last executing test programs:

36.27273233s ago: executing program 3 (id=462):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
socket$netlink(0x10, 0x3, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pselect6(0x40, &(0x7f0000000100), 0x0, &(0x7f0000000240)={0x1f}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
getpgrp(0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000300)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
sendmsg$NFNL_MSG_COMPAT_GET(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000100)={0x2c, 0x0, 0xb, 0x101, 0x0, 0x0, {0x3, 0x0, 0x8}, [@NFTA_COMPAT_NAME={0x5, 0x1, '\x00'}, @NFTA_COMPAT_REV={0x8, 0x2, 0x1, 0x0, 0x5}, @NFTA_COMPAT_TYPE={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x60004000}, 0x40010)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$audio1(0xffffffffffffff9c, &(0x7f00000000c0), 0x800fc68888e4f698, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000000)=0x15)
ioctl$TCSETS(r3, 0x40384708, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x0, 0x0, "3eccd8000200000500"})
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000080)=0xd)
openat(0xffffffffffffffff, &(0x7f0000000180)='./file0\x00', 0x200200, 0x11a)

35.993478908s ago: executing program 2 (id=463):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='dctcp', 0x5)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x23)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe3}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f00000014c0)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000180)="f0", 0x1}], 0x1}}], 0x1, 0x40)
sendmmsg$inet(r0, &(0x7f0000001340)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000001580)="e7fd379780c24b198c9ebd2cbb2b697c63dcb2ad9924f068956ae9bff5b6d902955f083d7b63744819e97a58eda43c74e9d230bc284b81001b09ce5be3d9c808be0e4a06f04cd3b92717af30809bcb8660e838655d1f593b3d2d6ce2116da270d9f579336fae578558549f2b72b6eee49171b323c4b04f482877197be535fddd8c7710c5df4ff18be68856f2cdc2c9150a734c9e873ddb095f7c8d8520dab8b358b59a2c2dc5baf56eb7b8892847da1da3352bd078a54b58c147e25793a3318dd3b60e0b1f4de4bf6cf33d916ca1fdd2091c257cdac954320967fa95515b89ba1dcf4bdbcdce9129390d4f5484c1d29932547c71fd647e4439968c50f5fd216670412ede7666a114329f8dfb39309bc0931964ec5a28ac77925a80758f69989180241615e3ac5a02e46128e507691fcaadeeb5d2e277417e2a326acfea772bcbde319b563731a69e0db4e17c3ce7dbcf33ad70290f33c2f99842fc45988102c53e7442a82c91c73de101a328c6f1c20b849fe4b1cf8a8dc36f703bf1774d3bbea1c99f0963d6811649a60b8eff49ea31e23b1b91016d027a10a7304658291a3bc17bc4b56626852331d4077ac11b9ef7edcd4cbfb77d8fb9665ba44be5aa24f706e7cbc7fcaa3b8a234f4361ba9789fb71f69d0a3eda497d7573e8404d5272cd822a2529c62c64eebad406d2ecbac4d0a1ad1c27e42d0c5737066654ea18a2a7ca66eb3b96732db01d1c569549f75804eb8776218ed282f884924a21cbc565687b33bf6d4f243fcbe500c910cf9e75183584c336b23c3c7bbacf7cda462eed4e1d9c75d39f3814369537d5f1a2804058f9afb402f7b2e57b48437b558be97dc3cd6a45f1ec5b4c4f97566fb77101fe66a1f122dccc1cf95ca7cac098dea0f4576b8ddd601443d3a7adeac82995b3c12490d285c854e4d79d201702ee68c852a8402d420bded5262a91bfd8b0e123b07a24fae022d5c061c3519db619e8648c77ed6600bb6d0f03e70e05861602d48fb668ba0a90774cf364013dcb2997b875157281bc7c592f652f06cc66b60317687c41cec9ad66a136c46b485a26ada56e1c863cda4aec9f227a0eef8f8e9cc43546ddf53663e1e1cceef8ff73ea387a842bbbf992956e7391eeecc124b7c2c8986e84a0b09936a4574832df951a6c595892e7815f9005446675880a24019b18c820a29a0e72371e7d4dcd2188cbeec3e7b099288d2a6899c6171ad53fb58526a911dc31579f1a98d2dfaa18ccfe210a927e8ab8060588271fddbdcfafc801fe6ba1462060c0d856c2fdd917bab2a1c07f9f562c29bcf9fa83e45201933fd643988555b056513ea0cebf6d8e057032e3e8eeef67a20db39cfd42c4f4c57d0aab701117d218d046fbd372584af6fd633e92317f08c36e66f8623c0a0dcbcb7382e958518e12beea5caa75d73612bee01e5229f706842fd3ecc5679973c31b424c9d5bead2fb92c77c5988d6b33b7439c1bc3c2da8bc330e1c6cf03d3b612e82c275f5225803d16fb7f10661d502720a35961a99aac976c59b93121d38b282d5302afa4004a843bd119c9d7bef5f0e193ec093868ed6a5e665ce9b6a23b7d1c247c8d2380f491cfceb914baa65f60a7bea8f25449c9ea7c45963b7e073289c9c9722c8024defb942c4a2daad3aaaf6f7ef4c893ebcf4fff9ec8d5735af085c32e118794f0a2f206fde76cb28cd571f28540765f09aa243ad8bef6516dc46767230498ae011436f29adf8a40d858ca41efe03db9ef4332d1419a2805d20738cb12562230305d118523d9682540cfc3393c52b29859399f19311863c35b0e7f3e190997723d82859ef35af16044f8cab80cfc48bc2ea8e69a1cb64678e5cc93d49c87824f63838337f02806e2d0964f9e7f8d7e876dfd55d00d5e7f7d3c78b068972b1d8e962573018fb5ffe5b775f6028434db0361b4f94e3df8caa8d0a7dfbd34e859e88bcf2b787b353c69add0df04b477383cccaa4b78f8dd97d0cce1cb9d2135913c5f436d54b1ca29697768e94f5f52a0a4962def4fda83a2be4d23b450fbf0fef234d2f2c1e773a5a78bd7af6201a92b1a1dc3498b936f6", 0x5c7}], 0x1}}], 0x1, 0xc4)

35.892262663s ago: executing program 2 (id=465):
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$inet6(0xa, 0x3, 0xff)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10)
fcntl$setstatus(r1, 0x4, 0x40800)
setsockopt$inet_mtu(r1, 0x0, 0xa, &(0x7f0000000180)=0x4, 0x4)
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x10, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}, {}, {}, {0x7, 0x0, 0xb, 0x7}}, @printk]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r2}, &(0x7f00000000c0), &(0x7f0000000100)=r3}, 0x20)
ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0x400454d0, 0xe)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e27, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events.local\x00', 0x275a, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000000c0)={<r6=>0x0, @multicast1, @broadcast}, &(0x7f00000001c0)=0xc)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000009c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, r6, 0x20082, 0x80e1}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x0)
ioctl$DRM_IOCTL_MODE_GETFB(r4, 0xc01c64ad, &(0x7f0000000280))
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, 0x0, 0xc000)
r8 = socket$kcm(0x10, 0x7, 0x10)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)="180000003c000bab956cb26f8c7d94f90324fc602f000000", 0x18}], 0x1}, 0x40)
r9 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$sock_SIOCADDRT(r9, 0x890b, &(0x7f0000000300)={0x0, @ethernet={0x306, @random="fc06839d09fe"}, @ax25={0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x8}, @sco={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x1, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000380)='bridge_slave_1\x00', 0x6, 0x7, 0x9})
userfaultfd(0x801)

35.752523076s ago: executing program 3 (id=467):
inotify_init()
add_key(&(0x7f0000000100)='rxrpc\x00', 0x0, &(0x7f0000000140), 0x0, 0xffffffffffffffff)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x800}, 0xc090)
sendmsg$IPVS_CMD_NEW_DEST(0xffffffffffffffff, 0x0, 0xe1)
r0 = add_key$user(0x0, &(0x7f0000000440), &(0x7f00000000c0), 0x0, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={0x0, r0}, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x20042, 0x0)
r1 = socket$kcm(0xa, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f00000003c0)={0x9c9, 0x0, 0x0, 'queue0\x00', 0x200000})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r4, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x3}})
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f00000008c0)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\Eb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80=\x8a\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\x1f\x03\x00\x00\x00\x00\x00\x00\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9ak\x00\x00\x00\x00\x00\x00\x00\n\xa72\xa3\xef^\xe7\x8f', 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x23, 0x0, 0x0)
sendmsg$kcm(r1, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x20000011)
sendmsg$kcm(r1, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0xd}, 0x2}, 0x80, 0x0}, 0xe07e872420dfefca)
r5 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)="1400000023000b6c8cfffdfccabb00f90429fc", 0x13}], 0x1}, 0x2400c000)
socket$nl_generic(0x10, 0x3, 0x10)

33.991046978s ago: executing program 3 (id=471):
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
ppoll(&(0x7f0000000040)=[{r0, 0x10}], 0x1, 0x0, 0x0, 0x0)
r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x3, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r1, 0xc058560f, &(0x7f0000000180)=@multiplanar_mmap={0x0, 0x2, 0xffffffffffffffbc, 0x0, 0x0, {0x77359400}, {0x1, 0x0, 0x0, 0x0, 0x0, 0xfc, 'y)\x00\b'}, 0x0, 0x1, {0x0}, 0xea})
socket$alg(0x26, 0x5, 0x0)
r2 = eventfd(0x5)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r3, &(0x7f0000000140), 0x10)
r4 = syz_io_uring_setup(0x835, &(0x7f00000000c0)={0x0, 0x679a, 0x400, 0x2000006, 0x3ce}, &(0x7f0000000040)=<r5=>0x0, &(0x7f0000000140)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r3, 0x0, &(0x7f0000000240)="144024aeae8b2b5d63f7449a372e1406d4defe495b5744eed6801d1d51e1d3fcdcf25bdf4a5f2ef4b45d6898757795c858f0c3d4b26bd644", 0x38, 0x2400c0c7, 0x1})
r7 = syz_usb_connect$hid(0x3, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB="1201000000000010d804dd000000000000010902240001000000e9090400000103000000092105000001220500090581030002"], 0x0)
syz_usb_control_io(r7, 0x0, 0x0)
syz_usb_control_io(r7, &(0x7f00000003c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="000008000000080482"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_ep_write(r7, 0x81, 0x2, &(0x7f0000000000)="9167")
io_uring_enter(r4, 0x3516, 0x0, 0x0, 0x0, 0x0)
r8 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC_PROXY(r8, 0x29, 0xd2, &(0x7f0000000300)={{0xa, 0x4e22, 0x0, @loopback}, {0xa, 0x0, 0x0, @mcast2}, 0x2001, {[0x4]}}, 0x5c)
ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f0000000240)=r2)
write$FUSE_NOTIFY_RESEND(r0, &(0x7f00000024c0)={0x14}, 0x14)

33.754143989s ago: executing program 4 (id=473):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/cpuinfo\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x20000023896)

33.747015854s ago: executing program 2 (id=474):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = syz_io_uring_setup(0x66e0, &(0x7f0000000640)={0x0, 0x5867, 0x10, 0xfffffffc, 0x24d}, &(0x7f00000006c0)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f00000002c0)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x4007, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r1, 0x100847c0, 0x0, 0x1, 0x0, 0x0)
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000140)=0x200000000)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000900))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1) (fail_nth: 3)

32.914017572s ago: executing program 2 (id=476):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2002, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000002000)=""/102400, 0x19000)
r3 = openat(0xffffffffffffffff, 0x0, 0x2c41, 0x40)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r5, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="34000000020301010000000000000000210000070800034000001000080005400000002008000440000000010800034000000000"], 0x34}, 0x1, 0x0, 0x0, 0x4000080}, 0x4000000)
sendmsg$NL802154_CMD_SET_CCA_ED_LEVEL(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x4008000}, 0x4)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, 0x0, 0x0)
r7 = accept4(r6, 0x0, 0x0, 0x0)
ioctl$sock_FIOGETOWN(r3, 0x8903, &(0x7f0000000040))
sendto$packet(r7, &(0x7f00000000c0)="37fe0187610488b3d05d92015ee9ad38d34e1b37234adc", 0x17, 0x0, 0x0, 0x0)
flock(0xffffffffffffffff, 0x2)
dup3(r6, r3, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r8)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)
r9 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
close(r9)
execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)
execve(&(0x7f0000000180)='./file0\x00', 0x0, &(0x7f0000000800)={[&(0x7f00000004c0)='\x7f\xb7\xc1\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab?P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb8\x10\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x05\x03\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7vC\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01aA$\xf6j\x89\xd9_\xa0\x84\xeaT\x94\xaexuTW\xa7\x93\x8d\xbd\xe6~\xa8\x82\xe7LSw\x8b\x0f<\xe6\xbdh\x97\xd4\xb8\x97\xc0\xd2\x8e\x83#`yx\x96\x10M\xef\xab\xcaR*\xf8a\xdb?\xe0\xd5\xa8\xf1\x9f\\\x17I\x1b\xda$\n\x97\x1d\x8e\xad\xdc\x11\xce\x1e\xe4\xa9\xdb\xfc\xfa\xb5\xcb\xec=\xb2\xb7x\xf6\xa7H\r\xaf\xf4|\x9e\x96?%\x9a\xb0\x00V\xca\xf7b\xc1 \x7f\xb5\x87\x16\xe1?9\xb5\xb8sn\xc8\xa8\xbf7{\x80\x12\xfd\a\x00\xef}\x0484\nU\x14\xfc\xb0mV~\x9d\xa6\x01\f\xef\x8f(.[8\xbd\xdf\x1a\xa6\x80\xa2\x8b,\x11/\x02\"\x10\xf7\xd0l\xbd\xfa\xcd$?I\x82K\v\xcc\x19\xdc\xdb\x87\xbd\xe4\xac\xe2\xac\x06\xc5\x88_\x84K\x8dm\xac\x9b\xe7#\xcb\xa9}\x8f\xe0\x9dYb\x88Z\x9c\xb5\xcbj\n\x1b\xee\x1ev\x01\xaf']})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)=ANY=[@ANYRES64=r1], 0xb0}, 0x1, 0x0, 0x0, 0x40094}, 0x0)

32.860066891s ago: executing program 4 (id=477):
syz_usb_control_io$printer(0xffffffffffffffff, 0x0, &(0x7f00000011c0)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001180)={0x20, 0x0, 0x1}})
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000580)={'batadv_slave_0\x00', <r2=>0x0})
ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f00000002c0)={@mcast2, @empty, @dev={0xfe, 0x80, '\x00', 0x26}, 0x0, 0x6, 0x0, 0x100, 0x4, 0x540000, r2})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', <r5=>0x0})
ioctl$sock_inet6_SIOCADDRT(r3, 0x890b, &(0x7f0000000140)={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @private2={0xfc, 0x2, '\x00', 0x1}, @private0, 0x1, 0x6, 0x0, 0x100, 0x6, 0x180107, r5})
syz_usb_disconnect(0xffffffffffffffff)
pwritev(r0, &(0x7f0000000140)=[{&(0x7f0000000100)="c51d02dd9556", 0x6}], 0x1, 0xfffffff5, 0xc0)

32.779033994s ago: executing program 0 (id=478):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = syz_io_uring_setup(0x66e0, &(0x7f0000000640)={0x0, 0x5867, 0x10, 0xfffffffc, 0x24d}, &(0x7f00000006c0)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f00000002c0)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x4007, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r1, 0x100847c0, 0x0, 0x1, 0x0, 0x0)
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000140)=0x200000000)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000900))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1)

31.745808778s ago: executing program 2 (id=480):
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_usb_connect(0x0, 0x34, &(0x7f00000006c0)={{0x12, 0x1, 0x0, 0x7c, 0x96, 0x5c, 0x40, 0x2013, 0x251, 0xe86e, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x22, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0xff, 0xff, 0xff, 0x0, [], [{{0x9, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [@generic={0x7, 0x5, "839935191f"}]}}]}}]}}]}}, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
syz_emit_ethernet(0x52, 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000cc0), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0x52)
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000001c0)='./bus\x00', 0x21)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000140), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
mknodat$loop(0xffffffffffffffff, &(0x7f00000002c0)='./file1\x00', 0xc000, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
linkat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000a00)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000600)='./file1\x00', 0x2)
mmap(&(0x7f0000422000/0x1000)=nil, 0x1000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
statx(0xffffffffffffffff, &(0x7f00000000c0)='./bus\x00', 0x1000, 0x200, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19)
openat$ppp(0xffffffffffffff9c, 0x0, 0xc0802, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x207a98, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'bridge0\x00'})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x40000)
openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000380)='/proc/asound/card1/oss_mixer\x00', 0x1, 0x0)
ioctl$FBIOPUTCMAP(0xffffffffffffffff, 0x4605, &(0x7f0000000400)={0x7, 0x0, 0x0, 0x0, 0x0, 0x0})

31.720998878s ago: executing program 4 (id=481):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x18, 0x4, &(0x7f00000000c0)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x7, 0x0, 0x0, 0x40f00, 0x6, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x20, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB], &(0x7f0000000480)='GPL\x00', 0xfff, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x20)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r2 = dup(r1)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e20, @empty}, 0x10)
bind$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0xce20, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10)
bpf$OBJ_PIN_MAP(0x6, 0x0, 0x0)
r3 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = socket(0x2, 0x3, 0xff)
sendmmsg$inet(r5, &(0x7f0000004a80)=[{{&(0x7f0000000080)={0x2, 0x4e20, @private=0xa010100}, 0x10, &(0x7f0000000340)=[{&(0x7f0000000700)="639a68bf78715751a5415ce7b0bf185e7d930000522297b04ca03293e6dcce0d018c9a82677ef2d2cd694630c9fad37c043de6cc38aa49ab9e3e47b60b740015dcfcd70044de8104a98b2d10fca1e51bcde4afa88cff4e0ac957b57ed4851c5d32f54009c577c9c6a624da0bee0ec02c871071d569caab726af47990db1d236f343469c6bddcb227aeb49c42788197981905a63e93207ed7836bc88e532da0", 0x9f}], 0x1}}], 0x1, 0x220040c0)
bind$inet6(r5, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @local, 0xfffffff9}, 0x1c)
ioctl$TUNSETPERSIST(r4, 0x400454c9, 0x0)
connect$netrom(r3, &(0x7f0000000300)={{0x6, @rose, 0x3}, [@null, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}]}, 0x48)
r6 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
listen(r6, 0x80)
accept$netrom(r6, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000090000000000000000000000215a08000400000018010000786c6c2500000000002020207b1af8ff0000b42ae9c50a94d8b43c787affd80000bfa10000000000000701ec4d3554ffffb702000008000000b703000000000000850000000e0000009500000000000000", @ANYRESHEX], &(0x7f0000000180)='GPL\x00', 0xfffffffc, 0x0, 0x0, 0x41100}, 0x94)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(r7, &(0x7f00000001c0)=0x8, 0xfffffffffffffecd)
r8 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r9, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a14000000060a0b04000000000000000002000000140000001100010000000000000000000000000a13213c2067bd01b5060ed318f6f33bfab829879436519a60ffe809be168f5ed82f0400ffd9e6a2411fe7d4e34e2a672ffab830f14aa0fc5ab4755a34493afbde4aed742f14916728782e7c45dd1c787e26784114ea60f5bed6ac5572"], 0x3c}}, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r8, 0x8914, &(0x7f0000000080)={'nr0\x00', 0x2000})
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000500)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="1c0000000001010100000000000000000700000608000340000000000d24b3e0bdc150a8c9d80c3b"], 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x4000)

31.229846582s ago: executing program 1 (id=483):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB=',\x00\x00', @ANYRES16=r0, @ANYBLOB="010008020000001800006600000008000300", @ANYRES32=r2, @ANYBLOB="08002600940900000800b70099"], 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)={0x294, r3, 0x1, 0x70bd26, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_CSA_C_OFFSETS_TX={0x6, 0xcd, [0x0]}, @NL80211_ATTR_FRAME={0x26d, 0x33, @beacon={{{0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x9}, @device_b, @device_a, @initial, {0xf, 0x5}}, 0xffffffffffffffff, @default, 0x1000, @val={0x0, 0x6, @default_ibss_ssid}, @void, @val={0x3, 0x1, 0x2c}, @void, @val={0x6, 0x2, 0x1fc}, @val={0x5, 0x3, {0x5, 0x97, 0x5}}, @void, @val={0x2a, 0x1, {0x0, 0x0, 0x1}}, @void, @val={0x2d, 0x1a, {0x400, 0x2, 0x5, 0x0, {0x2, 0xb7b, 0x0, 0x347, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x100, 0x1}}, @void, @val={0x71, 0x7, {0x69, 0x0, 0x1, 0xffffffffffffffff, 0x1, 0x7, 0x20}}, @val={0x76, 0x6, {0x3, 0x0, 0x2f, 0x6}}, [{0xdd, 0x25, "8a70254dad90829ddb18be62e84e877606f1bb15aaeda7b68c72bb816a45e603389a3d1c4f"}, {0xdd, 0xe3, "a9b8e8b2e8815dfdd27ddf0d9e1cb4fa1bbb67c1e564d75e01a3568e885b2ad15a99d00b7ffdeb02eebcc7545ca67fcad48c79ee89e03a97f892233201e08cb02c084d6cc9e65633c4f51e62e7d245088db7b2a0857ec4e5f911cb353d191498218794a9bd9095865f05de5722159704b56e4dd354369f3480578abd5a8f408dc04f90e5953feace89747961bbd24dac7393ae66ff9e5c5dd5e0b7cf50058a5b5f27dea29e01315b0b6d58d4a2f6b6f06eb7d71f09f0aae4848147d50a60273e11cfa79f5c1cdea51bfd799af914fcb2b635cabc24982a2645999206bdd136f149b323"}, {0xdd, 0x72, "d603975e745cf0818ddf6d630340422b5efe14e9cb1adb7c07146829be39ac24aa70b63265f5d01e584ea220662ae06b9f29b8c0db55b8973efcc8e2131746af14a7d9eec224a2ecee11fec779abcc890cc3efddbb5192105d5f3e94261bec464121a596e5a12dab164fdd7f9d86075b048c"}, {0xdd, 0x7f, "844485144ae31589b65f2b2495e4a044244c614b4546e50d85069c3aaede2f341775ec7e4c686a3910b4c4de14babb923cc2c888ce1c1bf2c37c73917ee9b073d0966153f3f38618f91c68279e45ea37ea7da95c8d10bfb68cbe7dbeaea77e1155e7ba64a002b943b33c2f80bcbb7bacac5c6b44c78c1a8c8b8edaba807abc"}]}}]}, 0x294}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

31.178632939s ago: executing program 1 (id=484):
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, 0x0, 0x0)
ptrace$pokeuser(0x6, 0x0, 0x358, 0xffff8880b870dfff)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/timer_list\x00', 0x0, 0x0)
r0 = syz_io_uring_setup(0x49a, &(0x7f0000000500)={0x0, 0x79af, 0x3180, 0x1, 0x36}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_CLOSE={0x13, 0xc, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, {0x0, r3}})
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x60a80, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0x3)
syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="040302"], 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d}, 0x94)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r5, 0x40047438, &(0x7f0000000180)=""/246)
writev(r5, &(0x7f0000000440)=[{&(0x7f0000000280)="c021", 0x1700}], 0x1)

