, error -71
[ 1678.119551][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1678.519256][T13538] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1678.521316][T25042] usb 2-1: new high-speed USB device number 121 using dummy_hcd
[ 1678.688254][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1678.713047][T11523] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1678.742332][T14025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1678.765327][T13538] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1680.664416][T13538] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1680.696935][T25729] FAULT_INJECTION: forcing a failure.
[ 1680.696935][T25729] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1680.729010][T25729] CPU: 1 UID: 0 PID: 25729 Comm: syz.4.5373 Not tainted 6.14.0-rc7-syzkaller-00179-gb3ee1e460951 #0
[ 1680.729026][T25729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1680.729033][T25729] Call Trace:
[ 1680.729036][T25729]  <TASK>
[ 1680.729041][T25729]  dump_stack_lvl+0x16c/0x1f0
[ 1680.729059][T25729]  should_fail_ex+0x50a/0x650
[ 1680.729077][T25729]  _copy_from_user+0x2e/0xd0
[ 1680.729091][T25729]  copy_msghdr_from_user+0x99/0x160
[ 1680.729107][T25729]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1680.729128][T25729]  ___sys_sendmsg+0xff/0x1e0
[ 1680.729143][T25729]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1680.729163][T25729]  ? __pfx_lock_release+0x10/0x10
[ 1680.729177][T25729]  ? trace_lock_acquire+0x14e/0x1f0
[ 1680.729193][T25729]  ? __fget_files+0x206/0x3a0
[ 1680.729206][T25729]  __sys_sendmsg+0x16e/0x220
[ 1680.729221][T25729]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1680.729244][T25729]  do_syscall_64+0xcd/0x250
[ 1680.729258][T25729]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1680.729273][T25729] RIP: 0033:0x7f9b1098d169
[ 1680.729281][T25729] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1680.729291][T25729] RSP: 002b:00007f9b1185a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1680.729301][T25729] RAX: ffffffffffffffda RBX: 00007f9b10ba5fa0 RCX: 00007f9b1098d169
[ 1680.729307][T25729] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[ 1680.729313][T25729] RBP: 00007f9b1185a090 R08: 0000000000000000 R09: 0000000000000000
[ 1680.729319][T25729] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1680.729325][T25729] R13: 0000000000000000 R14: 00007f9b10ba5fa0 R15: 00007ffd60856118
[ 1680.729336][T25729]  </TASK>
[ 1680.915703][T25731] FAULT_INJECTION: forcing a failure.
[ 1680.915703][T25731] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1680.928753][T25731] CPU: 1 UID: 0 PID: 25731 Comm: syz.4.5375 Not tainted 6.14.0-rc7-syzkaller-00179-gb3ee1e460951 #0
[ 1680.928767][T25731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1680.928773][T25731] Call Trace:
[ 1680.928777][T25731]  <TASK>
[ 1680.928780][T25731]  dump_stack_lvl+0x16c/0x1f0
[ 1680.928799][T25731]  should_fail_ex+0x50a/0x650
[ 1680.928821][T25731]  _copy_from_user+0x2e/0xd0
[ 1680.928844][T25731]  io_submit_one+0xbc/0x1da0
[ 1680.928876][T25731]  ? __pfx_io_submit_one+0x10/0x10
[ 1680.928898][T25731]  ? __might_fault+0x13b/0x190
[ 1680.928915][T25731]  ? lock_acquire+0x2f/0xb0
[ 1680.928929][T25731]  ? __might_fault+0xe3/0x190
[ 1680.928942][T25731]  ? __x64_sys_io_submit+0x1b2/0x340
[ 1680.928957][T25731]  __x64_sys_io_submit+0x1b2/0x340
[ 1680.928974][T25731]  ? __pfx___x64_sys_io_submit+0x10/0x10
[ 1680.928995][T25731]  do_syscall_64+0xcd/0x250
[ 1680.929010][T25731]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1680.929024][T25731] RIP: 0033:0x7f9b1098d169
[ 1680.929032][T25731] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1680.929042][T25731] RSP: 002b:00007f9b1185a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[ 1680.929052][T25731] RAX: ffffffffffffffda RBX: 00007f9b10ba5fa0 RCX: 00007f9b1098d169
[ 1680.929059][T25731] RDX: 0000200000000080 RSI: 0000000000000001 RDI: 00007f9b11839000
[ 1680.929065][T25731] RBP: 00007f9b1185a090 R08: 0000000000000000 R09: 0000000000000000
[ 1680.929070][T25731] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1680.929076][T25731] R13: 0000000000000000 R14: 00007f9b10ba5fa0 R15: 00007ffd60856118
[ 1680.929088][T25731]  </TASK>
[ 1681.113529][T25042] usb 2-1: device not accepting address 121, error -71
[ 1681.124209][T25042] usb usb2-port1: unable to enumerate USB device
[ 1681.147697][   T30] audit: type=1400 audit(1742572606.178:1951): avc:  denied  { read write } for  pid=25734 comm="syz.1.5376" name="uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[ 1681.153365][T25735] vivid-002: disconnect
[ 1681.171616][   T30] audit: type=1400 audit(1742572606.178:1952): avc:  denied  { open } for  pid=25734 comm="syz.1.5376" path="/dev/uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[ 1681.177400][T12311] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1681.229584][T14025] kernel write not supported for file /uhid (pid: 14025 comm: kworker/1:4)
[ 1681.245687][T25734] vivid-002: reconnect
[ 1681.519374][T12311] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[ 1682.274036][T14025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1682.289056][T12311] usb 4-1: Using ep0 maxpacket: 16
[ 1682.295494][T12311] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[ 1682.313364][T12311] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1682.336562][T12311] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1682.423846][T12311] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1682.459372][T12311] usb 4-1: Product: syz
[ 1682.488749][T25761] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1682.506248][T25761] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1682.515163][T25761] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1682.543526][T12311] usb 4-1: Manufacturer: syz
[ 1682.548142][T12311] usb 4-1: SerialNumber: syz
[ 1682.559444][T25761] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1682.567773][T25761] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1682.651763][T12311] usb 4-1: config 0 descriptor??
[ 1682.662913][T25757] kvm: requested 5028 ns i8254 timer period limited to 200000 ns
[ 1682.689148][T25765] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1682.693069][T12311] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 1682.729719][T25761] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1682.748745][T12311] em28xx 4-1:0.0: Audio interface 0 found (Vendor Class)
[ 1683.771497][T14025] usb 2-1: new high-speed USB device number 122 using dummy_hcd
[ 1683.812871][T12311] em28xx 4-1:0.0: unknown em28xx chip ID (0)
[ 1683.822255][T12311] em28xx 4-1:0.0: Config register raw data: 0xfffffffb
[ 1683.933523][T14025] usb 2-1: device descriptor read/64, error -71
[ 1684.679773][T12311] em28xx 4-1:0.0: AC97 chip type couldn't be determined
[ 1684.686840][T12311] em28xx 4-1:0.0: No AC97 audio processor
[ 1684.735534][T22316] usb 4-1: USB disconnect, device number 19
[ 1684.741884][T22316] em28xx 4-1:0.0: Disconnecting em28xx
[ 1684.753422][T22316] em28xx 4-1:0.0: Freeing device
[ 1684.808932][T14025] usb 2-1: new high-speed USB device number 123 using dummy_hcd
[ 1684.939073][T14025] usb 2-1: device descriptor read/64, error -71
[ 1684.958967][T13538] usb 5-1: new high-speed USB device number 108 using dummy_hcd
[ 1685.050173][T14025] usb usb2-port1: attempt power cycle
[ 1685.130289][T13538] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1685.141348][T13538] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1685.175003][T13538] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1685.214579][T13538] usb 5-1: config 0 descriptor??