30.954982151s ago: executing program 1 (id=485):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000a00)=@newtaction={0xf18, 0x30, 0xb, 0x0, 0x0, {}, [{0xf04, 0x1, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x0, 0x0, 0x0, 0x0, 0x80006}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}, @m_pedit={0xeb8, 0x2, 0x0, 0x0, {{0xa}, {0xe8c, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{0x5, 0xa, 0x4, 0x1, 0x2000000}, 0x5, 0x1}, [{0x9, 0x80000001, 0x1, 0xfffffffe, 0x8, 0x9}, {0xdf, 0x4, 0x5, 0x5, 0x10, 0xe}, {0x1, 0x85a, 0x5, 0xe6db, 0x3, 0xfffffffc}, {0x5, 0x400, 0x9323, 0x9, 0x6, 0x7}, {0x5, 0x5, 0x1, 0x0, 0x3}, {0xe, 0xf5, 0x3, 0x9, 0xffffbff8, 0x3}, {0x0, 0x7, 0xfff, 0x2, 0x9163ef6c, 0x40080003}, {0x3, 0x1, 0x80, 0x0, 0xacc8, 0x2}, {0x8001, 0xffb, 0x9, 0xffff, 0xfffffffe, 0x81}, {0x8, 0xfff, 0x6, 0xeb88, 0x8, 0x30c4}, {0x7, 0x9, 0xfffffffc, 0x100, 0x4, 0x1000000}, {0x8004, 0x80000001, 0xfffffeff, 0x20df, 0x4, 0x5}, {0x0, 0x80000001, 0x9, 0x7, 0x1000, 0x7}, {0x5, 0x2, 0xfffffffd, 0x9, 0x474, 0x594}, {0x7fffffff, 0x1, 0x8, 0xfffffff9, 0x6, 0xffffffff}, {0x24, 0x5, 0xf, 0x6, 0x6, 0x8000003}, {0xbb, 0x5, 0x2, 0x310, 0xf}, {0x9b7d, 0x52fc, 0x3, 0x3, 0x48, 0x9}, {0xbd, 0x8, 0x10, 0xe4d, 0x83, 0x3}, {0x8, 0x8, 0x9, 0x27, 0x2, 0x5}, {0x4, 0x1000, 0x5, 0x6, 0x93e, 0x6}, {0x1, 0x7, 0x0, 0x1, 0xff, 0x3}, {0xb, 0x7f, 0xfffff417, 0x1, 0x3ff, 0x9}, {0x4, 0x8, 0x7, 0xb, 0x8, 0x80004d}, {0x34db, 0xffff, 0x0, 0x3ff, 0x1, 0x400}, {0x1, 0xcb1d, 0x8, 0x1, 0x0, 0x4}, {0x5, 0x3, 0x7, 0x8, 0x3, 0x984}, {0x2, 0xffffffff, 0x3, 0x2, 0x9, 0x40}, {0x7, 0x281, 0x7fffffff, 0x37d, 0x3, 0x8}, {0x5, 0x4, 0x1, 0x8, 0x4, 0x2f}, {0x6, 0x3, 0x4, 0xd1a1, 0x9, 0x7}, {0x5, 0x3, 0x8, 0x4, 0x16, 0x2}, {0x8001, 0x87, 0x6, 0x1, 0x3, 0x4}, {0x6, 0x9e4, 0x8b7f, 0x11, 0x3, 0x7}, {0x7, 0x1, 0x800, 0x70f, 0x8001, 0x3}, {0x4, 0x10, 0x6, 0x1, 0x4, 0x22ff}, {0x5, 0x10001, 0x9, 0x0, 0x10001, 0x7}, {0xf85, 0x2e, 0x100, 0x3, 0x3, 0xe60c}, {0x2, 0x5, 0x1, 0xe000000}, {0x4e2, 0x6ae, 0x2, 0x100, 0x5, 0xd}, {0x1, 0xcad, 0xa5, 0x2, 0x4d800, 0x6}, {0x20, 0x7f, 0x33, 0x2, 0x400, 0x4}, {0x4, 0x62e, 0xb, 0x219c, 0x0, 0x5}, {0x0, 0x4, 0x0, 0x0, 0x1, 0x1}, {0x7f, 0x945a, 0x0, 0x0, 0x8, 0x3}, {0xda1, 0x893, 0x2, 0x9, 0xfffffa2e, 0x6}, {0x1, 0xfffffff3, 0x7fffffff, 0x8, 0x0, 0x1}, {0x2, 0x8, 0x2, 0xe, 0x2, 0x2}, {0x6, 0x100, 0xe, 0x10000, 0x4, 0x7}, {0x0, 0x6, 0x7, 0x4, 0xc, 0x800}, {0x8, 0x10000, 0x1, 0x0, 0x7}, {0x7d5, 0x2, 0x4, 0x800, 0xf}, {0x1, 0x5, 0x6, 0x2, 0x8, 0xc}, {0x2, 0x1, 0x3, 0xc, 0x1, 0x2c3}, {0x1000, 0x3, 0xbc, 0x8001, 0xfa, 0x8}, {0x2, 0x3, 0x9, 0x50e, 0x55ac, 0xa5e6}, {0x0, 0x196680, 0xffffff91, 0x100, 0x3, 0x7}, {0x4, 0x4, 0x2, 0x1, 0x4, 0xe}, {0xfffffff5, 0x8, 0x702b, 0x8, 0x4, 0x851}, {0x3, 0x78, 0x7, 0xa, 0x5dec4cac, 0x6}, {0x4, 0x9, 0x3a, 0x2, 0x8, 0x602}, {0x4, 0x7fffffff, 0x8, 0x8, 0x8, 0xff}, {0x7, 0xfffffff1, 0x2f2c, 0x400, 0x6, 0x6}, {0x10001, 0x81, 0x40, 0x2, 0x89, 0x2}, {0x2, 0x8550, 0x4c, 0x3, 0xfffffffa, 0x736d}, {0x7f, 0x199, 0x5, 0x9, 0x7, 0x2}, {0x7, 0x1, 0x8, 0x7, 0x2, 0x7}, {0x9, 0x3f1, 0x4, 0x5, 0x5, 0x8}, {0x100100, 0x3ff, 0x0, 0x7f53, 0x7, 0x1}, {0x3ff, 0xc, 0x4, 0x1, 0x4, 0x4}, {0x9, 0x381, 0xfff, 0x5d7c, 0x0, 0x8001}, {0x80000001, 0x0, 0x7, 0xfffffffb, 0x3ee, 0x4}, {0xbfffffe, 0x6, 0x101, 0x5, 0x400, 0x8000400}, {0x7fff, 0xb3, 0x2, 0x10000, 0x6, 0x14}, {0x0, 0x1, 0x4c90, 0x4, 0x2000007f, 0x8}, {0x5, 0x25b, 0x0, 0x3, 0xa, 0x2}, {0x29dbdf0, 0xd, 0xfffffffd, 0x7, 0x6, 0x3}, {0x7, 0x1, 0xa, 0x8, 0x5, 0x5}, {0x473, 0x8, 0x2, 0x400, 0x4000000, 0x69b3d6e6}, {0x1, 0xb7bb, 0x22800000, 0x3, 0x10, 0x5}, {0x7f, 0x7, 0x6, 0xffffffff, 0x3, 0x8}, {0xfffffff7, 0x5, 0xa, 0x40, 0x863, 0x2}, {0xb, 0x9, 0xc, 0x3c1, 0x6e, 0x40}, {0x6, 0xd, 0x6, 0xfb0000, 0x1, 0x7}, {0xe0, 0x100, 0x1, 0xb, 0x8, 0x7}, {0xfff, 0x1, 0x0, 0x38, 0x0, 0x9}, {0x82, 0x10, 0x401, 0x0, 0x4, 0xef}, {0x7, 0x2, 0x200, 0x8, 0x9, 0x2}, {0x54, 0x5, 0xa33f, 0x101, 0x2, 0x10001}, {0x1, 0x4, 0x800004, 0x10001, 0x2, 0xce}, {0x4, 0x8, 0x8, 0x3, 0xf, 0x9}, {0x11, 0x5, 0x8, 0xffffffff, 0x405b9, 0x6}, {0x9, 0x1, 0x9, 0x2, 0x9}, {0x0, 0x2, 0xb, 0x7fffffff, 0xfc0, 0x7f1b4893}, {0x4, 0xd, 0x3, 0x4, 0x7, 0x7}, {0x4, 0x5, 0xe, 0x3, 0x3dcb, 0x9}, {0x200, 0x0, 0xe8, 0x1, 0x800000d4, 0x1}, {0xc651, 0x5f83, 0x2, 0x1, 0xd, 0x8}, {0xfff, 0x5, 0x1, 0x0, 0x49, 0x5}, {0x5, 0x3, 0x7, 0x97fd, 0xef, 0x202}, {0x2, 0xa, 0x1, 0xfffffffe, 0x6, 0xe0}, {0x800, 0x4c, 0xf20, 0x0, 0xfffffff7, 0x9}, {0x6, 0xffff, 0xffff8001, 0xa, 0xae36, 0x36b6800}, {0xcfb7, 0x0, 0x2, 0x2, 0x1, 0xaa82}, {0x6, 0x800, 0xec3d, 0xffffffff, 0xea5, 0x3}, {0x9, 0x5, 0x2, 0x0, 0x0, 0xdd}, {0x6, 0x6, 0x0, 0x1e9, 0x6, 0x1}, {0x3, 0x7, 0x7, 0x3, 0x400, 0x81}, {0x970, 0x100, 0xb2eb, 0x2, 0x3, 0x9}, {0x3, 0x6, 0x8, 0x7, 0xd, 0x474c}, {0xf, 0x101, 0x9a, 0x1000, 0x2, 0xfffffffc}, {0x3, 0x98e, 0x1a5e666b, 0x10, 0x7, 0x9}, {0xfffffffb, 0x3, 0x3, 0x2ee8000, 0x8}, {0x3, 0x2, 0x2, 0x3, 0x3, 0x2}, {0x7, 0x4, 0x1, 0x7, 0x101, 0xef}, {0x70a0, 0x9, 0xffff, 0x1, 0x2, 0x7}, {0x6, 0xc000000, 0x402, 0x4, 0x8, 0x5}, {0x3, 0x6, 0x7, 0xfffffff9, 0x0, 0xffffffff}, {0x7, 0x9, 0x8, 0x0, 0x9, 0xd6}, {0x24, 0x10001, 0x6, 0x1, 0x39d6}, {0x401, 0x7d8, 0x9, 0x8000, 0xffff, 0x7}, {0x6, 0x92e4, 0x130, 0x0, 0x4, 0x9}, {0x0, 0x7fff, 0x7, 0x8001, 0x8, 0x5}, {0x7e, 0x800, 0xfffffff9, 0xa, 0x4b64, 0x80000001}, {0x2ad78a25, 0x202, 0x6, 0x6, 0x4, 0x8}, {0x2, 0x9, 0x0, 0x8a7, 0x129, 0xc}, {0x7, 0x2, 0x8, 0x3, 0xe01, 0xfffffff9}, {0x4a3, 0x0, 0x3, 0x514c, 0xf8a, 0x19}], [{0x1}, {0x4, 0x1}, {}, {0x1}, {0x3}, {0x0, 0x1}, {0x3, 0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x5, 0x1}, {0x3, 0x1}, {}, {}, {0x5}, {0x1}, {0x2}, {0x0, 0x1}, {0x1, 0x1}, {0x3, 0x1}, {0x4}, {}, {0x1, 0x1}, {0x5, 0x1}, {0x5}, {0x3}, {0x5, 0x1}, {}, {0x0, 0x1}, {0x3}, {0x2, 0x1}, {0x4}, {0x5}, {0x5, 0x1}, {0x3, 0x1}, {}, {0x1}, {0x0, 0x1}, {0x3, 0x1}, {0x4}, {0x1}, {0x1, 0x1}, {0x4}, {0x1}, {0x3, 0x1}, {0x1}, {0x3}, {0x2, 0x1}, {0x5, 0x1}, {0x3}, {0x3}, {0x0, 0x1}, {0x3, 0x1}, {0x4}, {0x5, 0x1}, {0x2}, {0x3, 0x1}, {0x5, 0x1}, {0x1}, {0x1}, {0x3}, {0x5, 0x1}, {0x2, 0x1}, {0x0, 0x1}, {0x2, 0x1}, {0x4}, {0x5}, {0x1, 0x1}, {}, {0x3}, {0x2, 0x1}, {0x5, 0x1}, {0x4, 0x1}, {0x4}, {0x0, 0x1}, {0x2}, {0x5}, {0x9, 0x1}, {0x2, 0x1}, {0x3, 0x1}, {}, {0x3, 0x1}, {}, {0x1, 0x1}, {0x2}, {0x1}, {0x2, 0x1}, {0x6, 0x1}, {0x2, 0x1}, {0x5, 0x1}, {0x3}, {0x3, 0x1}, {0x1}, {0x2}, {0x2}, {0x5}, {0x3, 0x1}, {0x2, 0x1}, {0x0, 0x1}, {0x2}, {0x1}, {0x1, 0x1}, {0x4, 0x1}, {0x5}, {0x4}, {0x2, 0x1}, {0x3, 0x1}, {0x4}, {0x2}, {0x5, 0x1}, {0x4, 0x1}, {0x3}, {0x3, 0x1}, {0x0, 0x1}, {0x5}, {0x2, 0x1}, {0x4}, {0x5, 0x1}, {0x3}, {0x5, 0x1}, {0x3}, {0x4}, {0x5}, {0x3, 0x1}, {0x4}, {0x1, 0x1}, {0x4}, {0x6, 0x1}, {0x5, 0x1}]}}, @TCA_PEDIT_KEYS_EX={0x68, 0x5, 0x0, 0x1, [{0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x2}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}]}, {0x1c, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x4}]}, {0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x1}, @TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x1}]}, {0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x4}, @TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x3}]}, {0x14, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_HTYPE={0x6, 0x1, 0x3}, @TCA_PEDIT_KEY_EX_CMD={0x6}]}]}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xf18}}, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='dctcp', 0x5)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x23)
r2 = syz_open_procfs$pagemap(0x0, &(0x7f0000000000))
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d032, 0xffffffffffffffff, 0x0)
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
ioctl$PAGEMAP_SCAN(r2, 0xc0606610, &(0x7f0000000400)={0x60, 0x0, &(0x7f0000180000/0x4000)=nil, &(0x7f0000977000/0x3000)=nil, 0x9, 0x0, 0x0, 0x1c, 0x46, 0x4, 0x0, 0x67})
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe3}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f00000014c0)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000180)="f0", 0x1}], 0x1}}], 0x1, 0x40)
sendmmsg$inet(r0, &(0x7f0000001340)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000001580)="e7fd379780c24b198c9ebd2cbb2b697c63dcb2ad9924f068956ae9bff5b6d902955f083d7b63744819e97a58eda43c74e9d230bc284b81001b09ce5be3d9c808be0e4a06f04cd3b92717af30809bcb8660e838655d1f593b3d2d6ce2116da270d9f579336fae578558549f2b72b6eee49171b323c4b04f482877197be535fddd8c7710c5df4ff18be68856f2cdc2c9150a734c9e873ddb095f7c8d8520dab8b358b59a2c2dc5baf56eb7b8892847da1da3352bd078a54b58c147e25793a3318dd3b60e0b1f4de4bf6cf33d916ca1fdd2091c257cdac954320967fa95515b89ba1dcf4bdbcdce9129390d4f5484c1d29932547c71fd647e4439968c50f5fd216670412ede7666a114329f8dfb39309bc0931964ec5a28ac77925a80758f69989180241615e3ac5a02e46128e507691fcaadeeb5d2e277417e2a326acfea772bcbde319b563731a69e0db4e17c3ce7dbcf33ad70290f33c2f99842fc45988102c53e7442a82c91c73de101a328c6f1c20b849fe4b1cf8a8dc36f703bf1774d3bbea1c99f0963d6811649a60b8eff49ea31e23b1b91016d027a10a7304658291a3bc17bc4b56626852331d4077ac11b9ef7edcd4cbfb77d8fb9665ba44be5aa24f706e7cbc7fcaa3b8a234f4361ba9789fb71f69d0a3eda497d7573e8404d5272cd822a2529c62c64eebad406d2ecbac4d0a1ad1c27e42d0c5737066654ea18a2a7ca66eb3b96732db01d1c569549f75804eb8776218ed282f884924a21cbc565687b33bf6d4f243fcbe500c910cf9e75183584c336b23c3c7bbacf7cda462eed4e1d9c75d39f3814369537d5f1a2804058f9afb402f7b2e57b48437b558be97dc3cd6a45f1ec5b4c4f97566fb77101fe66a1f122dccc1cf95ca7cac098dea0f4576b8ddd601443d3a7adeac82995b3c12490d285c854e4d79d201702ee68c852a8402d420bded5262a91bfd8b0e123b07a24fae022d5c061c3519db619e8648c77ed6600bb6d0f03e70e05861602d48fb668ba0a90774cf364013dcb2997b875157281bc7c592f652f06cc66b60317687c41cec9ad66a136c46b485a26ada56e1c863cda4aec9f227a0eef8f8e9cc43546ddf53663e1e1cceef8ff73ea387a842bbbf992956e7391eeecc124b7c2c8986e84a0b09936a4574832df951a6c595892e7815f9005446675880a24019b18c820a29a0e72371e7d4dcd2188cbeec3e7b099288d2a6899c6171ad53fb58526a911dc31579f1a98d2dfaa18ccfe210a927e8ab8060588271fddbdcfafc801fe6ba1462060c0d856c2fdd917bab2a1c07f9f562c29bcf9fa83e45201933fd643988555b056513ea0cebf6d8e057032e3e8eeef67a20db39cfd42c4f4c57d0aab701117d218d046fbd372584af6fd633e92317f08c36e66f8623c0a0dcbcb7382e958518e12beea5caa75d73612bee01e5229f706842fd3ecc5679973c31b424c9d5bead2fb92c77c5988d6b33b7439c1bc3c2da8bc330e1c6cf03d3b612e82c275f5225803d16fb7f10661d502720a35961a99aac976c59b93121d38b282d5302afa4004a843bd119c9d7bef5f0e193ec093868ed6a5e665ce9b6a23b7d1c247c8d2380f491cfceb914baa65f60a7bea8f25449c9ea7c45963b7e073289c9c9722c8024defb942c4a2daad3aaaf6f7ef4c893ebcf4fff9ec8d5735af085c32e118794f0a2f206fde76cb28cd571f28540765f09aa243ad8bef6516dc46767230498ae011436f29adf8a40d858ca41efe03db9ef4332d1419a2805d20738cb12562230305d118523d9682540cfc3393c52b29859399f19311863c35b0e7f3e190997723d82859ef35af16044f8cab80cfc48bc2ea8e69a1cb64678e5cc93d49c87824f63838337f02806e2d0964f9e7f8d7e876dfd55d00d5e7f7d3c78b068972b1d8e962573018fb5ffe5b775f6028434db0361b4f94e3df8caa8d0a7dfbd34e859e88bcf2b787b353c69add0df04b477383cccaa4b78f8dd97d0cce1cb9d2135913c5f436d54b1ca29697768e94f5f52a0a4962def4fda83a2be4d23b450fbf0fef234d2f2c1e773a5a78bd7af6201a92b1a1dc3498b936f6", 0x5c7}], 0x1}}], 0x1, 0xc4)

30.798139851s ago: executing program 4 (id=486):
socket$can_raw(0x1d, 0x3, 0x1)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
mq_open(0x0, 0x80, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000003c0)='i2c_result\x00', r1}, 0x10)
r2 = syz_open_dev$I2C(&(0x7f0000000d80), 0x0, 0x80001)
ioctl$I2C_SMBUS(r2, 0x720, &(0x7f0000000380)={0x0, 0xa, 0x2, &(0x7f0000000280)={0x1d, "adab9c9a9e4547d89bef0e7390cb22260923413d6fc20230db6c829745e60b6c5c"}})

30.726096598s ago: executing program 1 (id=487):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x20, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0xfffffffd}, 0x10}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{0x1}, &(0x7f00000000c0), &(0x7f0000000100)=r0}, 0x1c)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = syz_io_uring_setup(0x71fd, &(0x7f0000000300)={0x0, 0x3680, 0x20, 0x2, 0x93}, &(0x7f0000000380), &(0x7f00000003c0))
io_uring_setup(0x51d0, &(0x7f00000004c0)={0x0, 0x8dce, 0x10, 0xfffffffd, 0xf2, 0x0, r1})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
openat(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x414902, 0x80)
mount(&(0x7f0000000240), &(0x7f0000000200)='./file0\x00', &(0x7f0000000140)='ufs\x00', 0x0, 0x0)
listen(0xffffffffffffffff, 0x80000001)
r5 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, &(0x7f00000000c0), 0x0, 0xffffffffffffffff)
r6 = add_key$keyring(0x0, &(0x7f0000000180)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_MOVE(0x1e, r5, 0xffffffffffffffff, r6, 0x0)
mount(&(0x7f0000000040)=@nullb, 0x0, &(0x7f0000002280)='vxfs\x00', 0x8000, 0x0)

30.651216926s ago: executing program 3 (id=488):
openat(0xffffffffffffff9c, 0x0, 0x60042, 0x0)
socket$inet6(0xa, 0x2, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0)
semtimedop(0x0, &(0x7f0000000140), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000140))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1, 0x8, &(0x7f0000000a80)=ANY=[@ANYRESDEC=r0], &(0x7f0000000100)='GPL\x00', 0x401, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x86ae787c541fa937, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffe2b}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$sndpcmp(0x0, 0x0, 0xa2c65)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000340)='/proc/asound/timers\x00', 0x0, 0x0)
preadv(r4, &(0x7f0000000240)=[{&(0x7f0000000100)=""/111, 0x66}], 0x1, 0xfffffffc, 0x0)

30.429603335s ago: executing program 0 (id=489):
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800"/14], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @pix={0x434c, 0x8, 0x584e4f53, 0x4, 0x6ea, 0x7, 0x0, 0x5, 0x1, 0x4, 0x2, 0x7}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socket$kcm(0x10, 0x2, 0x4)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @rand_addr=0x64010101}, 0x10)
bind$inet(r1, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8004}, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x1b, 0x0, &(0x7f0000000240))
sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x40)
set_mempolicy(0x2, &(0x7f0000000080)=0x51e1, 0x3ff)
write$FUSE_NOTIFY_INVAL_INODE(0xffffffffffffffff, &(0x7f00000000c0)={0x28, 0x2, 0x0, {0x1, 0x5, 0x9}}, 0x28)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100))
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r2, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
socket$inet6(0xa, 0x3, 0x7)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="340000001000010800"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x34}, 0x1, 0x0, 0x0, 0x20000040}, 0x0)

29.449932592s ago: executing program 1 (id=490):
shmctl$IPC_RMID(0x0, 0xffffffffffffff7f)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0xfffffffe}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
read$msr(0xffffffffffffffff, &(0x7f0000032680)=""/102392, 0x18ff8)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x23}, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x75, 0x0, @wg=@initiation={0x1, 0x0, "7b4b143b7461fd777b1c012bd14efb9f49fcdb8f080c26a04883ad5c8c82b8af", "584cbf2649a50f2dbc43efa8698d0a881c51852e4451b57d037ad3c04594282423424d00", "bcfd56f1375461caaa2f19935e6996c7096ffeeb0300000000000064", {"9a3bfbc1f39cb307b3472eb9cdb042d2", "643fcbb2c5a57df67d544af6e8dafe09"}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x2003, 0x0, 0x0, 0x0, 0xe}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
recvmmsg(r3, &(0x7f0000000a40)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f00000006c0)=""/254, 0xfe}], 0x1}, 0xffffffff}], 0x1, 0x10000, 0x0)

29.388871649s ago: executing program 0 (id=491):
socket$can_raw(0x1d, 0x3, 0x1)
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140))
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r2, r1, 0x26}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r3}, &(0x7f00000002c0), &(0x7f0000000300)=r0}, 0x20)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
mq_open(0x0, 0x80, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, 0x0)
r4 = syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000003c0)='i2c_result\x00', r5}, 0x10)
r6 = syz_open_dev$I2C(&(0x7f0000000d80), 0x0, 0x80001)
ioctl$I2C_SMBUS(r6, 0x720, &(0x7f0000000380)={0x0, 0xa, 0x2, &(0x7f0000000280)={0x1d, "adab9c9a9e4547d89bef0e7390cb22260923413d6fc20230db6c829745e60b6c5c"}})

29.232309113s ago: executing program 4 (id=492):
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000062d14406d0470084761000000010902"], 0x0)
syz_open_dev$usbfs(&(0x7f0000000040), 0x200, 0x802)
r0 = syz_io_uring_setup(0xbdc, &(0x7f0000001400)={0x0, 0xec25, 0x400, 0x1, 0x35c}, &(0x7f00000006c0)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000380)=[{0x0}], 0x1})
io_uring_enter(r0, 0x847ba, 0x0, 0xe, 0x0, 0x0) (fail_nth: 3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xabc5, 0x0, 0x0, 0x0, 0xb}, {{}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x700}, {0x85, 0x0, 0x0, 0x86}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x2a}}}, 0x0, 0x1, 0x0, 0x0, 0x41100, 0x2}, 0x94)

28.558371869s ago: executing program 1 (id=493):
r0 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x1)
r1 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0)
ioctl$TCSETS(r1, 0x5402, &(0x7f0000000180)={0x1, 0x2, 0x4, 0x10001, 0x8, "008ef14ba278887cb0baba08431799317e6324"})
r2 = dup(r1)
write$UHID_INPUT(r2, &(0x7f0000001040)={0x18, {"a2e3ad21ed6b52f99cfbf4c087f70c9b3e6ee7ff7fc6e5539b9b3b0e8b9b411b5d30091b080d29428f0e1ac6e7049b3468959b4c9a242a9b67f3988f7ef319520100ffe8d178708c523c921b1b25380a169b63d336cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca5b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b4124351601611c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ed06e2895810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb77ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b405177548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177070373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e05130935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b3110b932a4d02da711b757fe43c06d21e35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc238a081ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed714887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee658e4cb5e930ed624806c43a006dc9336d07c2b8081c128ad2706f48261f7897084c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264d2700c838fa2c7b34252600c9654e502dcea39cb6bc3eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c6000064b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa70826ad01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0xfffffffffffffe03}}, 0xfffffdef)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, <r4=>0x0}, 0x204d)
write$FUSE_INIT(r3, &(0x7f0000000040)={0x50, 0x0, r4, {0x7, 0x1f, 0x0, 0x10400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff}}, 0x50)
syz_fuse_handle_req(r3, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x20, 0x0, 0x88}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
sendmmsg$alg(r2, &(0x7f0000000b80)=[{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000240)="46959497c26cd04d09c883c0fb54509df2805be9b7ec0f7ef2eba33db6a62a0daf3d27c5a80f05137344ae974d47e81f86ae28fb388c512dd8537eef180f5d019adb7d41019e5cc2f509fff4f7076743d6cc5c34799e27e9555e95c4999719c2688b4a55bc4166f3", 0x68}, {&(0x7f00000002c0)="da881ffee4a54afcd5d38884a28660056e6e1a07ae37e96ffae6e71778ad2b30130fc4d290636a3d17247f523c61e66115", 0x31}, {&(0x7f0000000300)="cbcfc73dc1801f37717296ba0fd0e8a82abace55d49eb75567320f3094f6521aec1e4b4655fbd848b453d5e34a7bbea256b8ceea4a0939f54fced12ecd350a2e3c239db426dd1b8853617bc127b709bb46d5acd889c6b6656b22a557812fd710a3f0811b17c619e71197301149989c5f019627a755b0bd455586379497ce2689dd1fe378ec5fd658a4475e5bb840fe938d5b8de8a01208bce30b6b14534ca80a070002ee", 0xa4}], 0x3, &(0x7f0000000400), 0x0, 0x4008840}, {0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000440)="81d358799267d84f35f8747b0bcd29d8da3f9d137e9bf1e36c3ecfb2c7456e34866c1478ab3aa8b0c5486d338bf707fef339e7b3494e893b634f10a4", 0x3c}, {&(0x7f00000004c0)="008144b52ea212151fd83385526b67d5d4de1cf92a98385a6cf369d696948b6fddf26e7f3370e3cf1a06", 0x2a}], 0x2, &(0x7f0000000580)=[@assoc={0x18, 0x117, 0x4, 0x3}, @iv={0x90, 0x117, 0x2, 0x79, "9556626fd383d43a147afe59409ae23cf7e8df2603ce3fbe911e098f587bbbde248e041c6b19f6b0f43344a4c527de44384675a5be014ba831a6dcdeeeecd4aa0c490fbce380bd6e5ca6557d5908795c9f77ebd272b38ec9b8b2b2a879f21fc96c7b13e973e551598d6687f69778a5a85f4d88eca181275478"}, @op={0x18}, @op={0x18}, @iv={0x118, 0x117, 0x2, 0xff, "fa9e50ad24ab6794dd208d64e9a54e0bef0b5e49499851bafd7c28a81685e73339ece584fafeb8cd1690e5c8202ed818a9144dd4c63b891ccbd3b3fc9832e9d0acfdd5be60634a86ee0c4944b5e329067d65ed6d67345629f4794b1c7178df725452d2ac3cc1c66b9977b413ed00c4a5c2afaa3c894b1da0b87b8d7d18152dcbefda5802b3a20c33212b2c0b27cd40d16ab96aebb2c2a52f6d4f5eb4cd5a521c3e284d92faf2056aa4f8835fa9f35541deeb382e2267c9feb4960f866ef215ca7a5cb9a11063b50d72e53eee962a955611de580623af7b39c8d4c71bb25845d61d7bed84188683e075affd4d058f19c70f5000d9acefe2481d4e8261ef34fa"}], 0x1f0, 0x40}, {0x0, 0x0, &(0x7f0000000800)=[{&(0x7f0000000780)="84926eb64e3417c1b738bfbcdb79de76bdec6580cdf561a0c8a49fcfd0e551cba3b2853668601f99c33d28425c1485578f79557cbbc1b8bb1c09b7d2a69d6f177cbe039835d74ef7b604f948806c3d918da8fd2d3b72f8f6617d", 0x5a}], 0x1, &(0x7f0000000840)=[@assoc={0x18, 0x117, 0x4, 0xe8}, @assoc={0x18, 0x117, 0x4, 0x4}], 0x30, 0x4000001}, {0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f0000000880)="a30ccdf339b8c0c6f2145d0de3f9bba0006d08df755ab109a3207b5ea938ddc32673227d01c7e27a2b50c37ab9f9d0c7e3879e221c98036049abb481cdba9145bb6c33ca80693d0c1c9af86ed54e3e16731e775fd445f89a68d9e6196d802208bcd3ab11be03927e49a45c397ea32216dc5c318d21dc0aab84e00501f50cf094", 0x80}, {&(0x7f0000000900)="93baa864dab862c10f69339b789542890590dc7e7332b4d43013de143a358258d25c6451523fa9f069805651774ad871950f2e991fdc4670f250a4af38f38c2bffeec7de685d42e00f940ab606d14bf1e3428a1c9730769fa5daaf60dc5e8dcaf6774e4c382b7e5740aa1647586e5326f609646c7d01014f4dc8dc3333b0318ffeab6187f68d44306629ae0b144b77c0ca8b6ca19172efe91c6d4743418f0cb64d955984b886080ee8c6de8e06b7a0bf3fef79a654cf7d2370b67abf3b605b3bb1101d5ca922f955f00b19d732fe37fab1e2959708fcf6f2fa21775a72389e4b8287a185ca042244d1cb302651760b315fde1956afbd71f1ef3470a8", 0xfc}, {&(0x7f0000000a00)="e0903614314c896f1934245cd5ef483d808201adbd2f54151c631fcce9a8eb7a80789bbb72d585110ddb54c35a4d0209497485b5a92770ba97748206d932edf9d5bf9b9f47602e2d47499f3f86f856420e8cef22c13fdfc47a6dcf2fb00bbc2cd08452f9d951aef12dd764978adabbd44ab75bf71b429acb46fbdf7ae72daa3af7d87c40cccc9c9ac48d750a3847b807c00954271d48ae48613a1efb54a98363f37ece24a179e06aa5ed15b6c7b07f209a5f4bc295f7b17c6a8cdf644f650405929ec33941bbbf974b01ea1c145fe597e66e60ee", 0xd4}], 0x3, &(0x7f0000000b40)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x40041}], 0x4, 0x8000)
ioctl$FUSE_DEV_IOC_CLONE(r5, 0x8004e500, 0x0)
openat$autofs(0xffffffffffffff9c, &(0x7f0000001100), 0x2, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000500)='fd/3\x00')
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r6, 0x541b, 0x0)
r7 = socket$inet6(0xa, 0x1, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000140)={'syztnl0\x00', &(0x7f00000001c0)={'ip6tnl0\x00', <r8=>0x0, 0x2f, 0xcf, 0xd, 0xf10, 0x4, @mcast2, @mcast1, 0x20, 0x20, 0x403, 0x3}})
setsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f0000000040)={{{@in6=@mcast2, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x4e23, 0xfffc, 0x0, 0x0, 0x2, 0x80, 0x0, 0x0, r8}, {0x0, 0x1, 0x0, 0x0, 0x5, 0xfffffffffffffffa}, {0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xfffffffe, 0x1, 0x0, 0x3}, {{@in=@empty, 0x0, 0x33}, 0x0, @in6=@remote, 0x3507, 0x4, 0x1, 0xfd, 0x0, 0x7c, 0xfffffffe}}, 0xe8)
r9 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, 0x0, 0x0, 0x4, 0x0)
r10 = syz_pidfd_open(r9, 0x0)
pidfd_send_signal(r10, 0x2, 0x0, 0x0)
connect$inet6(r7, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)