[ 1685.388943][T14025] usb 2-1: new high-speed USB device number 124 using dummy_hcd
[ 1685.409379][T14025] usb 2-1: device descriptor read/8, error -71
[ 1685.559060][T22316] usb 4-1: new full-speed USB device number 20 using dummy_hcd
[ 1685.628193][T13538] keytouch 0003:0926:3333.005A: fixing up Keytouch IEC report descriptor
[ 1685.638328][T13538] input: HID 0926:3333 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0926:3333.005A/input/input169
[ 1685.650177][T14025] usb 2-1: new high-speed USB device number 125 using dummy_hcd
[ 1685.680691][T14025] usb 2-1: device descriptor read/8, error -71
[ 1685.730691][T22316] usb 4-1: too many endpoints for config 1 interface 1 altsetting 1: 174, using maximum allowed: 30
[ 1685.745171][T22316] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 1023, setting to 64
[ 1685.756608][T22316] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1685.766543][T13538] keytouch 0003:0926:3333.005A: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.4-1/input0
[ 1685.783895][T22316] usb 4-1: config 1 interface 1 altsetting 1 has 2 endpoint descriptors, different from the interface descriptor's value: 174
[ 1685.797776][T14025] usb usb2-port1: unable to enumerate USB device
[ 1685.806532][T22316] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1685.815738][T22316] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1685.823784][T22316] usb 4-1: Product: syz
[ 1685.828463][T22316] usb 4-1: Manufacturer: syz
[ 1685.833133][T22316] usb 4-1: SerialNumber: syz
[ 1685.879491][T14025] net_ratelimit: 4 callbacks suppressed
[ 1685.879508][T14025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1686.112213][T22316] cdc_ncm 4-1:1.0: NCM or ECM functional descriptors missing
[ 1686.120744][T22316] cdc_ncm 4-1:1.0: bind() failure
[ 1686.128614][T22316] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
[ 1686.136119][T22316] cdc_ncm 4-1:1.1: bind() failure
[ 1686.144382][T22316] usb 4-1: USB disconnect, device number 20
[ 1686.365844][T11542] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1686.452366][T14025] 
[ 1686.452378][T14025] ======================================================
[ 1686.452385][T14025] WARNING: possible circular locking dependency detected
[ 1686.452392][T14025] 6.14.0-rc7-syzkaller-00179-gb3ee1e460951 #0 Not tainted
[ 1686.452404][T14025] ------------------------------------------------------
[ 1686.452410][T14025] kworker/1:4/14025 is trying to acquire lock:
[ 1686.452420][T14025] ffff88801b0990b8 (&buf->lock){+.+.}-{4:4}, at: tty_buffer_flush+0x72/0x310
[ 1686.452468][T14025] 
[ 1686.452468][T14025] but task is already holding lock:
[ 1686.452474][T14025] ffffffff8e1aaa40 (console_lock){+.+.}-{0:0}, at: vc_SAK+0x13/0x310
[ 1686.452509][T14025] 
[ 1686.452509][T14025] which lock already depends on the new lock.
[ 1686.452509][T14025] 
[ 1686.452516][T14025] 
[ 1686.452516][T14025] the existing dependency chain (in reverse order) is:
[ 1686.452522][T14025] 
[ 1686.452522][T14025] -> #2 (console_lock){+.+.}-{0:0}:
[ 1686.452546][T14025]        console_lock+0x7a/0xa0
[ 1686.452561][T14025]        con_flush_chars+0x5e/0x80
[ 1686.452578][T14025]        n_tty_write+0xe17/0x1140
[ 1686.452601][T14025]        file_tty_write.constprop.0+0x506/0x9a0
[ 1686.452620][T14025]        vfs_write+0x5ae/0x1150
[ 1686.452645][T14025]        ksys_write+0x12b/0x250
[ 1686.452659][T14025]        do_syscall_64+0xcd/0x250
[ 1686.452682][T14025]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1686.452704][T14025] 
[ 1686.452704][T14025] -> #1 (&tty->termios_rwsem){++++}-{4:4}:
[ 1686.452728][T14025]        down_read+0x9a/0x330
[ 1686.452750][T14025]        n_tty_receive_buf_common+0x85/0x1980
[ 1686.452775][T14025]        tty_ldisc_receive_buf+0xa2/0x190
[ 1686.452793][T14025]        tty_port_default_receive_buf+0x70/0xb0
[ 1686.452819][T14025]        flush_to_ldisc+0x264/0x780
[ 1686.452837][T14025]        process_one_work+0x9c5/0x1ba0
[ 1686.452858][T14025]        worker_thread+0x6c8/0xf00
[ 1686.452878][T14025]        kthread+0x3af/0x750
[ 1686.452897][T14025]        ret_from_fork+0x45/0x80
[ 1686.452918][T14025]        ret_from_fork_asm+0x1a/0x30
[ 1686.452936][T14025] 
[ 1686.452936][T14025] -> #0 (&buf->lock){+.+.}-{4:4}:
[ 1686.452959][T14025]        __lock_acquire+0x249e/0x3c40
[ 1686.452981][T14025]        lock_acquire.part.0+0x11b/0x380
[ 1686.453003][T14025]        __mutex_lock+0x19b/0xb10
[ 1686.453023][T14025]        tty_buffer_flush+0x72/0x310
[ 1686.453042][T14025]        tty_ldisc_flush+0x64/0xe0
[ 1686.453057][T14025]        __do_SAK+0x6a7/0x800
[ 1686.453076][T14025]        vc_SAK+0x7f/0x310
[ 1686.453089][T14025]        process_one_work+0x9c5/0x1ba0
[ 1686.453110][T14025]        worker_thread+0x6c8/0xf00
[ 1686.453130][T14025]        kthread+0x3af/0x750
[ 1686.453148][T14025]        ret_from_fork+0x45/0x80
[ 1686.453168][T14025]        ret_from_fork_asm+0x1a/0x30
[ 1686.453185][T14025] 
[ 1686.453185][T14025] other info that might help us debug this:
[ 1686.453185][T14025] 
[ 1686.453190][T14025] Chain exists of:
[ 1686.453190][T14025]   &buf->lock --> &tty->termios_rwsem --> console_lock
[ 1686.453190][T14025] 
[ 1686.453218][T14025]  Possible unsafe locking scenario:
[ 1686.453218][T14025] 
[ 1686.453224][T14025]        CPU0                    CPU1
[ 1686.453229][T14025]        ----                    ----
[ 1686.453234][T14025]   lock(console_lock);
[ 1686.453245][T14025]                                lock(&tty->termios_rwsem);
[ 1686.453258][T14025]                                lock(console_lock);
[ 1686.453270][T14025]   lock(&buf->lock);
[ 1686.453282][T14025] 
[ 1686.453282][T14025]  *** DEADLOCK ***
[ 1686.453282][T14025] 
[ 1686.453286][T14025] 4 locks held by kworker/1:4/14025:
[ 1686.453297][T14025]  #0: ffff88801b078d48 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x1293/0x1ba0
[ 1686.453343][T14025]  #1: ffffc9000b337d18 ((work_completion)(&vc_cons[currcons].SAK_work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0
[ 1686.453389][T14025]  #2: ffffffff8e1aaa40 (console_lock){+.+.}-{0:0}, at: vc_SAK+0x13/0x310
[ 1686.453427][T14025]  #3: ffff888062de10a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_flush+0x1c/0xe0
[ 1686.453469][T14025] 
[ 1686.453469][T14025] stack backtrace:
[ 1686.453475][T14025] CPU: 1 UID: 0 PID: 14025 Comm: kworker/1:4 Not tainted 6.14.0-rc7-syzkaller-00179-gb3ee1e460951 #0
[ 1686.453496][T14025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1686.453508][T14025] Workqueue: events vc_SAK
[ 1686.453522][T14025] Call Trace:
[ 1686.453528][T14025]  <TASK>
[ 1686.453535][T14025]  dump_stack_lvl+0x116/0x1f0
[ 1686.453559][T14025]  print_circular_bug+0x490/0x760
[ 1686.453583][T14025]  check_noncircular+0x31a/0x400
[ 1686.453606][T14025]  ? __pfx_check_noncircular+0x10/0x10
[ 1686.453631][T14025]  ? lockdep_lock+0xc6/0x200
[ 1686.453649][T14025]  ? __pfx_lockdep_lock+0x10/0x10
[ 1686.453670][T14025]  __lock_acquire+0x249e/0x3c40
[ 1686.453696][T14025]  ? __pfx___lock_acquire+0x10/0x10
[ 1686.453719][T14025]  ? rcu_is_watching+0x12/0xc0
[ 1686.453738][T14025]  lock_acquire.part.0+0x11b/0x380
[ 1686.453761][T14025]  ? tty_buffer_flush+0x72/0x310