28.513879327s ago: executing program 0 (id=494):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB=',\x00\x00', @ANYRES16=r0, @ANYBLOB="010008020000001800006600000008000300", @ANYRES32=r2, @ANYBLOB="08002600940900000800b70099"], 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)={0x294, r3, 0x1, 0x70bd26, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_CSA_C_OFFSETS_TX={0x6, 0xcd, [0x0]}, @NL80211_ATTR_FRAME={0x26d, 0x33, @beacon={{{0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x9}, @device_b, @device_a, @initial, {0xf, 0x5}}, 0xffffffffffffffff, @default, 0x1000, @val={0x0, 0x6, @default_ibss_ssid}, @void, @val={0x3, 0x1, 0x2c}, @void, @val={0x6, 0x2, 0x1fc}, @val={0x5, 0x3, {0x5, 0x97, 0x5}}, @void, @val={0x2a, 0x1, {0x0, 0x0, 0x1}}, @void, @val={0x2d, 0x1a, {0x400, 0x2, 0x5, 0x0, {0x2, 0xb7b, 0x0, 0x347, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0, 0x100, 0x1}}, @void, @val={0x71, 0x7, {0x69, 0x0, 0x1, 0xffffffffffffffff, 0x1, 0x7, 0x20}}, @val={0x76, 0x6, {0x3, 0x0, 0x2f, 0x6}}, [{0xdd, 0x25, "8a70254dad90829ddb18be62e84e877606f1bb15aaeda7b68c72bb816a45e603389a3d1c4f"}, {0xdd, 0xe3, "a9b8e8b2e8815dfdd27ddf0d9e1cb4fa1bbb67c1e564d75e01a3568e885b2ad15a99d00b7ffdeb02eebcc7545ca67fcad48c79ee89e03a97f892233201e08cb02c084d6cc9e65633c4f51e62e7d245088db7b2a0857ec4e5f911cb353d191498218794a9bd9095865f05de5722159704b56e4dd354369f3480578abd5a8f408dc04f90e5953feace89747961bbd24dac7393ae66ff9e5c5dd5e0b7cf50058a5b5f27dea29e01315b0b6d58d4a2f6b6f06eb7d71f09f0aae4848147d50a60273e11cfa79f5c1cdea51bfd799af914fcb2b635cabc24982a2645999206bdd136f149b323"}, {0xdd, 0x72, "d603975e745cf0818ddf6d630340422b5efe14e9cb1adb7c07146829be39ac24aa70b63265f5d01e584ea220662ae06b9f29b8c0db55b8973efcc8e2131746af14a7d9eec224a2ecee11fec779abcc890cc3efddbb5192105d5f3e94261bec464121a596e5a12dab164fdd7f9d86075b048c"}, {0xdd, 0x7f, "844485144ae31589b65f2b2495e4a044244c614b4546e50d85069c3aaede2f341775ec7e4c686a3910b4c4de14babb923cc2c888ce1c1bf2c37c73917ee9b073d0966153f3f38618f91c68279e45ea37ea7da95c8d10bfb68cbe7dbeaea77e1155e7ba64a002b943b33c2f80bcbb7bacac5c6b44c78c1a8c8b8edaba807abc"}]}}]}, 0x294}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

28.466671585s ago: executing program 3 (id=495):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000fe07124081173809499b0102030109022400010000000009040000028b8647000905e8ff000900000009050a"], 0x0)
syz_usb_ep_read(r0, 0xa, 0x0, 0x0)

28.388300864s ago: executing program 0 (id=496):
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000009b40)=[{{&(0x7f0000000080), 0x6e, &(0x7f0000000500)=[{0x0}, {0x0}, {0x0}, {0x0}, {&(0x7f0000000200)=""/174, 0xae}, {0x0}, {0x0}, {0x0}], 0x8, &(0x7f0000000580)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x80}}, {{&(0x7f0000000600)=@abs, 0x6e, &(0x7f0000000800)=[{0x0}, {0x0}, {0x0}], 0x3, &(0x7f0000000840)=[@rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xa0}}, {{&(0x7f0000000900)=@abs, 0x6e, &(0x7f0000000d80)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x7, &(0x7f0000000e00)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}}, {{0x0, 0x0, &(0x7f0000004380)=[{&(0x7f0000009480)=""/236, 0xec}], 0x1}}], 0x4, 0x142, &(0x7f0000009d80)={0x0, 0x989680})
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0xb}, 0xe)
sendmmsg$sock(r0, &(0x7f0000004100)=[{{0x0, 0x0, 0x0}}], 0xffffff80, 0x0)

27.864964731s ago: executing program 2 (id=497):
r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1e7d, 0x319c, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000080), 0xf, 0x8041)
fanotify_init(0x79, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb709}, 0x94)
r2 = socket$packet(0x11, 0x2, 0x300)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000180)=r3, 0x4)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b00)={0x6, 0x3, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2673004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
ioctl$USBDEVFS_ALLOC_STREAMS(r1, 0x8008551c, &(0x7f0000000400)=ANY=[@ANYBLOB="4a18010009"])
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000400)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB='\x00\x00\a\x00\x00'], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f00000008c0)={0x84, &(0x7f0000000480)=ANY=[@ANYBLOB="0000ab"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

27.637803716s ago: executing program 4 (id=498):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000105509147200ed0000000109022400010000"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
r1 = socket$kcm(0xa, 0x2, 0x73)
sendmsg$inet(r1, &(0x7f0000001180)={&(0x7f0000000000)={0xa, 0x0, @empty}, 0x10, &(0x7f0000001080)=[{&(0x7f0000000040)}, {&(0x7f00000011c0)="9d7fcf3efc6316a6a555ba8b4726d7ccaf8a060000009cfac4377876021d7131b838059f96bd206d4776368ed2a92432e5af71ad21b965f615b31105d60a4b16fa2fa1371850a1be85ffcad45b49422b2121d709014f49cf6bd1d18acc4c19e4356669a2ac3e05d5cdc6f0f485c1eb52ea8faf7e83a1468b6a491e71ae3d03cd9677e72413954feae71b5775a6e3e9fa9db9e1ed56e56bff66a7a86214d8145d878e26fa35bd55db98ecdef374d26a5d9cd0e89f3ae45be2d8e1d98ee0865fb64d6dd1e8c89608733370f12be1495d81b36dd72cc28e9c9b2c45f925b38b21", 0xdf}], 0x2, &(0x7f00000010c0)=[@ip_tos_int={{0x14, 0x29, 0x34}}, @ip_tos_u8={{0x11, 0x29, 0x2}}, @ip_tos_u8={{0x11}}], 0x48}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xe3}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
connect$unix(0xffffffffffffffff, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
openat$6lowpan_control(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xb, 0x1c, &(0x7f0000000d80)=ANY=[@ANYBLOB="180800003470ffff000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bf0900000000000035090100000000009500000000000000b70200001fffffff7b9af8ff00000000d60900001fffffff7baaf0ff00000000bf2700000000000007080000fffdffffbf9400000000000007040000f0ffffff640200000800000018220000", @ANYRES32=r5], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x94)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x3f, 0x0)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r6, 0xffffffffffffffff, 0x0)

27.478473491s ago: executing program 0 (id=499):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x28, r1, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}]}]}, 0x28}}, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r2)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r2, 0x9)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
bpf$OBJ_GET_PROG(0x7, 0x0, 0x0)
syz_open_dev$sndmidi(0x0, 0x2, 0x141102)
syz_emit_ethernet(0x1e, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000004c00)=""/102392, 0x18ff8)
syz_io_uring_setup(0x10d, 0x0, &(0x7f0000000340), &(0x7f0000000280))
lseek(0xffffffffffffffff, 0x3fb, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000880)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a88000000060a0b040000000000000000020000055c000480580001800a000100696e6e657200000048000280fdff02400000008408000340000000070800044000000036080001400000000024000580090001006d6574610000000014000280080002400000002308000140000000160900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000a"], 0xb0}}, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x4e21, 0x0, @loopback}, {0xa, 0x4e22, 0xfffffffe, @empty}}}, 0x48)
semget$private(0x0, 0x1, 0x8)
syz_extract_tcp_res$synack(&(0x7f0000000000), 0x1, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="0100000000000000000001000000280001801400040000000000000002000000ffffac1414aa060001000a0080000800060003"], 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000000)

26.949998317s ago: executing program 3 (id=500):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$xdp(0x2c, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf0667000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0xc)
setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f0000000180)=0x8, 0x4)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x3, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x3f1f}, {{0x18, 0x1, 0x1, 0x0, r6}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0x7, 0x9, 0x0, 0x0, 0x5c}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x7, 0x2}, {0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffdff}, {}, {}, {0x4, 0x0, 0x7}, {0x18, 0x2, 0x2, 0x0, r6}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x6, 0x1, 0x6, 0x8}, {0x6, 0x0, 0x5, 0x8, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = mq_open(&(0x7f0000000080)='\'-\x00', 0x42, 0x0, 0x0)
r8 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f00000000c0)={<r9=>0x0, @in={{0x2, 0x4e23, @multicast2}}, [0x5, 0x1, 0x6, 0x9, 0xf26, 0xfff, 0xc5, 0x9, 0x101, 0x7, 0x8000000000000001, 0x100, 0x2, 0x5, 0xfffffffffffffffe]}, 0x0)
getsockopt$inet_sctp_SCTP_RTOINFO(r8, 0x84, 0x0, &(0x7f0000000200)={r9, 0xde, 0xca, 0x5}, &(0x7f0000000400)=0xfffffffffffffd0c)
mq_notify(r7, &(0x7f0000000040)={0x0, 0xfffffffa, 0x1})
read(r7, 0x0, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x21, &(0x7f0000000000)=0xffffffff, 0x4)

0s ago: executing program 32 (id=499):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x28, r1, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}]}]}, 0x28}}, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r2)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r2, 0x9)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
bpf$OBJ_GET_PROG(0x7, 0x0, 0x0)
syz_open_dev$sndmidi(0x0, 0x2, 0x141102)
syz_emit_ethernet(0x1e, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000004c00)=""/102392, 0x18ff8)
syz_io_uring_setup(0x10d, 0x0, &(0x7f0000000340), &(0x7f0000000280))
lseek(0xffffffffffffffff, 0x3fb, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000880)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a88000000060a0b040000000000000000020000055c000480580001800a000100696e6e657200000048000280fdff02400000008408000340000000070800044000000036080001400000000024000580090001006d6574610000000014000280080002400000002308000140000000160900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000a"], 0xb0}}, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x4e21, 0x0, @loopback}, {0xa, 0x4e22, 0xfffffffe, @empty}}}, 0x48)
semget$private(0x0, 0x1, 0x8)
syz_extract_tcp_res$synack(&(0x7f0000000000), 0x1, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="0100000000000000000001000000280001801400040000000000000002000000ffffac1414aa060001000a0080000800060003"], 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000000)

kernel console output (not intermixed with test programs):

="syz.3.158" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  130.513520][ T6537] netlink: 8 bytes leftover after parsing attributes in process `syz.3.158'.
[  130.558809][   T30] audit: type=1400 audit(1759510790.488:492): avc:  denied  { bind } for  pid=6531 comm="syz.3.158" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  130.672063][   T30] audit: type=1400 audit(1759510790.878:493): avc:  denied  { create } for  pid=6543 comm="syz.1.162" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  131.126625][   T30] audit: type=1400 audit(1759510790.878:494): avc:  denied  { write } for  pid=6532 comm="syz.4.160" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  131.146025][    C0] vkms_vblank_simulate: vblank timer overrun
[  132.272212][ T6566] comedi comedi0: Minor 3 could not be opened
[  132.602130][   T30] audit: type=1400 audit(1759510792.658:495): avc:  denied  { read } for  pid=6572 comm="syz.0.171" name="vhost-vsock" dev="devtmpfs" ino=1274 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  132.753359][   T30] audit: type=1400 audit(1759510792.658:496): avc:  denied  { open } for  pid=6572 comm="syz.0.171" path="/dev/vhost-vsock" dev="devtmpfs" ino=1274 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  132.874738][ T5955] usb 4-1: new full-speed USB device number 3 using dummy_hcd
[  132.989057][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  132.995467][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  133.003530][   T30] audit: type=1400 audit(1759510792.808:497): avc:  denied  { write } for  pid=6543 comm="syz.1.162" name="kcm" dev="proc" ino=4026533172 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  133.114105][ T5955] usb 4-1: config 5 has an invalid interface number: 3 but max is 0
[  133.132019][ T5955] usb 4-1: config 5 has no interface number 0
[  133.149883][ T5955] usb 4-1: New USB device found, idVendor=09fb, idProduct=602a, bcdDevice=fd.36
[  133.164284][ T5955] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  133.182105][ T5955] usb 4-1: Product: syz
[  133.191536][ T5955] usb 4-1: Manufacturer: syz
[  133.202826][ T5955] usb 4-1: SerialNumber: syz
[  133.224273][ T5955] ftdi_sio 4-1:5.3: FTDI USB Serial Device converter detected
[  133.415388][ T5955] ftdi_sio ttyUSB0: unknown device type: 0xfd36
[  133.498756][ T5955] usb 4-1: USB disconnect, device number 3
[  133.635624][ T5955] ftdi_sio 4-1:5.3: device disconnected
[  135.236792][   T30] audit: type=1400 audit(1759510802.243:498): avc:  denied  { read } for  pid=6594 comm="syz.4.175" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  135.347556][   T30] audit: type=1400 audit(1759510802.253:499): avc:  denied  { open } for  pid=6594 comm="syz.4.175" path="/dev/autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  135.717709][   T30] audit: type=1326 audit(1759510802.543:500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6600 comm="syz.0.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76b2f8eec9 code=0x7ffc0000
[  135.746373][ T5894] usb 4-1: new full-speed USB device number 4 using dummy_hcd
[  135.763795][   T30] audit: type=1326 audit(1759510802.543:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6600 comm="syz.0.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76b2f8eec9 code=0x7ffc0000
[  135.802111][   T30] audit: type=1326 audit(1759510802.543:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6600 comm="syz.0.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=12 compat=0 ip=0x7f76b2f8eec9 code=0x7ffc0000
[  135.838715][   T30] audit: type=1326 audit(1759510802.543:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6600 comm="syz.0.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76b2f8eec9 code=0x7ffc0000
[  135.861964][    C0] vkms_vblank_simulate: vblank timer overrun
[  135.875155][   T30] audit: type=1326 audit(1759510802.543:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6600 comm="syz.0.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76b2f8eec9 code=0x7ffc0000
[  135.898381][    C0] vkms_vblank_simulate: vblank timer overrun
[  135.906518][   T30] audit: type=1326 audit(1759510802.543:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6600 comm="syz.0.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f76b2f8eec9 code=0x7ffc0000
[  135.929561][    C0] vkms_vblank_simulate: vblank timer overrun
[  135.995604][ T5894] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  136.006868][ T5894] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2
[  136.016290][ T5894] usb 4-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  136.025819][ T5894] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  136.036988][ T5894] usb 4-1: config 0 descriptor??
[  136.050220][ T5894] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  136.143385][ T5894] dvb-usb: bulk message failed: -22 (3/0)
[  136.684426][ T6604] dvb-usb: bulk message failed: -22 (4/0)
[  136.691379][   T30] audit: type=1326 audit(1759510803.923:506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6600 comm="syz.0.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76b2f8eec9 code=0x7ffc0000
[  136.714606][    C0] vkms_vblank_simulate: vblank timer overrun
[  136.806519][ T5894] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  136.815339][   T30] audit: type=1326 audit(1759510803.923:507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6600 comm="syz.0.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76b2f8eec9 code=0x7ffc0000
[  136.839573][ T5894] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  136.854822][ T5894] usb 4-1: media controller created
[  136.873079][ T5894] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  136.913554][ T5894] dvb-usb: bulk message failed: -22 (6/0)
[  136.919708][ T5894] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  136.939779][ T5894] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input7
[  136.970842][ T5894] dvb-usb: schedule remote query interval to 150 msecs.
[  136.997036][ T5894] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  137.049255][ T5894] usb 4-1: USB disconnect, device number 4
[  137.087553][ T5894] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  138.693383][ T6641] FAULT_INJECTION: forcing a failure.
[  138.693383][ T6641] name failslab, interval 1, probability 0, space 0, times 0
[  138.723725][ T6641] CPU: 1 UID: 0 PID: 6641 Comm: syz.0.189 Not tainted syzkaller #0 PREEMPT(full) 
[  138.723750][ T6641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  138.723760][ T6641] Call Trace:
[  138.723766][ T6641]  <TASK>
[  138.723773][ T6641]  dump_stack_lvl+0x16c/0x1f0
[  138.723805][ T6641]  should_fail_ex+0x512/0x640
[  138.723833][ T6641]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[  138.723854][ T6641]  should_failslab+0xc2/0x120
[  138.723877][ T6641]  kmem_cache_alloc_node_noprof+0x78/0x770
[  138.723894][ T6641]  ? __alloc_skb+0x2b2/0x380
[  138.723924][ T6641]  ? __alloc_skb+0x2b2/0x380
[  138.723945][ T6641]  __alloc_skb+0x2b2/0x380
[  138.723974][ T6641]  ? __pfx___alloc_skb+0x10/0x10
[  138.724000][ T6641]  ? find_held_lock+0x2b/0x80
[  138.724031][ T6641]  tcp_stream_alloc_skb+0x34/0x560
[  138.724055][ T6641]  tcp_sendmsg_locked+0x12d9/0x42e0
[  138.724084][ T6641]  ? __lock_acquire+0xb97/0x1ce0
[  138.724112][ T6641]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  138.724136][ T6641]  ? do_raw_spin_lock+0x12c/0x2b0
[  138.724159][ T6641]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  138.724187][ T6641]  ? __local_bh_enable_ip+0xa4/0x120
[  138.724217][ T6641]  tcp_sendmsg+0x2e/0x50
[  138.724235][ T6641]  ? __pfx_tcp_sendmsg+0x10/0x10
[  138.724255][ T6641]  inet_sendmsg+0xb9/0x140
[  138.724280][ T6641]  __sys_sendto+0x43c/0x520
[  138.724305][ T6641]  ? __pfx___sys_sendto+0x10/0x10
[  138.724351][ T6641]  ? ksys_write+0x1ac/0x250
[  138.724370][ T6641]  ? __pfx_ksys_write+0x10/0x10
[  138.724392][ T6641]  __x64_sys_sendto+0xe0/0x1c0
[  138.724415][ T6641]  ? do_syscall_64+0x91/0x4e0
[  138.724440][ T6641]  ? lockdep_hardirqs_on+0x7c/0x110
[  138.724464][ T6641]  do_syscall_64+0xcd/0x4e0
[  138.724491][ T6641]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.724509][ T6641] RIP: 0033:0x7f76b2f8eec9
[  138.724524][ T6641] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  138.724540][ T6641] RSP: 002b:00007f76b3e09038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  138.724558][ T6641] RAX: ffffffffffffffda RBX: 00007f76b31e5fa0 RCX: 00007f76b2f8eec9
[  138.724569][ T6641] RDX: 0000000000000381 RSI: 00002000000004c0 RDI: 0000000000000003
[  138.724580][ T6641] RBP: 00007f76b3e09090 R08: 0000000000000000 R09: 0000000000000000
[  138.724589][ T6641] R10: 0000000000000805 R11: 0000000000000246 R12: 0000000000000001
[  138.724599][ T6641] R13: 00007f76b31e6038 R14: 00007f76b31e5fa0 R15: 00007fffb7ffae58
[  138.724623][ T6641]  </TASK>
[  139.057075][ T5936] usb 5-1: new full-speed USB device number 9 using dummy_hcd
[  139.233315][ T5936] usb 5-1: config 5 has an invalid interface number: 3 but max is 0
[  139.246356][ T5936] usb 5-1: config 5 has no interface number 0
[  139.255275][ T5936] usb 5-1: New USB device found, idVendor=09fb, idProduct=602a, bcdDevice=fd.36
[  139.264648][ T5936] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  139.273079][ T5936] usb 5-1: Product: syz
[  139.277405][ T5936] usb 5-1: Manufacturer: syz
[  139.282453][ T5936] usb 5-1: SerialNumber: syz
[  139.500948][ T6636] __nla_validate_parse: 66 callbacks suppressed
[  139.501023][ T6636] netlink: 8 bytes leftover after parsing attributes in process `syz.4.186'.
[  139.762167][ T6636] netlink: 4 bytes leftover after parsing attributes in process `syz.4.186'.
[  139.786395][ T5936] ftdi_sio 5-1:5.3: FTDI USB Serial Device converter detected
[  139.802730][ T5936] ftdi_sio ttyUSB0: unknown device type: 0xfd36
[  139.864785][ T5894] usb 5-1: USB disconnect, device number 9
[  139.874085][ T5894] ftdi_sio 5-1:5.3: device disconnected
[  140.333049][   T30] kauditd_printk_skb: 85 callbacks suppressed
[  140.333060][   T30] audit: type=1400 audit(1759510807.573:593): avc:  denied  { connect } for  pid=6668 comm="syz.2.196" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  140.512136][   T30] audit: type=1400 audit(1759510807.603:594): avc:  denied  { write } for  pid=6668 comm="syz.2.196" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  140.596947][   T30] audit: type=1400 audit(1759510807.603:595): avc:  denied  { create } for  pid=6663 comm="syz.3.195" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  140.649865][   T30] audit: type=1400 audit(1759510807.623:596): avc:  denied  { bind } for  pid=6663 comm="syz.3.195" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  140.672857][   T30] audit: type=1400 audit(1759510807.733:597): avc:  denied  { accept } for  pid=6663 comm="syz.3.195" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  140.692539][   T30] audit: type=1400 audit(1759510807.803:598): avc:  denied  { write } for  pid=6663 comm="syz.3.195" path="socket:[11304]" dev="sockfs" ino=11304 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  140.716113][   T30] audit: type=1400 audit(1759510807.863:599): avc:  denied  { ioctl } for  pid=6672 comm="syz.4.197" path="/dev/dri/card1" dev="devtmpfs" ino=627 ioctlcmd=0x643a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  141.182143][   T50] Bluetooth: hci4: command 0x0406 tx timeout
[  141.668582][   T30] audit: type=1400 audit(1759510808.823:600): avc:  denied  { map_read map_write } for  pid=6674 comm="syz.0.198" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  141.688263][    C0] vkms_vblank_simulate: vblank timer overrun
[  142.517182][   T30] audit: type=1400 audit(1759510809.753:601): avc:  denied  { ioctl } for  pid=6686 comm="syz.3.200" path="socket:[11090]" dev="sockfs" ino=11090 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  143.047181][   T30] audit: type=1400 audit(1759510810.273:602): avc:  denied  { read write } for  pid=6690 comm="syz.3.202" name="vhost-vsock" dev="devtmpfs" ino=1274 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  144.642036][    T9] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  144.825658][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  144.836697][    T9] usb 1-1: New USB device found, idVendor=045e, idProduct=00f9, bcdDevice= 0.00
[  144.846036][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.878477][    T9] usb 1-1: config 0 descriptor??
[  145.530756][    T9] microsoft 0003:045E:00F9.0001: item fetching failed at offset 4/7
[  145.555984][    T9] microsoft 0003:045E:00F9.0001: parse failed
[  145.570129][    T9] microsoft 0003:045E:00F9.0001: probe with driver microsoft failed with error -22
[  147.318435][ T6729] FAULT_INJECTION: forcing a failure.
[  147.318435][ T6729] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  147.516915][ T6729] CPU: 0 UID: 0 PID: 6729 Comm: syz.2.212 Not tainted syzkaller #0 PREEMPT(full) 
[  147.516947][ T6729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  147.516958][ T6729] Call Trace:
[  147.516964][ T6729]  <TASK>
[  147.516970][ T6729]  dump_stack_lvl+0x16c/0x1f0
[  147.517002][ T6729]  should_fail_ex+0x512/0x640
[  147.517031][ T6729]  _copy_from_user+0x2e/0xd0
[  147.517060][ T6729]  copy_msghdr_from_user+0x98/0x160
[  147.517086][ T6729]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  147.517123][ T6729]  ___sys_sendmsg+0xfe/0x1d0
[  147.517149][ T6729]  ? __pfx____sys_sendmsg+0x10/0x10
[  147.517203][ T6729]  __sys_sendmsg+0x16d/0x220
[  147.517230][ T6729]  ? __pfx___sys_sendmsg+0x10/0x10
[  147.517271][ T6729]  do_syscall_64+0xcd/0x4e0
[  147.517299][ T6729]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.517317][ T6729] RIP: 0033:0x7fe607f8eec9
[  147.517331][ T6729] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  147.517347][ T6729] RSP: 002b:00007fe608ece038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  147.517365][ T6729] RAX: ffffffffffffffda RBX: 00007fe6081e5fa0 RCX: 00007fe607f8eec9
[  147.517377][ T6729] RDX: 0000000000000000 RSI: 0000200000000400 RDI: 0000000000000003
[  147.517387][ T6729] RBP: 00007fe608ece090 R08: 0000000000000000 R09: 0000000000000000
[  147.517397][ T6729] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  147.517407][ T6729] R13: 00007fe6081e6038 R14: 00007fe6081e5fa0 R15: 00007ffcc6a8cba8
[  147.517431][ T6729]  </TASK>
[  147.676913][    C0] vkms_vblank_simulate: vblank timer overrun
[  147.710127][ T5886] usb 1-1: USB disconnect, device number 9
[  147.764007][   T30] kauditd_printk_skb: 7 callbacks suppressed
[  147.764021][   T30] audit: type=1400 audit(1759510815.003:610): avc:  denied  { mounton } for  pid=6730 comm="syz.1.213" path="/46" dev="tmpfs" ino=244 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  149.219790][   T30] audit: type=1400 audit(1759510816.453:611): avc:  denied  { setopt } for  pid=6730 comm="syz.1.213" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  149.277320][   T30] audit: type=1400 audit(1759510816.453:612): avc:  denied  { read } for  pid=6730 comm="syz.1.213" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  149.362603][ T6749] netlink: 8 bytes leftover after parsing attributes in process `syz.3.216'.
[  149.922079][ T5886] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  150.133523][ T5886] usb 1-1: config 0 has no interfaces?
[  150.169850][ T5886] usb 1-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  150.213665][ T5886] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  150.229766][ T5886] usb 1-1: config 0 descriptor??
[  150.464843][   T30] audit: type=1400 audit(1759510817.703:613): avc:  denied  { write } for  pid=6752 comm="syz.0.218" name="001" dev="devtmpfs" ino=723 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  150.508444][ T6753] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  150.542480][ T6753] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  150.610938][   T30] audit: type=1400 audit(1759510817.843:614): avc:  denied  { create } for  pid=6752 comm="syz.0.218" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  150.643488][ T6759] input: syz0 as /devices/virtual/input/input8
[  150.662343][   T30] audit: type=1400 audit(1759510817.873:615): avc:  denied  { read write } for  pid=6752 comm="syz.0.218" name="uinput" dev="devtmpfs" ino=919 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  150.704006][   T30] audit: type=1400 audit(1759510817.873:616): avc:  denied  { open } for  pid=6752 comm="syz.0.218" path="/dev/uinput" dev="devtmpfs" ino=919 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  150.732972][   T30] audit: type=1400 audit(1759510817.873:617): avc:  denied  { ioctl } for  pid=6752 comm="syz.0.218" path="/dev/uinput" dev="devtmpfs" ino=919 ioctlcmd=0x5564 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  150.757817][    C0] vkms_vblank_simulate: vblank timer overrun
[  150.765100][   T30] audit: type=1400 audit(1759510817.893:618): avc:  denied  { read } for  pid=5178 comm="acpid" name="js0" dev="devtmpfs" ino=2839 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  150.787552][   T30] audit: type=1400 audit(1759510817.893:619): avc:  denied  { open } for  pid=5178 comm="acpid" path="/dev/input/js0" dev="devtmpfs" ino=2839 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  150.810646][    C0] vkms_vblank_simulate: vblank timer overrun
[  150.862019][ T5886] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  151.012766][ T5886] usb 2-1: Using ep0 maxpacket: 32
[  151.019797][ T5886] usb 2-1: config 8 has an invalid interface number: 203 but max is 0
[  151.028477][ T5886] usb 2-1: config 8 has no interface number 0
[  151.043059][ T5886] usb 2-1: config 8 interface 203 altsetting 1 has an endpoint descriptor with address 0x93, changing to 0x83
[  151.055012][ T5886] usb 2-1: config 8 interface 203 altsetting 1 bulk endpoint 0x83 has invalid maxpacket 1024
[  151.065642][ T5886] usb 2-1: config 8 interface 203 altsetting 1 endpoint 0xB has invalid wMaxPacketSize 0
[  151.075835][ T5886] usb 2-1: config 8 interface 203 has no altsetting 0
[  151.085104][ T5886] usb 2-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=eb.7a
[  151.094696][ T5886] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  151.105065][ T5886] usb 2-1: Product: syz
[  151.109317][ T5886] usb 2-1: Manufacturer: syz
[  151.187748][ T5886] usb 2-1: SerialNumber: syz
[  151.196692][ T6758] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  151.312024][ T5936] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  151.417164][ T6758] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  151.428647][ T6758] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  151.447131][ T5886] port100 2-1:8.203: NFC: Could not find bulk-in or bulk-out endpoint
[  151.491305][ T5936] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  151.504011][ T5886] usb 2-1: USB disconnect, device number 4
[  151.519550][ T5936] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  151.545963][ T5936] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  151.571664][ T5936] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  151.589110][ T5936] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  151.603918][ T5936] usb 4-1: config 0 descriptor??
[  152.398541][ T5936] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  152.406058][ T5936] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  152.422072][ T5936] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  152.449583][ T5936] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  152.465801][ T5936] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  152.473832][ T5936] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  152.482397][ T5936] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  152.490064][ T5936] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  152.498085][ T5936] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0
[  152.653537][ T5936] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  152.720786][ T6781] FAULT_INJECTION: forcing a failure.
[  152.720786][ T6781] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  152.749762][ T6781] CPU: 0 UID: 0 PID: 6781 Comm: syz.1.227 Not tainted syzkaller #0 PREEMPT(full) 
[  152.749785][ T6781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  152.749795][ T6781] Call Trace:
[  152.749800][ T6781]  <TASK>
[  152.749806][ T6781]  dump_stack_lvl+0x16c/0x1f0
[  152.749835][ T6781]  should_fail_ex+0x512/0x640
[  152.749865][ T6781]  _copy_to_user+0x32/0xd0
[  152.749895][ T6781]  simple_read_from_buffer+0xcb/0x170
[  152.749914][ T6781]  proc_fail_nth_read+0x197/0x240
[  152.749936][ T6781]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  152.749958][ T6781]  ? rw_verify_area+0xcf/0x6c0
[  152.749983][ T6781]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  152.750004][ T6781]  vfs_read+0x1e4/0xcf0
[  152.750022][ T6781]  ? __pfx___mutex_lock+0x10/0x10
[  152.750044][ T6781]  ? __pfx_vfs_read+0x10/0x10
[  152.750068][ T6781]  ? __fget_files+0x20e/0x3c0
[  152.750092][ T6781]  ksys_read+0x12a/0x250
[  152.750107][ T6781]  ? __pfx_ksys_read+0x10/0x10
[  152.750124][ T6781]  ? fdget+0x187/0x210
[  152.750146][ T6781]  do_syscall_64+0xcd/0x4e0
[  152.750177][ T6781]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.750194][ T6781] RIP: 0033:0x7f9c2278d8dc
[  152.750209][ T6781] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  152.750224][ T6781] RSP: 002b:00007f9c235df030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  152.750240][ T6781] RAX: ffffffffffffffda RBX: 00007f9c229e6090 RCX: 00007f9c2278d8dc
[  152.750251][ T6781] RDX: 000000000000000f RSI: 00007f9c235df0a0 RDI: 0000000000000008
[  152.750262][ T6781] RBP: 00007f9c235df090 R08: 0000000000000000 R09: 0000000000000000
[  152.750271][ T6781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  152.750281][ T6781] R13: 00007f9c229e6128 R14: 00007f9c229e6090 R15: 00007fffa7ba5808
[  152.750306][ T6781]  </TASK>
[  152.933667][    C0] vkms_vblank_simulate: vblank timer overrun
[  152.971403][ T5936] usb 1-1: USB disconnect, device number 10
[  154.228536][ T5894] usb 4-1: USB disconnect, device number 5
[  155.116498][ T6804] FAULT_INJECTION: forcing a failure.
[  155.116498][ T6804] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  155.173853][ T6804] CPU: 0 UID: 0 PID: 6804 Comm: syz.2.233 Not tainted syzkaller #0 PREEMPT(full) 
[  155.173877][ T6804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  155.173886][ T6804] Call Trace:
[  155.173892][ T6804]  <TASK>
[  155.173898][ T6804]  dump_stack_lvl+0x16c/0x1f0
[  155.173928][ T6804]  should_fail_ex+0x512/0x640
[  155.173955][ T6804]  _copy_from_user+0x2e/0xd0
[  155.173982][ T6804]  __sys_bpf+0x248/0x4980
[  155.174001][ T6804]  ? __pfx___sys_bpf+0x10/0x10
[  155.174016][ T6804]  ? find_held_lock+0x2b/0x80
[  155.174046][ T6804]  ? find_held_lock+0x2b/0x80
[  155.174076][ T6804]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  155.174116][ T6804]  ? fput+0x9b/0xd0
[  155.174140][ T6804]  ? ksys_write+0x1ac/0x250
[  155.174156][ T6804]  ? __pfx_ksys_write+0x10/0x10
[  155.174182][ T6804]  __x64_sys_bpf+0x78/0xc0
[  155.174197][ T6804]  ? lockdep_hardirqs_on+0x7c/0x110
[  155.174219][ T6804]  do_syscall_64+0xcd/0x4e0
[  155.174242][ T6804]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.174258][ T6804] RIP: 0033:0x7fe607f8eec9
[  155.174271][ T6804] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  155.174286][ T6804] RSP: 002b:00007fe608ead038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  155.174301][ T6804] RAX: ffffffffffffffda RBX: 00007fe6081e6090 RCX: 00007fe607f8eec9
[  155.174312][ T6804] RDX: 0000000000000020 RSI: 00002000000001c0 RDI: 0000000000000003
[  155.174321][ T6804] RBP: 00007fe608ead090 R08: 0000000000000000 R09: 0000000000000000
[  155.174331][ T6804] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  155.174341][ T6804] R13: 00007fe6081e6128 R14: 00007fe6081e6090 R15: 00007ffcc6a8cba8
[  155.174363][ T6804]  </TASK>
[  155.353024][    C0] vkms_vblank_simulate: vblank timer overrun
[  155.420075][   T30] kauditd_printk_skb: 5 callbacks suppressed
[  155.420090][   T30] audit: type=1400 audit(1759510822.653:625): avc:  denied  { unmount } for  pid=5816 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  155.730696][   T30] audit: type=1400 audit(1759510822.963:626): avc:  denied  { write } for  pid=6808 comm="syz.0.234" name="ppp" dev="devtmpfs" ino=708 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  155.730767][ T5828] Bluetooth: hci0: unexpected event 0x03 length: 1 < 11
[  155.820642][   T30] audit: type=1400 audit(1759510822.963:627): avc:  denied  { open } for  pid=6808 comm="syz.0.234" path="/dev/ppp" dev="devtmpfs" ino=708 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  155.843862][ T5894] usb 3-1: new full-speed USB device number 6 using dummy_hcd
[  155.948493][   T30] audit: type=1400 audit(1759510822.963:628): avc:  denied  { ioctl } for  pid=6808 comm="syz.0.234" path="/dev/ppp" dev="devtmpfs" ino=708 ioctlcmd=0x7438 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  155.972935][    C0] vkms_vblank_simulate: vblank timer overrun
[  156.075477][ T6812] FAULT_INJECTION: forcing a failure.
[  156.075477][ T6812] name failslab, interval 1, probability 0, space 0, times 0
[  156.088359][ T6812] CPU: 0 UID: 0 PID: 6812 Comm: syz.0.236 Not tainted syzkaller #0 PREEMPT(full) 
[  156.088381][ T6812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  156.088391][ T6812] Call Trace:
[  156.088395][ T6812]  <TASK>
[  156.088399][ T6812]  dump_stack_lvl+0x16c/0x1f0
[  156.088422][ T6812]  should_fail_ex+0x512/0x640
[  156.088440][ T6812]  ? fs_reclaim_acquire+0xae/0x150
[  156.088455][ T6812]  should_failslab+0xc2/0x120
[  156.088470][ T6812]  __kmalloc_noprof+0xdd/0x880
[  156.088487][ T6812]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  156.088507][ T6812]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  156.088523][ T6812]  tomoyo_realpath_from_path+0xc2/0x6e0
[  156.088541][ T6812]  ? tomoyo_profile+0x47/0x60
[  156.088554][ T6812]  tomoyo_path_number_perm+0x245/0x580
[  156.088567][ T6812]  ? tomoyo_path_number_perm+0x237/0x580
[  156.088583][ T6812]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  156.088598][ T6812]  ? find_held_lock+0x2b/0x80
[  156.088626][ T6812]  ? find_held_lock+0x2b/0x80
[  156.088640][ T6812]  ? hook_file_ioctl_common+0x145/0x410
[  156.088655][ T6812]  ? __fget_files+0x20e/0x3c0
[  156.088671][ T6812]  security_file_ioctl+0x9b/0x240
[  156.088688][ T6812]  __x64_sys_ioctl+0xb7/0x210
[  156.088706][ T6812]  do_syscall_64+0xcd/0x4e0
[  156.088724][ T6812]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.088735][ T6812] RIP: 0033:0x7f76b2f8eec9
[  156.088745][ T6812] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  156.088756][ T6812] RSP: 002b:00007f76b3de8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  156.088766][ T6812] RAX: ffffffffffffffda RBX: 00007f76b31e6090 RCX: 00007f76b2f8eec9
[  156.088773][ T6812] RDX: 0000200000000140 RSI: 0000000000005412 RDI: 0000000000000008
[  156.088779][ T6812] RBP: 00007f76b3de8090 R08: 0000000000000000 R09: 0000000000000000
[  156.088785][ T6812] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  156.088791][ T6812] R13: 00007f76b31e6128 R14: 00007f76b31e6090 R15: 00007fffb7ffae58
[  156.088804][ T6812]  </TASK>
[  156.088822][ T6812] ERROR: Out of memory at tomoyo_realpath_from_path.
[  156.209558][   T30] audit: type=1400 audit(1759510823.313:629): avc:  denied  { setopt } for  pid=6810 comm="syz.0.236" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  156.556106][ T5894] usb 3-1: config 5 has an invalid interface number: 3 but max is 0
[  156.564732][ T5894] usb 3-1: config 5 has no interface number 0
[  157.393605][ T5894] usb 3-1: New USB device found, idVendor=09fb, idProduct=602a, bcdDevice=fd.36
[  157.411168][ T5894] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  157.433108][ T5894] usb 3-1: Product: syz
[  157.442506][ T5894] usb 3-1: Manufacturer: syz
[  157.473335][ T5894] usb 3-1: SerialNumber: syz
[  157.531686][ T5894] ftdi_sio 3-1:5.3: FTDI USB Serial Device converter detected
[  157.545084][ T5894] ftdi_sio ttyUSB0: unknown device type: 0xfd36
[  157.675459][   T30] audit: type=1400 audit(1759510824.913:630): avc:  denied  { read } for  pid=6822 comm="syz.4.239" name="video7" dev="devtmpfs" ino=950 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  157.702135][   T30] audit: type=1400 audit(1759510824.913:631): avc:  denied  { open } for  pid=6822 comm="syz.4.239" path="/dev/video7" dev="devtmpfs" ino=950 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  157.725608][ T6823] tipc: Started in network mode
[  157.730563][ T6823] tipc: Node identity 4, cluster identity 4711
[  157.737343][ T6823] tipc: Node number set to 4
[  157.748721][ T6807] netlink: 8 bytes leftover after parsing attributes in process `syz.2.235'.
[  157.767435][   T30] audit: type=1400 audit(1759510824.933:632): avc:  denied  { ioctl } for  pid=6822 comm="syz.4.239" path="/dev/video7" dev="devtmpfs" ino=950 ioctlcmd=0x5640 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  157.792040][ T6807] netlink: 4 bytes leftover after parsing attributes in process `syz.2.235'.
[  157.830535][ T5870] usb 3-1: USB disconnect, device number 6
[  157.835232][   T30] audit: type=1400 audit(1759510824.933:633): avc:  denied  { setopt } for  pid=6822 comm="syz.4.239" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  157.846724][ T5870] ftdi_sio 3-1:5.3: device disconnected
[  157.936159][ T6827] usb usb6: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  158.146464][   T30] audit: type=1400 audit(1759510825.163:634): avc:  denied  { map } for  pid=6825 comm="syz.0.240" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=735 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  159.209101][ T6835] FAULT_INJECTION: forcing a failure.
[  159.209101][ T6835] name failslab, interval 1, probability 0, space 0, times 0
[  159.221856][ T6835] CPU: 1 UID: 0 PID: 6835 Comm: syz.4.242 Not tainted syzkaller #0 PREEMPT(full) 
[  159.221881][ T6835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  159.221891][ T6835] Call Trace:
[  159.221897][ T6835]  <TASK>
[  159.221903][ T6835]  dump_stack_lvl+0x16c/0x1f0
[  159.221936][ T6835]  should_fail_ex+0x512/0x640
[  159.221959][ T6835]  ? __kmalloc_cache_noprof+0x5f/0x780
[  159.221987][ T6835]  should_failslab+0xc2/0x120
[  159.222009][ T6835]  __kmalloc_cache_noprof+0x72/0x780
[  159.222034][ T6835]  ? alloc_pipe_info+0x10e/0x590
[  159.222058][ T6835]  ? alloc_pipe_info+0x10e/0x590
[  159.222078][ T6835]  alloc_pipe_info+0x10e/0x590
[  159.222100][ T6835]  splice_direct_to_actor+0x77d/0xa30
[  159.222119][ T6835]  ? __lock_acquire+0x62e/0x1ce0
[  159.222134][ T6835]  ? __pfx_direct_splice_actor+0x10/0x10
[  159.222159][ T6835]  ? find_held_lock+0x2b/0x80
[  159.222182][ T6835]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  159.222197][ T6835]  ? get_pid_task+0xfc/0x250
[  159.222220][ T6835]  do_splice_direct+0x174/0x240
[  159.222238][ T6835]  ? __pfx_do_splice_direct+0x10/0x10
[  159.222257][ T6835]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  159.222275][ T6835]  ? bpf_lsm_file_permission+0x9/0x10
[  159.222293][ T6835]  ? security_file_permission+0x71/0x210
[  159.222319][ T6835]  ? rw_verify_area+0xcf/0x6c0
[  159.222346][ T6835]  do_sendfile+0xb06/0xe50
[  159.222367][ T6835]  ? __pfx_do_sendfile+0x10/0x10
[  159.222383][ T6835]  ? __fget_files+0x20e/0x3c0
[  159.222409][ T6835]  __x64_sys_sendfile64+0x1d8/0x220
[  159.222429][ T6835]  ? ksys_write+0x1ac/0x250
[  159.222444][ T6835]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  159.222474][ T6835]  do_syscall_64+0xcd/0x4e0
[  159.222502][ T6835]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.222518][ T6835] RIP: 0033:0x7f75db98eec9
[  159.222532][ T6835] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  159.222547][ T6835] RSP: 002b:00007f75dc80d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  159.222564][ T6835] RAX: ffffffffffffffda RBX: 00007f75dbbe6090 RCX: 00007f75db98eec9
[  159.222575][ T6835] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000000000000007
[  159.222584][ T6835] RBP: 00007f75dc80d090 R08: 0000000000000000 R09: 0000000000000000
[  159.222594][ T6835] R10: 0000020000023896 R11: 0000000000000246 R12: 0000000000000001
[  159.222604][ T6835] R13: 00007f75dbbe6128 R14: 00007f75dbbe6090 R15: 00007ffc3cca05e8
[  159.222624][ T6835]  </TASK>
[  159.464392][    C1] vkms_vblank_simulate: vblank timer overrun
[  160.551660][   T30] kauditd_printk_skb: 8 callbacks suppressed
[  160.551677][   T30] audit: type=1400 audit(1759510827.783:643): avc:  denied  { prog_load } for  pid=6841 comm="syz.2.245" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  160.777470][   T30] audit: type=1400 audit(1759510827.783:644): avc:  denied  { prog_run } for  pid=6841 comm="syz.2.245" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  160.798021][   T30] audit: type=1400 audit(1759510827.813:645): avc:  denied  { create } for  pid=6841 comm="syz.2.245" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  160.818851][   T30] audit: type=1400 audit(1759510827.813:646): avc:  denied  { create } for  pid=6841 comm="syz.2.245" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  160.839554][   T30] audit: type=1400 audit(1759510827.813:647): avc:  denied  { read } for  pid=6841 comm="syz.2.245" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  160.914466][ T6852] FAULT_INJECTION: forcing a failure.
[  160.914466][ T6852] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  160.929233][ T6852] CPU: 1 UID: 0 PID: 6852 Comm: syz.4.247 Not tainted syzkaller #0 PREEMPT(full) 
[  160.929259][ T6852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  160.929270][ T6852] Call Trace:
[  160.929276][ T6852]  <TASK>
[  160.929282][ T6852]  dump_stack_lvl+0x16c/0x1f0
[  160.929313][ T6852]  should_fail_ex+0x512/0x640
[  160.929343][ T6852]  _copy_from_user+0x2e/0xd0
[  160.929371][ T6852]  copy_msghdr_from_user+0x98/0x160
[  160.929398][ T6852]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  160.929426][ T6852]  ? rcu_is_watching+0x12/0xc0
[  160.929451][ T6852]  ? finish_task_switch.isra.0+0x221/0xc10
[  160.929476][ T6852]  ? lockdep_hardirqs_on+0x7c/0x110
[  160.929504][ T6852]  ___sys_sendmsg+0xfe/0x1d0
[  160.929530][ T6852]  ? __pfx____sys_sendmsg+0x10/0x10
[  160.929577][ T6852]  ? irqentry_exit_to_user_mode+0x2b0/0x2b0
[  160.929608][ T6852]  __sys_sendmsg+0x16d/0x220
[  160.929634][ T6852]  ? __pfx___sys_sendmsg+0x10/0x10
[  160.929658][ T6852]  ? fput+0x88/0xd0
[  160.929695][ T6852]  do_syscall_64+0xcd/0x4e0
[  160.929722][ T6852]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.929739][ T6852] RIP: 0033:0x7f75db98eec9
[  160.929753][ T6852] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  160.929769][ T6852] RSP: 002b:00007f75dc7ec038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  160.929787][ T6852] RAX: ffffffffffffffda RBX: 00007f75dbbe6180 RCX: 00007f75db98eec9
[  160.929798][ T6852] RDX: 0000000004000000 RSI: 0000200000000180 RDI: 0000000000000006
[  160.929808][ T6852] RBP: 00007f75dc7ec090 R08: 0000000000000000 R09: 0000000000000000
[  160.929818][ T6852] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  160.929827][ T6852] R13: 00007f75dbbe6218 R14: 00007f75dbbe6180 R15: 00007ffc3cca05e8
[  160.929851][ T6852]  </TASK>
[  161.112195][    C1] vkms_vblank_simulate: vblank timer overrun
[  161.242057][   T30] audit: type=1400 audit(1759510827.813:648): avc:  denied  { execmem } for  pid=6841 comm="syz.2.245" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  161.242142][ T6854] netlink: 40 bytes leftover after parsing attributes in process `syz.1.248'.
[  161.264071][   T30] audit: type=1400 audit(1759510827.923:649): avc:  denied  { read write } for  pid=5825 comm="syz-executor" name="loop1" dev="devtmpfs" ino=647 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  161.294375][    C1] vkms_vblank_simulate: vblank timer overrun
[  161.300433][   T30] audit: type=1400 audit(1759510827.923:651): avc:  denied  { bpf } for  pid=6848 comm="syz.4.247" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  161.320899][   T30] audit: type=1400 audit(1759510827.923:652): avc:  denied  { perfmon } for  pid=6848 comm="syz.4.247" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  161.341550][    C1] vkms_vblank_simulate: vblank timer overrun
[  161.348746][   T30] audit: type=1400 audit(1759510827.923:650): avc:  denied  { open } for  pid=5825 comm="syz-executor" path="/dev/loop1" dev="devtmpfs" ino=647 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  161.692336][ T3087] usb 1-1: new full-speed USB device number 11 using dummy_hcd
[  162.060251][ T6871] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  162.420569][ T3087] usb 1-1: config 5 has an invalid interface number: 3 but max is 0
[  162.444876][ T3087] usb 1-1: config 5 has no interface number 0
[  162.456918][ T3087] usb 1-1: New USB device found, idVendor=09fb, idProduct=602a, bcdDevice=fd.36
[  162.481247][ T3087] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  162.498436][ T3087] usb 1-1: Product: syz
[  162.527643][ T3087] usb 1-1: Manufacturer: syz
[  162.535560][ T3087] usb 1-1: SerialNumber: syz
[  162.574100][ T3087] ftdi_sio 1-1:5.3: FTDI USB Serial Device converter detected
[  162.625994][ T3087] ftdi_sio ttyUSB0: unknown device type: 0xfd36
[  162.779379][ T6856] netlink: 4 bytes leftover after parsing attributes in process `syz.0.249'.
[  162.812966][ T3087] usb 1-1: USB disconnect, device number 11
[  162.819892][ T3087] ftdi_sio 1-1:5.3: device disconnected
[  163.177834][ T6880] netlink: 'syz.2.255': attribute type 1 has an invalid length.
[  163.186420][ T6880] netlink: 224 bytes leftover after parsing attributes in process `syz.2.255'.
[  164.535061][ T6893] tipc: Started in network mode
[  164.547961][ T6893] tipc: Node identity 42d3a23e1a3b, cluster identity 4711
[  164.557006][ T6893] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  164.589106][ T6893] syzkaller0: entered promiscuous mode
[  164.594911][ T6893] syzkaller0: entered allmulticast mode
[  164.607892][ T6893] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  164.675108][ T6893] tipc: Resetting bearer <eth:syzkaller0>
[  164.688434][ T6891] tipc: Resetting bearer <eth:syzkaller0>
[  164.712155][ T5886] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  164.749443][ T6891] tipc: Disabling bearer <eth:syzkaller0>
[  164.872128][ T5886] usb 3-1: Using ep0 maxpacket: 16
[  164.955868][ T5886] usb 3-1: config 0 has an invalid interface number: 214 but max is 0
[  165.178140][ T5886] usb 3-1: config 0 has no interface number 0
[  165.185800][ T5886] usb 3-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid maxpacket 1023, setting to 64
[  165.198828][ T5886] usb 3-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5
[  165.256834][ T5886] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  165.280853][ T5886] usb 3-1: Product: syz
[  165.374976][ T5886] usb 3-1: Manufacturer: syz
[  165.380051][ T5886] usb 3-1: SerialNumber: syz
[  165.406193][ T5886] usb 3-1: config 0 descriptor??
[  165.839330][   T30] kauditd_printk_skb: 80 callbacks suppressed
[  165.839346][   T30] audit: type=1400 audit(1759510833.073:733): avc:  denied  { map_create } for  pid=6905 comm="syz.3.263" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  165.910575][ T6907] Driver unsupported XDP return value 0 on prog  (id 61) dev N/A, expect packet loss!
[  165.910646][   T30] audit: type=1400 audit(1759510833.073:734): avc:  denied  { map_read map_write } for  pid=6905 comm="syz.3.263" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  165.941505][   T30] audit: type=1400 audit(1759510833.173:735): avc:  denied  { create } for  pid=6905 comm="syz.3.263" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  166.070861][   T30] audit: type=1400 audit(1759510833.203:736): avc:  denied  { setopt } for  pid=6905 comm="syz.3.263" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  166.213788][   T30] audit: type=1400 audit(1759510833.433:737): avc:  denied  { read write } for  pid=6910 comm="syz.0.264" name="nullb0" dev="devtmpfs" ino=695 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  166.240295][   T30] audit: type=1400 audit(1759510833.433:738): avc:  denied  { open } for  pid=6910 comm="syz.0.264" path="/dev/nullb0" dev="devtmpfs" ino=695 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  166.565546][   T30] audit: type=1400 audit(1759510833.433:739): avc:  denied  { execute } for  pid=6910 comm="syz.0.264" dev="tmpfs" ino=43 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  166.587100][   T30] audit: type=1400 audit(1759510833.443:740): avc:  denied  { execute_no_trans } for  pid=6910 comm="syz.0.264" path=2F6D656D66643A5B0BDB58AE5B1AA9FDFAADD16D64C8854858A9250C1A65E0202864656C6574656429 dev="tmpfs" ino=43 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  166.616317][    C1] vkms_vblank_simulate: vblank timer overrun
[  166.714627][   T30] audit: type=1400 audit(1759510833.953:741): avc:  denied  { name_bind } for  pid=6914 comm="syz.3.266" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  166.755540][ T5886] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.214/input/input9
[  166.852517][   T30] audit: type=1400 audit(1759510833.973:742): avc:  denied  { read } for  pid=6916 comm="syz.4.265" name="card1" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  166.875224][    C1] vkms_vblank_simulate: vblank timer overrun
[  168.013419][ T5886] usb 3-1: USB disconnect, device number 7
[  169.742735][ T6952] netlink: 12 bytes leftover after parsing attributes in process `syz.3.272'.
[  170.756605][ T6952] netlink: 8 bytes leftover after parsing attributes in process `syz.3.272'.
[  171.424613][   T30] kauditd_printk_skb: 56 callbacks suppressed
[  171.424625][   T30] audit: type=1400 audit(1759510838.663:799): avc:  denied  { bpf } for  pid=6976 comm="syz.0.278" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  171.467545][   T30] audit: type=1400 audit(1759510838.693:800): avc:  denied  { perfmon } for  pid=6976 comm="syz.0.278" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  171.550478][   T30] audit: type=1400 audit(1759510838.733:801): avc:  denied  { read write } for  pid=6976 comm="syz.0.278" name="raw-gadget" dev="devtmpfs" ino=819 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  171.604012][   T30] audit: type=1400 audit(1759510838.733:802): avc:  denied  { open } for  pid=6976 comm="syz.0.278" path="/dev/raw-gadget" dev="devtmpfs" ino=819 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  171.633399][   T30] audit: type=1400 audit(1759510838.733:803): avc:  denied  { ioctl } for  pid=6976 comm="syz.0.278" path="/dev/raw-gadget" dev="devtmpfs" ino=819 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  171.678479][   T30] audit: type=1400 audit(1759510838.913:804): avc:  denied  { read } for  pid=6978 comm="syz.2.279" name="nvram" dev="devtmpfs" ino=622 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  171.732202][ T5894] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  171.763725][   T30] audit: type=1400 audit(1759510838.913:805): avc:  denied  { open } for  pid=6978 comm="syz.2.279" path="/dev/nvram" dev="devtmpfs" ino=622 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  171.856263][   T30] audit: type=1400 audit(1759510839.093:806): avc:  denied  { block_suspend } for  pid=6980 comm="syz.3.280" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  171.877509][    C1] vkms_vblank_simulate: vblank timer overrun
[  171.894734][ T5894] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE8, changing to 0x88
[  171.906313][   T30] audit: type=1400 audit(1759510839.133:807): avc:  denied  { map_create } for  pid=6980 comm="syz.3.280" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  171.925261][    C1] vkms_vblank_simulate: vblank timer overrun
[  171.932648][   T30] audit: type=1400 audit(1759510839.133:808): avc:  denied  { map_read map_write } for  pid=6980 comm="syz.3.280" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  171.954880][ T5894] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7
[  171.968995][ T5894] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xA has an invalid bInterval 0, changing to 7
[  171.988495][ T5894] usb 1-1: New USB device found, idVendor=1781, idProduct=0938, bcdDevice=9b.49
[  172.011369][ T5894] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  172.029628][ T5894] usb 1-1: Product: syz
[  172.034172][ T5894] usb 1-1: Manufacturer: syz
[  172.038773][ T5894] usb 1-1: SerialNumber: syz
[  172.055403][ T5894] usb 1-1: config 0 descriptor??
[  174.807952][ T5886] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  174.811953][   T10] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  175.013382][ T5886] usb 2-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  175.024310][ T5886] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  175.072278][ T5886] usb 2-1: config 0 descriptor??
[  175.126365][   T10] usb 3-1: device descriptor read/64, error -71
[  175.372155][   T10] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  175.406836][ T7018] tmpfs: User quota inode hardlimit too large.
[  175.502144][   T10] usb 3-1: device descriptor read/64, error -71
[  175.612492][   T10] usb usb3-port1: attempt power cycle
[  175.952220][   T10] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  176.012719][   T10] usb 3-1: device descriptor read/8, error -71
[  176.262145][   T10] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  176.292959][   T10] usb 3-1: device descriptor read/8, error -71
[  176.492755][ T7010] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  176.500669][   T30] kauditd_printk_skb: 42 callbacks suppressed
[  176.500687][   T30] audit: type=1326 audit(1759510843.653:851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7019 comm="syz.4.292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75db98eec9 code=0x7ffc0000
[  176.501553][ T7010] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  176.522273][   T30] audit: type=1326 audit(1759510843.653:852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7019 comm="syz.4.292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75db98eec9 code=0x7ffc0000
[  176.552256][   T10] usb usb3-port1: unable to enumerate USB device
[  176.913626][   T30] audit: type=1400 audit(1759510843.733:853): avc:  denied  { create } for  pid=7025 comm="syz.3.294" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  176.932975][    C1] vkms_vblank_simulate: vblank timer overrun
[  177.134097][ T7034] netlink: 16 bytes leftover after parsing attributes in process `syz.4.296'.
[  177.212648][ T5886] usb 2-1: Cannot set autoneg
[  177.221785][ T5886] MOSCHIP usb-ethernet driver 2-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -32
[  177.272028][   T30] audit: type=1400 audit(1759510843.733:854): avc:  denied  { bind } for  pid=7025 comm="syz.3.294" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  177.342126][ T5886] usb 2-1: USB disconnect, device number 5
[  177.386503][ T7036] netlink: 48 bytes leftover after parsing attributes in process `syz.0.297'.
[  177.409906][   T30] audit: type=1400 audit(1759510843.733:855): avc:  denied  { accept } for  pid=7025 comm="syz.3.294" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  177.439107][ T7036] netlink: 48 bytes leftover after parsing attributes in process `syz.0.297'.
[  177.717585][   T30] audit: type=1400 audit(1759510843.733:856): avc:  denied  { read } for  pid=7025 comm="syz.3.294" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  177.738065][   T30] audit: type=1400 audit(1759510843.953:857): avc:  denied  { create } for  pid=7029 comm="syz.0.295" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  178.812203][   T30] audit: type=1400 audit(1759510844.373:858): avc:  denied  { ioctl } for  pid=7033 comm="syz.4.296" path="socket:[12720]" dev="sockfs" ino=12720 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  178.837692][    C1] vkms_vblank_simulate: vblank timer overrun
[  178.843949][   T30] audit: type=1400 audit(1759510844.453:859): avc:  denied  { create } for  pid=7009 comm="syz.1.290" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  178.865858][   T30] audit: type=1326 audit(1759510844.453:860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7009 comm="syz.1.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c2278eec9 code=0x7ffc0000
[  181.552686][   T30] kauditd_printk_skb: 71 callbacks suppressed
[  181.552706][   T30] audit: type=1326 audit(1759510848.613:932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7069 comm="syz.0.306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f76b2f8eec9 code=0x7ffc0000
[  181.761461][   T30] audit: type=1326 audit(1759510848.613:933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7069 comm="syz.0.306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76b2f8eec9 code=0x7ffc0000
[  181.784745][   T30] audit: type=1326 audit(1759510848.613:934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7069 comm="syz.0.306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f76b2f8eec9 code=0x7ffc0000
[  181.813540][   T30] audit: type=1326 audit(1759510848.733:935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7069 comm="syz.0.306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76b2f8eec9 code=0x7ffc0000
[  182.488380][   T30] audit: type=1326 audit(1759510848.733:936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7069 comm="syz.0.306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76b2f8eec9 code=0x7ffc0000
[  182.528366][   T30] audit: type=1326 audit(1759510848.743:937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7069 comm="syz.0.306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f76b2f8eec9 code=0x7ffc0000
[  182.586173][ T5894] iguanair 1-1:0.0: failed to get version
[  182.606469][ T5894] iguanair 1-1:0.0: probe with driver iguanair failed with error -110
[  182.704667][   T10] usb 5-1: new full-speed USB device number 10 using dummy_hcd
[  183.710673][ T5894] usb 1-1: USB disconnect, device number 12
[  183.721694][   T30] audit: type=1326 audit(1759510848.743:938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7069 comm="syz.0.306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76b2f8eec9 code=0x7ffc0000
[  183.835013][   T30] audit: type=1326 audit(1759510848.743:939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7069 comm="syz.0.306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76b2f8eec9 code=0x7ffc0000
[  183.861370][   T30] audit: type=1326 audit(1759510848.743:940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7069 comm="syz.0.306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f76b2f8eec9 code=0x7ffc0000
[  183.950626][   T30] audit: type=1326 audit(1759510849.413:941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7069 comm="syz.0.306" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76b2f8eec9 code=0x7ffc0000
[  184.003685][   T10] usb 5-1: config 5 has an invalid interface number: 3 but max is 0
[  184.291998][   T10] usb 5-1: config 5 has no interface number 0
[  184.301381][   T10] usb 5-1: New USB device found, idVendor=09fb, idProduct=602a, bcdDevice=fd.36
[  184.330774][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  184.357569][   T10] usb 5-1: Product: syz
[  184.361807][   T10] usb 5-1: Manufacturer: syz
[  184.374009][   T10] usb 5-1: SerialNumber: syz
[  184.386180][   T10] ftdi_sio 5-1:5.3: FTDI USB Serial Device converter detected
[  184.404394][   T10] ftdi_sio ttyUSB0: unknown device type: 0xfd36
[  184.542178][ T5955] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  184.614456][ T7076] netlink: 4 bytes leftover after parsing attributes in process `syz.4.307'.
[  184.629660][ T5894] usb 5-1: USB disconnect, device number 10
[  184.646847][ T5894] ftdi_sio 5-1:5.3: device disconnected
[  184.702059][ T5955] usb 3-1: Using ep0 maxpacket: 32
[  184.710897][ T5955] usb 3-1: unable to get BOS descriptor or descriptor too short
[  184.721835][ T5955] usb 3-1: config 5 has an invalid interface number: 61 but max is 0
[  184.730163][ T5955] usb 3-1: config 5 has no interface number 0
[  184.736509][   T10] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  184.740468][ T5955] usb 3-1: config 5 interface 61 has no altsetting 0
[  184.754821][ T5955] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice= 0.0a
[  184.764000][ T5955] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  184.772330][ T5955] usb 3-1: Product: syz
[  184.776639][ T5955] usb 3-1: Manufacturer: syz
[  184.781268][ T5955] usb 3-1: SerialNumber: syz
[  184.901982][   T10] usb 2-1: Using ep0 maxpacket: 16
[  184.910809][   T10] usb 2-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  184.921148][   T10] usb 2-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  184.931450][   T10] usb 2-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  184.944970][   T10] usb 2-1: config 1 interface 0 has no altsetting 0
[  184.958443][   T10] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  184.967820][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  184.975974][   T10] usb 2-1: Product: syz
[  184.980446][   T10] usb 2-1: Manufacturer: syz
[  184.985128][   T10] usb 2-1: SerialNumber: syz
[  185.033822][ T5955] ath6kl: Failed to submit usb control message: -71
[  185.040686][ T5955] ath6kl: unable to send the bmi data to the device: -71
[  185.048626][ T5955] ath6kl: Unable to send get target info: -71
[  185.062485][ T5955] ath6kl: Failed to init ath6kl core: -71
[  185.078759][ T5955] ath6kl_usb 3-1:5.61: probe with driver ath6kl_usb failed with error -71
[  185.112581][ T5955] usb 3-1: USB disconnect, device number 12
[  185.217273][   T10] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 6 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  185.682129][ T7118] FAULT_INJECTION: forcing a failure.
[  185.682129][ T7118] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  185.695801][ T7118] CPU: 0 UID: 0 PID: 7118 Comm: syz.4.320 Not tainted syzkaller #0 PREEMPT(full) 
[  185.695817][ T7118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  185.695823][ T7118] Call Trace:
[  185.695827][ T7118]  <TASK>
[  185.695832][ T7118]  dump_stack_lvl+0x16c/0x1f0
[  185.695852][ T7118]  should_fail_ex+0x512/0x640
[  185.695874][ T7118]  should_fail_alloc_page+0xe7/0x130
[  185.695890][ T7118]  prepare_alloc_pages+0x3c2/0x610
[  185.695907][ T7118]  __alloc_frozen_pages_noprof+0x18b/0x2470
[  185.695925][ T7118]  ? kasan_save_stack+0x42/0x60
[  185.695937][ T7118]  ? kasan_save_stack+0x33/0x60
[  185.695947][ T7118]  ? kasan_record_aux_stack+0xa7/0xc0
[  185.695963][ T7118]  ? task_work_add+0x258/0x360
[  185.695976][ T7118]  ? __io_req_task_work_add+0x57e/0x990
[  185.695987][ T7118]  ? io_poll_wake+0x27d/0x9a0
[  185.695999][ T7118]  ? __wake_up_common+0x135/0x1f0
[  185.696011][ T7118]  ? __wake_up+0x31/0x60
[  185.696026][ T7118]  ? snd_pcm_update_state+0x436/0x500
[  185.696037][ T7118]  ? __snd_pcm_lib_xfer+0x14b3/0x1ec0
[  185.696047][ T7118]  ? snd_pcm_oss_read3+0x18d/0x2d0
[  185.696057][ T7118]  ? io_capture_transfer+0x26e/0x2f0
[  185.696069][ T7118]  ? snd_pcm_plug_read_transfer+0x1b6/0x300
[  185.696081][ T7118]  ? snd_pcm_oss_read2+0x1e4/0x410
[  185.696091][ T7118]  ? snd_pcm_oss_read+0x5d2/0x760
[  185.696100][ T7118]  ? vfs_read+0x1e4/0xcf0
[  185.696114][ T7118]  ? ksys_read+0x12a/0x250
[  185.696124][ T7118]  ? do_syscall_64+0xcd/0x4e0
[  185.696139][ T7118]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.696151][ T7118]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  185.696176][ T7118]  ? try_to_wake_up+0x160/0x1870
[  185.696191][ T7118]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  185.696208][ T7118]  ? policy_nodemask+0xea/0x4e0
[  185.696223][ T7118]  alloc_pages_mpol+0x1fb/0x550
[  185.696237][ T7118]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  185.696252][ T7118]  ? __lock_acquire+0x62e/0x1ce0
[  185.696265][ T7118]  folio_alloc_mpol_noprof+0x36/0x2f0
[  185.696282][ T7118]  vma_alloc_folio_noprof+0xed/0x1e0
[  185.696300][ T7118]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  185.696320][ T7118]  do_pte_missing+0x2202/0x3ba0
[  185.696337][ T7118]  ? find_held_lock+0x2b/0x80
[  185.696356][ T7118]  __handle_mm_fault+0x1556/0x2aa0
[  185.696374][ T7118]  ? mt_find+0x3e2/0xa20
[  185.696391][ T7118]  ? __pfx___handle_mm_fault+0x10/0x10
[  185.696406][ T7118]  ? __pfx_mt_find+0x10/0x10
[  185.696430][ T7118]  ? find_vma+0xbf/0x140
[  185.696441][ T7118]  ? __pfx_find_vma+0x10/0x10
[  185.696454][ T7118]  handle_mm_fault+0x589/0xd10
[  185.696471][ T7118]  ? __pkru_allows_pkey+0x31/0xb0
[  185.696485][ T7118]  do_user_addr_fault+0x7a6/0x1370
[  185.696499][ T7118]  ? rcu_is_watching+0x12/0xc0
[  185.696516][ T7118]  exc_page_fault+0x5c/0xb0
[  185.696532][ T7118]  asm_exc_page_fault+0x26/0x30
[  185.696542][ T7118] RIP: 0010:rep_movs_alternative+0x33/0x90
[  185.696555][ T7118] Code: 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 0d 24 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb
[  185.696566][ T7118] RSP: 0018:ffffc9001bf8fbc0 EFLAGS: 00050216
[  185.696575][ T7118] RAX: 8080808080808080 RBX: 0000000000000020 RCX: 0000000000000020
[  185.696581][ T7118] RDX: ffffed100ebafa44 RSI: ffff888075d7d200 RDI: 00002000000022c0
[  185.696588][ T7118] RBP: 00002000000022c0 R08: 0000000000000000 R09: ffffed100ebafa43
[  185.696594][ T7118] R10: ffff888075d7d21f R11: 0000000000000000 R12: ffff888075d7d200
[  185.696600][ T7118] R13: 00002000000022e0 R14: 00007ffffffff000 R15: 0000000000000000
[  185.696614][ T7118]  _copy_to_user+0xbb/0xd0
[  185.696632][ T7118]  snd_pcm_oss_read2+0x294/0x410
[  185.696643][ T7118]  ? __pfx_snd_pcm_oss_read2+0x10/0x10
[  185.696658][ T7118]  snd_pcm_oss_read+0x5d2/0x760
[  185.696672][ T7118]  ? __pfx_snd_pcm_oss_read+0x10/0x10
[  185.696684][ T7118]  vfs_read+0x1e4/0xcf0
[  185.696697][ T7118]  ? __pfx_vfs_read+0x10/0x10
[  185.696706][ T7118]  ? find_held_lock+0x2b/0x80
[  185.696722][ T7118]  ? __fget_files+0x204/0x3c0
[  185.696736][ T7118]  ? __fget_files+0x20e/0x3c0
[  185.696751][ T7118]  ksys_read+0x12a/0x250
[  185.696765][ T7118]  ? __pfx_ksys_read+0x10/0x10
[  185.696789][ T7118]  do_syscall_64+0xcd/0x4e0
[  185.696815][ T7118]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.696827][ T7118] RIP: 0033:0x7f75db98eec9
[  185.696836][ T7118] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  185.696846][ T7118] RSP: 002b:00007f75dc82e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  185.696856][ T7118] RAX: ffffffffffffffda RBX: 00007f75dbbe5fa0 RCX: 00007f75db98eec9
[  185.696864][ T7118] RDX: 0000000000002020 RSI: 00002000000022c0 RDI: 0000000000000003
[  185.696870][ T7118] RBP: 00007f75dc82e090 R08: 0000000000000000 R09: 0000000000000000
[  185.696876][ T7118] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  185.696882][ T7118] R13: 00007f75dbbe6038 R14: 00007f75dbbe5fa0 R15: 00007ffc3cca05e8
[  185.696896][ T7118]  </TASK>
[  186.231825][ T7122] FAULT_INJECTION: forcing a failure.
[  186.231825][ T7122] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  186.245713][ T7122] CPU: 0 UID: 0 PID: 7122 Comm: syz.0.322 Not tainted syzkaller #0 PREEMPT(full) 
[  186.245739][ T7122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  186.245750][ T7122] Call Trace:
[  186.245755][ T7122]  <TASK>
[  186.245762][ T7122]  dump_stack_lvl+0x16c/0x1f0
[  186.245795][ T7122]  should_fail_ex+0x512/0x640
[  186.245824][ T7122]  _copy_from_user+0x2e/0xd0
[  186.245852][ T7122]  core_sys_select+0x35b/0xc20
[  186.245877][ T7122]  ? __pfx_core_sys_select+0x10/0x10
[  186.245919][ T7122]  ? set_user_sigmask+0x21b/0x2b0
[  186.245943][ T7122]  ? __pfx_set_user_sigmask+0x10/0x10
[  186.245971][ T7122]  do_pselect.constprop.0+0x19f/0x1e0
[  186.245991][ T7122]  ? __pfx_do_pselect.constprop.0+0x10/0x10
[  186.246020][ T7122]  __x64_sys_pselect6+0x182/0x240
[  186.246040][ T7122]  ? __pfx___x64_sys_pselect6+0x10/0x10
[  186.246065][ T7122]  do_syscall_64+0xcd/0x4e0
[  186.246093][ T7122]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.246117][ T7122] RIP: 0033:0x7f76b2f8eec9
[  186.246132][ T7122] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  186.246149][ T7122] RSP: 002b:00007f76b3e09038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  186.246167][ T7122] RAX: ffffffffffffffda RBX: 00007f76b31e5fa0 RCX: 00007f76b2f8eec9
[  186.246178][ T7122] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000040
[  186.246189][ T7122] RBP: 00007f76b3e09090 R08: 0000000000000000 R09: 0000000000000000
[  186.246199][ T7122] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[  186.246209][ T7122] R13: 00007f76b31e6038 R14: 00007f76b31e5fa0 R15: 00007fffb7ffae58
[  186.246233][ T7122]  </TASK>
[  186.611987][   T10] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  186.701995][ T5886] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  186.783145][   T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  186.787537][ T7129] FAULT_INJECTION: forcing a failure.
[  186.787537][ T7129] name failslab, interval 1, probability 0, space 0, times 0
[  186.792953][   T10] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[  186.806065][ T7129] CPU: 1 UID: 0 PID: 7129 Comm: syz.0.325 Not tainted syzkaller #0 PREEMPT(full) 
[  186.806086][ T7129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  186.806096][ T7129] Call Trace:
[  186.806101][ T7129]  <TASK>
[  186.806107][ T7129]  dump_stack_lvl+0x16c/0x1f0
[  186.806139][ T7129]  should_fail_ex+0x512/0x640
[  186.806162][ T7129]  ? fs_reclaim_acquire+0xae/0x150
[  186.806184][ T7129]  should_failslab+0xc2/0x120
[  186.806204][ T7129]  __kmalloc_noprof+0xdd/0x880
[  186.806228][ T7129]  ? tomoyo_encode2+0x100/0x3e0
[  186.806255][ T7129]  ? tomoyo_encode2+0x100/0x3e0
[  186.806277][ T7129]  tomoyo_encode2+0x100/0x3e0
[  186.806302][ T7129]  tomoyo_encode+0x29/0x50
[  186.806324][ T7129]  tomoyo_realpath_from_path+0x18f/0x6e0
[  186.806353][ T7129]  tomoyo_path_number_perm+0x245/0x580
[  186.806372][ T7129]  ? tomoyo_path_number_perm+0x237/0x580
[  186.806395][ T7129]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  186.806416][ T7129]  ? find_held_lock+0x2b/0x80
[  186.806459][ T7129]  ? find_held_lock+0x2b/0x80
[  186.806480][ T7129]  ? hook_file_ioctl_common+0x145/0x410
[  186.806502][ T7129]  ? __fget_files+0x20e/0x3c0
[  186.806523][ T7129]  security_file_ioctl+0x9b/0x240
[  186.806548][ T7129]  __x64_sys_ioctl+0xb7/0x210
[  186.806574][ T7129]  do_syscall_64+0xcd/0x4e0
[  186.806597][ T7129]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.806612][ T7129] RIP: 0033:0x7f76b2f8eec9
[  186.806629][ T7129] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  186.806643][ T7129] RSP: 002b:00007f76b3e09038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  186.806658][ T7129] RAX: ffffffffffffffda RBX: 00007f76b31e5fa0 RCX: 00007f76b2f8eec9
[  186.806668][ T7129] RDX: 0000200000000180 RSI: 00000000c058534b RDI: 0000000000000003
[  186.806678][ T7129] RBP: 00007f76b3e09090 R08: 0000000000000000 R09: 0000000000000000
[  186.806687][ T7129] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  186.806696][ T7129] R13: 00007f76b31e6038 R14: 00007f76b31e5fa0 R15: 00007fffb7ffae58
[  186.806717][ T7129]  </TASK>
[  186.806770][ T7129] ERROR: Out of memory at tomoyo_realpath_from_path.
[  186.815218][   T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  186.971974][ T5886] usb 5-1: Using ep0 maxpacket: 8
[  186.979860][   T10] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[  187.056677][   T10] usb 4-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[  187.057275][ T5886] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  187.065903][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.087309][ T5886] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  187.098405][   T10] usb 4-1: config 0 descriptor??
[  187.110875][ T5886] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.132769][ T5886] usb 5-1: config 0 descriptor??
[  187.213482][   T30] kauditd_printk_skb: 16 callbacks suppressed
[  187.213498][   T30] audit: type=1400 audit(1759510854.453:958): avc:  denied  { create } for  pid=7133 comm="syz.0.327" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  187.247022][   T30] audit: type=1400 audit(1759510854.453:959): avc:  denied  { ioctl } for  pid=7133 comm="syz.0.327" path="socket:[13316]" dev="sockfs" ino=13316 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  187.326905][   T10] hdpvr 4-1:0.0: firmware version 0x1e dated 
[  187.424833][   T30] audit: type=1400 audit(1759510854.663:960): avc:  denied  { read write } for  pid=7124 comm="syz.4.323" name="video1" dev="devtmpfs" ino=932 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  187.568190][ T5822] usb 2-1: USB disconnect, device number 6
[  187.606570][   T30] audit: type=1400 audit(1759510854.663:961): avc:  denied  { open } for  pid=7124 comm="syz.4.323" path="/dev/video1" dev="devtmpfs" ino=932 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  187.638337][ T5822] usblp0: removed
[  187.666647][   T30] audit: type=1400 audit(1759510854.683:962): avc:  denied  { ioctl } for  pid=7124 comm="syz.4.323" path="/dev/video1" dev="devtmpfs" ino=932 ioctlcmd=0x5619 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  187.694121][   T30] audit: type=1400 audit(1759510854.783:963): avc:  denied  { watch watch_reads } for  pid=7124 comm="syz.4.323" path="/63" dev="tmpfs" ino=337 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  187.739125][ T5886] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  187.893058][ T5886] usb 5-1: USB disconnect, device number 11
[  187.917722][   T10] hdpvr 4-1:0.0: Could not setup controls
[  187.952430][   T10] hdpvr 4-1:0.0: registering videodev failed
[  188.150376][   T30] audit: type=1400 audit(1759510855.303:964): avc:  denied  { execute } for  pid=7140 comm="syz.1.329" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=13339 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  188.450687][   T10] hdpvr 4-1:0.0: probe with driver hdpvr failed with error -71
[  188.468211][   T10] usb 4-1: USB disconnect, device number 6
[  188.480657][   T30] audit: type=1400 audit(1759510855.303:965): avc:  denied  { connect } for  pid=7140 comm="syz.1.329" lport=6 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  188.550702][   T30] audit: type=1326 audit(1759510855.783:966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7149 comm="syz.3.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc64dd8eec9 code=0x7ffc0000
[  188.773591][   T30] audit: type=1326 audit(1759510855.783:967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7149 comm="syz.3.332" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc64dd8eec9 code=0x7ffc0000
[  189.548354][ T5828] Bluetooth: hci0: unexpected event 0x03 length: 1 < 11
[  191.235292][ T5870] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  191.403174][ T5870] usb 5-1: config 0 has no interfaces?
[  191.800357][ T5870] usb 5-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  191.814373][ T5870] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  191.828905][ T5870] usb 5-1: config 0 descriptor??
[  192.298134][   T30] kauditd_printk_skb: 30 callbacks suppressed
[  192.298150][   T30] audit: type=1326 audit(1759510859.533:998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7196 comm="syz.3.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc64dd8eec9 code=0x7ffc0000
[  192.646371][   T30] audit: type=1326 audit(1759510859.533:999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7196 comm="syz.3.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc64dd8eec9 code=0x7ffc0000
[  192.731807][   T30] audit: type=1326 audit(1759510859.533:1000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7196 comm="syz.3.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fc64dd8eec9 code=0x7ffc0000
[  192.975942][   T30] audit: type=1326 audit(1759510859.533:1001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7196 comm="syz.3.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc64dd8eec9 code=0x7ffc0000
[  193.243314][ T5936] usb 5-1: USB disconnect, device number 12
[  193.293590][   T30] audit: type=1326 audit(1759510859.533:1002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7196 comm="syz.3.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc64dd8eec9 code=0x7ffc0000
[  193.355456][   T30] audit: type=1326 audit(1759510859.533:1003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7196 comm="syz.3.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fc64dd8eec9 code=0x7ffc0000
[  193.381165][   T30] audit: type=1326 audit(1759510859.533:1004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7196 comm="syz.3.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc64dd8eec9 code=0x7ffc0000
[  193.411376][   T30] audit: type=1326 audit(1759510859.533:1005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7196 comm="syz.3.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc64dd8eec9 code=0x7ffc0000
[  193.435653][   T30] audit: type=1326 audit(1759510859.563:1006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7196 comm="syz.3.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fc64dd8eec9 code=0x7ffc0000
[  193.470331][   T30] audit: type=1326 audit(1759510859.713:1007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7196 comm="syz.3.346" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc64dd8eec9 code=0x7ffc0000
[  193.703405][ T7215] netlink: 'syz.0.349': attribute type 10 has an invalid length.
[  193.725050][ T7215] batman_adv: batadv0: Adding interface: team0
[  193.731271][ T7215] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  193.825076][ T7215] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  193.827439][ T7216] netlink: 8 bytes leftover after parsing attributes in process `syz.0.349'.
[  194.059671][ T7224] lo speed is unknown, defaulting to 1000
[  194.079649][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  196.192211][ T5835] Bluetooth: hci1: command 0x0406 tx timeout
[  196.198428][ T5834] Bluetooth: hci0: command 0x0406 tx timeout
[  196.198962][ T5833] Bluetooth: hci2: command 0x0406 tx timeout
[  196.204549][ T5834] Bluetooth: hci3: command 0x0406 tx timeout
[  197.482292][   T30] kauditd_printk_skb: 25 callbacks suppressed
[  197.482312][   T30] audit: type=1400 audit(1759510864.713:1033): avc:  denied  { override_creds } for  pid=7253 comm="syz.3.360" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  197.814994][   T30] audit: type=1400 audit(1759510865.013:1034): avc:  denied  { create } for  pid=7254 comm="syz.0.361" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  198.686485][   T30] audit: type=1400 audit(1759510865.923:1035): avc:  denied  { read write } for  pid=7274 comm="syz.3.367" name="fuse" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  198.709756][    C1] vkms_vblank_simulate: vblank timer overrun
[  198.716922][   T30] audit: type=1400 audit(1759510865.923:1036): avc:  denied  { open } for  pid=7274 comm="syz.3.367" path="/dev/fuse" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  198.740873][   T30] audit: type=1400 audit(1759510865.923:1037): avc:  denied  { mounton } for  pid=7274 comm="syz.3.367" path="/80/file0" dev="tmpfs" ino=424 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  198.763327][    C1] vkms_vblank_simulate: vblank timer overrun
[  198.772131][ T5936] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  198.803192][   T30] audit: type=1400 audit(1759510865.923:1038): avc:  denied  { mount } for  pid=7274 comm="syz.3.367" name="/" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  198.882986][   T30] audit: type=1400 audit(1759510866.123:1039): avc:  denied  { write } for  pid=7254 comm="syz.0.361" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  198.924111][   T30] audit: type=1400 audit(1759510866.153:1040): avc:  denied  { read } for  pid=7279 comm="syz.1.369" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  198.946689][    C1] vkms_vblank_simulate: vblank timer overrun
[  198.973862][ T5936] usb 3-1: Using ep0 maxpacket: 16
[  199.309367][   T30] audit: type=1400 audit(1759510866.153:1041): avc:  denied  { open } for  pid=7279 comm="syz.1.369" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  199.332928][    C1] vkms_vblank_simulate: vblank timer overrun
[  199.346036][   T30] audit: type=1400 audit(1759510866.193:1042): avc:  denied  { ioctl } for  pid=7276 comm="syz.4.368" path="/dev/raw-gadget" dev="devtmpfs" ino=819 ioctlcmd=0x5502 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  199.354469][ T5936] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  199.382232][ T5955] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  199.397897][ T5936] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  199.411434][ T5936] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  199.422362][ T5936] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  199.435838][ T5936] usb 3-1: config 0 descriptor??
[  199.642126][ T5955] usb 5-1: Using ep0 maxpacket: 16
[  200.029054][ T5955] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  200.039933][ T5955] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  200.050783][ T5955] usb 5-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  200.101353][ T5955] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  200.121420][ T5955] usb 5-1: config 0 descriptor??
[  200.224939][ T7292] netlink: 20 bytes leftover after parsing attributes in process `syz.1.371'.
[  201.490649][ T5936] usbhid 3-1:0.0: can't add hid device: -71
[  201.548020][ T5936] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  201.586899][ T5936] usb 3-1: USB disconnect, device number 13
[  201.587208][ T7300] random: crng reseeded on system resumption
[  201.664352][   T10] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  201.685558][ T7303] overlayfs: failed lookup in lower (newroot/71, name='file1', err=-40): overlapping layers
[  201.697542][ T7302] overlayfs: failed lookup in lower (newroot/71, name='file1', err=-40): overlapping layers
[  201.932217][   T10] usb 4-1: Using ep0 maxpacket: 16
[  201.944057][   T10] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  201.954856][   T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  201.966272][   T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  201.976266][   T10] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  201.986102][   T10] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  202.156827][ T5936] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  202.394961][   T10] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  202.405134][   T10] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  202.413454][   T10] usb 4-1: Manufacturer: syz
[  202.432651][   T10] usb 4-1: config 0 descriptor??
[  202.441984][ T5936] usb 3-1: Using ep0 maxpacket: 32
[  202.451125][ T5936] usb 3-1: config 0 has an invalid interface number: 184 but max is 0
[  202.459690][ T5936] usb 3-1: config 0 has no interface number 0
[  202.467071][ T5936] usb 3-1: config 0 interface 184 has no altsetting 0
[  202.485283][ T5936] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  202.495109][ T5936] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  202.506357][ T5936] usb 3-1: Product: syz
[  202.511266][ T5936] usb 3-1: Manufacturer: syz
[  202.516451][ T5936] usb 3-1: SerialNumber: syz
[  202.528864][ T5936] usb 3-1: config 0 descriptor??
[  202.538686][ T5936] smsc75xx v1.0.0
[  202.582328][   T30] kauditd_printk_skb: 58 callbacks suppressed
[  202.588701][   T30] audit: type=1400 audit(1759510869.823:1101): avc:  denied  { setopt } for  pid=7307 comm="syz.1.376" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  202.618109][ T5955] usb 5-1: USB disconnect, device number 13
[  202.734728][   T30] audit: type=1400 audit(1759510869.843:1102): avc:  denied  { append } for  pid=7307 comm="syz.1.376" name="sg0" dev="devtmpfs" ino=770 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  202.840089][   T30] audit: type=1400 audit(1759510869.853:1103): avc:  denied  { open } for  pid=7307 comm="syz.1.376" path="/dev/sg0" dev="devtmpfs" ino=770 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  202.870249][   T10] rc_core: IR keymap rc-hauppauge not found
[  202.880445][   T10] Registered IR keymap rc-empty
[  202.943074][   T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  203.102452][   T30] audit: type=1400 audit(1759510870.003:1104): avc:  denied  { ioctl } for  pid=7307 comm="syz.1.376" path="/dev/sg0" dev="devtmpfs" ino=770 ioctlcmd=0x1276 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  203.134062][   T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  203.259952][ T5936] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -32
[  203.277466][ T5936] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -32
[  203.282859][   T10] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[  203.314920][ T5936] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_bind
[  203.335786][   T10] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input11
[  203.358674][ T5936] smsc75xx 3-1:0.184: probe with driver smsc75xx failed with error -32
[  203.385547][   T30] audit: type=1400 audit(1759510870.623:1105): avc:  denied  { write } for  pid=7323 comm="syz.4.381" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  203.390006][   T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  203.444923][ T7327] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  203.532179][   T30] audit: type=1400 audit(1759510870.623:1106): avc:  denied  { read } for  pid=5178 comm="acpid" name="event4" dev="devtmpfs" ino=2891 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  203.550932][ T7327] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  203.660251][   T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  204.209567][   T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  204.224385][ T7328] geneve2: entered promiscuous mode
[  204.229626][ T7328] geneve2: entered allmulticast mode
[  204.237040][   T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  204.252250][   T30] audit: type=1400 audit(1759510870.623:1107): avc:  denied  { open } for  pid=5178 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=2891 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  204.275835][   T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  204.283020][   T30] audit: type=1400 audit(1759510870.623:1108): avc:  denied  { ioctl } for  pid=5178 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=2891 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  204.311691][   T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  204.352011][   T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  204.361722][   T30] audit: type=1400 audit(1759510870.653:1109): avc:  denied  { ioctl } for  pid=7295 comm="syz.3.372" path="/dev/ppp" dev="devtmpfs" ino=708 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  204.472243][   T30] audit: type=1400 audit(1759510870.673:1110): avc:  denied  { ioctl } for  pid=7324 comm="syz.0.380" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=13717 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  204.498345][   T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  204.526432][   T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  204.552076][   T10] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  204.595378][   T10] mceusb 4-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  204.630368][   T10] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  204.676113][   T50] Bluetooth: hci4: link tx timeout
[  204.681305][   T50] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  204.689873][   T50] Bluetooth: hci4: link tx timeout
[  204.695202][   T50] Bluetooth: hci4: killing stalled connection 10:aa:aa:aa:aa:aa
[  204.723116][   T10] usb 4-1: USB disconnect, device number 7
[  206.278065][ T5955] usb 3-1: USB disconnect, device number 14
[  206.322256][ T5936] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  206.392308][ T7357] loop6: detected capacity change from 0 to 524287487
[  206.901628][   T50] Bluetooth: hci4: command 0x0406 tx timeout
[  207.001234][ T7357] Buffer I/O error on dev loop6, logical block 0, async page read
[  207.018547][ T5936] usb 2-1: Using ep0 maxpacket: 16
[  207.027634][ T5936] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  207.040786][ T5936] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  207.046679][ T7357] Buffer I/O error on dev loop6, logical block 0, async page read
[  207.058417][ T7357] Buffer I/O error on dev loop6, logical block 0, async page read
[  207.064685][ T5936] usb 2-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  207.101497][ T5936] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  207.133293][ T5936] usb 2-1: config 0 descriptor??
[  207.162264][ T7357] Buffer I/O error on dev loop6, logical block 0, async page read
[  207.171649][ T7357] Buffer I/O error on dev loop6, logical block 0, async page read
[  207.179891][ T7357] Buffer I/O error on dev loop6, logical block 0, async page read
[  207.250791][ T7357] Buffer I/O error on dev loop6, logical block 0, async page read
[  207.259675][ T7357] Buffer I/O error on dev loop6, logical block 0, async page read
[  207.268690][ T7357] ldm_validate_partition_table(): Disk read failed.
[  207.311094][ T7357] Buffer I/O error on dev loop6, logical block 0, async page read
[  207.361700][ T7357] Buffer I/O error on dev loop6, logical block 0, async page read
[  207.373054][ T7357] Dev loop6: unable to read RDB block 0
[  207.382636][ T7357]  loop6: unable to read partition table
[  207.392307][ T7357] loop_reread_partitions: partition scan of loop6 (3Ÿ¾x³˜CÖ

) failed (rc=-5)
[  207.842319][ T7394] random: crng reseeded on system resumption
[  207.951286][   T30] kauditd_printk_skb: 35 callbacks suppressed
[  207.951303][   T30] audit: type=1400 audit(1759510875.183:1146): avc:  denied  { create } for  pid=7395 comm="syz.3.401" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  207.977504][   T30] audit: type=1400 audit(1759510875.183:1147): avc:  denied  { ioctl } for  pid=7395 comm="syz.3.401" path="socket:[13929]" dev="sockfs" ino=13929 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  208.008698][   T30] audit: type=1400 audit(1759510875.213:1148): avc:  denied  { sys_module } for  pid=7395 comm="syz.3.401" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  208.170582][ T7406] dlm: plock device version mismatch: kernel (1.2.0), user (0.0.0)
[  208.364307][ T7410] =======================================================
[  208.364307][ T7410] WARNING: The mand mount option has been deprecated and
[  208.364307][ T7410]          and is ignored by this kernel. Remove the mand
[  208.364307][ T7410]          option from the mount to silence this warning.
[  208.364307][ T7410] =======================================================
[  208.451316][ T7415] FAULT_INJECTION: forcing a failure.
[  208.451316][ T7415] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  208.451977][   T30] audit: type=1400 audit(1759510875.643:1149): avc:  denied  { mount } for  pid=7409 comm="syz.2.405" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  208.477585][ T7415] CPU: 1 UID: 0 PID: 7415 Comm: syz.3.406 Not tainted syzkaller #0 PREEMPT(full) 
[  208.477609][ T7415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  208.477618][ T7415] Call Trace:
[  208.477626][ T7415]  <TASK>
[  208.477632][ T7415]  dump_stack_lvl+0x16c/0x1f0
[  208.477659][ T7415]  should_fail_ex+0x512/0x640
[  208.477686][ T7415]  _copy_to_user+0x32/0xd0
[  208.477712][ T7415]  simple_read_from_buffer+0xcb/0x170
[  208.477730][ T7415]  proc_fail_nth_read+0x197/0x240
[  208.477751][ T7415]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  208.477772][ T7415]  ? rw_verify_area+0xcf/0x6c0
[  208.477795][ T7415]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  208.477829][ T7415]  vfs_read+0x1e4/0xcf0
[  208.477849][ T7415]  ? __pfx___mutex_lock+0x10/0x10
[  208.477871][ T7415]  ? __pfx_vfs_read+0x10/0x10
[  208.477893][ T7415]  ? __fget_files+0x20e/0x3c0
[  208.477916][ T7415]  ksys_read+0x12a/0x250
[  208.477931][ T7415]  ? __pfx_ksys_read+0x10/0x10
[  208.477954][ T7415]  do_syscall_64+0xcd/0x4e0
[  208.477978][ T7415]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.477994][ T7415] RIP: 0033:0x7fc64dd8d8dc
[  208.478006][ T7415] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  208.478021][ T7415] RSP: 002b:00007fc64eca9030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  208.478043][ T7415] RAX: ffffffffffffffda RBX: 00007fc64dfe5fa0 RCX: 00007fc64dd8d8dc
[  208.478054][ T7415] RDX: 000000000000000f RSI: 00007fc64eca90a0 RDI: 0000000000000004
[  208.478063][ T7415] RBP: 00007fc64eca9090 R08: 0000000000000000 R09: 0000000000000000
[  208.478072][ T7415] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  208.478082][ T7415] R13: 00007fc64dfe6038 R14: 00007fc64dfe5fa0 R15: 00007ffc3e9f53f8
[  208.478103][ T7415]  </TASK>
[  208.709746][ T7418] FAULT_INJECTION: forcing a failure.
[  208.709746][ T7418] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  208.737853][   T30] audit: type=1400 audit(1759510875.643:1150): avc:  denied  { mounton } for  pid=7409 comm="syz.2.405" path="/75/file0" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=dir permissive=1
[  208.744847][ T7418] CPU: 1 UID: 0 PID: 7418 Comm: syz.3.407 Not tainted syzkaller #0 PREEMPT(full) 
[  208.744871][ T7418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  208.744880][ T7418] Call Trace:
[  208.744885][ T7418]  <TASK>
[  208.744891][ T7418]  dump_stack_lvl+0x16c/0x1f0
[  208.744919][ T7418]  should_fail_ex+0x512/0x640
[  208.744946][ T7418]  _copy_from_user+0x2e/0xd0
[  208.744972][ T7418]  do_devconfig_ioctl+0x11c/0x710
[  208.744995][ T7418]  ? __mutex_lock+0x1c5/0x1060
[  208.745019][ T7418]  ? __pfx_do_devconfig_ioctl+0x10/0x10
[  208.745059][ T7418]  ? find_held_lock+0x2b/0x80
[  208.745085][ T7418]  comedi_unlocked_ioctl+0x165d/0x2f00
[  208.745108][ T7418]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  208.745137][ T7418]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  208.745161][ T7418]  ? do_vfs_ioctl+0x128/0x14f0
[  208.745185][ T7418]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  208.745208][ T7418]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  208.745239][ T7418]  ? hook_file_ioctl_common+0x145/0x410
[  208.745263][ T7418]  ? selinux_file_ioctl+0x180/0x270
[  208.745284][ T7418]  ? selinux_file_ioctl+0xb4/0x270
[  208.745306][ T7418]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  208.745324][ T7418]  __x64_sys_ioctl+0x18b/0x210
[  208.745349][ T7418]  do_syscall_64+0xcd/0x4e0
[  208.745373][ T7418]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.745388][ T7418] RIP: 0033:0x7fc64dd8eec9
[  208.745401][ T7418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  208.745415][ T7418] RSP: 002b:00007fc64eca9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  208.745431][ T7418] RAX: ffffffffffffffda RBX: 00007fc64dfe5fa0 RCX: 00007fc64dd8eec9
[  208.745440][ T7418] RDX: 00002000000009c0 RSI: 0000000040946400 RDI: 0000000000000003
[  208.745450][ T7418] RBP: 00007fc64eca9090 R08: 0000000000000000 R09: 0000000000000000
[  208.745459][ T7418] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  208.745468][ T7418] R13: 00007fc64dfe6038 R14: 00007fc64dfe5fa0 R15: 00007ffc3e9f53f8
[  208.745490][ T7418]  </TASK>
[  208.862441][ T7422] FAULT_INJECTION: forcing a failure.
[  208.862441][ T7422] name failslab, interval 1, probability 0, space 0, times 0
[  209.020139][   T30] audit: type=1400 audit(1759510875.683:1151): avc:  denied  { shutdown } for  pid=7414 comm="syz.3.406" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  209.040194][ T7422] CPU: 1 UID: 0 PID: 7422 Comm: syz.0.410 Not tainted syzkaller #0 PREEMPT(full) 
[  209.040217][ T7422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  209.040228][ T7422] Call Trace:
[  209.040233][ T7422]  <TASK>
[  209.040240][ T7422]  dump_stack_lvl+0x16c/0x1f0
[  209.040275][ T7422]  should_fail_ex+0x512/0x640
[  209.040300][ T7422]  ? kmem_cache_alloc_noprof+0x62/0x6e0
[  209.040330][ T7422]  should_failslab+0xc2/0x120
[  209.040353][ T7422]  kmem_cache_alloc_noprof+0x75/0x6e0
[  209.040380][ T7422]  ? alloc_empty_file+0x55/0x1e0
[  209.040408][ T7422]  ? alloc_empty_file+0x55/0x1e0
[  209.040431][ T7422]  alloc_empty_file+0x55/0x1e0
[  209.040456][ T7422]  path_openat+0xda/0x2cb0
[  209.040483][ T7422]  ? __pfx_path_openat+0x10/0x10
[  209.040510][ T7422]  do_filp_open+0x20b/0x470
[  209.040531][ T7422]  ? __pfx_do_filp_open+0x10/0x10
[  209.040568][ T7422]  ? alloc_fd+0x471/0x7d0
[  209.040595][ T7422]  do_sys_openat2+0x11b/0x1d0
[  209.040620][ T7422]  ? __pfx_do_sys_openat2+0x10/0x10
[  209.040648][ T7422]  ? bpf_trace_run2+0x2ab/0x590
[  209.040676][ T7422]  __x64_sys_openat+0x174/0x210
[  209.040700][ T7422]  ? __pfx___x64_sys_openat+0x10/0x10
[  209.040726][ T7422]  ? syscall_trace_enter+0x1cb/0x240
[  209.040752][ T7422]  ? rcu_is_watching+0x12/0xc0
[  209.040781][ T7422]  do_syscall_64+0xcd/0x4e0
[  209.040808][ T7422]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.040826][ T7422] RIP: 0033:0x7f76b2f8eec9
[  209.040841][ T7422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  209.040858][ T7422] RSP: 002b:00007f76b3e09038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  209.040875][ T7422] RAX: ffffffffffffffda RBX: 00007f76b31e5fa0 RCX: 00007f76b2f8eec9
[  209.040887][ T7422] RDX: 0000000000101400 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  209.040897][ T7422] RBP: 00007f76b3e09090 R08: 0000000000000000 R09: 0000000000000000
[  209.040908][ T7422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  209.040918][ T7422] R13: 00007f76b31e6038 R14: 00007f76b31e5fa0 R15: 00007fffb7ffae58
[  209.040940][ T7422]  </TASK>
[  209.080206][   T30] audit: type=1400 audit(1759510875.823:1152): avc:  denied  { name_bind } for  pid=7403 comm="syz.4.403" src=3618 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  209.222455][ T5936] usb 2-1: USB disconnect, device number 7
[  209.313088][   T30] audit: type=1400 audit(1759510875.943:1153): avc:  denied  { append } for  pid=7417 comm="syz.3.407" name="comedi2" dev="devtmpfs" ino=1277 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  209.344431][   T30] audit: type=1400 audit(1759510876.233:1154): avc:  denied  { unmount } for  pid=5821 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  209.389322][ T7427] FAULT_INJECTION: forcing a failure.
[  209.389322][ T7427] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  209.408182][ T7427] CPU: 1 UID: 0 PID: 7427 Comm: syz.2.409 Not tainted syzkaller #0 PREEMPT(full) 
[  209.408209][ T7427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  209.408218][ T7427] Call Trace:
[  209.408224][ T7427]  <TASK>
[  209.408230][ T7427]  dump_stack_lvl+0x16c/0x1f0
[  209.408260][ T7427]  should_fail_ex+0x512/0x640
[  209.408289][ T7427]  _copy_from_user+0x2e/0xd0
[  209.408316][ T7427]  kstrtouint_from_user+0xd6/0x1d0
[  209.408337][ T7427]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  209.408355][ T7427]  ? __lock_acquire+0xb97/0x1ce0
[  209.408386][ T7427]  proc_fail_nth_write+0x83/0x220
[  209.408408][ T7427]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  209.408435][ T7427]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  209.408455][ T7427]  vfs_write+0x29d/0x11d0
[  209.408476][ T7427]  ? __pfx___mutex_lock+0x10/0x10
[  209.408500][ T7427]  ? __pfx_vfs_write+0x10/0x10
[  209.408525][ T7427]  ? __fget_files+0x20e/0x3c0
[  209.408551][ T7427]  ksys_write+0x12a/0x250
[  209.408568][ T7427]  ? __pfx_ksys_write+0x10/0x10
[  209.408593][ T7427]  do_syscall_64+0xcd/0x4e0
[  209.408625][ T7427]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.408642][ T7427] RIP: 0033:0x7fe607f8d97f
[  209.408656][ T7427] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  209.408671][ T7427] RSP: 002b:00007fe608ece030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  209.408688][ T7427] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe607f8d97f
[  209.408699][ T7427] RDX: 0000000000000001 RSI: 00007fe608ece0a0 RDI: 0000000000000004
[  209.408709][ T7427] RBP: 00007fe608ece090 R08: 0000000000000000 R09: 0000000000000000
[  209.408719][ T7427] R10: 0000000000000040 R11: 0000000000000293 R12: 0000000000000001
[  209.408729][ T7427] R13: 00007fe6081e6038 R14: 00007fe6081e5fa0 R15: 00007ffcc6a8cba8
[  209.408752][ T7427]  </TASK>
[  209.431974][   T30] audit: type=1400 audit(1759510876.273:1155): avc:  denied  { read write } for  pid=7423 comm="syz.3.411" name="fuse" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  210.168398][ T7451] Invalid ELF header magic: != ELF
[  210.292043][ T5837] Bluetooth: hci2: command 0x0406 tx timeout
[  210.316392][ T5936] kernel write not supported for file /input/event2 (pid: 5936 comm: kworker/1:6)
[  211.792592][ T7482] netlink: 8 bytes leftover after parsing attributes in process `syz.3.422'.
[  211.801546][ T7482] netlink: 24 bytes leftover after parsing attributes in process `syz.3.422'.
[  212.042189][ T5822] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  212.222162][ T5822] usb 2-1: Using ep0 maxpacket: 16
[  212.515450][ T5822] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  212.549785][ T5822] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  212.566797][ T5822] usb 2-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  212.577385][ T5822] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  212.596502][ T5822] usb 2-1: config 0 descriptor??
[  212.602008][ T5936] usb 4-1: new full-speed USB device number 8 using dummy_hcd
[  212.783788][ T5936] usb 4-1: device descriptor read/64, error -71
[  213.041986][ T5936] usb 4-1: new full-speed USB device number 9 using dummy_hcd
[  213.263509][ T5936] usb 4-1: device descriptor read/64, error -71
[  213.321873][ T7495] random: crng reseeded on system resumption
[  213.373614][ T5936] usb usb4-port1: attempt power cycle
[  213.762004][ T5936] usb 4-1: new full-speed USB device number 10 using dummy_hcd
[  213.772534][   T30] kauditd_printk_skb: 27 callbacks suppressed
[  213.772551][   T30] audit: type=1400 audit(1759510881.003:1183): avc:  denied  { audit_write } for  pid=7508 comm="syz.2.432" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  214.041878][ T5936] usb 4-1: device descriptor read/8, error -71
[  214.159130][   T30] audit: type=1400 audit(1759510881.393:1184): avc:  denied  { create } for  pid=7512 comm="syz.2.433" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  214.183012][ T7513] tmpfs: User quota inode hardlimit too large.
[  214.221337][   T30] audit: type=1400 audit(1759510881.413:1185): avc:  denied  { mount } for  pid=7512 comm="syz.2.433" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  214.243698][   T30] audit: type=1400 audit(1759510881.423:1186): avc:  denied  { remount } for  pid=7512 comm="syz.2.433" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  214.337324][ T5936] usb 4-1: new full-speed USB device number 11 using dummy_hcd
[  214.505600][   T30] audit: type=1400 audit(1759510881.743:1187): avc:  denied  { read } for  pid=7518 comm="syz.0.435" name="binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  214.557366][   T30] audit: type=1400 audit(1759510881.743:1188): avc:  denied  { open } for  pid=7518 comm="syz.0.435" path="/dev/binderfs/binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  214.599920][   T30] audit: type=1400 audit(1759510881.763:1189): avc:  denied  { ioctl } for  pid=7518 comm="syz.0.435" path="/dev/binderfs/binder0" dev="binder" ino=7 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  214.628099][   T30] audit: type=1400 audit(1759510881.763:1190): avc:  denied  { set_context_mgr } for  pid=7518 comm="syz.0.435" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  214.648703][   T30] audit: type=1400 audit(1759510881.773:1191): avc:  denied  { create } for  pid=7518 comm="syz.0.435" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  214.697308][ T5936] usb 4-1: device not accepting address 11, error -71
[  214.713414][ T5936] usb usb4-port1: unable to enumerate USB device
[  214.772783][   T10] usb 2-1: USB disconnect, device number 8
[  214.831838][   T30] audit: type=1400 audit(1759510882.063:1192): avc:  denied  { execute } for  pid=7518 comm="syz.0.435" path="/dev/audio1" dev="devtmpfs" ino=1296 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sound_device_t tclass=chr_file permissive=1
[  214.855748][    C1] vkms_vblank_simulate: vblank timer overrun
[  214.868096][ T7523] team0: Device gtp0 is of different type
[  214.971554][ T7523] 9pnet_fd: p9_fd_create_tcp (7523): problem connecting socket to 127.0.0.1
[  215.705020][ T7536] random: crng reseeded on system resumption
[  215.723414][ T7536] Restarting kernel threads ...
[  215.729333][ T7536] Done restarting kernel threads.
[  216.478781][ T7547] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode
[  216.513744][ T7547] warning: `syz.2.445' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  216.555009][ T7547] bridge_slave_0: left allmulticast mode
[  216.562078][ T7547] bridge_slave_0: left promiscuous mode
[  216.577479][ T7547] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.630103][ T7547] bridge_slave_1: left allmulticast mode
[  216.634780][ T7551] netlink: 'syz.2.445': attribute type 10 has an invalid length.
[  216.643838][ T7547] bridge_slave_1: left promiscuous mode
[  216.650364][ T7547] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.666931][ T7547] bond0: (slave bond_slave_0): Releasing backup interface
[  216.674498][ T5822] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  216.690039][ T7547] bond0: (slave bond_slave_1): Releasing backup interface
[  216.720327][ T7547] team0: Port device team_slave_0 removed
[  216.823701][ T7547] team0: Port device team_slave_1 removed
[  216.833337][ T7547] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  217.077843][ T5822] usb 2-1: Using ep0 maxpacket: 16
[  217.090820][ T7547] batman_adv: batadv0: Removing interface: batadv_slave_0
[  217.092848][ T5822] usb 2-1: config 0 has no interfaces?
[  217.153821][ T5822] usb 2-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5
[  217.155127][ T7547] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  217.163383][ T5822] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  217.170665][ T7547] batman_adv: batadv0: Removing interface: batadv_slave_1
[  217.190924][ T5822] usb 2-1: Product: syz
[  217.194235][ T7547] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  217.195322][ T5822] usb 2-1: Manufacturer: syz
[  217.216182][ T5822] usb 2-1: SerialNumber: syz
[  217.223651][ T5822] usb 2-1: config 0 descriptor??
[  217.248356][ T5955] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  217.259564][ T7551] mac80211_hwsim hwsim3 wlan1: left allmulticast mode
[  217.302642][ T7551] 8021q: adding VLAN 0 to HW filter on device bond0
[  217.313780][ T7551] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  217.502875][ T5955] usb 3-1: Using ep0 maxpacket: 32
[  217.547738][ T5955] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[  217.650575][ T5955] usb 3-1: config 0 interface 0 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 0
[  217.668318][ T5955] usb 3-1: config 0 interface 0 has no altsetting 0
[  217.686760][ T5955] usb 3-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=dc.8e
[  217.696204][ T5955] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  217.705145][ T5955] usb 3-1: Product: syz
[  217.709344][ T5955] usb 3-1: Manufacturer: syz
[  217.714318][ T5955] usb 3-1: SerialNumber: syz
[  217.729625][ T5955] usb 3-1: config 0 descriptor??
[  218.258587][ T5955] gs_usb 3-1:0.0: Couldn't get device config: (err=-121)
[  218.272003][ T5955] gs_usb 3-1:0.0: probe with driver gs_usb failed with error -121
[  218.814707][ T5870] usb 2-1: USB disconnect, device number 9
[  218.956111][   T30] kauditd_printk_skb: 36 callbacks suppressed
[  218.956128][   T30] audit: type=1400 audit(1759510886.193:1229): avc:  denied  { write } for  pid=7589 comm="syz.4.454" name="xfrm_stat" dev="proc" ino=4026533264 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  219.002969][   T30] audit: type=1326 audit(1759510886.233:1230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7582 comm="syz.3.453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc64dd8eec9 code=0x7ffc0000
[  219.165490][   T30] audit: type=1400 audit(1759510886.403:1231): avc:  denied  { map } for  pid=7594 comm="syz.4.456" path="socket:[14756]" dev="sockfs" ino=14756 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  219.190602][   T30] audit: type=1400 audit(1759510886.403:1232): avc:  denied  { accept } for  pid=7594 comm="syz.4.456" path="socket:[14756]" dev="sockfs" ino=14756 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  219.341976][ T5870] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  219.492069][   T10] usb 5-1: new full-speed USB device number 14 using dummy_hcd
[  219.503598][ T5870] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE8, changing to 0x88
[  219.515806][ T5870] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7
[  219.527721][ T5870] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[  219.543508][ T5870] usb 4-1: New USB device found, idVendor=1781, idProduct=0938, bcdDevice=9b.49
[  219.552701][ T5870] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  219.560842][ T5870] usb 4-1: Product: syz
[  219.565381][ T5870] usb 4-1: Manufacturer: syz
[  219.570149][ T5870] usb 4-1: SerialNumber: syz
[  219.590090][ T5870] usb 4-1: config 0 descriptor??
[  219.609283][ T5870] iguanair 4-1:0.0: probe with driver iguanair failed with error -12
[  219.667544][   T10] usb 5-1: config 5 has an invalid interface number: 3 but max is 0
[  219.678733][   T10] usb 5-1: config 5 has no interface number 0
[  219.687960][   T10] usb 5-1: New USB device found, idVendor=09fb, idProduct=602a, bcdDevice=fd.36
[  219.715033][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  219.723518][   T10] usb 5-1: Product: syz
[  219.728135][   T10] usb 5-1: Manufacturer: syz
[  219.734054][   T10] usb 5-1: SerialNumber: syz
[  219.782415][   T10] ftdi_sio 5-1:5.3: FTDI USB Serial Device converter detected
[  219.802791][   T10] ftdi_sio ttyUSB0: unknown device type: 0xfd36
[  219.804445][ T5955] usb 3-1: USB disconnect, device number 15
[  219.828876][ T5894] usb 4-1: USB disconnect, device number 12
[  220.067637][ T7597] netlink: 16 bytes leftover after parsing attributes in process `syz.4.457'.
[  220.092765][ T5894] usb 5-1: USB disconnect, device number 14
[  220.568416][ T5894] ftdi_sio 5-1:5.3: device disconnected
[  221.031262][   T30] audit: type=1400 audit(1759510888.263:1233): avc:  denied  { watch watch_reads } for  pid=7619 comm="syz.1.464" path="/88" dev="tmpfs" ino=459 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  221.053995][    C1] vkms_vblank_simulate: vblank timer overrun
[  222.131776][   T30] audit: type=1400 audit(1759510888.673:1234): avc:  denied  { read write } for  pid=7626 comm="syz.1.466" name="rdma_cm" dev="devtmpfs" ino=1270 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  222.242763][   T30] audit: type=1400 audit(1759510888.673:1235): avc:  denied  { open } for  pid=7626 comm="syz.1.466" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=1270 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  222.288724][   T30] audit: type=1400 audit(1759510889.523:1236): avc:  denied  { setopt } for  pid=7640 comm="syz.1.470" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  222.591780][   T30] audit: type=1400 audit(1759510889.813:1237): avc:  denied  { execute } for  pid=7640 comm="syz.1.470" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=15523 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  222.914837][   T30] audit: type=1400 audit(1759510889.823:1238): avc:  denied  { write } for  pid=7640 comm="syz.1.470" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  223.042107][   T61] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  223.066878][   T61] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  223.085731][   T61] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  223.112190][   T61] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  223.231983][   T10] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  223.500123][   T10] usb 4-1: Using ep0 maxpacket: 16
[  223.664401][   T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  223.668079][ T7656] FAULT_INJECTION: forcing a failure.
[  223.668079][ T7656] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  223.679975][   T10] usb 4-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  223.714551][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  223.733611][   T10] usb 4-1: config 0 descriptor??
[  223.743770][ T7656] CPU: 1 UID: 0 PID: 7656 Comm: syz.2.474 Not tainted syzkaller #0 PREEMPT(full) 
[  223.743794][ T7656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  223.743805][ T7656] Call Trace:
[  223.743811][ T7656]  <TASK>
[  223.743817][ T7656]  dump_stack_lvl+0x16c/0x1f0
[  223.743848][ T7656]  should_fail_ex+0x512/0x640
[  223.743876][ T7656]  _copy_from_user+0x2e/0xd0
[  223.743904][ T7656]  vhost_vsock_dev_ioctl+0x222/0xb30
[  223.743929][ T7656]  ? hook_file_ioctl_common+0x145/0x410
[  223.743948][ T7656]  ? __pfx_vhost_vsock_dev_ioctl+0x10/0x10
[  223.743975][ T7656]  ? selinux_file_ioctl+0xb4/0x270
[  223.744002][ T7656]  ? __pfx_vhost_vsock_dev_ioctl+0x10/0x10
[  223.744025][ T7656]  __x64_sys_ioctl+0x18b/0x210
[  223.744054][ T7656]  do_syscall_64+0xcd/0x4e0
[  223.744086][ T7656]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.744104][ T7656] RIP: 0033:0x7fe607f8eec9
[  223.744117][ T7656] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  223.744133][ T7656] RSP: 002b:00007fe608ece038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  223.744149][ T7656] RAX: ffffffffffffffda RBX: 00007fe6081e5fa0 RCX: 00007fe607f8eec9
[  223.744159][ T7656] RDX: 00002000000000c0 RSI: 000000004004af61 RDI: 0000000000000004
[  223.744169][ T7656] RBP: 00007fe608ece090 R08: 0000000000000000 R09: 0000000000000000
[  223.744178][ T7656] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  223.744187][ T7656] R13: 00007fe6081e6038 R14: 00007fe6081e5fa0 R15: 00007ffcc6a8cba8
[  223.744208][ T7656]  </TASK>
[  223.908694][    C1] vkms_vblank_simulate: vblank timer overrun
[  223.937218][ T7649] 9pnet_fd: Insufficient options for proto=fd
[  224.359585][   T10] mcp2221 0003:04D8:00DD.0003: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.3-1/input0
[  224.401355][   T30] kauditd_printk_skb: 5 callbacks suppressed
[  224.401372][   T30] audit: type=1400 audit(1759510891.633:1244): avc:  denied  { create } for  pid=7671 comm="syz.1.479" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  225.186170][   T30] audit: type=1400 audit(1759510892.423:1245): avc:  denied  { create } for  pid=7678 comm="syz.4.481" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  225.238199][   T30] audit: type=1400 audit(1759510892.453:1246): avc:  denied  { bind } for  pid=7678 comm="syz.4.481" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  225.330769][   T30] audit: type=1400 audit(1759510892.453:1247): avc:  denied  { name_bind } for  pid=7678 comm="syz.4.481" src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  225.351587][    C1] vkms_vblank_simulate: vblank timer overrun
[  225.384286][   T30] audit: type=1400 audit(1759510892.453:1248): avc:  denied  { node_bind } for  pid=7678 comm="syz.4.481" saddr=fe80::aa src=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  225.449928][   T30] audit: type=1400 audit(1759510892.453:1249): avc:  denied  { connect } for  pid=7678 comm="syz.4.481" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  225.531178][   T30] audit: type=1400 audit(1759510892.563:1250): avc:  denied  { listen } for  pid=7678 comm="syz.4.481" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  225.550749][    C1] vkms_vblank_simulate: vblank timer overrun
[  225.577964][ T5894] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  225.615431][   T30] audit: type=1400 audit(1759510892.563:1251): avc:  denied  { accept } for  pid=7678 comm="syz.4.481" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  225.650902][   T30] audit: type=1400 audit(1759510892.623:1252): avc:  denied  { create } for  pid=7678 comm="syz.4.481" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  225.671208][   T30] audit: type=1400 audit(1759510892.673:1253): avc:  denied  { ioctl } for  pid=7678 comm="syz.4.481" path="socket:[15028]" dev="sockfs" ino=15028 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  225.773244][ T5144] Bluetooth: hci3: unexpected event 0x03 length: 1 < 11
[  225.825798][ T5894] usb 3-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  225.842985][ T5894] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 31, changing to 7
[  225.854659][ T5894] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  225.870622][ T5894] usb 3-1: string descriptor 0 read error: -22
[  225.877018][ T5894] usb 3-1: New USB device found, idVendor=2013, idProduct=0251, bcdDevice=e8.6e
[  225.886173][ T5894] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  225.897478][ T5894] usb 3-1: config 0 descriptor??
[  225.924275][ T5894] em28xx 3-1:0.0: New device   @ 480 Mbps (2013:0251, interface 0, class 0)
[  225.941950][ T5894] em28xx 3-1:0.0: Audio interface 0 found (Vendor Class)
[  225.979222][ T7693] netlink: 8 bytes leftover after parsing attributes in process `syz.1.485'.
[  226.117444][    T9] usb 4-1: USB disconnect, device number 13
[  226.139408][ T7681] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  226.530182][ T7702] ufs: You didn't specify the type of your ufs filesystem
[  226.530182][ T7702] 
[  226.530182][ T7702] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  226.530182][ T7702] 
[  226.530182][ T7702] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  226.561560][ T7702] ufs: ufstype=old is supported read-only
[  227.269477][ T7705] netlink: 20 bytes leftover after parsing attributes in process `syz.0.489'.
[  227.452308][ T5894] em28xx 3-1:0.0: unknown em28xx chip ID (0)
[  227.466548][ T5894] em28xx 3-1:0.0: Config register raw data: 0xfffffffb
[  227.502229][ T5894] em28xx 3-1:0.0: AC97 chip type couldn't be determined
[  227.512467][ T5894] em28xx 3-1:0.0: No AC97 audio processor
[  227.952283][ T5870] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  228.209262][ T5870] usb 5-1: config 0 has no interfaces?
[  228.215714][ T5870] usb 5-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  228.226330][ T5870] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  228.239795][ T5870] usb 5-1: config 0 descriptor??
[  228.671738][ T5870] usb 5-1: USB disconnect, device number 15
[  228.762013][ T5936] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  228.949189][ T5936] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE8, changing to 0x88
[  228.980907][ T5894] usb 3-1: USB disconnect, device number 16
[  228.989302][ T5936] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7
[  229.016898][ T5894] em28xx 3-1:0.0: Disconnecting em28xx
[  229.024363][ T5936] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[  229.046128][ T5894] em28xx 3-1:0.0: Freeing device
[  229.095850][ T5936] usb 4-1: New USB device found, idVendor=1781, idProduct=0938, bcdDevice=9b.49
[  229.115483][ T5936] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  229.126171][ T5936] usb 4-1: Product: syz
[  229.131214][ T5936] usb 4-1: Manufacturer: syz
[  229.137875][ T5936] usb 4-1: SerialNumber: syz
[  229.147073][ T5936] usb 4-1: config 0 descriptor??
[  229.164970][ T5936] iguanair 4-1:0.0: probe with driver iguanair failed with error -12
[  229.379367][ T5822] usb 4-1: USB disconnect, device number 14
[  229.463573][ T5894] usb 3-1: new full-speed USB device number 17 using dummy_hcd
[  229.563978][    T9] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  229.715287][ T7737] netlink: 68 bytes leftover after parsing attributes in process `syz.0.499'.
[  229.803108][ T5894] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  229.817571][ T5894] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  229.852319][ T5894] usb 3-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  230.045958][    T9] usb 5-1: Using ep0 maxpacket: 16
[  230.069263][ T5894] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  230.085881][   T30] kauditd_printk_skb: 17 callbacks suppressed
[  230.085897][   T30] audit: type=1400 audit(1759510897.323:1271): avc:  denied  { create } for  pid=7738 comm="syz.3.500" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  230.156958][ T5894] usb 3-1: config 0 descriptor??
[  230.342707][    T9] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  230.382924][    T9] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  233.521913][    C1] sched: DL replenish lagged too much
[  234.834710][   T30] audit: type=1400 audit(1759510897.673:1272): avc:  denied  { setopt } for  pid=7738 comm="syz.3.500" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  241.580987][    T9] usb 5-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  253.980052][ T5894] usbhid 3-1:0.0: can't add hid device: -32
[  253.994665][ T5894] usbhid 3-1:0.0: probe with driver usbhid failed with error -32
[  254.010961][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  257.355381][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  317.082918][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  376.441844][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  376.448825][    C1] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P7729/1:b..l P5894/1:b..l P7742/1:b..l
[  376.459357][    C1] rcu: 	(detected by 1, t=10503 jiffies, g=20297, q=2831 ncpus=2)
[  376.467157][    C1] task:syz.2.497       state:R  running task     stack:29112 pid:7742  tgid:7729  ppid:5821   task_flags:0x400140 flags:0x00080003
[  376.481425][    C1] Call Trace:
[  376.484709][    C1]  <TASK>
[  376.487642][    C1]  __schedule+0x1190/0x5de0
[  376.492153][    C1]  ? stack_trace_save+0x8e/0xc0
[  376.497006][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  376.502381][    C1]  ? stack_depot_save_flags+0x29/0x9c0
[  376.507851][    C1]  ? __pfx___schedule+0x10/0x10
[  376.512710][    C1]  ? __kasan_slab_alloc+0x89/0x90
[  376.517730][    C1]  ? kmem_cache_alloc_noprof+0x250/0x6e0
[  376.523376][    C1]  ? mark_held_locks+0x49/0x80
[  376.528137][    C1]  preempt_schedule_irq+0x51/0x90
[  376.533165][    C1]  irqentry_exit+0x36/0x90
[  376.537580][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  376.543562][    C1] RIP: 0010:lock_acquire+0x62/0x350
[  376.548754][    C1] Code: 4c e2 11 83 f8 07 0f 87 bc 02 00 00 89 c0 48 0f a3 05 d2 d1 c7 0e 0f 82 74 02 00 00 8b 35 2a 02 c8 0e 85 f6 0f 85 8d 00 00 00 <48> 8b 44 24 30 65 48 2b 05 29 4c e2 11 0f 85 c7 02 00 00 48 83 c4
[  376.568368][    C1] RSP: 0018:ffffc9001d15fa00 EFLAGS: 00000206
[  376.574439][    C1] RAX: 0000000000000046 RBX: ffffffff8e1c4120 RCX: 00000000fd57315f
[  376.582405][    C1] RDX: 0000000000000000 RSI: ffffffff8d7fb592 RDI: ffffffff8bd011c0
[  376.590368][    C1] RBP: 0000000000000002 R08: 13af9f48ce65b07e R09: 0000000000000000
[  376.598331][    C1] R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000000
[  376.606301][    C1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  376.614288][    C1]  ? unwind_next_frame+0x3f4/0x20a0
[  376.619494][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  376.625649][    C1]  unwind_next_frame+0xd1/0x20a0
[  376.630582][    C1]  ? unwind_next_frame+0xbd/0x20a0
[  376.635689][    C1]  ? __kasan_kmalloc+0x8a/0xb0
[  376.640451][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  376.646605][    C1]  arch_stack_walk+0x94/0x100
[  376.651281][    C1]  ? __kasan_kmalloc+0x8a/0xb0
[  376.656041][    C1]  stack_trace_save+0x8e/0xc0
[  376.660717][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  376.666088][    C1]  ? __lock_acquire+0x62e/0x1ce0
[  376.671022][    C1]  save_stack+0x160/0x1f0
[  376.675344][    C1]  ? __pfx_save_stack+0x10/0x10
[  376.680200][    C1]  ? __free_frozen_pages+0x7df/0x1160
[  376.685588][    C1]  ? __put_partials+0x130/0x170
[  376.690438][    C1]  ? qlist_free_all+0x4d/0x120
[  376.695198][    C1]  ? kasan_quarantine_reduce+0x195/0x1e0
[  376.700828][    C1]  ? __kasan_kmalloc+0x8a/0xb0
[  376.705594][    C1]  ? page_ext_put+0x3e/0xd0
[  376.710098][    C1]  __reset_page_owner+0x84/0x1a0
[  376.715040][    C1]  __free_frozen_pages+0x7df/0x1160
[  376.720248][    C1]  __put_partials+0x130/0x170
[  376.724930][    C1]  qlist_free_all+0x4d/0x120
[  376.729516][    C1]  kasan_quarantine_reduce+0x195/0x1e0
[  376.734973][    C1]  __kasan_kmalloc+0x8a/0xb0
[  376.739559][    C1]  fsnotify_alloc_group+0x92/0x330
[  376.744670][    C1]  __do_sys_fanotify_init+0x287/0xc00
[  376.750042][    C1]  ? rcu_is_watching+0x12/0xc0
[  376.754817][    C1]  do_syscall_64+0xcd/0x4e0
[  376.759327][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  376.765215][    C1] RIP: 0033:0x7fe607f8eec9
[  376.769625][    C1] RSP: 002b:00007fe608ead038 EFLAGS: 00000246 ORIG_RAX: 000000000000012c
[  376.778039][    C1] RAX: ffffffffffffffda RBX: 00007fe6081e6090 RCX: 00007fe607f8eec9
[  376.786018][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000079
[  376.793990][    C1] RBP: 00007fe608011f91 R08: 0000000000000000 R09: 0000000000000000
[  376.801961][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  376.809930][    C1] R13: 00007fe6081e6128 R14: 00007fe6081e6090 R15: 00007ffcc6a8cba8
[  376.817911][    C1]  </TASK>
[  376.820923][    C1] task:kworker/0:4     state:R  running task     stack:22232 pid:5894  tgid:5894  ppid:2      task_flags:0x4208060 flags:0x00080000
[  376.834490][    C1] Workqueue: usb_hub_wq hub_event
[  376.839521][    C1] Call Trace:
[  376.842825][    C1]  <TASK>
[  376.845751][    C1]  __schedule+0x1190/0x5de0
[  376.850253][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  376.855457][    C1]  ? __schedule+0x11a3/0x5de0
[  376.860139][    C1]  ? __pfx___schedule+0x10/0x10
[  376.864990][    C1]  ? __lock_acquire+0x62e/0x1ce0
[  376.869935][    C1]  ? mark_held_locks+0x49/0x80
[  376.874701][    C1]  preempt_schedule_irq+0x51/0x90
[  376.879725][    C1]  irqentry_exit+0x36/0x90
[  376.884136][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  376.890110][    C1] RIP: 0010:lock_acquire+0x62/0x350
[  376.895300][    C1] Code: 4c e2 11 83 f8 07 0f 87 bc 02 00 00 89 c0 48 0f a3 05 d2 d1 c7 0e 0f 82 74 02 00 00 8b 35 2a 02 c8 0e 85 f6 0f 85 8d 00 00 00 <48> 8b 44 24 30 65 48 2b 05 29 4c e2 11 0f 85 c7 02 00 00 48 83 c4
[  376.914908][    C1] RSP: 0018:ffffc90004e4eaa8 EFLAGS: 00000206
[  376.920973][    C1] RAX: 0000000000000046 RBX: ffffffff8e1c4120 RCX: 00000000c57b64e8
[  376.928937][    C1] RDX: 0000000000000000 RSI: ffffffff8d7fb592 RDI: ffffffff8bd011c0
[  376.936906][    C1] RBP: 0000000000000002 R08: 73f60d2b5ebb4ee2 R09: 0000000000000000
[  376.944872][    C1] R10: 0000000000000005 R11: 0000000000000000 R12: 0000000000000000
[  376.952842][    C1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  376.960831][    C1]  ? unwind_next_frame+0x3f4/0x20a0
[  376.966044][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  376.972201][    C1]  unwind_next_frame+0xd1/0x20a0
[  376.977138][    C1]  ? unwind_next_frame+0xbd/0x20a0
[  376.982243][    C1]  ? create_intf_ep_devs.isra.0+0x161/0x200
[  376.988139][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  376.994294][    C1]  arch_stack_walk+0x94/0x100
[  376.998970][    C1]  ? create_intf_ep_devs.isra.0+0x161/0x200
[  377.004865][    C1]  stack_trace_save+0x8e/0xc0
[  377.009553][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  377.014924][    C1]  ? __lock_acquire+0x62e/0x1ce0
[  377.019860][    C1]  save_stack+0x160/0x1f0
[  377.024188][    C1]  ? __pfx_save_stack+0x10/0x10
[  377.029029][    C1]  ? __free_frozen_pages+0x7df/0x1160
[  377.034398][    C1]  ? qlist_free_all+0x4d/0x120
[  377.039153][    C1]  ? kasan_quarantine_reduce+0x195/0x1e0
[  377.044774][    C1]  ? __kasan_slab_alloc+0x69/0x90
[  377.049795][    C1]  ? kmem_cache_alloc_noprof+0x250/0x6e0
[  377.055427][    C1]  ? __kernfs_new_node+0xd2/0x8e0
[  377.060449][    C1]  ? kernfs_new_node+0x13c/0x1e0
[  377.065375][    C1]  ? __kernfs_create_file+0x53/0x350
[  377.070651][    C1]  ? sysfs_add_file_mode_ns+0x207/0x3c0
[  377.076194][    C1]  ? internal_create_group+0x578/0xf30
[  377.081648][    C1]  ? internal_create_groups+0x9d/0x150
[  377.087103][    C1]  ? device_add+0x77f/0x1aa0
[  377.091706][    C1]  ? usb_create_ep_devs+0x160/0x2b0
[  377.096903][    C1]  ? create_intf_ep_devs.isra.0+0x161/0x200
[  377.102797][    C1]  ? page_ext_put+0x3e/0xd0
[  377.107302][    C1]  __reset_page_owner+0x84/0x1a0
[  377.112236][    C1]  __free_frozen_pages+0x7df/0x1160
[  377.117440][    C1]  qlist_free_all+0x4d/0x120
[  377.122027][    C1]  kasan_quarantine_reduce+0x195/0x1e0
[  377.127486][    C1]  __kasan_slab_alloc+0x69/0x90
[  377.132340][    C1]  kmem_cache_alloc_noprof+0x250/0x6e0
[  377.137803][    C1]  ? __kernfs_new_node+0xd2/0x8e0
[  377.142829][    C1]  ? __kernfs_new_node+0xd2/0x8e0
[  377.147852][    C1]  __kernfs_new_node+0xd2/0x8e0
[  377.152709][    C1]  ? __pfx___kernfs_new_node+0x10/0x10
[  377.158171][    C1]  ? find_held_lock+0x2b/0x80
[  377.162846][    C1]  ? kernfs_root+0xee/0x2a0
[  377.167357][    C1]  kernfs_new_node+0x13c/0x1e0
[  377.172114][    C1]  __kernfs_create_file+0x53/0x350
[  377.177224][    C1]  sysfs_add_file_mode_ns+0x207/0x3c0
[  377.182603][    C1]  internal_create_group+0x578/0xf30
[  377.187896][    C1]  ? sysfs_create_file_ns+0x154/0x1d0
[  377.193265][    C1]  ? __pfx_internal_create_group+0x10/0x10
[  377.199070][    C1]  ? __pfx_sysfs_create_file_ns+0x10/0x10
[  377.204791][    C1]  ? down_read+0x13d/0x480
[  377.209210][    C1]  ? acpi_device_notify+0x351/0x480
[  377.214410][    C1]  ? lockdep_init_map_type+0x5c/0x280
[  377.219781][    C1]  internal_create_groups+0x9d/0x150
[  377.225075][    C1]  device_add+0x77f/0x1aa0
[  377.229494][    C1]  ? __pfx_device_add+0x10/0x10
[  377.234343][    C1]  ? lockdep_init_map_type+0x5c/0x280
[  377.239714][    C1]  ? __init_waitqueue_head+0xca/0x150
[  377.245096][    C1]  usb_create_ep_devs+0x160/0x2b0
[  377.250126][    C1]  create_intf_ep_devs.isra.0+0x161/0x200
[  377.255881][    C1]  usb_set_configuration+0x11a7/0x1e20
[  377.261356][    C1]  ? __pfx_usb_generic_driver_probe+0x10/0x10
[  377.267414][    C1]  usb_generic_driver_probe+0xb1/0x110
[  377.272868][    C1]  usb_probe_device+0xef/0x3e0
[  377.277646][    C1]  ? __pfx_usb_probe_device+0x10/0x10
[  377.283014][    C1]  really_probe+0x23e/0xa90
[  377.287515][    C1]  __driver_probe_device+0x1de/0x440
[  377.292791][    C1]  ? usb_driver_applicable+0x1c7/0x220
[  377.298258][    C1]  driver_probe_device+0x4c/0x1b0
[  377.303286][    C1]  __device_attach_driver+0x1df/0x310
[  377.308657][    C1]  ? __pfx___device_attach_driver+0x10/0x10
[  377.314542][    C1]  bus_for_each_drv+0x156/0x1e0
[  377.319393][    C1]  ? __pfx_bus_for_each_drv+0x10/0x10
[  377.324763][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  377.329961][    C1]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  377.335769][    C1]  __device_attach+0x1e4/0x4b0
[  377.340534][    C1]  ? __pfx___device_attach+0x10/0x10
[  377.345815][    C1]  ? do_raw_spin_unlock+0x172/0x230
[  377.351017][    C1]  bus_probe_device+0x17f/0x1c0
[  377.355873][    C1]  device_add+0x1148/0x1aa0
[  377.360378][    C1]  ? __pfx_device_add+0x10/0x10
[  377.365221][    C1]  ? usb_detect_static_quirks+0x335/0x3e0
[  377.370940][    C1]  ? __usb_get_extra_descriptor+0x158/0x1c0
[  377.376838][    C1]  usb_new_device+0xd07/0x1a60
[  377.381608][    C1]  ? do_raw_spin_lock+0x12c/0x2b0
[  377.386629][    C1]  ? __pfx_usb_new_device+0x10/0x10
[  377.391823][    C1]  ? mark_held_locks+0x49/0x80
[  377.396580][    C1]  hub_event+0x2f34/0x4fe0
[  377.401023][    C1]  ? __pfx_hub_event+0x10/0x10
[  377.405781][    C1]  ? assoc_array_gc+0xf70/0x15b0
[  377.410725][    C1]  ? rcu_is_watching+0x12/0xc0
[  377.415494][    C1]  process_one_work+0x9cf/0x1b70
[  377.420444][    C1]  ? __pfx_process_one_work+0x10/0x10
[  377.425819][    C1]  ? assign_work+0x1a0/0x250
[  377.430404][    C1]  worker_thread+0x6c8/0xf10
[  377.435003][    C1]  ? __kthread_parkme+0x19e/0x250
[  377.440039][    C1]  ? __pfx_worker_thread+0x10/0x10
[  377.445158][    C1]  kthread+0x3c2/0x780
[  377.449233][    C1]  ? __pfx_kthread+0x10/0x10
[  377.453820][    C1]  ? rcu_is_watching+0x12/0xc0
[  377.458584][    C1]  ? __pfx_kthread+0x10/0x10
[  377.463190][    C1]  ret_from_fork+0x56a/0x730
[  377.467778][    C1]  ? __pfx_kthread+0x10/0x10
[  377.472374][    C1]  ret_from_fork_asm+0x1a/0x30
[  377.477146][    C1]  </TASK>
[  377.480155][    C1] task:syz.2.497       state:R  running task     stack:25960 pid:7729  tgid:7729  ppid:5821   task_flags:0x400040 flags:0x00080003
[  377.493638][    C1] Call Trace:
[  377.496909][    C1]  <TASK>
[  377.499836][    C1]  __schedule+0x1190/0x5de0
[  377.504347][    C1]  ? __lock_acquire+0x62e/0x1ce0
[  377.509285][    C1]  ? __pfx___schedule+0x10/0x10
[  377.514130][    C1]  ? __lock_acquire+0x62e/0x1ce0
[  377.519069][    C1]  ? mark_held_locks+0x49/0x80
[  377.523833][    C1]  preempt_schedule_irq+0x51/0x90
[  377.528857][    C1]  irqentry_exit+0x36/0x90
[  377.533271][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  377.539243][    C1] RIP: 0010:lock_acquire+0x62/0x350
[  377.544435][    C1] Code: 4c e2 11 83 f8 07 0f 87 bc 02 00 00 89 c0 48 0f a3 05 d2 d1 c7 0e 0f 82 74 02 00 00 8b 35 2a 02 c8 0e 85 f6 0f 85 8d 00 00 00 <48> 8b 44 24 30 65 48 2b 05 29 4c e2 11 0f 85 c7 02 00 00 48 83 c4
[  377.564035][    C1] RSP: 0018:ffffc9001d1af258 EFLAGS: 00000206
[  377.570098][    C1] RAX: 0000000000000046 RBX: ffffffff8e1c4120 RCX: 00000000afca01de
[  377.578063][    C1] RDX: 0000000000000000 RSI: ffffffff8d7fb592 RDI: ffffffff8bd011c0
[  377.586030][    C1] RBP: 0000000000000002 R08: b19b3a4d46fadd4d R09: 0000000000000000
[  377.593994][    C1] R10: 0000000000000002 R11: 0000000000000000 R12: 0000000000000000
[  377.601956][    C1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  377.609936][    C1]  ? unwind_next_frame+0x3f4/0x20a0
[  377.615141][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  377.621303][    C1]  unwind_next_frame+0xd1/0x20a0
[  377.626239][    C1]  ? unwind_next_frame+0xbd/0x20a0
[  377.631350][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  377.637429][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  377.643595][    C1]  arch_stack_walk+0x94/0x100
[  377.648276][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  377.654340][    C1]  stack_trace_save+0x8e/0xc0
[  377.659021][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  377.664394][    C1]  ? __lock_acquire+0x62e/0x1ce0
[  377.669332][    C1]  save_stack+0x160/0x1f0
[  377.673661][    C1]  ? __pfx_save_stack+0x10/0x10
[  377.678501][    C1]  ? __free_frozen_pages+0x7df/0x1160
[  377.683955][    C1]  ? __put_partials+0x130/0x170
[  377.688808][    C1]  ? qlist_free_all+0x4d/0x120
[  377.693593][    C1]  ? kasan_quarantine_reduce+0x195/0x1e0
[  377.699215][    C1]  ? __kasan_slab_alloc+0x69/0x90
[  377.704237][    C1]  ? kmem_cache_alloc_noprof+0x250/0x6e0
[  377.709870][    C1]  ? mas_preallocate+0xe6a/0x11f0
[  377.714902][    C1]  ? __split_vma+0x34a/0x1070
[  377.719576][    C1]  ? vma_modify+0xee1/0x2030
[  377.724162][    C1]  ? vma_modify_flags+0x212/0x2d0
[  377.729188][    C1]  ? mprotect_fixup+0x1df/0xb40
[  377.734036][    C1]  ? do_mprotect_pkey+0x9bc/0xd40
[  377.739056][    C1]  ? __x64_sys_mprotect+0x78/0xc0
[  377.744077][    C1]  ? do_syscall_64+0xcd/0x4e0
[  377.748753][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  377.754813][    C1]  ? page_ext_put+0x3e/0xd0
[  377.759317][    C1]  __reset_page_owner+0x84/0x1a0
[  377.764253][    C1]  __free_frozen_pages+0x7df/0x1160
[  377.769458][    C1]  __put_partials+0x130/0x170
[  377.774141][    C1]  qlist_free_all+0x4d/0x120
[  377.778728][    C1]  kasan_quarantine_reduce+0x195/0x1e0
[  377.784270][    C1]  __kasan_slab_alloc+0x69/0x90
[  377.789116][    C1]  kmem_cache_alloc_noprof+0x250/0x6e0
[  377.794575][    C1]  ? mas_preallocate+0xe6a/0x11f0
[  377.799607][    C1]  ? mas_preallocate+0xe6a/0x11f0
[  377.804639][    C1]  mas_preallocate+0xe6a/0x11f0
[  377.809502][    C1]  ? __pfx_mas_preallocate+0x10/0x10
[  377.814794][    C1]  ? anon_vma_name+0x81/0x2f0
[  377.819475][    C1]  __split_vma+0x34a/0x1070
[  377.823984][    C1]  ? __pfx___split_vma+0x10/0x10
[  377.828920][    C1]  ? __lock_acquire+0xb97/0x1ce0
[  377.833866][    C1]  vma_modify+0xee1/0x2030
[  377.838297][    C1]  ? __pfx_vma_modify+0x10/0x10
[  377.843143][    C1]  ? find_held_lock+0x2b/0x80
[  377.847820][    C1]  ? avc_has_perm_noaudit+0x117/0x3b0
[  377.853192][    C1]  vma_modify_flags+0x212/0x2d0
[  377.858047][    C1]  ? __pfx_vma_modify_flags+0x10/0x10
[  377.863435][    C1]  mprotect_fixup+0x1df/0xb40
[  377.868116][    C1]  ? __pfx_mprotect_fixup+0x10/0x10
[  377.873310][    C1]  ? selinux_file_mprotect+0x15b/0x600
[  377.878775][    C1]  do_mprotect_pkey+0x9bc/0xd40
[  377.883631][    C1]  ? __pfx_do_mprotect_pkey+0x10/0x10
[  377.889001][    C1]  ? vm_mmap_pgoff+0x103/0x470
[  377.893779][    C1]  ? xfd_validate_state+0x61/0x180
[  377.898901][    C1]  __x64_sys_mprotect+0x78/0xc0
[  377.903748][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  377.908942][    C1]  do_syscall_64+0xcd/0x4e0
[  377.913445][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  377.919331][    C1] RIP: 0033:0x7fe607f8ef87
[  377.923739][    C1] RSP: 002b:00007ffcc6a8cb48 EFLAGS: 00000206 ORIG_RAX: 000000000000000a
[  377.932156][    C1] RAX: ffffffffffffffda RBX: 00007fe608e8c6c0 RCX: 00007fe607f8ef87
[  377.940118][    C1] RDX: 0000000000000003 RSI: 0000000000020000 RDI: 00007fe608e6d000
[  377.948082][    C1] RBP: 0000000000000000 R08: 00000000ffffffff R09: 0000000000000000
[  377.956042][    C1] R10: 0000000000021000 R11: 0000000000000206 R12: 00007ffcc6a8cca0
[  377.964004][    C1] R13: ffffffffffffffc0 R14: 0000000000001000 R15: 0000000000000000
[  377.971979][    C1]  </TASK>
[  377.974989][    C1] rcu: rcu_preempt kthread starved for 7355 jiffies! g20297 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[  377.986089][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  377.996048][    C1] rcu: RCU grace-period kthread stack dump:
[  378.001924][    C1] task:rcu_preempt     state:R  running task     stack:27704 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00080000
[  378.015409][    C1] Call Trace:
[  378.018682][    C1]  <TASK>
[  378.021608][    C1]  __schedule+0x1190/0x5de0
[  378.026130][    C1]  ? __pfx___schedule+0x10/0x10
[  378.030984][    C1]  ? find_held_lock+0x2b/0x80
[  378.035661][    C1]  ? schedule+0x2d7/0x3a0
[  378.039991][    C1]  schedule+0xe7/0x3a0
[  378.044063][    C1]  schedule_timeout+0x123/0x290
[  378.048907][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[  378.054270][    C1]  ? __pfx_process_timeout+0x10/0x10
[  378.059559][    C1]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  378.065362][    C1]  ? prepare_to_swait_event+0xf5/0x480
[  378.070823][    C1]  rcu_gp_fqs_loop+0x1ea/0xaf0
[  378.075584][    C1]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  378.080868][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  378.086071][    C1]  ? __pfx_rcu_gp_init+0x10/0x10
[  378.090999][    C1]  ? rcu_gp_cleanup+0x7c1/0xd90
[  378.095849][    C1]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  378.101656][    C1]  rcu_gp_kthread+0x26d/0x380
[  378.106329][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  378.111520][    C1]  ? rcu_is_watching+0x12/0xc0
[  378.116285][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  378.121484][    C1]  ? __kthread_parkme+0x19e/0x250
[  378.126500][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  378.131695][    C1]  kthread+0x3c2/0x780
[  378.135761][    C1]  ? __pfx_kthread+0x10/0x10
[  378.140350][    C1]  ? rcu_is_watching+0x12/0xc0
[  378.145117][    C1]  ? __pfx_kthread+0x10/0x10
[  378.149715][    C1]  ret_from_fork+0x56a/0x730
[  378.154299][    C1]  ? __pfx_kthread+0x10/0x10
[  378.158889][    C1]  ret_from_fork_asm+0x1a/0x30
[  378.163665][    C1]  </TASK>
[  378.166673][    C1] rcu: Stack dump where RCU GP kthread last ran:
[  378.172984][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted syzkaller #0 PREEMPT(full) 
[  378.181908][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  378.191950][    C1] RIP: 0010:lock_release+0x68/0x2f0
[  378.197146][    C1] Code: 0f a3 05 8b d8 c7 0e 0f 82 b1 01 00 00 8b 3d e3 08 c8 0e 85 ff 0f 84 25 01 00 00 65 8b 05 a8 94 e2 11 85 c0 0f 85 16 01 00 00 <65> 4c 8b 35 e8 52 e2 11 41 8b b6 2c 0b 00 00 85 f6 0f 85 ff 00 00
[  378.216746][    C1] RSP: 0018:ffffc90000a07f20 EFLAGS: 00000246
[  378.222812][    C1] RAX: 0000000000000000 RBX: ffffffff8e1c4120 RCX: ffffc90000a09001
[  378.230774][    C1] RDX: 0000000000000000 RSI: ffffffff8bd01140 RDI: 0000000000000001
[  378.238737][    C1] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000
[  378.246700][    C1] R10: 0000000000000002 R11: 0000000000006160 R12: ffffffff816a98f4
[  378.254663][    C1] R13: ffffc90000a08028 R14: ffffc90000a080c8 R15: ffffc90000a0805c
[  378.262625][    C1] FS:  0000000000000000(0000) GS:ffff888124f85000(0000) knlGS:0000000000000000
[  378.271546][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  378.278121][    C1] CR2: 00007ffc3e9f3ed8 CR3: 00000000321a2000 CR4: 00000000003526f0
[  378.286087][    C1] Call Trace:
[  378.289357][    C1]  <IRQ>
[  378.292193][    C1]  unwind_next_frame+0x3f9/0x20a0
[  378.297216][    C1]  ? arch_stack_walk+0x73/0x100
[  378.302068][    C1]  __unwind_start+0x45f/0x7f0
[  378.306741][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  378.312905][    C1]  arch_stack_walk+0x73/0x100
[  378.317586][    C1]  ? stack_trace_save+0x8e/0xc0
[  378.322457][    C1]  stack_trace_save+0x8e/0xc0
[  378.327131][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  378.332505][    C1]  ? stack_trace_save+0x8e/0xc0
[  378.337358][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  378.342732][    C1]  ? stack_depot_save_flags+0x29/0x9c0
[  378.348193][    C1]  kasan_save_stack+0x33/0x60
[  378.352908][    C1]  kasan_save_track+0x14/0x30
[  378.357578][    C1]  __kasan_slab_alloc+0x89/0x90
[  378.362430][    C1]  kmem_cache_alloc_node_noprof+0x28a/0x770
[  378.368312][    C1]  ? kmalloc_reserve+0x18b/0x2c0
[  378.373246][    C1]  ? kmalloc_reserve+0x18b/0x2c0
[  378.378177][    C1]  kmalloc_reserve+0x18b/0x2c0
[  378.382939][    C1]  __alloc_skb+0x166/0x380
[  378.387355][    C1]  ? __pfx___alloc_skb+0x10/0x10
[  378.392303][    C1]  ? kasan_quarantine_put+0x10a/0x240
[  378.397689][    C1]  synproxy_send_client_synack+0x1af/0x8f0
[  378.403509][    C1]  ? __pfx_synproxy_send_client_synack+0x10/0x10
[  378.409842][    C1]  ? nft_socket_cgroup_subtree_level+0x170/0x3e0
[  378.416174][    C1]  nft_synproxy_do_eval+0xa63/0xd80
[  378.421374][    C1]  ? __pfx_nft_synproxy_do_eval+0x10/0x10
[  378.427088][    C1]  ? do_raw_spin_lock+0x12c/0x2b0
[  378.432120][    C1]  ? __pfx_nft_synproxy_eval+0x10/0x10
[  378.437574][    C1]  nft_do_chain+0x2e9/0x1920
[  378.442181][    C1]  ? __lock_acquire+0xb97/0x1ce0
[  378.447113][    C1]  ? __pfx_nft_do_chain+0x10/0x10
[  378.452132][    C1]  ? do_raw_spin_lock+0x12c/0x2b0
[  378.457159][    C1]  ? do_raw_spin_lock+0x12c/0x2b0
[  378.462198][    C1]  ? nf_conntrack_in+0x8b0/0x1930
[  378.467251][    C1]  nft_do_chain_inet+0x18a/0x340
[  378.472200][    C1]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  378.477660][    C1]  ? __pfx_nf_conntrack_in+0x10/0x10
[  378.483031][    C1]  ? lock_acquire+0x179/0x350
[  378.487718][    C1]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  378.493182][    C1]  nf_hook_slow+0xbe/0x200
[  378.497664][    C1]  nf_hook.constprop.0+0x424/0x750
[  378.502783][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  378.508770][    C1]  ? __pfx_nf_hook.constprop.0+0x10/0x10
[  378.514402][    C1]  ? __pfx_ip_rcv_finish+0x10/0x10
[  378.519515][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  378.525504][    C1]  ip_local_deliver+0x169/0x1f0
[  378.530359][    C1]  ip_rcv+0x2e0/0x600
[  378.534343][    C1]  ? __pfx_ip_rcv+0x10/0x10
[  378.538843][    C1]  __netif_receive_skb_one_core+0x197/0x1e0
[  378.544737][    C1]  ? __pfx___netif_receive_skb_one_core+0x10/0x10
[  378.551156][    C1]  ? lock_acquire+0x179/0x350
[  378.555837][    C1]  ? process_backlog+0x3e7/0x15e0
[  378.560861][    C1]  __netif_receive_skb+0x1d/0x160
[  378.565905][    C1]  process_backlog+0x439/0x15e0
[  378.570765][    C1]  __napi_poll.constprop.0+0xb7/0x550
[  378.576136][    C1]  ? skb_defer_free_flush+0x149/0x280
[  378.581512][    C1]  net_rx_action+0x97f/0xef0
[  378.586107][    C1]  ? __pfx_net_rx_action+0x10/0x10
[  378.591218][    C1]  ? lock_acquire+0x179/0x350
[  378.595894][    C1]  ? kvm_sched_clock_read+0x11/0x20
[  378.601088][    C1]  ? sched_clock+0x38/0x60
[  378.605504][    C1]  ? sched_clock_cpu+0x6c/0x530
[  378.610365][    C1]  handle_softirqs+0x219/0x8e0
[  378.615135][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  378.620425][    C1]  __irq_exit_rcu+0x109/0x170
[  378.625104][    C1]  irq_exit_rcu+0x9/0x30
[  378.629344][    C1]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  378.634975][    C1]  </IRQ>
[  378.637903][    C1]  <TASK>
[  378.640825][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  378.646803][    C1] RIP: 0010:pv_native_safe_halt+0xf/0x20
[  378.652444][    C1] Code: ae 60 02 e9 d3 09 03 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 13 2e 1e 00 fb f4 <c3> cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
[  378.672050][    C1] RSP: 0018:ffffc90000197df8 EFLAGS: 000002c6
[  378.678119][    C1] RAX: 0000000001bc8331 RBX: 0000000000000001 RCX: ffffffff8b4bda89
[  378.686087][    C1] RDX: 0000000000000000 RSI: ffffffff8d820d97 RDI: ffffffff8bd011c0
[  378.694051][    C1] RBP: ffffed1003bd5490 R08: 0000000000000001 R09: ffffed10170e6655
[  378.702015][    C1] R10: ffff8880b87332ab R11: 0000000000000000 R12: 0000000000000001
[  378.709980][    C1] R13: ffff88801deaa480 R14: ffffffff905f3590 R15: 0000000000000000
[  378.717952][    C1]  ? ct_kernel_exit+0x139/0x190
[  378.722815][    C1]  default_idle+0x13/0x20
[  378.727138][    C1]  default_idle_call+0x6c/0xb0
[  378.731890][    C1]  do_idle+0x38d/0x500
[  378.735962][    C1]  ? __pfx_do_idle+0x10/0x10
[  378.740554][    C1]  ? trace_sched_exit_tp+0x2f/0x120
[  378.745754][    C1]  cpu_startup_entry+0x4f/0x60
[  378.750517][    C1]  start_secondary+0x21d/0x2b0
[  378.755274][    C1]  ? __pfx_start_secondary+0x10/0x10
[  378.760558][    C1]  common_startup_64+0x13e/0x148
[  378.765502][    C1]  </TASK>
[  378.784082][    C1] hrtimer: interrupt took 2342240228 ns
[  378.894501][ T1294] ieee802154 phy1 wpan1: encryption failed: -22