[ 1686.453781][T14025]  ? __pfx_lock_acquire.part.0+0x10/0x10
[ 1686.453809][T14025]  ? rcu_is_watching+0x12/0xc0
[ 1686.453826][T14025]  ? trace_lock_acquire+0x14e/0x1f0
[ 1686.453845][T14025]  ? __pfx___lock_acquire+0x10/0x10
[ 1686.453866][T14025]  ? tty_buffer_flush+0x72/0x310
[ 1686.453885][T14025]  ? lock_acquire+0x2f/0xb0
[ 1686.453906][T14025]  ? tty_buffer_flush+0x72/0x310
[ 1686.453926][T14025]  __mutex_lock+0x19b/0xb10
[ 1686.453947][T14025]  ? tty_buffer_flush+0x72/0x310
[ 1686.453968][T14025]  ? tty_buffer_flush+0x72/0x310
[ 1686.453987][T14025]  ? __pfx___mutex_lock+0x10/0x10
[ 1686.454009][T14025]  ? rcu_is_watching+0x12/0xc0
[ 1686.454027][T14025]  ? tty_ldisc_flush+0x1c/0xe0
[ 1686.454047][T14025]  ? tty_buffer_flush+0x72/0x310
[ 1686.454065][T14025]  tty_buffer_flush+0x72/0x310
[ 1686.454086][T14025]  tty_ldisc_flush+0x64/0xe0
[ 1686.454103][T14025]  __do_SAK+0x6a7/0x800
[ 1686.454123][T14025]  ? lock_acquire+0x2f/0xb0
[ 1686.454144][T14025]  ? vc_SAK+0x13/0x310
[ 1686.454160][T14025]  vc_SAK+0x7f/0x310
[ 1686.454174][T14025]  process_one_work+0x9c5/0x1ba0
[ 1686.454199][T14025]  ? __pfx_console_callback+0x10/0x10
[ 1686.454220][T14025]  ? __pfx_process_one_work+0x10/0x10
[ 1686.454244][T14025]  ? assign_work+0x1a0/0x250
[ 1686.454265][T14025]  worker_thread+0x6c8/0xf00
[ 1686.454291][T14025]  ? __pfx_worker_thread+0x10/0x10
[ 1686.454313][T14025]  kthread+0x3af/0x750
[ 1686.454332][T14025]  ? __pfx_kthread+0x10/0x10
[ 1686.454351][T14025]  ? lock_acquire+0x2f/0xb0
[ 1686.454375][T14025]  ? __pfx_kthread+0x10/0x10
[ 1686.454394][T14025]  ret_from_fork+0x45/0x80
[ 1686.454415][T14025]  ? __pfx_kthread+0x10/0x10
[ 1686.454435][T14025]  ret_from_fork_asm+0x1a/0x30
[ 1686.454457][T14025]  </TASK>
[ 1686.504890][T14025] tty tty1: SAK: killed process 18129 (syz.2.3303): by fd#3
[ 1686.505006][T14025] tty tty1: SAK: killed process 18983 (syz.1.3481): by fd#3
[ 1686.505028][T14025] tty tty1: SAK: killed process 19446 (syz.2.3617): by fd#3
[ 1686.505048][T14025] tty tty1: SAK: killed process 19495 (syz.3.3631): by fd#3
[ 1686.505085][T14025] tty tty1: SAK: killed process 19519 (syz.3.3638): by fd#3
[ 1686.653116][T12311] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1686.670709][T13538] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1687.258016][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1687.588460][T25804] tty tty25: ldisc open failed (-12), clearing slot 24
[ 1687.719046][T14025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1688.280198][T12311] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1688.602879][T12311] usb 5-1: USB disconnect, device number 108
[ 1688.759144][T22316] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1689.799343][T14025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1690.278960][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1691.879449][T14025] net_ratelimit: 1 callbacks suppressed
[ 1691.879460][T14025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1692.119143][T16263] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1692.127994][T14025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1692.136974][T14025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1693.158979][T14025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1693.320071][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1694.209661][T14025] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1695.239024][T22316] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1696.279244][T22316] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1696.369020][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog