last executing test programs:

11.531070054s ago: executing program 1 (id=4427):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000600)={&(0x7f0000000380)=ANY=[@ANYBLOB="9feb01001800000000000000120000000c00000006000000000000000085fd60ac00f6ff003000616100"], &(0x7f0000000580)=""/103, 0x2a, 0x67, 0x1, 0xe}, 0x28)
add_key(&(0x7f0000000080)='pkcs7_test\x00', 0x0, &(0x7f0000000180)="100c060a63e57fd1b96900000000", 0xe, 0xffffffffffffffff)
r0 = socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$radio(&(0x7f0000000000), 0x1, 0x2)
r1 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r1, &(0x7f00000003c0)={0x2, 0x4e21, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r1, 0x8)
r2 = accept4(r1, 0x0, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000001840)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000080)="c6", 0x1}], 0x1, 0x0, 0x0, 0x20048054}}], 0x1, 0x8800)
sendto$inet(r2, &(0x7f00000002c0)="cc", 0x1, 0x0, 0x0, 0x0)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/route\x00')
pipe2$9p(&(0x7f00000002c0), 0x4000)
fsopen(&(0x7f00000000c0)='pstore\x00', 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200))
r4 = syz_open_dev$dri(&(0x7f0000000440), 0x1, 0x48240)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000100)=[<r5=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_ATOMIC(r3, 0xc03864bc, &(0x7f0000000300)={0x500, 0x1, &(0x7f00000000c0)=[r5], &(0x7f0000000180), &(0x7f0000000300), &(0x7f0000000280)=[0x5, 0xfffffffffffffff9, 0x200], 0x0, 0x1})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101302, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r7, 0xc00caee0, &(0x7f0000000100)={0x4, <r8=>0xffffffffffffffff})
ioctl$KVM_SET_DEVICE_ATTR(r8, 0x4018aee1, &(0x7f00000001c0)=@attr_other={0x0, 0x3, 0x2, 0x0})
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f0000000000)={0x0, 0x4}, 0x8)
close(r2)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="240000006800090700000000000000000a000000000000000400040008000500", @ANYRES32=0x0, @ANYBLOB="d68b7fc1708c27e1079d74ff"], 0x24}, 0x1, 0x0, 0x0, 0x4040000}, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x0, &(0x7f0000000140)=0x849, 0x4)

9.928086374s ago: executing program 0 (id=4435):
syz_genetlink_get_family_id$nl802154(&(0x7f0000000680), 0xffffffffffffffff)
socket$inet6(0xa, 0x800000000000002, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
dup3(0xffffffffffffffff, r0, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
mount(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
openat$vcs(0xffffffffffffff9c, &(0x7f0000000300), 0x20802, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000680)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x10}]}, @NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}]}]}]}, @NFT_MSG_DELSETELEM={0x2c, 0xe, 0xa, 0x201, 0x0, 0x0, {0xa}, [@NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xd8}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$netlink(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000340)=ANY=[@ANYBLOB="140100003b00015300000000fcdbdf2501"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x800, 0x0, 0x3, 0x9}, 0x20)
setsockopt$inet6_IPV6_DSTOPTS(0xffffffffffffffff, 0x29, 0x3b, &(0x7f00000002c0), 0x8)

9.780531017s ago: executing program 1 (id=4437):
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000840)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000040)="d8000000180081064e81f782db4cb904021d080006007c09e8fe55a10a0015000600142603600e1208000f0000000401a8001600200003400400020003", 0x3d}], 0x1}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@gettfilter={0x3c, 0x2e, 0x400, 0x70bd21, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x0, 0x7}, {0x6, 0xe}, {0x8, 0xffff}}, [{0x8, 0xb, 0x2}, {0x8, 0xb, 0x9}, {0x8, 0xb, 0x40000c12}]}, 0x3c}}, 0x4008800)
r1 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e000100636f6e6e6c696d69740000000c00028008000140000000001400017b090001006cdbf80789f3f947dd000280080003"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050840)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)}], 0x1}, 0x0)
sched_setscheduler(r0, 0x1, &(0x7f00000005c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x0, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000002440)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
read$FUSE(r4, &(0x7f0000002580)={0x2020}, 0x2020)
r5 = getpgrp(r0)
ptrace$PTRACE_SETSIGMASK(0x420b, r5, 0x8, &(0x7f0000000100)={[0x4]})
socketpair(0x1d, 0x2, 0x2, &(0x7f0000000000)={0x0, 0x0})
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xa, 0x4, &(0x7f0000000440)=ANY=[@ANYBLOB="b4000000feffffffdd0a00aaca000000"], &(0x7f0000000480)='GPL\x00', 0x7, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x19, &(0x7f0000000000)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x5}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x3f)
r6 = add_key$keyring(&(0x7f0000002280), &(0x7f00000022c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffb)
keyctl$KEYCTL_WATCH_KEY(0x20, r6, 0xffffffffffffffff, 0x6f)
r7 = add_key$fscrypt_provisioning(&(0x7f0000002a40), &(0x7f0000002a80)={'syz', 0x2}, &(0x7f0000002ac0)=ANY=[@ANYBLOB="0200000000000000616161616161616161616161616161616161616161616161616161616161616131313131313131313131313131313131313131313131312c6a0c11f57604b7c4"], 0x48, r6)
keyctl$KEYCTL_MOVE(0x1e, r7, r6, 0xfffffffffffffffb, 0x1)
ioctl$USBDEVFS_REAPURB(r4, 0x4008550c, &(0x7f0000000300))
syz_init_net_socket$ax25(0x3, 0x2, 0xf0)

8.947077615s ago: executing program 2 (id=4441):
getsockopt$XDP_STATISTICS(0xffffffffffffffff, 0x11b, 0x7, 0x0, &(0x7f0000000040))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$radio(&(0x7f0000000000), 0x1, 0x2)
pwritev(r2, &(0x7f00000000c0)=[{0x0}], 0x1, 0x7, 0x96)
ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20004041, 0x0, 0x0)
r3 = syz_io_uring_setup(0x98, &(0x7f0000000140)={0x0, 0xffffffff, 0x0, 0x3}, &(0x7f0000000240)=<r4=>0x0, &(0x7f00000000c0)=<r5=>0x0)
r6 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, &(0x7f00000003c0)={0x0, &(0x7f0000000300), &(0x7f0000000340), 0x0})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f00000004c0)={0x24102}, &(0x7f0000000500)='./file0\x00', 0x18})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000500), 0x101, 0x0)
io_uring_enter(r3, 0x47f6, 0xbacc, 0x0, 0x0, 0x0)

7.869229566s ago: executing program 0 (id=4443):
mprotect(&(0x7f000050d000/0x4000)=nil, 0x4000, 0x1000000)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="1201000005667d1040206402d14e0102030109021b000100000000090400000190f19c0009058459a5"], 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x8000)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[], &(0x7f00000001c0)=""/257, 0x4a, 0x101, 0x6}, 0x28)
r1 = syz_open_dev$radio(&(0x7f0000000180), 0x3, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r1, 0xc0205648, &(0x7f0000000100)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x98f909, 0x7fffffff, '\x00', @p_u32=&(0x7f00000001c0)=0x2}})
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
mount$overlay(0x0, 0x0, 0x0, 0x2200408, &(0x7f0000000200)={[], [{@smackfsfloor={'smackfsfloor', 0x3d, '\x0e\x94\x95>\x95\xb4@\x12\xc9\xf3\xb4\n\x99\xd1A\xcd\xfa\xdc\xfa\x0e&zr\x94>88\x10L\xdc\xb2o\xc3\x02|\xb8m\xb2\xa7\x15\xed\x9eP\xbdi\xdb\xc1\x98F\xd0\xd9\x9d\xbd\x1bi\xe8\xe31C/e\x9e\xdc\xb0I\x9d\x92\xae\xd6\xb4\xe2\xea\x10LJy\a\xf2\x96\xf8\x13ti\xfb5;\xfax\xab\x85\xc9\xe4\xef\x84\x92?\xaco\xb0v\x94\x93\xd9\xd3U|\x88Un\xc4\x8d\xc0|\x80Q\xdf+\xcaEN\x1e\x05\x82$\x7f\xd1\x96\f\xc9\xfb\xfe(]MR#\xffcA\xc9Y3\b\xb57^\x9d'}}]})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000480)=<r2=>0x0)
capset(&(0x7f0000000440)={0x19980330, r2}, 0x0)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="040e040a260c"], 0x7)
pwritev(0xffffffffffffffff, &(0x7f0000000500)=[{&(0x7f00000002c0)}], 0x1, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = syz_open_dev$video(&(0x7f0000000100), 0x546, 0x280)
ioctl$VIDIOC_CROPCAP(r3, 0xc02c563a, &(0x7f0000000400)={0xd, {0x7, 0x1ff, 0x9, 0x7fff}, {0x9, 0xffffff7f, 0x5, 0x9}, {0x1, 0x7}})
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
sendmsg$AUDIT_SET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x40880}, 0x40011)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x182)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$TCSETS(0xffffffffffffffff, 0xc0384707, &(0x7f0000000040)={0x8, 0x1, 0x6, 0x3f, 0x1a, "3eccd25569e20900"})
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000003, 0x50032, 0xffffffffffffffff, 0x0)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000580), r0)
sendmsg$TIPC_NL_BEARER_ENABLE(r0, &(0x7f0000000740)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000700)={&(0x7f00000005c0)=ANY=[@ANYBLOB="24010000", @ANYRES16=r5, @ANYBLOB="000829bd7000fedbdf25030000004c00098048000200060000000800010006000000080001009100000008000200090000000800010001000080fe000100050000000800010001010000080002000300000008000100060000003c00038008000200aa29000001000100000000000800030006000000080a0000080001000500000300ffff08000800030000feffff08f7ffffff000000080001020200000008000200030000001c000380080003000800000008000200000025813a4801007f000000100007800c0003000100000000000000300007800c000300050000000000000008000200070000000c00040001010000000000000c0003000700"/282], 0x124}, 0x1, 0x0, 0x0, 0x10}, 0x40004)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
syz_clone(0x100, 0x0, 0x0, 0x0, 0x0, 0x0)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)

7.65025602s ago: executing program 2 (id=4446):
pipe2(&(0x7f0000000040)={<r0=>0xffffffffffffffff}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000180)='bridge0\x00', 0x10)
ptrace$ARCH_SHSTK_LOCK(0x1e, r1, 0x0, 0x5003)
socket$packet(0x11, 0x3, 0x300)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000140)="be38", 0xffe7}], 0x1, &(0x7f0000000080)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaac14140000000b001400000000000000000000000700000007038b0100000000"], 0x38}, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000003c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010008020000001800006600000008000300", @ANYRES32=r6, @ANYBLOB="08002600940900000800b7"], 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
tee(r0, r7, 0x4e, 0x0)
getsockopt$IP6T_SO_GET_REVISION_MATCH(0xffffffffffffffff, 0x29, 0x44, 0x0, &(0x7f0000000440))
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000010040), 0x0, 0xffffffffffffffff, 0x4}, 0x38)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0)
ioctl$SIOCSIFHWADDR(r8, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random="000507000030"})
socket$netlink(0x10, 0x3, 0x0)

6.717554148s ago: executing program 4 (id=4448):
r0 = socket$netlink(0x10, 0x3, 0x4)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
setsockopt$sock_int(r2, 0x1, 0x4, &(0x7f0000000180)=0x3, 0x4)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e21, 0xfffffffc, @mcast2}, 0x1c)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDSETMODE(r3, 0x4b3a, 0x1)
listen(r1, 0x0)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000180)="580000001500add427323b470c45b45602067fffffff81004e22030d00ff0028925aa8002000eaa57b00090080020efffeffe809020000ff0004f03adcac4b74ffffffffffffffffffffffe7ee0000000000000000020000", 0x58}], 0x1)

6.641752276s ago: executing program 3 (id=4449):
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_tracing={0x1a, 0x9, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3e, 0x0, 0x0, 0x0, 0x9}, [@map_idx={0x18, 0x7, 0x5, 0x0, 0xd}, @ringbuf_query]}, &(0x7f0000000080)='syzkaller\x00', 0x7, 0x0, &(0x7f0000000180), 0x40f00, 0x21, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000000300)={0x7, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x2f064, 0xffffffffffffffff, 0x8, &(0x7f0000000340)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000380)=[{0x0, 0x4, 0xc, 0x4}, {0x5, 0x4, 0xf, 0xa}, {0x5, 0x4, 0xa}, {0x0, 0x2, 0xe, 0x5}, {0x5, 0x1, 0x6, 0x8}, {0x0, 0x5, 0xe, 0x2}, {0x4, 0x3, 0xa, 0xa}, {0x4, 0x4, 0x6, 0x7}], 0x10, 0x1000}, 0x94)
ioctl$F2FS_IOC_GARBAGE_COLLECT(r0, 0x4004f506, &(0x7f00000004c0))
socket$kcm(0x2a, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x4, 0x2000000008b}, 0x0)
r1 = socket$kcm(0x29, 0x0, 0x0)
r2 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(r1, 0x89e1, &(0x7f0000000100)={r2})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000200), 0xffffffffffffffff)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x180300, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendto(r5, &(0x7f0000000740)="120000001200e7ef007b00000000000000", 0x11, 0x4008040, 0x0, 0x0)
recvmmsg(r5, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x9a}, {&(0x7f00000001c0)=""/17, 0x11}], 0x7, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x0, &(0x7f0000003700)={0x77359400})
r6 = socket(0x840000000002, 0x3, 0xff)
getsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000880)={{{@in=@empty, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}}, {{@in=@loopback}, 0x0, @in=@initdev}}, &(0x7f00000005c0)=0xe8)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f00000006c0)={0x0, <r8=>0x0}, &(0x7f0000000700)=0xc)
setreuid(r7, r8)
getresgid(&(0x7f0000002900), &(0x7f0000002940), &(0x7f0000002980))
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000029c0)={{0x1, 0x1, 0x18, r2, {<r9=>0x0, 0xee00}}, './file0\x00'})
r10 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
read$FUSE(r10, &(0x7f0000000580)={0x2020, 0x0, <r11=>0x0, <r12=>0x0, <r13=>0x0}, 0x2020)
write$FUSE_DIRENTPLUS(r10, &(0x7f00000029c0)={0x658, 0x0, r11, [{{0x0, 0x2, 0x8001, 0x46, 0xff, 0x2, {0x6, 0xfa9, 0xfffffffffffffff9, 0xfff, 0x2, 0x3, 0x4, 0x0, 0xed07, 0xa000, 0x8, r12, 0x0, 0x55fd, 0x80000001}}, {0x0, 0x3, 0x6, 0x5, 'vcan0\x00'}}, {{0x6, 0x0, 0x5, 0xffffffffffffffc0, 0x3, 0x200, {0x3, 0x2, 0x5, 0xffffffffffffff01, 0xf, 0x7, 0x8, 0x2, 0xfffffe01, 0x3000, 0x2, r12, r13, 0x5, 0x4c18}}, {0x0, 0x10001, 0x8, 0xb, '%pB    \x00'}}, {{0x1, 0x0, 0xffffffff, 0x7, 0xf425, 0x2, {0x6, 0x7, 0x2, 0xf, 0xffffffffffffffff, 0x1, 0x2, 0x8, 0x9461, 0xe000, 0x7, r12, r13, 0x8000, 0x1ff8000}}, {0x1, 0xd0a9, 0xa, 0x9a5e, '/dev/cuse\x00'}}, {{0x6, 0x2, 0x5f, 0x4, 0x4, 0x1, {0x0, 0x7, 0x1000, 0xfffffffffffffff9, 0x8001, 0x0, 0x800, 0x80000000, 0xb83, 0xc000, 0x80000001, r12, r13, 0x28a, 0x7}}, {0x5, 0x4, 0x1, 0x40a, '\x00'}}, {{0x5, 0x2, 0x8, 0x8001, 0xd, 0x6, {0x6, 0x184, 0x587, 0x8000, 0x8, 0x0, 0xffffffff, 0x6, 0x10, 0x2000, 0xb, r12, r13, 0x80000000, 0xb}}, {0x2, 0x8, 0x1, 0xa2, '('}}, {{0x2, 0x1, 0x9, 0x6, 0xfffffff8, 0x7fff, {0x5, 0x1, 0xc, 0xa, 0x6, 0x6, 0x3, 0x6, 0x7, 0x8000, 0x8, r12, r13, 0x5, 0x3}}, {0x3, 0x2, 0x1, 0x9, ','}}, {{0x20006, 0x0, 0x5dd5, 0x3, 0x5, 0x81, {0x3, 0x100000001, 0x5, 0x2, 0x1, 0x2, 0x80000000, 0x69504f9e, 0x80000000, 0x2000, 0x6, r12, r13, 0x6, 0x5}}, {0x0, 0xfffffffffffffffc, 0x6, 0x4, '&\'.:&('}}, {{0x2, 0x1, 0x401, 0x5, 0x80, 0x4, {0x5, 0x404, 0x5, 0x4, 0x801, 0xff, 0x6, 0xd7a2, 0x7fff, 0x4000, 0x7f, 0x0, 0x0, 0x7fffffff, 0xc6}}, {0x4, 0x100000001, 0x4, 0xf53, '\\--,'}}, {{0x5, 0x1, 0x7ff, 0x4, 0x3d, 0x7f, {0x6, 0x7, 0x5, 0x3, 0x59ec, 0x5, 0x4, 0xf6c, 0x80000000, 0x4000, 0x80, r12, r13, 0x6, 0x6a4a}}, {0x2, 0x54f, 0x8, 0x3ff, 'nl80211\x00'}}, {{0x5, 0x2, 0x2, 0x49f, 0x7fff, 0x65, {0x5, 0xbe4a, 0x707, 0x4b3, 0x0, 0x3, 0x10001, 0xfffff800, 0x6, 0x4000, 0x4b4cca3e, r9, r13, 0x1, 0x62e2}}, {0x2, 0x101, 0x1, 0x3, '\xad'}}]}, 0x658)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000002b80), 0x0)
ioctl$FBIOPUT_VSCREENINFO(r4, 0x4601, &(0x7f0000000040)={0x191, 0x78, 0xa0, 0x78, 0x32, 0x1c0, 0x4, 0x0, {}, {}, {}, {}, 0x0, 0x40, 0xaa, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfffffffd, 0x0, 0x8, 0xa, 0x0, 0x2, 0xa})

6.469096796s ago: executing program 4 (id=4450):
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
r0 = socket(0x840000000002, 0x3, 0xff)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
add_key$keyring(&(0x7f0000000040), 0x0, 0x0, 0x0, 0xffffffffffffffff)
r2 = socket(0xa, 0x5, 0x0)
r3 = socket$nl_sock_diag(0x10, 0x3, 0x4)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f00000000c0)={'veth1\x00', &(0x7f0000000080)=@ethtool_wolinfo={0x1, 0xb, 0xe0, "51756fa0d073"}})
sendmsg$inet(r2, 0x0, 0xc2f1788970f1e6ef)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, 0x0, 0x0)
syslog(0x4, 0x0, 0x0)
syslog(0x3, &(0x7f0000002d00)=""/147, 0x93)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x1f, &(0x7f0000000480)={0x0, @in={{0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}}, 0x9, 0x80}, &(0x7f0000000100)=0x90)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @dev, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4dd708", 0x14, 0x6, 0xff, @remote, @local, {[], {{0x0, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x4a}}}}}}}, 0x0)
r4 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read(r4, &(0x7f00000000c0)=""/34, 0x22)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=@newtaction={0x14, 0x30, 0x20, 0xfffffffc, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x15}, 0x80)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000080), 0xc)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000850}, 0x0)

6.07535803s ago: executing program 3 (id=4451):
prlimit64(0x0, 0x3, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x8000)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
mount$overlay(0x0, 0x0, 0x0, 0x2200400, &(0x7f0000000340)={[], [{@smackfsfloor={'smackfsfloor', 0x3d, '\x0e\x94\x95>\x95\xb4@\x12\xc9\xf3\xb4\n\x99\xd1A\xcd\xfa\xdc\xfa\x0e&zr\x94>88\x10L\xdc\xb2o\xc3\x02|\xb8m\xb2\xa7\x15\xed\x9eP\xbdi\xdb\xc1\x98F\xd0\xd9\x9d\xbd\x1bi\xe8\xe31C/e\x9e\xdc\xb0I\x9d\x92\xae\xd6\xb4\xe2\xea\x10LJy\a\xf2\x96\xf8\x13ti\xfb5;\xfax\xab\x85\xc9\xe4\xef\x84\x92?\xaco\xb0v\x94\x93\xd9\xd3U|\x88Un\xc4\x8d\xc0|\x80Q\xdf+\xcaEN\x1e\x05\x82$\x7f\xd1\x96\f\xc9\xfb\xfe(]MR#\xffcA\xc9Y3\b\xb57^\x9d'}}]})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
capset(&(0x7f0000001680)={0x20071026}, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYRESDEC=0x0], 0x7)
ioctl(0xffffffffffffffff, 0x3, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000180), 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x406902, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
sendmsg$AUDIT_SET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}, 0x1, 0x0, 0x0, 0x40880}, 0x40011)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(r2, &(0x7f0000000000)=':', 0x1, 0x5fed0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r3, &(0x7f0000000000), 0xd)
socket(0x1d, 0x2, 0x6)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$inet6_udp(0xa, 0x2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfffffe5a)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000740)={'wlan1\x00'})
socket$kcm(0x10, 0x2, 0x0)
add_key$fscrypt_v1(&(0x7f0000000300), &(0x7f0000000340)={'fscrypt:', @desc1}, &(0x7f0000000380)={0x0, "fafac0348886ec6ca005b2d292649e4dbd42a3446049d9952cc199677d836942efd66f9bf786ec9cb4995e7d321d39b373e0fbadb55c66bcb7119c0074afe6bc", 0x19}, 0x48, 0xfffffffffffffffd)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, 0x0, 0x10)

5.422398578s ago: executing program 4 (id=4452):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x1, &(0x7f0000006680))
socket$inet(0x2, 0x4000000000000001, 0x0)
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x79})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
writev(r3, &(0x7f00000002c0)=[{&(0x7f0000000280)='2', 0x1}, {&(0x7f00000003c0)='-6', 0x2}], 0x2)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0, 0xffffffffffffff2c}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r4 = io_uring_setup(0x64a, &(0x7f0000000040)={0x0, 0x8835c, 0xc000, 0x20000a, 0x20002f7})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x8, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}, {0x3}, {0xe, 0xe}}}, 0x24}, 0x1, 0x0, 0x0, 0x40005}, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4)
r5 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
io_uring_enter(r4, 0x2219, 0x7721, 0x16, 0x0, 0x0)
syz_kvm_setup_syzos_vm$x86(0xffffffffffffffff, &(0x7f00008e5000/0x400000)=nil)

4.449404062s ago: executing program 3 (id=4453):
r0 = syz_open_procfs(0x0, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x2000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ff0000/0x2000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ff8000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r1 = io_uring_setup(0x1195, &(0x7f0000000040)={0x0, 0x2150, 0xc000, 0x3, 0xc4})
writev(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000001480)}, {0x0}], 0x2)
io_uring_enter(r1, 0x2219, 0x1adf, 0x16, 0x0, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, 0x0)
getsockopt$inet6_udp_int(r2, 0x11, 0x65, &(0x7f0000000140), &(0x7f0000000280)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000002040)={0xc, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5)
r3 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x3c, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r0, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x84d, 0x0, 0x1}]})
readv(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(r0, 0x0, 0x0)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000020303"], 0x1c}}, 0x0)
socket$packet(0x11, 0x2, 0x300)
bind$packet(0xffffffffffffffff, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, 0x0, 0x0)

4.259611982s ago: executing program 0 (id=4454):
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0)
socket$netlink(0x10, 0x3, 0x14)
r0 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r0, 0x0, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt(r0, 0x200000000114, 0x271e, &(0x7f0000032580)=""/102390, &(0x7f0000000040)=0x18ff6)
bind$inet6(r0, 0x0, 0x1e)
socket$inet_sctp(0x2, 0x5, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
r2 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, 0x0)

3.943095485s ago: executing program 2 (id=4455):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_io_uring_setup(0x10f, &(0x7f00000000c0)={0x0, 0x211a, 0x400, 0x40209, 0x11e}, &(0x7f0000000140)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000040)=0xefefffd7, 0x0, 0x4)
r5 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r5, 0x7a7, &(0x7f0000000040)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r5, 0x7a0, &(0x7f0000000000)={@local})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r5, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @any, 0x0, 0x0, 0x5e})
r6 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r6, 0x7a0, &(0x7f0000000240)={@hyper})
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB='>'], 0x38}}, 0x80)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r7, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r7, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_ACCEPT={0xd, 0x8, 0x1, 0xffffffffffffffff, 0x0})
socket$inet6_mptcp(0xa, 0x1, 0x106)
io_uring_enter(r2, 0x3516, 0xc2de, 0x8, 0x0, 0x0)

3.621219537s ago: executing program 0 (id=4456):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x22d00, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x110e22fff6)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0x4004743d, 0x110e22fff6)
close(r0)
write$ppp(r1, 0x0, 0x0)

3.540687921s ago: executing program 3 (id=4457):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
write$bt_hci(r2, 0x0, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f00000022c0)=ANY=[@ANYBLOB], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000040), 0x10}, 0x94)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}}, 0x24}}, 0x0)
r6 = creat(&(0x7f00000000c0)='./file0\x00', 0xd4)
ioctl$BLKPG(r6, 0x1269, &(0x7f0000000280)={0x1, 0x0, 0x0, 0x0})
sendmsg$nl_route_sched(r6, 0x0, 0x20000044)
r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r7)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000b97135b128b2d3fe39f24aea60506700000000000000000000000000000000b60c63bd74c4216379842b5713a908ba59480f5a5b5e16f5a17ad08bda6d822aefaae95f70465ec62a42c4f2368511311b77cc303521a1d347ccfdd6a486f8422520994fd5acd12cbd54386a357163cb706b5ab4e9881871c08a4fdcbd34be0409d0c98d97f2bfacafc3648c5bc3f24d8b743b00c81bb523a821c9260a267aa80262960c3333c4cb98b5671d2f450b0683db76146e94732f6fcf09a241716de0ba00a6f51dadeed7b6eff15d9d921d2fedf68c9501d93294814cf622c87148ade0"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x16, 0x10, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70200000000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002000200850000008200000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ptrace$setregs(0xd, r7, 0x0, &(0x7f00000003c0))
ptrace$getregset(0x4205, r7, 0x200, &(0x7f0000000080)={&(0x7f00000000c0)=""/112, 0x70})
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$IPCTNL_MSG_CT_GET_UNCONFIRMED(r9, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, 0x7, 0x1, 0x301, 0x0, 0x0, {0x2, 0x0, 0x9}, ["", "", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000010}, 0x24008080)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="24000000180001000000005955ee0e662d"], 0x24}}, 0x0)
syz_usb_connect(0x5, 0x24, &(0x7f0000000100)=ANY=[@ANYBLOB="1201000043242108d81301006230010203010902120001000000000904"], 0x0)
r10 = socket(0x10, 0x3, 0x0)
sendmmsg(r10, &(0x7f0000000000), 0x400000000000235, 0x0)

3.168720307s ago: executing program 0 (id=4458):
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) (async)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r1=>r0}, './file0\x00'})
syz_genetlink_get_family_id$devlink(&(0x7f0000000140), r1)
read(r0, 0x0, 0x20) (async)
read(r0, 0x0, 0x20)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2)
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYRESOCT, @ANYRES64, @ANYRES32=0x0, @ANYRES8=r0, @ANYBLOB="50e9b8610b65fe5a9bfd1152c04b90f82ac623c5fbbc24ce5413d54c6608f9eef282f850c4a82ad9c5dfd5d4f74758b63cbeafeb346cee4f67cfb8a7d56818bc9f570854273f7b68127b28d9e3936899c20695e69a6331fa7c3c4fe45f83cba3ba1317c8bcdf8fbdf7907b67718b8ba633ad204ec4bf18f83b83b1bf13009483ee6a2f7eb92e", @ANYRES64=0x0, @ANYRES8=r0, @ANYRES8=0x0, @ANYRESOCT=0x0], 0x0)

3.07735655s ago: executing program 1 (id=4459):
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) (async)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) (async)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) (async)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb45, 0x100000000009, 0xa, 0x0, 0x3}, 0x0)
r2 = shmget$private(0x0, 0x13000, 0x1, &(0x7f0000feb000/0x13000)=nil)
shmat(r2, &(0x7f0000ff1000/0x3000)=nil, 0x400c) (async)
syz_kvm_setup_syzos_vm$x86(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x2001) (async)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f00000001c0)="580000001500add427323b472545b4560a117fffffff81000e220e227f000008925aa80013007b00090080007f000001e809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee00", 0x4c}], 0x1) (async)
write$binfmt_misc(r4, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f00000002c0)={r4, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x14, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d960001000000000000000000007efff100004000", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c527d3d458dd4992861ac00", "f4bd000000801900", [0x8, 0xffffffff9673e35d]}}) (async)
r5 = fsopen(&(0x7f00000000c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r5, 0x6, 0x0, 0x0, 0x0) (async)
r6 = fsmount(r5, 0x0, 0x0)
openat$cgroup_subtree(r6, &(0x7f0000000100), 0x2, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r8 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r9=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r7, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000880)={0x24, r8, 0x1, 0x4070bd28, 0x1, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r9}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}]}, 0x24}}, 0x18) (async)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000280)={@fallback, 0xffffffffffffffff, 0x2a}, 0x20) (async)
capget(0x0, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84) (async)
r10 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r10, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000000600)=ANY=[@ANYBLOB="b8000000190001002dbd70000000000000000000000000000000000000000001fe8000000000000000000000000000bb00000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000c00000000000000000000000000000000000000000000000000000000000000fffffffffeffffff0000800000200000fcffffffffffffff0000000000000000000a000000000000040000000000000002e3b5000000000800000000000000000101"], 0xb8}}, 0x4) (async)
socket$nl_xfrm(0x10, 0x3, 0x6)

2.480667471s ago: executing program 1 (id=4460):
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil)
r1 = socket(0xa, 0x3, 0x3a)
r2 = syz_open_dev$video(&(0x7f0000000000), 0x8, 0x8000)
ioctl$VIDIOC_G_SELECTION(r2, 0xc040565e, &(0x7f0000000080)={0x2, 0x3, 0x0, {0x8012, 0x10001, 0x3, 0x3}})
setsockopt$MRT6_ADD_MFC_PROXY(r1, 0x29, 0xd2, &(0x7f0000000300)={{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @mcast2}, 0x1}, 0x5c)
io_uring_register$IORING_REGISTER_MEM_REGION(0xffffffffffffffff, 0x22, &(0x7f0000000080)={&(0x7f0000000040)={&(0x7f0000000000)="21db2d1ee8afbe4ffab5eea9858b04938da5704da82cd0e876e9a566010ccb2ee14a785433fb217838f2bb7da7618f367e5ec6fe67a7456583e06f60618163", 0x3f, 0x1, 0x6, 0x5}, 0x1}, 0x1)

2.224430216s ago: executing program 2 (id=4461):
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_tracing={0x1a, 0x9, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3e, 0x0, 0x0, 0x0, 0x9}, [@map_idx={0x18, 0x7, 0x5, 0x0, 0xd}, @ringbuf_query]}, &(0x7f0000000080)='syzkaller\x00', 0x7, 0x0, &(0x7f0000000180), 0x40f00, 0x21, '\x00', 0x0, 0x1c, 0xffffffffffffffff, 0x8, &(0x7f0000000300)={0x7, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x2f064, 0xffffffffffffffff, 0x8, &(0x7f0000000340)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000380)=[{0x0, 0x4, 0xc, 0x4}, {0x5, 0x4, 0xf, 0xa}, {0x5, 0x4, 0xa}, {0x0, 0x2, 0xe, 0x5}, {0x5, 0x1, 0x6, 0x8}, {0x0, 0x5, 0xe, 0x2}, {0x4, 0x3, 0xa, 0xa}, {0x4, 0x4, 0x6, 0x7}], 0x10, 0x1000}, 0x94)
ioctl$F2FS_IOC_GARBAGE_COLLECT(r0, 0x4004f506, &(0x7f00000004c0))
socket$kcm(0x2a, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x4, 0x2000000008b}, 0x0)
r1 = socket$kcm(0x29, 0x0, 0x0)
r2 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(r1, 0x89e1, &(0x7f0000000100)={r2})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000200), 0xffffffffffffffff)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x180300, 0x0)
r5 = socket(0x10, 0x803, 0x0)
sendto(r5, &(0x7f0000000740)="120000001200e7ef007b00000000000000", 0x11, 0x4008040, 0x0, 0x0)
recvmmsg(r5, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x9a}, {&(0x7f00000001c0)=""/17, 0x11}], 0x7, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x0, &(0x7f0000003700)={0x77359400})
r6 = socket(0x840000000002, 0x3, 0xff)
getsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000880)={{{@in=@empty, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}}, {{@in=@loopback}, 0x0, @in=@initdev}}, &(0x7f00000005c0)=0xe8)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f00000006c0)={0x0, <r8=>0x0}, &(0x7f0000000700)=0xc)
setreuid(r7, r8)
getresgid(&(0x7f0000002900), &(0x7f0000002940), &(0x7f0000002980))
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000029c0)={{0x1, 0x1, 0x18, r2, {<r9=>0x0, 0xee00}}, './file0\x00'})
r10 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
read$FUSE(r10, &(0x7f0000000580)={0x2020, 0x0, <r11=>0x0, <r12=>0x0, <r13=>0x0}, 0x2020)
write$FUSE_DIRENTPLUS(r10, &(0x7f00000029c0)={0x658, 0x0, r11, [{{0x0, 0x2, 0x8001, 0x46, 0xff, 0x2, {0x6, 0xfa9, 0xfffffffffffffff9, 0xfff, 0x2, 0x3, 0x4, 0x0, 0xed07, 0xa000, 0x8, r12, 0x0, 0x55fd, 0x80000001}}, {0x0, 0x3, 0x6, 0x5, 'vcan0\x00'}}, {{0x6, 0x0, 0x5, 0xffffffffffffffc0, 0x3, 0x200, {0x3, 0x2, 0x5, 0xffffffffffffff01, 0xf, 0x7, 0x8, 0x2, 0xfffffe01, 0x3000, 0x2, r12, r13, 0x5, 0x4c18}}, {0x0, 0x10001, 0x8, 0xb, '%pB    \x00'}}, {{0x1, 0x0, 0xffffffff, 0x7, 0xf425, 0x2, {0x6, 0x7, 0x2, 0xf, 0xffffffffffffffff, 0x1, 0x2, 0x8, 0x9461, 0xe000, 0x7, r12, r13, 0x8000, 0x1ff8000}}, {0x1, 0xd0a9, 0xa, 0x9a5e, '/dev/cuse\x00'}}, {{0x6, 0x2, 0x5f, 0x4, 0x4, 0x1, {0x0, 0x7, 0x1000, 0xfffffffffffffff9, 0x8001, 0x0, 0x800, 0x80000000, 0xb83, 0xc000, 0x80000001, r12, r13, 0x28a, 0x7}}, {0x5, 0x4, 0x1, 0x40a, '\x00'}}, {{0x5, 0x2, 0x8, 0x8001, 0xd, 0x6, {0x6, 0x184, 0x587, 0x8000, 0x8, 0x0, 0xffffffff, 0x6, 0x10, 0x2000, 0xb, r12, r13, 0x80000000, 0xb}}, {0x2, 0x8, 0x1, 0xa2, '('}}, {{0x2, 0x1, 0x9, 0x6, 0xfffffff8, 0x7fff, {0x5, 0x1, 0xc, 0xa, 0x6, 0x6, 0x3, 0x6, 0x7, 0x8000, 0x8, r12, r13, 0x5, 0x3}}, {0x3, 0x2, 0x1, 0x9, ','}}, {{0x20006, 0x0, 0x5dd5, 0x3, 0x5, 0x81, {0x3, 0x100000001, 0x5, 0x2, 0x1, 0x2, 0x80000000, 0x69504f9e, 0x80000000, 0x2000, 0x6, r12, r13, 0x6, 0x5}}, {0x0, 0xfffffffffffffffc, 0x6, 0x4, '&\'.:&('}}, {{0x2, 0x1, 0x401, 0x5, 0x80, 0x4, {0x5, 0x404, 0x5, 0x4, 0x801, 0xff, 0x6, 0xd7a2, 0x7fff, 0x4000, 0x7f, 0x0, 0x0, 0x7fffffff, 0xc6}}, {0x4, 0x100000001, 0x4, 0xf53, '\\--,'}}, {{0x5, 0x1, 0x7ff, 0x4, 0x3d, 0x7f, {0x6, 0x7, 0x5, 0x3, 0x59ec, 0x5, 0x4, 0xf6c, 0x80000000, 0x4000, 0x80, r12, r13, 0x6, 0x6a4a}}, {0x2, 0x54f, 0x8, 0x3ff, 'nl80211\x00'}}, {{0x5, 0x2, 0x2, 0x49f, 0x7fff, 0x65, {0x5, 0xbe4a, 0x707, 0x4b3, 0x0, 0x3, 0x10001, 0xfffff800, 0x6, 0x4000, 0x4b4cca3e, r9, r13, 0x1, 0x62e2}}, {0x2, 0x101, 0x1, 0x3, '\xad'}}]}, 0x658)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000002b80), 0x0)
ioctl$FBIOPUT_VSCREENINFO(r4, 0x4601, &(0x7f0000000040)={0x191, 0x78, 0xa0, 0x78, 0x32, 0x1c0, 0x4, 0x0, {}, {}, {}, {}, 0x0, 0x40, 0xaa, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xfffffffd, 0x0, 0x8, 0xa, 0x0, 0x2, 0xa})

1.824631671s ago: executing program 2 (id=4462):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_io_uring_setup(0x10f, &(0x7f00000000c0)={0x0, 0x211a, 0x400, 0x40209, 0x11e}, &(0x7f0000000140)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
r5 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r5, 0x7a0, &(0x7f0000000000)={@local})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r5, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @any, 0x0, 0x0, 0x5e})
r6 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r6, 0x7a7, &(0x7f0000000040)=0x90000)
close(0x3)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB='>'], 0x38}}, 0x80)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r7, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r7, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_ACCEPT={0xd, 0x8, 0x1, 0xffffffffffffffff, 0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000100)={0x3ff4, 0x8000, 0x0, 0x4}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x8000000e}, 0x94)
io_uring_enter(r2, 0x3516, 0xc2de, 0x8, 0x0, 0x0)
syz_emit_ethernet(0x82, &(0x7f0000002340)=ANY=[@ANYBLOB="aaaaaaaa87b0aaaa0000000000000800452d0074006600000501907864010101ac1414bb0b00907800090000465c003b00ac6c98402f0004e00000017f0000014414952300000000000065586401010100000009071354ac1414bbac1e0001640101027f000001070b9f640101006401010194040100440c4880000000000000338c"], 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
capset(&(0x7f00000005c0)={0x19980330}, &(0x7f0000000600)={0xd, 0xd, 0x4, 0x1, 0x4, 0x5})

1.783535518s ago: executing program 4 (id=4463):
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000080))
socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f00000000c0)={<r2=>0xffffffffffffffff}, 0x2, 0x9}}, 0x20)
r3 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
pread64(r3, &(0x7f0000000200)=""/82, 0x52, 0x2000000fc)
bind$tipc(r3, 0x0, 0x0)
write$RDMA_USER_CM_CMD_MIGRATE_ID(r1, &(0x7f0000000200)={0x12, 0x10, 0xfa00, {&(0x7f0000000040), r2, r3}}, 0x18)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
getrlimit(0xf, &(0x7f0000000040))
sched_setaffinity(0x0, 0x0, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000023c0)=@updsa={0x150, 0x1a, 0x1, 0x0, 0x0, {{@in=@loopback, @in6=@empty}, {@in6=@dev, 0x0, 0x33}, @in6=@rand_addr=' \x01\x00', {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_auth_trunc={0x5e, 0x14, {{'cmac(aes)\x00'}, 0x90, 0x0, "09647cfcb920c1cb091b151c49125848fd53"}}]}, 0x150}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000004c00)=""/102392, 0x18ff8)
close_range(r0, 0xffffffffffffffff, 0x0)

1.541290968s ago: executing program 1 (id=4464):
syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0)
r0 = syz_io_uring_setup(0x4ed, &(0x7f0000000300)={0x0, 0xfec9, 0x0, 0xff7ffffc, 0x274}, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
timer_create(0x7, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r3=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r3, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r4 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
readv(r4, &(0x7f0000000400)=[{&(0x7f00000002c0)=""/92, 0x5c}], 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r0, 0xdb4, 0xd070, 0x0, 0x0, 0x0)

1.236004024s ago: executing program 4 (id=4465):
pipe2(&(0x7f0000000040)={<r0=>0xffffffffffffffff}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000180)='bridge0\x00', 0x10)
ptrace$ARCH_SHSTK_LOCK(0x1e, r1, 0x0, 0x5003)
socket$packet(0x11, 0x3, 0x300)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000140)="be38", 0xffe7}], 0x1, &(0x7f0000000080)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaac14140000000b001400000000000000000000000700000007038b0100000000"], 0x38}, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000003c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010008020000001800006600000008000300", @ANYRES32=r6, @ANYBLOB="08002600940900000800b7"], 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
tee(r0, r7, 0x4e, 0x0)
getsockopt$IP6T_SO_GET_REVISION_MATCH(0xffffffffffffffff, 0x29, 0x44, 0x0, &(0x7f0000000440))
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000010040), 0x0, 0xffffffffffffffff, 0x4}, 0x38)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0)
ioctl$SIOCSIFHWADDR(r8, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random="000507000030"})
socket$netlink(0x10, 0x3, 0x0)

1.09914307s ago: executing program 3 (id=4466):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x672, 0x161200)
ioctl$EVIOCGMTSLOTS(r1, 0x8040450a, &(0x7f0000000100)=""/218)
setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000001b00)={'filter\x00', 0x104, 0x4, 0x3c8, 0x0, 0x1f8, 0xe8, 0x2e0, 0x2e0, 0x2e0, 0x4, 0x0, {[{{@arp={@remote, @broadcast, 0x0, 0x0, 0x0, 0x0, {@mac=@local}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'dvmrp0\x00', 'macvlan0\x00'}, 0xc0, 0xe8}, @unspec=@NFQUEUE1={0x28}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@broadcast, @empty, @rand_addr=0x64010102, @loopback, 0xe}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xe8}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x418)

1.002195792s ago: executing program 3 (id=4467):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_io_uring_setup(0x10f, &(0x7f00000000c0)={0x0, 0x211a, 0x400, 0x40209, 0x11e}, &(0x7f0000000140)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000040)=0xefefffd7, 0x0, 0x4)
r5 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r5, 0x7a7, &(0x7f0000000040)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r5, 0x7a0, &(0x7f0000000000)={@local})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r5, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @any, 0x0, 0x0, 0x5e})
r6 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r6, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x5e, 0xfffffffffffffff9})
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB='>'], 0x38}}, 0x80)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r7, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r7, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_ACCEPT={0xd, 0x8, 0x1, 0xffffffffffffffff, 0x0})
socket$inet6_mptcp(0xa, 0x1, 0x106)
io_uring_enter(r2, 0x3516, 0xc2de, 0x8, 0x0, 0x0)

581.534243ms ago: executing program 2 (id=4468):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(r0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0xffffffffffffff30)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102400, 0x19000)
r2 = mq_open(&(0x7f0000001600)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\aXg\xbb\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x8a=\x0f\n*\x8a\x99\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5\x00\x00\x00\x00\x00\x00\x00\x01\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbbV\x1a\x8a\x03#T\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8', 0x40, 0xb, 0x0)
mq_open(0x0, 0x2, 0x1b6, 0x0)
mount$bind(0x0, 0x0, 0x0, 0x1085408, 0x0)
ioctl$IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, 0x0)
r3 = socket(0x40000000015, 0x5, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000080)='map_files\x00')
getdents(r4, &(0x7f0000000ec0)=""/4096, 0x1000)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r5=>r3}, './file0\x00'})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1100000004000000040000000000008000000000", @ANYRES32, @ANYBLOB="0000000000000e00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_GET(r6, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r7, @ANYRES64=r2], 0x2c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000)
ioctl$UI_DEV_CREATE(r5, 0x5501)
bind$inet(r3, &(0x7f00008a5ff0)={0x2, 0x0, @loopback}, 0x10)
recvmmsg(r3, &(0x7f0000000780)=[{{0x0, 0x0, 0x0}}], 0x1, 0x60010000, 0x0)
r8 = openat$procfs(0xffffffffffffff9c, &(0x7f00000022c0)='/proc/tty/drivers\x00', 0x0, 0x0)
read$FUSE(r8, &(0x7f0000000180)={0x2020}, 0x2024)
sendto$inet(r5, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0x2, 0xfffc, @broadcast}, 0x10)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000900)=[@in6={0xa, 0x0, 0x0, @loopback, 0x7ff}], 0x1c)
io_uring_setup(0x5168, &(0x7f0000000000)={0x0, 0x417d, 0x1, 0x1, 0x132})

210.174766ms ago: executing program 4 (id=4469):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x14d802, 0x0)
r1 = dup(r0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40081271, &(0x7f0000000040)=0x10000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000002, 0x28011, r1, 0x2c93a000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000040)=ANY=[@ANYBLOB="1808000000000000000000000000000018000000000600000000000000000000d31800000001000095"], &(0x7f0000000000)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x40}, 0x94)
madvise(&(0x7f0000082000/0x1000)=nil, 0x1000, 0x15)
recvfrom$llc(r1, &(0x7f00000000c0)=""/245, 0xf5, 0x41, &(0x7f00000001c0)={0x1a, 0x203, 0x5, 0x0, 0x6, 0xf, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x22}}, 0x10)

168.30923ms ago: executing program 1 (id=4470):
r0 = epoll_create1(0x80000)
r1 = creat(&(0x7f00000001c0)='./bus\x00', 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, 0x0, 0x44004)
close(r1)
r3 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0)
r4 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0))
r5 = ioctl$USERFAULTFD_IOC_NEW(r1, 0xaa00)
ioctl$UFFDIO_POISON(r5, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000ff7000/0x4000)=nil, 0x4000}})
r6 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_MEMORY_ENCRYPT_REG_REGION(r1, 0x8010aebb, &(0x7f0000000140)={0x50000})
ioctl$SW_SYNC_IOC_INC(r6, 0x40045701, &(0x7f0000000440)=0xffffffff)
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffa000/0x3000)=nil, 0x3000}, 0x1})
syz_memcpy_off$KVM_EXIT_HYPERCALL(r3, 0x20, 0x0, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000180), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRES32=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r0])
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r7, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00032abd7000fcdbdf25140000000800080009800000080010000300000008000f00ffffffff0800020005004bb196c5008eb37cce4888347fe7fae8640071f94bf9813a3d97ac2c0bca8eba5abbb3993391b5922eeac3ec72b76bcbe2f5d7459346b0fbd12b587e49927d0318a220797f92a5815f197863309b0c484ad9a6adcf212dc86f311752cace42d40ddd19dac777ab2a79ad2e8e42a6986219aa3c525cc301f1dfc16b97561631ef290781f428089bda311c0194432888d20be64e52347d5d401db87839"], 0x34}, 0x1, 0x0, 0x0, 0x4000}, 0x8801)

0s ago: executing program 0 (id=4471):
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000840)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000040)="d8000000180081064e81f782db4cb904021d080006007c09e8fe55a10a0015000600142603600e1208000f0000000401a8001600200003400400020003", 0x3d}], 0x1}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@gettfilter={0x3c, 0x2e, 0x400, 0x70bd21, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x0, 0x7}, {0x6, 0xe}, {0x8, 0xffff}}, [{0x8, 0xb, 0x2}, {0x8, 0xb, 0x9}, {0x8, 0xb, 0x40000c12}]}, 0x3c}}, 0x4008800)
r1 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e000100636f6e6e6c696d69740000000c00028008000140000000001400017b090001006cdbf80789f3f947dd000280080003"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050840)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)}], 0x1}, 0x0)
sched_setscheduler(r0, 0x1, &(0x7f00000005c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x0, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000002440)='/sys/kernel/debug/binder/state\x00', 0x0, 0xebff)
read$FUSE(r4, &(0x7f0000002580)={0x2020}, 0x2020)
r5 = getpgrp(r0)
ptrace$PTRACE_SETSIGMASK(0x420b, r5, 0x8, &(0x7f0000000100)={[0x4]})
socketpair(0x1d, 0x2, 0x2, &(0x7f0000000000)={0x0, 0x0})
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xa, 0x4, &(0x7f0000000440)=ANY=[@ANYBLOB="b4000000feffffffdd0a00aaca000000"], &(0x7f0000000480)='GPL\x00', 0x7, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x19, &(0x7f0000000000)={0x3, 0x1}, 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x5}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x3f)
r6 = add_key$keyring(&(0x7f0000002280), &(0x7f00000022c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffb)
keyctl$KEYCTL_WATCH_KEY(0x20, r6, 0xffffffffffffffff, 0x6f)
r7 = add_key$fscrypt_provisioning(&(0x7f0000002a40), &(0x7f0000002a80)={'syz', 0x2}, &(0x7f0000002ac0)={0x2, 0x0, @b}, 0x48, r6)
keyctl$KEYCTL_MOVE(0x1e, r7, r6, 0xfffffffffffffffb, 0x1)
syz_init_net_socket$ax25(0x3, 0x4, 0xf0)

kernel console output (not intermixed with test programs):

7 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1330.270021][ T7194] usb 4-1: config 0 descriptor??
[ 1330.288408][ T7193] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1330.350730][ T7193] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1330.521248][T21595] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 1330.554558][ T7193] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[ 1330.750538][ T7194] ntrig 0003:1B96:0012.0043: unknown main item tag 0x0
[ 1330.803402][ T7194] ntrig 0003:1B96:0012.0043: unknown global tag 0xe
[ 1330.878019][ T7193] usb 2-1: USB disconnect, device number 94
[ 1330.887337][ T7194] ntrig 0003:1B96:0012.0043: item 0 2 1 14 parsing failed
[ 1330.967260][ T7194] ntrig 0003:1B96:0012.0043: parse failed
[ 1331.007013][ T7194] ntrig 0003:1B96:0012.0043: probe with driver ntrig failed with error -22
[ 1331.276764][ T7194] usb 4-1: USB disconnect, device number 77
[ 1331.590630][ T7193] usb 2-1: new full-speed USB device number 95 using dummy_hcd
[ 1331.975091][ T7193] usb 2-1: unable to read config index 0 descriptor/start: -61
[ 1332.256744][ T7193] usb 2-1: can't read configurations, error -61
[ 1332.394200][ T7194] usb 3-1: new high-speed USB device number 66 using dummy_hcd
[ 1332.401794][ T7193] usb 2-1: new full-speed USB device number 96 using dummy_hcd
[ 1332.545107][ T7194] usb 3-1: device descriptor read/64, error -71
[ 1332.556266][   T30] kauditd_printk_skb: 13 callbacks suppressed
[ 1332.556277][   T30] audit: type=1400 audit(1770355614.229:1264): avc:  denied  { read write } for  pid=21623 comm="syz.4.4047" name="fuse" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[ 1332.588960][   T30] audit: type=1400 audit(1770355614.229:1265): avc:  denied  { open } for  pid=21623 comm="syz.4.4047" path="/dev/fuse" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[ 1332.615670][ T7193] usb 2-1: unable to read config index 0 descriptor/start: -61
[ 1332.623519][ T7193] usb 2-1: can't read configurations, error -61
[ 1332.660969][ T7193] usb usb2-port1: attempt power cycle
[ 1332.794297][ T7194] usb 3-1: new high-speed USB device number 67 using dummy_hcd
[ 1332.945872][   T30] audit: type=1400 audit(1770355614.559:1266): avc:  denied  { ioctl } for  pid=21623 comm="syz.4.4047" path="socket:[85410]" dev="sockfs" ino=85410 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1333.074197][ T7194] usb 3-1: device descriptor read/64, error -71
[ 1333.172187][   T30] audit: type=1400 audit(1770355614.729:1267): avc:  denied  { ioctl } for  pid=21629 comm="syz.3.4050" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1333.214544][ T7194] usb usb3-port1: attempt power cycle
[ 1333.248173][ T7206] hid-generic 0000:0000:0000.0044: unknown main item tag 0x0
[ 1333.523203][   T30] audit: type=1400 audit(1770355615.189:1268): avc:  denied  { connect } for  pid=21637 comm="syz.0.4051" lport=250 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1333.604287][ T7194] usb 3-1: new high-speed USB device number 68 using dummy_hcd
[ 1333.632040][   T30] audit: type=1400 audit(1770355615.219:1269): avc:  denied  { write } for  pid=21637 comm="syz.0.4051" laddr=172.20.20.170 lport=250 faddr=172.20.20.187 fport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1333.639246][ T7206] hid-generic 0000:0000:0000.0044: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1333.686986][ T7194] usb 3-1: device descriptor read/8, error -71
[ 1333.732578][   T30] audit: type=1400 audit(1770355615.289:1270): avc:  denied  { getopt } for  pid=21637 comm="syz.0.4051" laddr=172.20.20.170 lport=250 faddr=172.20.20.187 fport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1333.931254][ T7194] usb 3-1: new high-speed USB device number 69 using dummy_hcd
[ 1333.955108][ T7194] usb 3-1: device descriptor read/8, error -71
[ 1334.009686][   T30] audit: type=1400 audit(1770355615.679:1271): avc:  denied  { read write } for  pid=21641 comm="syz.4.4052" name="fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[ 1334.048475][T21645] rdma_rxe: rxe_newlink: failed to add syz_tun
[ 1334.132825][ T7194] usb usb3-port1: unable to enumerate USB device
[ 1334.140201][   T30] audit: type=1400 audit(1770355615.679:1272): avc:  denied  { open } for  pid=21641 comm="syz.4.4052" path="/dev/fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[ 1334.166761][   T30] audit: type=1400 audit(1770355615.709:1273): avc:  denied  { ioctl } for  pid=21641 comm="syz.4.4052" path="/dev/fb0" dev="devtmpfs" ino=629 ioctlcmd=0x4601 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[ 1335.964397][ T7206] usb 3-1: new high-speed USB device number 70 using dummy_hcd
[ 1336.238122][ T7206] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[ 1336.264368][ T7206] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[ 1336.284152][ T7206] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 121
[ 1336.315218][ T7206] usb 3-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[ 1336.354320][ T7206] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1336.362532][ T7206] usb 3-1: Product: syz
[ 1336.818127][ T7206] usb 3-1: Manufacturer: syz
[ 1336.825026][ T7206] usb 3-1: SerialNumber: syz
[ 1336.831737][ T7206] usb 3-1: config 0 descriptor??
[ 1336.837599][T21680] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1336.844892][T21680] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1336.853250][ T7206] usb 3-1: ucan: probing device on interface #0
[ 1336.870676][T21690] syz1: rxe_newlink: already configured on syz_tun
[ 1337.087497][ T7206] usb 3-1: ucan: could not read protocol version, ret=83
[ 1337.691931][ T7206] usb 3-1: ucan: probe failed; try to update the device firmware
[ 1337.889181][   T30] kauditd_printk_skb: 11 callbacks suppressed
[ 1337.889198][   T30] audit: type=1400 audit(1770355619.559:1285): avc:  denied  { setopt } for  pid=21696 comm="syz.1.4067" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1337.971458][   T30] audit: type=1400 audit(1770355619.639:1286): avc:  denied  { write } for  pid=21701 comm="syz.4.4069" name="card1" dev="devtmpfs" ino=628 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[ 1338.074206][ T7206] usb 4-1: new high-speed USB device number 78 using dummy_hcd
[ 1338.120106][   T30] audit: type=1400 audit(1770355619.789:1287): avc:  denied  { map } for  pid=21705 comm="syz.0.4071" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=736 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[ 1338.146983][   T30] audit: type=1400 audit(1770355619.819:1288): avc:  denied  { create } for  pid=21705 comm="syz.0.4071" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[ 1338.169913][T21706] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4071'.
[ 1338.224289][ T7206] usb 4-1: Using ep0 maxpacket: 16
[ 1338.284232][T17491] usb 5-1: new high-speed USB device number 80 using dummy_hcd
[ 1338.408554][   T30] audit: type=1400 audit(1770355620.069:1289): avc:  denied  { read append } for  pid=21705 comm="syz.0.4071" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[ 1338.434996][ T7206] usb 4-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0
[ 1338.435476][   T30] audit: type=1400 audit(1770355620.069:1290): avc:  denied  { open } for  pid=21705 comm="syz.0.4071" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[ 1338.457486][T21707] netlink: 'syz.0.4071': attribute type 4 has an invalid length.
[ 1338.468202][   T30] audit: type=1400 audit(1770355620.119:1291): avc:  denied  { setopt } for  pid=21705 comm="syz.0.4071" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 1338.476331][ T7206] usb 4-1: config 0 interface 0 altsetting 1 endpoint 0x89 has invalid wMaxPacketSize 0
[ 1338.544676][ T7206] usb 4-1: config 0 interface 0 has no altsetting 0
[ 1338.555960][T21706] lo speed is unknown, defaulting to 1000
[ 1338.562637][T21706] lo speed is unknown, defaulting to 1000
[ 1338.568909][T21706] lo speed is unknown, defaulting to 1000
[ 1338.662789][T21706] infiniband syz0: set down
[ 1338.667331][T21706] infiniband syz0: added lo
[ 1338.673157][ T7193] lo speed is unknown, defaulting to 1000
[ 1338.675648][T17491] usb 5-1: device descriptor read/64, error -71
[ 1338.701926][T21706] RDS/IB: syz0: added
[ 1338.706275][T21706] smc: adding ib device syz0 with port count 1
[ 1338.712423][T21706] smc:    ib device syz0 port 1 has no pnetid
[ 1338.721952][ T7206] usb 4-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[ 1338.734663][ T7206] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1338.742829][ T7206] usb 4-1: Product: syz
[ 1338.747146][ T7206] usb 4-1: Manufacturer: syz
[ 1338.751765][ T7206] usb 4-1: SerialNumber: syz
[ 1338.758032][T21706] lo speed is unknown, defaulting to 1000
[ 1338.836877][T21706] lo speed is unknown, defaulting to 1000
[ 1338.915550][T21706] lo speed is unknown, defaulting to 1000
[ 1339.006224][T21706] lo speed is unknown, defaulting to 1000
[ 1339.082795][T21706] lo speed is unknown, defaulting to 1000
[ 1339.171202][ T7193] lo speed is unknown, defaulting to 1000
[ 1339.196028][ T7204] usb 3-1: USB disconnect, device number 70
[ 1339.245665][ T7206] usb 4-1: config 0 descriptor??
[ 1339.337458][T17491] usb 5-1: new high-speed USB device number 81 using dummy_hcd
[ 1339.496243][   T30] audit: type=1400 audit(1770355621.169:1292): avc:  denied  { setopt } for  pid=21698 comm="syz.3.4068" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 1339.524415][   T30] audit: type=1400 audit(1770355621.189:1293): avc:  denied  { write } for  pid=21698 comm="syz.3.4068" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 1339.569294][   T30] audit: type=1400 audit(1770355621.199:1294): avc:  denied  { create } for  pid=21698 comm="syz.3.4068" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 1339.634254][T17491] usb 5-1: device descriptor read/64, error -71
[ 1339.857047][T17491] usb usb5-port1: attempt power cycle
[ 1340.524313][T17491] usb 5-1: new high-speed USB device number 82 using dummy_hcd
[ 1341.201676][T17491] usb 5-1: device descriptor read/8, error -71
[ 1341.567871][T21738] syz1: rxe_newlink: already configured on syz_tun
[ 1342.225857][ T7204] usb 4-1: USB disconnect, device number 78
[ 1342.318047][T21750] FAULT_INJECTION: forcing a failure.
[ 1342.318047][T21750] name failslab, interval 1, probability 0, space 0, times 0
[ 1342.336946][T21750] CPU: 0 UID: 0 PID: 21750 Comm: syz.4.4083 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1342.336975][T21750] Tainted: [L]=SOFTLOCKUP
[ 1342.336980][T21750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1342.336995][T21750] Call Trace:
[ 1342.337002][T21750]  <TASK>
[ 1342.337009][T21750]  dump_stack_lvl+0x100/0x190
[ 1342.337036][T21750]  should_fail_ex.cold+0x5/0xa
[ 1342.337056][T21750]  should_failslab+0xc2/0x120
[ 1342.337080][T21750]  kmem_cache_alloc_node_noprof+0x8c/0x880
[ 1342.337104][T21750]  ? __alloc_skb+0x156/0x410
[ 1342.337123][T21750]  ? __alloc_skb+0x35d/0x410
[ 1342.337148][T21750]  ? __alloc_skb+0x156/0x410
[ 1342.337165][T21750]  __alloc_skb+0x156/0x410
[ 1342.337185][T21750]  ? __alloc_skb+0x35d/0x410
[ 1342.337205][T21750]  ? __pfx___alloc_skb+0x10/0x10
[ 1342.337235][T21750]  alloc_skb_with_frags+0xe0/0x810
[ 1342.337264][T21750]  ? avc_has_perm_noaudit+0x145/0x3b0
[ 1342.337290][T21750]  sock_alloc_send_pskb+0x801/0x980
[ 1342.337319][T21750]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[ 1342.337348][T21750]  ? sock_has_perm+0x258/0x2f0
[ 1342.337375][T21750]  ? __pfx_sock_has_perm+0x10/0x10
[ 1342.337407][T21750]  hci_sock_sendmsg+0x1c7/0x2620
[ 1342.337432][T21750]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[ 1342.337458][T21750]  sock_write_iter+0x566/0x610
[ 1342.337477][T21750]  ? __pfx_sock_write_iter+0x10/0x10
[ 1342.337503][T21750]  ? bpf_lsm_file_permission+0x9/0x10
[ 1342.337525][T21750]  ? security_file_permission+0x76/0x210
[ 1342.337546][T21750]  ? rw_verify_area+0xce/0x6d0
[ 1342.337566][T21750]  vfs_write+0x6ac/0x1070
[ 1342.337591][T21750]  ? __pfx_sock_write_iter+0x10/0x10
[ 1342.337611][T21750]  ? __pfx_vfs_write+0x10/0x10
[ 1342.337628][T21750]  ? find_held_lock+0x2b/0x80
[ 1342.337668][T21750]  ksys_write+0x1f8/0x250
[ 1342.337688][T21750]  ? __pfx_ksys_write+0x10/0x10
[ 1342.337714][T21750]  do_syscall_64+0xc9/0xf80
[ 1342.337736][T21750]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1342.337759][T21750] RIP: 0033:0x7f648d99aeb9
[ 1342.337775][T21750] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1342.337792][T21750] RSP: 002b:00007f648e85b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1342.337808][T21750] RAX: ffffffffffffffda RBX: 00007f648dc15fa0 RCX: 00007f648d99aeb9
[ 1342.337820][T21750] RDX: 000000000000000d RSI: 0000200000000000 RDI: 000000000000001a
[ 1342.337830][T21750] RBP: 00007f648e85b090 R08: 0000000000000000 R09: 0000000000000000
[ 1342.337840][T21750] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1342.337851][T21750] R13: 00007f648dc16038 R14: 00007f648dc15fa0 R15: 00007ffdcad732c8
[ 1342.337875][T21750]  </TASK>
[ 1343.101580][   T30] kauditd_printk_skb: 17 callbacks suppressed
[ 1343.101597][   T30] audit: type=1400 audit(1770355624.769:1312): avc:  denied  { read append } for  pid=21760 comm="syz.2.4086" name="ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[ 1343.189349][   T30] audit: type=1400 audit(1770355624.769:1313): avc:  denied  { open } for  pid=21760 comm="syz.2.4086" path="/dev/ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[ 1343.242084][T21766] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4086'.
[ 1343.332913][   T30] audit: type=1400 audit(1770355624.819:1314): avc:  denied  { ioctl } for  pid=21760 comm="syz.2.4086" path="/dev/ppp" dev="devtmpfs" ino=709 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[ 1343.492037][   T30] audit: type=1400 audit(1770355624.829:1315): avc:  denied  { write } for  pid=21760 comm="syz.2.4086" name="ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[ 1345.155080][   T30] audit: type=1400 audit(1770355624.989:1316): avc:  denied  { create } for  pid=21767 comm="syz.3.4091" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[ 1345.303315][   T30] audit: type=1400 audit(1770355625.009:1317): avc:  denied  { create } for  pid=21767 comm="syz.3.4091" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 1345.876067][   T30] audit: type=1400 audit(1770355625.069:1318): avc:  denied  { ioctl } for  pid=21768 comm="syz.0.4090" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=87309 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 1345.912846][   T30] audit: type=1400 audit(1770355625.129:1319): avc:  denied  { create } for  pid=21760 comm="syz.2.4086" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[ 1345.954313][   T30] audit: type=1400 audit(1770355625.189:1320): avc:  denied  { write } for  pid=21760 comm="syz.2.4086" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[ 1345.985885][   T30] audit: type=1400 audit(1770355625.259:1321): avc:  denied  { write } for  pid=21767 comm="syz.3.4091" name="sg0" dev="devtmpfs" ino=771 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[ 1346.117164][ T7193] usb 5-1: new high-speed USB device number 84 using dummy_hcd
[ 1346.414281][ T7193] usb 5-1: Using ep0 maxpacket: 32
[ 1347.672851][T21799] hub 9-0:1.0: USB hub found
[ 1347.678690][T21799] hub 9-0:1.0: 1 port detected
[ 1347.687533][ T7193] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[ 1347.727013][ T7193] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1347.749926][ T7193] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1347.856222][ T7193] usb 5-1: Product: syz
[ 1347.863284][ T7193] usb 5-1: Manufacturer: syz
[ 1347.868891][ T7193] usb 5-1: SerialNumber: syz
[ 1347.894664][ T7193] usb 5-1: config 0 descriptor??
[ 1347.895352][ T7206] hid-generic 0000:0000:0000.0045: unknown main item tag 0x0
[ 1347.900155][T21785] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1347.950014][ T7206] hid-generic 0000:0000:0000.0045: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1348.126209][T21812] fido_id[21812]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1348.189917][T21816] syzkaller0: entered promiscuous mode
[ 1348.204009][T21816] syzkaller0: entered allmulticast mode
[ 1348.252853][   T30] kauditd_printk_skb: 11 callbacks suppressed
[ 1348.252869][   T30] audit: type=1400 audit(1770355629.919:1333): avc:  denied  { append } for  pid=21798 comm="syz.3.4098" name="ubi_ctrl" dev="devtmpfs" ino=706 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1348.320003][   T30] audit: type=1400 audit(1770355629.989:1334): avc:  denied  { kexec_image_load } for  pid=21798 comm="syz.3.4098" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[ 1349.263246][ T7193] usb 5-1: USB disconnect, device number 84
[ 1349.781120][   T30] audit: type=1400 audit(1770355631.449:1335): avc:  denied  { create } for  pid=21828 comm="syz.3.4106" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[ 1349.801652][   T30] audit: type=1400 audit(1770355631.469:1336): avc:  denied  { shutdown } for  pid=21828 comm="syz.3.4106" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[ 1349.821940][   T30] audit: type=1400 audit(1770355631.469:1337): avc:  denied  { read } for  pid=21828 comm="syz.3.4106" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1349.875140][T21834] overlayfs: failed to resolve './file1': -2
[ 1350.153908][T21840] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4105'.
[ 1350.280611][   T30] audit: type=1400 audit(1770355631.949:1338): avc:  denied  { map } for  pid=21837 comm="syz.1.4108" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[ 1350.348280][   T30] audit: type=1400 audit(1770355631.949:1339): avc:  denied  { prog_run } for  pid=21837 comm="syz.1.4108" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 1350.392974][   T30] audit: type=1400 audit(1770355632.019:1340): avc:  denied  { mounton } for  pid=21837 comm="syz.1.4108" path="/260/file0" dev="tmpfs" ino=1436 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1
[ 1350.557706][   T30] audit: type=1400 audit(1770355632.229:1341): avc:  denied  { ioctl } for  pid=21850 comm="syz.2.4111" path="socket:[88439]" dev="sockfs" ino=88439 ioctlcmd=0x890c scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 1350.859260][T21858] binder: 21850:21858 ioctl c00c6211 0 returned -14
[ 1351.145507][   T30] audit: type=1400 audit(1770355632.519:1342): avc:  denied  { read } for  pid=21850 comm="syz.2.4111" name="binder0" dev="binder" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[ 1351.180360][T21861] kvm: pic: non byte write
[ 1351.257365][T21864] 9p: Bad value for 'rfdno'
[ 1351.704055][T21877] overlayfs: failed to resolve './file0': -2
[ 1351.784224][ T7193] usb 3-1: new full-speed USB device number 71 using dummy_hcd
[ 1351.947690][ T7193] usb 3-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[ 1351.962737][ T7193] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1351.984571][ T7193] usb 3-1: Product: syz
[ 1351.997450][ T7193] usb 3-1: Manufacturer: syz
[ 1352.012052][ T7193] usb 3-1: SerialNumber: syz
[ 1352.037155][ T7193] usb 3-1: config 0 descriptor??
[ 1352.069593][ T7193] gspca_main: sq930x-2.14.0 probing 2770:930c
[ 1352.390420][T21884] input: syz0 as /devices/virtual/input/input47
[ 1352.488758][T21871] openvswitch: netlink: Duplicate key (type 1).
[ 1352.510699][T21884] usb usb6: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1352.520782][T21871] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1353.280323][ T7193] gspca_sq930x: ucbus_write failed -110
[ 1353.334539][T21871] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1353.362950][T21871] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1353.371753][T21871] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1353.554216][ T7193] gspca_sq930x: Sensor ov9630 not yet treated
[ 1353.701985][ T7193] sq930x 3-1:0.0: probe with driver sq930x failed with error -22
[ 1353.817010][ T7193] usb 3-1: USB disconnect, device number 71
[ 1353.937838][   T30] kauditd_printk_skb: 9 callbacks suppressed
[ 1353.937854][   T30] audit: type=1400 audit(1770355635.599:1352): avc:  denied  { write } for  pid=21896 comm="syz.3.4125" name="cgroup.subtree_control" dev="cgroup2" ino=409 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1353.953521][T21898] kvm: pic: non byte write
[ 1354.926071][   T30] audit: type=1400 audit(1770355635.639:1353): avc:  denied  { open } for  pid=21896 comm="syz.3.4125" path="<too_long>" dev="cgroup2" ino=409 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1355.056890][   T30] audit: type=1400 audit(1770355636.729:1354): avc:  denied  { getopt } for  pid=21911 comm="syz.1.4129" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[ 1355.411420][T21920] can0: slcan on ttyS3.
[ 1355.752350][   T30] audit: type=1400 audit(1770355637.419:1355): avc:  denied  { search } for  pid=5477 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1355.788989][   T30] audit: type=1400 audit(1770355637.449:1356): avc:  denied  { search } for  pid=5477 comm="dhcpcd" name="udev" dev="tmpfs" ino=9 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1355.834234][   T30] audit: type=1400 audit(1770355637.449:1357): avc:  denied  { search } for  pid=5477 comm="dhcpcd" name="data" dev="tmpfs" ino=14 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 1355.881496][T21925] binder: Bad value for 'max'
[ 1355.897681][   T30] audit: type=1400 audit(1770355637.449:1358): avc:  denied  { read } for  pid=5477 comm="dhcpcd" name="n151" dev="tmpfs" ino=11163 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 1356.022057][   T30] audit: type=1400 audit(1770355637.449:1359): avc:  denied  { open } for  pid=5477 comm="dhcpcd" path="/run/udev/data/n151" dev="tmpfs" ino=11163 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 1356.046281][   T30] audit: type=1400 audit(1770355637.449:1360): avc:  denied  { getattr } for  pid=5477 comm="dhcpcd" path="/run/udev/data/n151" dev="tmpfs" ino=11163 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 1356.069762][   T30] audit: type=1400 audit(1770355637.549:1361): avc:  denied  { remount } for  pid=21923 comm="syz.1.4132" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[ 1356.092258][T13640] kworker/1:1 (13640) used greatest stack depth: 18040 bytes left
[ 1356.654551][T21914] can0 (unregistered): slcan off ttyS3.
[ 1357.254277][ T7206] usb 3-1: new high-speed USB device number 72 using dummy_hcd
[ 1357.445359][ T7206] usb 3-1: Using ep0 maxpacket: 8
[ 1357.467998][ T7206] usb 3-1: config 10 has an invalid interface number: 114 but max is 1
[ 1357.493704][ T7206] usb 3-1: config 10 has an invalid interface number: 105 but max is 1
[ 1357.521589][ T7206] usb 3-1: config 10 has no interface number 0
[ 1357.548314][ T7206] usb 3-1: config 10 has no interface number 1
[ 1357.572898][ T7206] usb 3-1: config 10 interface 114 altsetting 8 endpoint 0xD has invalid maxpacket 1023, setting to 64
[ 1357.615522][ T7206] usb 3-1: config 10 interface 114 altsetting 8 has a duplicate endpoint with address 0x2, skipping
[ 1357.659400][ T7206] usb 3-1: config 10 interface 114 altsetting 8 has a duplicate endpoint with address 0xD, skipping
[ 1357.700765][ T7206] usb 3-1: config 10 interface 114 altsetting 8 has a duplicate endpoint with address 0x5, skipping
[ 1357.746595][ T7206] usb 3-1: config 10 interface 114 altsetting 8 endpoint 0x3 has invalid maxpacket 1024, setting to 64
[ 1357.821907][ T7206] usb 3-1: config 10 interface 114 altsetting 8 has an invalid descriptor for endpoint zero, skipping
[ 1357.884215][ T7206] usb 3-1: config 10 interface 114 altsetting 8 has an invalid descriptor for endpoint zero, skipping
[ 1357.946365][ T7206] usb 3-1: config 10 interface 105 altsetting 1 has an endpoint descriptor with address 0x7D, changing to 0xD
[ 1358.016014][ T7206] usb 3-1: config 10 interface 105 altsetting 1 has a duplicate endpoint with address 0xD, skipping
[ 1358.085313][ T7206] usb 3-1: config 10 interface 105 altsetting 1 has a duplicate endpoint with address 0x5, skipping
[ 1358.142504][ T7206] usb 3-1: config 10 interface 105 altsetting 1 has an invalid descriptor for endpoint zero, skipping
[ 1358.188289][ T7206] usb 3-1: config 10 interface 105 altsetting 1 has a duplicate endpoint with address 0x2, skipping
[ 1358.276920][ T7206] usb 3-1: config 10 interface 105 altsetting 1 has a duplicate endpoint with address 0x2, skipping
[ 1358.326745][ T7206] usb 3-1: config 10 interface 105 altsetting 1 endpoint 0xF has invalid maxpacket 1023, setting to 64
[ 1358.375073][ T7206] usb 3-1: config 10 interface 105 altsetting 1 has a duplicate endpoint with address 0x3, skipping
[ 1358.390801][ T7206] usb 3-1: config 10 interface 105 altsetting 1 has an invalid descriptor for endpoint zero, skipping
[ 1358.406398][ T7206] usb 3-1: config 10 interface 105 altsetting 1 endpoint 0xB has invalid wMaxPacketSize 0
[ 1358.428528][ T7206] usb 3-1: config 10 interface 105 altsetting 1 endpoint 0xE has invalid maxpacket 1023, setting to 64
[ 1358.468150][ T7206] usb 3-1: config 10 interface 105 altsetting 1 has a duplicate endpoint with address 0x7, skipping
[ 1358.519586][ T7206] usb 3-1: config 10 interface 105 altsetting 1 has a duplicate endpoint with address 0x5, skipping
[ 1358.575369][ T7206] usb 3-1: config 10 interface 105 altsetting 1 endpoint 0x1 has invalid maxpacket 512, setting to 64
[ 1358.616735][ T7206] usb 3-1: config 10 interface 105 altsetting 1 has a duplicate endpoint with address 0xE, skipping
[ 1358.664184][ T7206] usb 3-1: config 10 interface 114 has no altsetting 0
[ 1358.706377][ T7206] usb 3-1: config 10 interface 105 has no altsetting 0
[ 1358.725997][T21975] kvm: pic: non byte write
[ 1358.744485][ T7206] usb 3-1: New USB device found, idVendor=0582, idProduct=0037, bcdDevice=f7.da
[ 1358.762728][ T7206] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1358.771821][ T7206] usb 3-1: Product: Ð…
[ 1358.776256][ T7206] usb 3-1: Manufacturer: 쮅粙뿫陈혱ő䅀舴嬌毹쫃댜羟Ꜳ
[ 1358.784656][ T7206] usb 3-1: SerialNumber: syz
[ 1358.983672][T21988] dummy0: entered allmulticast mode
[ 1358.993459][T21988] netlink: 'syz.1.4142': attribute type 4 has an invalid length.
[ 1359.007323][T21988] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=21988 comm=syz.1.4142
[ 1359.026491][T21934] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=29037 sclass=netlink_route_socket pid=21934 comm=syz.2.4134
[ 1359.076506][   T30] kauditd_printk_skb: 12 callbacks suppressed
[ 1359.076519][   T30] audit: type=1400 audit(1770355640.749:1374): avc:  denied  { ioctl } for  pid=21932 comm="syz.2.4134" path="socket:[88786]" dev="sockfs" ino=88786 ioctlcmd=0xf509 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[ 1359.108472][T21988] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4142'.
[ 1359.448643][T21986] dummy0: left allmulticast mode
[ 1359.483315][ T7206] usb 3-1: USB disconnect, device number 72
[ 1360.370955][ T7193] usb 2-1: new full-speed USB device number 98 using dummy_hcd
[ 1360.467008][T21973] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4138'.
[ 1360.571431][   T30] audit: type=1400 audit(1770355642.239:1375): avc:  denied  { setopt } for  pid=21963 comm="syz.4.4138" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[ 1360.593221][ T7193] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1360.854393][T17491] usb 5-1: new high-speed USB device number 85 using dummy_hcd
[ 1361.180684][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[ 1361.294293][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[ 1361.484407][T17491] usb 5-1: device descriptor read/64, error -71
[ 1361.552650][ T7193] usb 2-1: New USB device found, idVendor=055d, idProduct=9001, bcdDevice=31.44
[ 1361.569417][ T7193] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1361.582206][ T7193] usb 2-1: config 0 descriptor??
[ 1361.590420][ T7193] pwc: Samsung MPC-C30 USB webcam detected.
[ 1361.740724][T17491] usb 5-1: new high-speed USB device number 86 using dummy_hcd
[ 1361.976456][T22024] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1362.380852][T22021] netlink: 'syz.0.4151': attribute type 1 has an invalid length.
[ 1362.852915][ T7193] pwc: send_video_command error -71
[ 1362.864458][ T7193] pwc: Failed to set video mode VGA@30 fps; return code = -71
[ 1362.888915][ T7193] Philips webcam 2-1:0.0: probe with driver Philips webcam failed with error -71
[ 1363.015591][ T7193] usb 2-1: USB disconnect, device number 98
[ 1364.759613][T22048] netlink: 'syz.1.4156': attribute type 4 has an invalid length.
[ 1365.814195][   T30] audit: type=1400 audit(1770355647.479:1376): avc:  denied  { setattr } for  pid=22051 comm="syz.0.4160" name="[io_uring]" dev="anon_inodefs" ino=87795 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[ 1366.884183][T17491] usb 5-1: device descriptor read/64, error -71
[ 1367.123718][T17491] usb usb5-port1: attempt power cycle
[ 1367.389664][   T30] audit: type=1400 audit(1770355649.059:1377): avc:  denied  { listen } for  pid=22040 comm="syz.3.4155" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[ 1367.476714][T17491] usb 5-1: new high-speed USB device number 87 using dummy_hcd
[ 1367.505188][T17491] usb 5-1: Using ep0 maxpacket: 8
[ 1367.515787][T17491] usb 5-1: config 10 has an invalid interface number: 114 but max is 1
[ 1367.536991][T17491] usb 5-1: config 10 has an invalid interface number: 105 but max is 1
[ 1367.587583][T17491] usb 5-1: config 10 has no interface number 0
[ 1367.608014][T17491] usb 5-1: config 10 has no interface number 1
[ 1367.633527][T17491] usb 5-1: config 10 interface 114 altsetting 8 endpoint 0xD has invalid maxpacket 1023, setting to 64
[ 1367.667799][T17491] usb 5-1: config 10 interface 114 altsetting 8 has a duplicate endpoint with address 0x2, skipping
[ 1367.679095][T17491] usb 5-1: config 10 interface 114 altsetting 8 has a duplicate endpoint with address 0xD, skipping
[ 1367.693325][T17491] usb 5-1: config 10 interface 114 altsetting 8 has a duplicate endpoint with address 0x5, skipping
[ 1367.708172][T17491] usb 5-1: config 10 interface 114 altsetting 8 endpoint 0x3 has invalid maxpacket 1024, setting to 64
[ 1367.720288][T17491] usb 5-1: config 10 interface 114 altsetting 8 has an invalid descriptor for endpoint zero, skipping
[ 1367.731786][T17491] usb 5-1: config 10 interface 114 altsetting 8 has an invalid descriptor for endpoint zero, skipping
[ 1367.793666][T17491] usb 5-1: config 10 interface 105 altsetting 1 has an endpoint descriptor with address 0x7D, changing to 0xD
[ 1367.820814][T17491] usb 5-1: config 10 interface 105 altsetting 1 has a duplicate endpoint with address 0xD, skipping
[ 1367.834783][T17491] usb 5-1: config 10 interface 105 altsetting 1 has a duplicate endpoint with address 0x5, skipping
[ 1367.864297][T17491] usb 5-1: config 10 interface 105 altsetting 1 has an invalid descriptor for endpoint zero, skipping
[ 1367.909706][T17491] usb 5-1: config 10 interface 105 altsetting 1 has a duplicate endpoint with address 0x2, skipping
[ 1367.921728][T17491] usb 5-1: config 10 interface 105 altsetting 1 has a duplicate endpoint with address 0x2, skipping
[ 1367.938878][T17491] usb 5-1: config 10 interface 105 altsetting 1 endpoint 0xF has invalid maxpacket 1023, setting to 64
[ 1367.955025][T17491] usb 5-1: config 10 interface 105 altsetting 1 has a duplicate endpoint with address 0x3, skipping
[ 1367.976329][T17491] usb 5-1: config 10 interface 105 altsetting 1 has an invalid descriptor for endpoint zero, skipping
[ 1367.990428][T17491] usb 5-1: config 10 interface 105 altsetting 1 endpoint 0xB has invalid wMaxPacketSize 0
[ 1368.051079][T17491] usb 5-1: config 10 interface 105 altsetting 1 endpoint 0xE has invalid maxpacket 1023, setting to 64
[ 1368.116165][T17491] usb 5-1: config 10 interface 105 altsetting 1 has a duplicate endpoint with address 0x7, skipping
[ 1368.179861][T17491] usb 5-1: config 10 interface 105 altsetting 1 has a duplicate endpoint with address 0x5, skipping
[ 1368.268358][T17491] usb 5-1: config 10 interface 105 altsetting 1 endpoint 0x1 has invalid maxpacket 512, setting to 64
[ 1368.351994][T17491] usb 5-1: config 10 interface 105 altsetting 1 has a duplicate endpoint with address 0xE, skipping
[ 1368.436029][T17491] usb 5-1: config 10 interface 114 has no altsetting 0
[ 1368.463205][T17491] usb 5-1: config 10 interface 105 has no altsetting 0
[ 1368.587065][T17491] usb 5-1: New USB device found, idVendor=0582, idProduct=0037, bcdDevice=f7.da
[ 1368.604121][T17491] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1368.624277][T17491] usb 5-1: Product: Ð…
[ 1368.628373][T17491] usb 5-1: Manufacturer: 쮅粙뿫陈혱ő䅀舴嬌毹쫃댜羟Ꜳ
[ 1368.731599][T22093] can0: slcan on ttyS3.
[ 1369.057796][T17491] usb 5-1: SerialNumber: syz
[ 1369.143097][T17491] usb 5-1: can't set config #10, error -71
[ 1369.163105][T17491] usb 5-1: USB disconnect, device number 87
[ 1369.385396][T22098] FAULT_INJECTION: forcing a failure.
[ 1369.385396][T22098] name failslab, interval 1, probability 0, space 0, times 0
[ 1369.398124][T22098] CPU: 0 UID: 0 PID: 22098 Comm: syz.1.4171 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1369.398152][T22098] Tainted: [L]=SOFTLOCKUP
[ 1369.398159][T22098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1369.398169][T22098] Call Trace:
[ 1369.398176][T22098]  <TASK>
[ 1369.398184][T22098]  dump_stack_lvl+0x100/0x190
[ 1369.398212][T22098]  should_fail_ex.cold+0x5/0xa
[ 1369.398232][T22098]  should_failslab+0xc2/0x120
[ 1369.398255][T22098]  ? genl_family_rcv_msg_attrs_parse.isra.0+0xc8/0x290
[ 1369.398276][T22098]  __kmalloc_noprof+0xf6/0x9c0
[ 1369.398293][T22098]  ? avc_has_perm_noaudit+0x11e/0x3b0
[ 1369.398352][T22098]  ? genl_family_rcv_msg_attrs_parse.isra.0+0xc8/0x290
[ 1369.398371][T22098]  genl_family_rcv_msg_attrs_parse.isra.0+0xc8/0x290
[ 1369.398391][T22098]  ? cred_has_capability.isra.0+0x186/0x300
[ 1369.398414][T22098]  genl_family_rcv_msg_doit+0xc7/0x300
[ 1369.398434][T22098]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1369.398460][T22098]  ? bpf_lsm_capable+0x9/0x10
[ 1369.398486][T22098]  ? security_capable+0x80/0x260
[ 1369.398512][T22098]  ? ns_capable+0xd2/0xf0
[ 1369.398538][T22098]  genl_rcv_msg+0x560/0x800
[ 1369.398558][T22098]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1369.398575][T22098]  ? __pfx_ovs_dp_cmd_new+0x10/0x10
[ 1369.398594][T22098]  ? lockdep_hardirqs_on+0x78/0x100
[ 1369.398613][T22098]  ? irqentry_exit+0x180/0x670
[ 1369.398638][T22098]  netlink_rcv_skb+0x159/0x420
[ 1369.398664][T22098]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1369.398682][T22098]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1369.398725][T22098]  genl_rcv+0x28/0x40
[ 1369.398740][T22098]  netlink_unicast+0x5aa/0x870
[ 1369.398769][T22098]  ? __pfx_netlink_unicast+0x10/0x10
[ 1369.398794][T22098]  ? skb_put+0xb0/0x180
[ 1369.398819][T22098]  netlink_sendmsg+0x8b0/0xda0
[ 1369.398849][T22098]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1369.398878][T22098]  ? ____sys_sendmsg+0x86b/0xc30
[ 1369.398899][T22098]  ____sys_sendmsg+0xa54/0xc30
[ 1369.398918][T22098]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1369.398942][T22098]  ? __lock_acquire+0x4a5/0x2630
[ 1369.398963][T22098]  ___sys_sendmsg+0x190/0x1e0
[ 1369.398983][T22098]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1369.399014][T22098]  ? find_held_lock+0x2b/0x80
[ 1369.399054][T22098]  __sys_sendmsg+0x170/0x220
[ 1369.399078][T22098]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1369.399110][T22098]  ? rcu_is_watching+0x12/0xc0
[ 1369.399140][T22098]  do_syscall_64+0xc9/0xf80
[ 1369.399162][T22098]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1369.399180][T22098] RIP: 0033:0x7f6b60f9aeb9
[ 1369.399196][T22098] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1369.399213][T22098] RSP: 002b:00007f6b5f1f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1369.399231][T22098] RAX: ffffffffffffffda RBX: 00007f6b61216180 RCX: 00007f6b60f9aeb9
[ 1369.399242][T22098] RDX: 000000000000c000 RSI: 0000200000000040 RDI: 0000000000000003
[ 1369.399253][T22098] RBP: 00007f6b5f1f6090 R08: 0000000000000000 R09: 0000000000000000
[ 1369.399263][T22098] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1369.399273][T22098] R13: 00007f6b61216218 R14: 00007f6b61216180 R15: 00007ffff2b11038
[ 1369.399299][T22098]  </TASK>
[ 1369.713065][   T30] audit: type=1400 audit(1770355651.069:1378): avc:  denied  { bind } for  pid=22095 comm="syz.1.4171" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1369.732567][   T30] audit: type=1400 audit(1770355651.069:1379): avc:  denied  { name_bind } for  pid=22095 comm="syz.1.4171" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[ 1369.753530][   T30] audit: type=1400 audit(1770355651.069:1380): avc:  denied  { node_bind } for  pid=22095 comm="syz.1.4171" saddr=224.0.0.2 src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[ 1369.775891][   T30] audit: type=1400 audit(1770355651.379:1381): avc:  denied  { listen } for  pid=22095 comm="syz.1.4171" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1369.861430][T22089] can0 (unregistered): slcan off ttyS3.
[ 1370.486263][T22118] FAULT_INJECTION: forcing a failure.
[ 1370.486263][T22118] name failslab, interval 1, probability 0, space 0, times 0
[ 1370.500859][T22118] CPU: 1 UID: 0 PID: 22118 Comm: syz.0.4174 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1370.500888][T22118] Tainted: [L]=SOFTLOCKUP
[ 1370.500894][T22118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1370.500904][T22118] Call Trace:
[ 1370.500911][T22118]  <TASK>
[ 1370.500917][T22118]  dump_stack_lvl+0x100/0x190
[ 1370.500946][T22118]  should_fail_ex.cold+0x5/0xa
[ 1370.500967][T22118]  should_failslab+0xc2/0x120
[ 1370.500990][T22118]  ? genl_family_rcv_msg_attrs_parse.isra.0+0xc8/0x290
[ 1370.501009][T22118]  __kmalloc_noprof+0xf6/0x9c0
[ 1370.501024][T22118]  ? avc_has_perm_noaudit+0x11e/0x3b0
[ 1370.501054][T22118]  ? genl_family_rcv_msg_attrs_parse.isra.0+0xc8/0x290
[ 1370.501071][T22118]  genl_family_rcv_msg_attrs_parse.isra.0+0xc8/0x290
[ 1370.501090][T22118]  ? cred_has_capability.isra.0+0x186/0x300
[ 1370.501111][T22118]  genl_family_rcv_msg_doit+0xc7/0x300
[ 1370.501129][T22118]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1370.501153][T22118]  ? bpf_lsm_capable+0x9/0x10
[ 1370.501177][T22118]  ? security_capable+0x80/0x260
[ 1370.501204][T22118]  ? ns_capable+0xd2/0xf0
[ 1370.501228][T22118]  genl_rcv_msg+0x560/0x800
[ 1370.501247][T22118]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1370.501264][T22118]  ? __pfx_mptcp_pm_nl_del_addr_doit+0x10/0x10
[ 1370.501290][T22118]  netlink_rcv_skb+0x159/0x420
[ 1370.501323][T22118]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1370.501341][T22118]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1370.501375][T22118]  ? netlink_deliver_tap+0x1ae/0xcc0
[ 1370.501404][T22118]  genl_rcv+0x28/0x40
[ 1370.501418][T22118]  netlink_unicast+0x5aa/0x870
[ 1370.501446][T22118]  ? __pfx_netlink_unicast+0x10/0x10
[ 1370.501482][T22118]  netlink_sendmsg+0x8b0/0xda0
[ 1370.501512][T22118]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1370.501535][T22118]  ? __might_fault+0x90/0x140
[ 1370.501564][T22118]  ____sys_sendmsg+0xa54/0xc30
[ 1370.501585][T22118]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1370.501614][T22118]  ___sys_sendmsg+0x190/0x1e0
[ 1370.501634][T22118]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1370.501664][T22118]  ? find_held_lock+0x2b/0x80
[ 1370.501704][T22118]  __sys_sendmsg+0x170/0x220
[ 1370.501729][T22118]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1370.501769][T22118]  do_syscall_64+0xc9/0xf80
[ 1370.501793][T22118]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1370.501810][T22118] RIP: 0033:0x7f89fdd9aeb9
[ 1370.501825][T22118] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1370.501841][T22118] RSP: 002b:00007f89fed3a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1370.501858][T22118] RAX: ffffffffffffffda RBX: 00007f89fe015fa0 RCX: 00007f89fdd9aeb9
[ 1370.501869][T22118] RDX: 0000000000004040 RSI: 0000200000000140 RDI: 0000000000000004
[ 1370.501881][T22118] RBP: 00007f89fed3a090 R08: 0000000000000000 R09: 0000000000000000
[ 1370.501891][T22118] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1370.501901][T22118] R13: 00007f89fe016038 R14: 00007f89fe015fa0 R15: 00007ffef82c1698
[ 1370.501926][T22118]  </TASK>
[ 1370.829208][T22117] can0: slcan on ttyS3.
[ 1371.108909][   T30] audit: type=1400 audit(1770355652.749:1382): avc:  denied  { mount } for  pid=22119 comm="syz.2.4176" name="/" dev="afs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[ 1371.349338][T22124] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[ 1371.354748][   T30] audit: type=1400 audit(1770355653.019:1383): avc:  denied  { load_policy } for  pid=22121 comm="syz.3.4178" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[ 1371.379254][T22124] SELinux: failed to load policy
[ 1371.484366][T22114] can0 (unregistered): slcan off ttyS3.
[ 1371.491936][ T7203] usb 3-1: new high-speed USB device number 73 using dummy_hcd
[ 1372.034287][ T7203] usb 3-1: Using ep0 maxpacket: 32
[ 1372.086150][ T7203] usb 3-1: config 0 has an invalid interface number: 234 but max is 0
[ 1372.111758][ T7203] usb 3-1: config 0 has no interface number 0
[ 1372.278815][ T7203] usb 3-1: New USB device found, idVendor=0403, idProduct=f850, bcdDevice=33.76
[ 1372.341303][ T7203] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1372.719065][ T7203] usb 3-1: Product: syz
[ 1372.736726][ T7203] usb 3-1: Manufacturer: syz
[ 1372.752776][ T7203] usb 3-1: SerialNumber: syz
[ 1372.830380][T22157] netlink: 'syz.0.4182': attribute type 2 has an invalid length.
[ 1372.866530][T22157] !: entered promiscuous mode
[ 1373.062680][   T30] audit: type=1400 audit(1770355654.719:1384): avc:  denied  { listen } for  pid=22159 comm="syz.4.4184" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[ 1373.107370][ T7203] usb 3-1: config 0 descriptor??
[ 1373.124330][   T30] audit: type=1400 audit(1770355654.719:1385): avc:  denied  { accept } for  pid=22159 comm="syz.4.4184" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[ 1373.153799][ T7203] ftdi_sio 3-1:0.234: FTDI USB Serial Device converter detected
[ 1373.175508][ T7203] ftdi_sio ttyUSB0: unknown device type: 0x3376
[ 1374.081512][   T30] audit: type=1400 audit(1770355655.749:1386): avc:  denied  { unmount } for  pid=16432 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[ 1374.285373][   T30] audit: type=1400 audit(1770355655.799:1387): avc:  denied  { unlink } for  pid=22175 comm="syz.3.4187" name="#31" dev="tmpfs" ino=1399 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[ 1374.415298][   T30] audit: type=1400 audit(1770355655.819:1388): avc:  denied  { mount } for  pid=22175 comm="syz.3.4187" name="/" dev="overlay" ino=1395 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[ 1374.496983][T17491] usb 3-1: USB disconnect, device number 73
[ 1374.505980][T17491] ftdi_sio 3-1:0.234: device disconnected
[ 1374.534566][   T30] audit: type=1400 audit(1770355656.189:1389): avc:  denied  { unmount } for  pid=17245 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[ 1375.518795][   T30] audit: type=1400 audit(1770355657.189:1390): avc:  denied  { mount } for  pid=22184 comm="syz.2.4189" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[ 1375.582831][T22191] syzkaller0: entered promiscuous mode
[ 1375.588577][T22191] syzkaller0: entered allmulticast mode
[ 1375.914202][T17230] usb 4-1: new full-speed USB device number 79 using dummy_hcd
[ 1376.085846][T17230] usb 4-1: config index 0 descriptor too short (expected 28277, got 36)
[ 1376.112947][T17230] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1376.165750][T17230] usb 4-1: config 0 has no interfaces?
[ 1376.197189][T17230] usb 4-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[ 1376.256026][T17230] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1376.302386][T17230] usb 4-1: config 0 descriptor??
[ 1377.758462][T22214] netlink: 'syz.1.4196': attribute type 4 has an invalid length.
[ 1377.994669][   T30] audit: type=1400 audit(1770355659.669:1391): avc:  denied  { connect } for  pid=22223 comm="syz.2.4200" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 1378.977058][   T30] audit: type=1400 audit(1770355659.669:1392): avc:  denied  { write } for  pid=22223 comm="syz.2.4200" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 1379.079499][ T7204] usb 4-1: USB disconnect, device number 79
[ 1379.264158][T18205] usb 2-1: new high-speed USB device number 99 using dummy_hcd
[ 1379.374182][T22235] geneve2: entered promiscuous mode
[ 1379.379457][T22235] geneve2: entered allmulticast mode
[ 1379.711329][   T30] audit: type=1400 audit(1770355661.079:1393): avc:  denied  { connect } for  pid=22231 comm="syz.0.4203" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1379.782485][T22236] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4202'.
[ 1379.792761][T18205] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[ 1379.808234][   T30] audit: type=1400 audit(1770355661.079:1394): avc:  denied  { ioctl } for  pid=22231 comm="syz.0.4203" path="socket:[89654]" dev="sockfs" ino=89654 ioctlcmd=0x8934 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1379.844322][T18205] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[ 1379.875641][T18205] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 121
[ 1379.903543][T22239] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4204'.
[ 1379.940001][T18205] usb 2-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[ 1380.074149][T18205] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1380.082162][T18205] usb 2-1: Product: syz
[ 1380.094185][T18205] usb 2-1: Manufacturer: syz
[ 1380.098811][T18205] usb 2-1: SerialNumber: syz
[ 1380.127713][T18205] usb 2-1: config 0 descriptor??
[ 1380.135617][T22228] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 1380.174552][T22228] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 1380.205110][T18205] usb 2-1: ucan: probing device on interface #0
[ 1380.444240][T18205] usb 2-1: ucan: could not read protocol version, ret=83
[ 1380.451483][T18205] usb 2-1: ucan: probe failed; try to update the device firmware
[ 1381.638838][T22255] kvm: pic: non byte write
[ 1382.194351][T18205] usb 4-1: new high-speed USB device number 80 using dummy_hcd
[ 1382.391875][ T7204] usb 2-1: USB disconnect, device number 99
[ 1382.424212][T18205] usb 4-1: Using ep0 maxpacket: 8
[ 1382.440787][T18205] usb 4-1: config 10 has an invalid interface number: 114 but max is 1
[ 1383.390776][T18205] usb 4-1: config 10 has an invalid interface number: 105 but max is 1
[ 1383.430210][T18205] usb 4-1: config 10 has no interface number 0
[ 1383.540147][T18205] usb 4-1: config 10 has no interface number 1
[ 1383.555763][T18205] usb 4-1: config 10 interface 114 altsetting 8 endpoint 0xD has invalid maxpacket 1023, setting to 64
[ 1383.584691][T18205] usb 4-1: config 10 interface 114 altsetting 8 has a duplicate endpoint with address 0x2, skipping
[ 1383.795123][T18205] usb 4-1: config 10 interface 114 altsetting 8 has a duplicate endpoint with address 0xD, skipping
[ 1383.839561][T18205] usb 4-1: config 10 interface 114 altsetting 8 has a duplicate endpoint with address 0x5, skipping
[ 1383.945647][T18205] usb 4-1: config 10 interface 114 altsetting 8 endpoint 0x3 has invalid maxpacket 1024, setting to 64
[ 1383.964170][T18205] usb 4-1: config 10 interface 114 altsetting 8 has an invalid descriptor for endpoint zero, skipping
[ 1383.977026][T18205] usb 4-1: config 10 interface 114 altsetting 8 has an invalid descriptor for endpoint zero, skipping
[ 1383.994316][T18205] usb 4-1: config 10 interface 105 altsetting 1 has an endpoint descriptor with address 0x7D, changing to 0xD
[ 1384.017982][T18205] usb 4-1: config 10 interface 105 altsetting 1 has a duplicate endpoint with address 0xD, skipping
[ 1384.035775][T18205] usb 4-1: config 10 interface 105 altsetting 1 has a duplicate endpoint with address 0x5, skipping
[ 1384.046934][T22279] FAULT_INJECTION: forcing a failure.
[ 1384.046934][T22279] name failslab, interval 1, probability 0, space 0, times 0
[ 1384.065960][T22279] CPU: 1 UID: 0 PID: 22279 Comm: syz.1.4215 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1384.065988][T22279] Tainted: [L]=SOFTLOCKUP
[ 1384.065994][T22279] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1384.066005][T22279] Call Trace:
[ 1384.066012][T22279]  <TASK>
[ 1384.066019][T22279]  dump_stack_lvl+0x100/0x190
[ 1384.066046][T22279]  should_fail_ex.cold+0x5/0xa
[ 1384.066066][T22279]  should_failslab+0xc2/0x120
[ 1384.066088][T22279]  ? tomoyo_realpath_from_path+0xb6/0x690
[ 1384.066107][T22279]  __kmalloc_noprof+0xf6/0x9c0
[ 1384.066129][T22279]  ? tomoyo_realpath_from_path+0xb6/0x690
[ 1384.066147][T22279]  tomoyo_realpath_from_path+0xb6/0x690
[ 1384.066170][T22279]  tomoyo_path_number_perm+0x23c/0x580
[ 1384.066195][T22279]  ? tomoyo_path_number_perm+0x22e/0x580
[ 1384.066220][T22279]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1384.066269][T22279]  ? find_held_lock+0x2b/0x80
[ 1384.066290][T22279]  ? hook_file_ioctl_common+0x146/0x410
[ 1384.066311][T22279]  ? __fget_files+0x215/0x3d0
[ 1384.066336][T22279]  ? __fget_files+0x21f/0x3d0
[ 1384.066361][T22279]  security_file_ioctl+0xd3/0x230
[ 1384.066381][T22279]  __x64_sys_ioctl+0xb7/0x210
[ 1384.066401][T22279]  do_syscall_64+0xc9/0xf80
[ 1384.066423][T22279]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1384.066441][T22279] RIP: 0033:0x7f6b60f9aeb9
[ 1384.066464][T22279] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1384.066481][T22279] RSP: 002b:00007f6b61d97028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1384.066499][T22279] RAX: ffffffffffffffda RBX: 00007f6b61215fa0 RCX: 00007f6b60f9aeb9
[ 1384.066511][T22279] RDX: 0000200000000080 RSI: 00000000c0046686 RDI: 0000000000000003
[ 1384.066522][T22279] RBP: 00007f6b61d97090 R08: 0000000000000000 R09: 0000000000000000
[ 1384.066532][T22279] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1384.066543][T22279] R13: 00007f6b61216038 R14: 00007f6b61215fa0 R15: 00007ffff2b11038
[ 1384.066568][T22279]  </TASK>
[ 1384.066597][T22279] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1384.272647][T18205] usb 4-1: config 10 interface 105 altsetting 1 has an invalid descriptor for endpoint zero, skipping
[ 1384.283756][T18205] usb 4-1: config 10 interface 105 altsetting 1 has a duplicate endpoint with address 0x2, skipping
[ 1384.294566][T18205] usb 4-1: config 10 interface 105 altsetting 1 has a duplicate endpoint with address 0x2, skipping
[ 1384.305395][T18205] usb 4-1: config 10 interface 105 altsetting 1 endpoint 0xF has invalid maxpacket 1023, setting to 64
[ 1384.316512][T18205] usb 4-1: config 10 interface 105 altsetting 1 has a duplicate endpoint with address 0x3, skipping
[ 1384.327360][T18205] usb 4-1: config 10 interface 105 altsetting 1 has an invalid descriptor for endpoint zero, skipping
[ 1384.340043][T18205] usb 4-1: config 10 interface 105 altsetting 1 endpoint 0xB has invalid wMaxPacketSize 0
[ 1384.365996][T18205] usb 4-1: config 10 interface 105 altsetting 1 endpoint 0xE has invalid maxpacket 1023, setting to 64
[ 1384.393818][T18205] usb 4-1: config 10 interface 105 altsetting 1 has a duplicate endpoint with address 0x7, skipping
[ 1384.415200][T17230] usb 1-1: new high-speed USB device number 81 using dummy_hcd
[ 1384.422815][T18205] usb 4-1: config 10 interface 105 altsetting 1 has a duplicate endpoint with address 0x5, skipping
[ 1384.433880][T18205] usb 4-1: config 10 interface 105 altsetting 1 endpoint 0x1 has invalid maxpacket 512, setting to 64
[ 1384.454709][T18205] usb 4-1: config 10 interface 105 altsetting 1 has a duplicate endpoint with address 0xE, skipping
[ 1384.465901][T18205] usb 4-1: config 10 interface 114 has no altsetting 0
[ 1384.472984][T18205] usb 4-1: config 10 interface 105 has no altsetting 0
[ 1384.485005][T22282] netlink: 'syz.4.4208': attribute type 4 has an invalid length.
[ 1384.551473][T18205] usb 4-1: New USB device found, idVendor=0582, idProduct=0037, bcdDevice=f7.da
[ 1384.568246][T18205] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1384.582947][T18205] usb 4-1: Product: Ð…
[ 1384.589118][T18205] usb 4-1: Manufacturer: 쮅粙뿫陈혱ő䅀舴嬌毹쫃댜羟Ꜳ
[ 1384.599324][T18205] usb 4-1: SerialNumber: syz
[ 1384.615016][T17230] usb 1-1: no configurations
[ 1384.620497][T17230] usb 1-1: can't read configurations, error -22
[ 1384.767529][T22288] kvm: pic: non byte write
[ 1384.804186][T17230] usb 1-1: new high-speed USB device number 82 using dummy_hcd
[ 1384.853480][T18205] usb 4-1: USB disconnect, device number 80
[ 1385.615113][T17230] usb 1-1: no configurations
[ 1385.624173][T17230] usb 1-1: can't read configurations, error -22
[ 1385.639518][T22299] overlayfs: failed to resolve './file0/file0': -2
[ 1385.650510][T17230] usb usb1-port1: attempt power cycle
[ 1386.004304][T17230] usb 1-1: new high-speed USB device number 83 using dummy_hcd
[ 1386.035218][T17230] usb 1-1: no configurations
[ 1386.044727][T17230] usb 1-1: can't read configurations, error -22
[ 1386.184257][T17230] usb 1-1: new high-speed USB device number 84 using dummy_hcd
[ 1386.225192][T17230] usb 1-1: no configurations
[ 1386.240204][T17230] usb 1-1: can't read configurations, error -22
[ 1386.261240][T17230] usb usb1-port1: unable to enumerate USB device
[ 1386.449640][   T30] audit: type=1400 audit(1770355668.119:1395): avc:  denied  { create } for  pid=22313 comm="syz.1.4224" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1386.635019][T22316] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1386.688612][   T30] audit: type=1400 audit(1770355668.359:1396): avc:  denied  { setopt } for  pid=22313 comm="syz.1.4224" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 1387.034235][   T30] audit: type=1400 audit(1770355668.359:1397): avc:  denied  { ioctl } for  pid=22313 comm="syz.1.4224" path="socket:[90720]" dev="sockfs" ino=90720 ioctlcmd=0x662c scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1387.402808][T22322] can0: slcan on ttyS3.
[ 1387.866853][   T30] audit: type=1400 audit(1770355669.539:1398): avc:  denied  { write } for  pid=22313 comm="syz.1.4224" path="socket:[91192]" dev="sockfs" ino=91192 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[ 1388.036071][T22319] can0 (unregistered): slcan off ttyS3.
[ 1389.069110][ T7204] usb 2-1: new high-speed USB device number 100 using dummy_hcd
[ 1389.191786][T22354] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4230'.
[ 1389.306981][T22354] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=22354 comm=syz.3.4230
[ 1389.333004][ T7204] usb 2-1: Using ep0 maxpacket: 8
[ 1389.363061][ T7204] usb 2-1: config 10 has an invalid interface number: 114 but max is 1
[ 1389.392555][ T7204] usb 2-1: config 10 has an invalid interface number: 105 but max is 1
[ 1389.433864][ T7204] usb 2-1: config 10 has no interface number 0
[ 1389.476192][ T7204] usb 2-1: config 10 has no interface number 1
[ 1389.515327][ T7204] usb 2-1: config 10 interface 114 altsetting 8 endpoint 0xD has invalid maxpacket 1023, setting to 64
[ 1389.559572][ T7204] usb 2-1: config 10 interface 114 altsetting 8 has a duplicate endpoint with address 0x2, skipping
[ 1389.577767][ T7204] usb 2-1: config 10 interface 114 altsetting 8 has a duplicate endpoint with address 0xD, skipping
[ 1389.592201][ T7204] usb 2-1: config 10 interface 114 altsetting 8 has a duplicate endpoint with address 0x5, skipping
[ 1389.604126][ T7204] usb 2-1: config 10 interface 114 altsetting 8 endpoint 0x3 has invalid maxpacket 1024, setting to 64
[ 1389.618427][ T7204] usb 2-1: config 10 interface 114 altsetting 8 has an invalid descriptor for endpoint zero, skipping
[ 1389.632604][ T7204] usb 2-1: config 10 interface 114 altsetting 8 has an invalid descriptor for endpoint zero, skipping
[ 1389.646245][ T7204] usb 2-1: config 10 interface 105 altsetting 1 has an endpoint descriptor with address 0x7D, changing to 0xD
[ 1390.560533][ T7204] usb 2-1: config 10 interface 105 altsetting 1 has a duplicate endpoint with address 0xD, skipping
[ 1390.577855][ T7204] usb 2-1: config 10 interface 105 altsetting 1 has a duplicate endpoint with address 0x5, skipping
[ 1390.588885][ T7204] usb 2-1: config 10 interface 105 altsetting 1 has an invalid descriptor for endpoint zero, skipping
[ 1390.600097][ T7204] usb 2-1: config 10 interface 105 altsetting 1 has a duplicate endpoint with address 0x2, skipping
[ 1390.654286][ T7204] usb 2-1: config 10 interface 105 altsetting 1 has a duplicate endpoint with address 0x2, skipping
[ 1390.683772][ T7204] usb 2-1: config 10 interface 105 altsetting 1 endpoint 0xF has invalid maxpacket 1023, setting to 64
[ 1390.714477][ T7204] usb 2-1: config 10 interface 105 altsetting 1 has a duplicate endpoint with address 0x3, skipping
[ 1390.733272][ T7204] usb 2-1: config 10 interface 105 altsetting 1 has an invalid descriptor for endpoint zero, skipping
[ 1390.779663][ T7204] usb 2-1: config 10 interface 105 altsetting 1 endpoint 0xB has invalid wMaxPacketSize 0
[ 1390.809466][ T7204] usb 2-1: config 10 interface 105 altsetting 1 endpoint 0xE has invalid maxpacket 1023, setting to 64
[ 1390.877853][ T7204] usb 2-1: config 10 interface 105 altsetting 1 has a duplicate endpoint with address 0x7, skipping
[ 1390.918512][ T7204] usb 2-1: config 10 interface 105 altsetting 1 has a duplicate endpoint with address 0x5, skipping
[ 1390.933038][ T7204] usb 2-1: config 10 interface 105 altsetting 1 endpoint 0x1 has invalid maxpacket 512, setting to 64
[ 1390.947150][ T7204] usb 2-1: config 10 interface 105 altsetting 1 has a duplicate endpoint with address 0xE, skipping
[ 1390.976399][T22373] netlink: 'syz.3.4234': attribute type 2 has an invalid length.
[ 1391.007792][T22373] !: entered promiscuous mode
[ 1391.036117][T17491] usb 3-1: new high-speed USB device number 74 using dummy_hcd
[ 1391.075242][ T7204] usb 2-1: config 10 interface 114 has no altsetting 0
[ 1391.082281][ T7204] usb 2-1: config 10 interface 105 has no altsetting 0
[ 1391.098629][ T7204] usb 2-1: New USB device found, idVendor=0582, idProduct=0037, bcdDevice=f7.da
[ 1391.134672][ T7204] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1391.231975][ T7204] usb 2-1: Product: Ð…
[ 1391.240187][ T7204] usb 2-1: Manufacturer: 쮅粙뿫陈혱ő䅀舴嬌毹쫃댜羟Ꜳ
[ 1391.248787][ T7204] usb 2-1: SerialNumber: syz
[ 1391.253667][T17491] usb 3-1: no configurations
[ 1391.265360][T17491] usb 3-1: can't read configurations, error -22
[ 1391.426832][T17491] usb 3-1: new high-speed USB device number 75 using dummy_hcd
[ 1391.618586][T22385] lo speed is unknown, defaulting to 1000
[ 1391.624410][T22385] lo speed is unknown, defaulting to 1000
[ 1391.630455][T22385] lo speed is unknown, defaulting to 1000
[ 1391.641096][T22385] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[ 1391.656177][T22385] lo speed is unknown, defaulting to 1000
[ 1391.662691][T22385] lo speed is unknown, defaulting to 1000
[ 1391.669274][T22385] lo speed is unknown, defaulting to 1000
[ 1391.675815][T22385] lo speed is unknown, defaulting to 1000
[ 1391.682376][T22385] lo speed is unknown, defaulting to 1000
[ 1391.713200][T22333] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=29037 sclass=netlink_route_socket pid=22333 comm=syz.1.4228
[ 1391.736440][T17491] usb 3-1: no configurations
[ 1391.772173][T17491] usb 3-1: can't read configurations, error -22
[ 1392.033144][T17491] usb usb3-port1: attempt power cycle
[ 1392.136050][ T7204] usb 2-1: USB disconnect, device number 100
[ 1392.147885][   T30] audit: type=1400 audit(1770355673.819:1399): avc:  denied  { append } for  pid=22393 comm="syz.4.4239" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 1392.267844][   T30] audit: type=1400 audit(1770355673.919:1400): avc:  denied  { create } for  pid=22393 comm="syz.4.4239" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 1392.374514][T17491] usb 3-1: new high-speed USB device number 76 using dummy_hcd
[ 1392.417136][T17491] usb 3-1: no configurations
[ 1392.421743][T17491] usb 3-1: can't read configurations, error -22
[ 1392.565487][T17491] usb 3-1: new high-speed USB device number 77 using dummy_hcd
[ 1392.595544][   T30] audit: type=1400 audit(1770355674.249:1401): avc:  denied  { mount } for  pid=22393 comm="syz.4.4239" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[ 1392.680816][T22417] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4241'.
[ 1392.698334][   T30] audit: type=1400 audit(1770355674.369:1402): avc:  denied  { setopt } for  pid=22414 comm="syz.0.4241" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 1394.994280][T17491] usb 3-1: device not accepting address 77, error -71
[ 1395.225095][   T30] audit: type=1400 audit(1770355676.889:1403): avc:  denied  { create } for  pid=22431 comm="syz.2.4247" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[ 1396.328193][T17491] usb usb3-port1: unable to enumerate USB device
[ 1396.694688][   T30] audit: type=1400 audit(1770355676.889:1404): avc:  denied  { write } for  pid=22431 comm="syz.2.4247" path="socket:[91051]" dev="sockfs" ino=91051 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[ 1397.910984][   T30] audit: type=1400 audit(1770355679.579:1405): avc:  denied  { create } for  pid=22459 comm="syz.3.4255" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmsvc_socket permissive=1
[ 1398.737701][T22477] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4259'.
[ 1399.244218][T17230] usb 2-1: new high-speed USB device number 101 using dummy_hcd
[ 1399.526638][T22495] FAULT_INJECTION: forcing a failure.
[ 1399.526638][T22495] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1399.541400][T22495] CPU: 0 UID: 0 PID: 22495 Comm: syz.0.4262 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1399.541434][T22495] Tainted: [L]=SOFTLOCKUP
[ 1399.541440][T22495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1399.541450][T22495] Call Trace:
[ 1399.541456][T22495]  <TASK>
[ 1399.541463][T22495]  dump_stack_lvl+0x100/0x190
[ 1399.541488][T22495]  should_fail_ex.cold+0x5/0xa
[ 1399.541506][T22495]  _copy_to_user+0x32/0xd0
[ 1399.541531][T22495]  simple_read_from_buffer+0xcb/0x170
[ 1399.541554][T22495]  proc_fail_nth_read+0x1af/0x230
[ 1399.541580][T22495]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1399.541605][T22495]  ? rw_verify_area+0xce/0x6d0
[ 1399.541622][T22495]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1399.541645][T22495]  vfs_read+0x1e4/0xb30
[ 1399.541667][T22495]  ? __pfx_vfs_read+0x10/0x10
[ 1399.541684][T22495]  ? find_held_lock+0x2b/0x80
[ 1399.541707][T22495]  ? __fget_files+0x215/0x3d0
[ 1399.541732][T22495]  ? __fget_files+0x21f/0x3d0
[ 1399.541757][T22495]  ksys_read+0x12a/0x250
[ 1399.541774][T22495]  ? __pfx_ksys_read+0x10/0x10
[ 1399.541789][T22495]  ? v4l2_ioctl+0x1c5/0x250
[ 1399.541807][T22495]  ? fput+0x79/0x100
[ 1399.541830][T22495]  do_syscall_64+0xc9/0xf80
[ 1399.541850][T22495]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1399.541866][T22495] RIP: 0033:0x7f89fdd5b78e
[ 1399.541879][T22495] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1399.541893][T22495] RSP: 002b:00007f89fed39fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1399.541908][T22495] RAX: ffffffffffffffda RBX: 00007f89fed3a6c0 RCX: 00007f89fdd5b78e
[ 1399.541919][T22495] RDX: 000000000000000f RSI: 00007f89fed3a0a0 RDI: 0000000000000004
[ 1399.541929][T22495] RBP: 00007f89fed3a090 R08: 0000000000000000 R09: 0000000000000000
[ 1399.541939][T22495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1399.541949][T22495] R13: 00007f89fe016038 R14: 00007f89fe015fa0 R15: 00007ffef82c1698
[ 1399.541970][T22495]  </TASK>
[ 1399.754135][T17230] usb 2-1: Using ep0 maxpacket: 32
[ 1399.760822][T17230] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[ 1399.773718][T17230] usb 2-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1399.879297][T17230] usb 2-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1399.917265][T17230] usb 2-1: Product: syz
[ 1399.921946][T17230] usb 2-1: Manufacturer: syz
[ 1399.934136][T17230] usb 2-1: SerialNumber: syz
[ 1399.942924][T17230] usb 2-1: config 0 descriptor??
[ 1399.973088][T22489] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1400.699303][   T30] audit: type=1400 audit(1770355682.369:1406): avc:  denied  { read } for  pid=22496 comm="syz.2.4263" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1400.996422][   T30] audit: type=1400 audit(1770355682.669:1407): avc:  denied  { write } for  pid=22513 comm="syz.0.4268" name="ptp0" dev="devtmpfs" ino=1265 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[ 1401.383742][T22514] syzkaller0: entered promiscuous mode
[ 1401.398090][T22514] syzkaller0: entered allmulticast mode
[ 1401.712853][T22512] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4267'.
[ 1401.875387][T18205] usb 2-1: USB disconnect, device number 101
[ 1403.264791][T22537] FAULT_INJECTION: forcing a failure.
[ 1403.264791][T22537] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1403.287185][T22537] CPU: 0 UID: 0 PID: 22537 Comm: syz.3.4272 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1403.287218][T22537] Tainted: [L]=SOFTLOCKUP
[ 1403.287224][T22537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1403.287235][T22537] Call Trace:
[ 1403.287242][T22537]  <TASK>
[ 1403.287250][T22537]  dump_stack_lvl+0x100/0x190
[ 1403.287278][T22537]  should_fail_ex.cold+0x5/0xa
[ 1403.287298][T22537]  _copy_from_user+0x2e/0xd0
[ 1403.287331][T22537]  copy_msghdr_from_user+0x9f/0x4f0
[ 1403.287351][T22537]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1403.287383][T22537]  ___sys_sendmsg+0x106/0x1e0
[ 1403.287403][T22537]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1403.287432][T22537]  ? find_held_lock+0x2b/0x80
[ 1403.287472][T22537]  __sys_sendmsg+0x170/0x220
[ 1403.287497][T22537]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1403.287535][T22537]  do_syscall_64+0xc9/0xf80
[ 1403.287558][T22537]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1403.287576][T22537] RIP: 0033:0x7f58eaf9aeb9
[ 1403.287592][T22537] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1403.287609][T22537] RSP: 002b:00007f58ebe70028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1403.287628][T22537] RAX: ffffffffffffffda RBX: 00007f58eb215fa0 RCX: 00007f58eaf9aeb9
[ 1403.287639][T22537] RDX: 000000002400e844 RSI: 0000200000000140 RDI: 0000000000000003
[ 1403.287650][T22537] RBP: 00007f58ebe70090 R08: 0000000000000000 R09: 0000000000000000
[ 1403.287660][T22537] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1403.287671][T22537] R13: 00007f58eb216038 R14: 00007f58eb215fa0 R15: 00007ffc79f5eb08
[ 1403.287695][T22537]  </TASK>
[ 1405.843880][T22552] Invalid ELF header magic: != ELF
[ 1406.252686][   T30] audit: type=1400 audit(1770355687.509:1408): avc:  denied  { module_load } for  pid=22549 comm="syz.4.4279" path="/sys/kernel/notes" dev="sysfs" ino=1404 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=system permissive=1
[ 1406.276435][T22554] syzkaller0: entered promiscuous mode
[ 1406.281975][T22554] syzkaller0: entered allmulticast mode
[ 1407.754412][   T30] audit: type=1400 audit(1770355689.419:1409): avc:  denied  { mounton } for  pid=22560 comm="syz.0.4282" path="/syzcgroup/unified/syz0" dev="cgroup2" ino=38 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[ 1407.858549][T22580] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4281'.
[ 1407.864040][T22579] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4285'.
[ 1407.899143][ T7206] usb 3-1: new high-speed USB device number 78 using dummy_hcd
[ 1409.338284][T22591] Invalid ELF header magic: != ELF
[ 1409.776436][ T7206] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[ 1409.804137][ T7206] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[ 1409.834195][T18205] usb 1-1: new high-speed USB device number 85 using dummy_hcd
[ 1409.834199][ T7206] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 121
[ 1409.835892][ T7206] usb 3-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[ 1409.884255][ T7206] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1409.892305][ T7206] usb 3-1: Product: syz
[ 1409.914268][ T7206] usb 3-1: Manufacturer: syz
[ 1409.918891][ T7206] usb 3-1: SerialNumber: syz
[ 1409.935927][ T7206] usb 3-1: config 0 descriptor??
[ 1409.942004][T22566] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1409.950685][T22566] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1409.985068][ T7206] usb 3-1: ucan: probing device on interface #0
[ 1410.004372][T18205] usb 1-1: Using ep0 maxpacket: 16
[ 1410.011169][T18205] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1410.032840][T18205] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1410.053085][T18205] usb 1-1: New USB device found, idVendor=046d, idProduct=c091, bcdDevice= 0.00
[ 1410.064196][T18205] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1410.084661][T18205] usb 1-1: config 0 descriptor??
[ 1410.180645][ T7206] usb 3-1: ucan: could not read protocol version, ret=83
[ 1410.204168][ T7206] usb 3-1: ucan: probe failed; try to update the device firmware
[ 1410.402334][   T30] audit: type=1400 audit(1770355692.069:1410): avc:  denied  { write } for  pid=22595 comm="syz.1.4291" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[ 1410.575039][T18205] hid (null): report_id 0 is invalid
[ 1410.821485][T18205] logitech-hidpp-device 0003:046D:C091.0046: report_id 0 is invalid
[ 1410.830184][T18205] logitech-hidpp-device 0003:046D:C091.0046: item 0 0 1 8 parsing failed
[ 1410.850967][T18205] logitech-hidpp-device 0003:046D:C091.0046: hidpp_probe:parse failed
[ 1410.861430][T18205] logitech-hidpp-device 0003:046D:C091.0046: probe with driver logitech-hidpp-device failed with error -22
[ 1410.923003][   T30] audit: type=1400 audit(1770355692.589:1411): avc:  denied  { read } for  pid=22604 comm="syz.1.4293" path="socket:[92133]" dev="sockfs" ino=92133 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[ 1412.003878][T17230] usb 3-1: USB disconnect, device number 78
[ 1412.684404][   T30] audit: type=1400 audit(1770355693.719:1412): avc:  denied  { ioctl } for  pid=22623 comm="syz.1.4298" path="socket:[93193]" dev="sockfs" ino=93193 ioctlcmd=0x8983 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 1412.710306][T18205] hid-generic 0000:0000:0000.0047: unknown main item tag 0x0
[ 1412.821351][T18205] hid-generic 0000:0000:0000.0047: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1412.884189][ T7194] usb 2-1: new high-speed USB device number 102 using dummy_hcd
[ 1412.953161][T18205] usb 1-1: USB disconnect, device number 85
[ 1414.074324][T17491] usb 3-1: new high-speed USB device number 79 using dummy_hcd
[ 1414.175944][ T7194] usb 2-1: config 0 has no interfaces?
[ 1414.310872][T17491] usb 3-1: config 0 has no interfaces?
[ 1414.345301][T17491] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1414.397028][T17491] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1414.441022][T17491] usb 3-1: SerialNumber: syz
[ 1414.563138][T17491] usb 3-1: config 0 descriptor??
[ 1414.890807][T22631] netlink: 128124 bytes leftover after parsing attributes in process `syz.2.4299'.
[ 1415.307127][ T7194] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1415.488023][ T7194] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1415.498036][ T7194] usb 2-1: config 0 descriptor??
[ 1415.503384][ T7194] usb 2-1: can't set config #0, error -71
[ 1415.510476][ T7194] usb 2-1: USB disconnect, device number 102
[ 1415.572789][   T30] audit: type=1400 audit(1770355697.249:1413): avc:  denied  { connect } for  pid=22643 comm="syz.4.4303" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[ 1415.583623][T22651] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4302'.
[ 1416.907777][ T7206] usb 3-1: USB disconnect, device number 79
[ 1417.104136][T22645] lo speed is unknown, defaulting to 1000
[ 1417.280877][T22645] lo speed is unknown, defaulting to 1000
[ 1417.384821][ T7206] usb 3-1: new high-speed USB device number 80 using dummy_hcd
[ 1417.557963][ T7206] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[ 1417.579965][ T7206] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[ 1417.622290][ T7206] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 121
[ 1417.653128][ T7206] usb 3-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[ 1417.682729][ T7206] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1417.701052][ T7206] usb 3-1: Product: syz
[ 1417.708628][ T7206] usb 3-1: Manufacturer: syz
[ 1417.723151][ T7206] usb 3-1: SerialNumber: syz
[ 1417.735883][ T7206] usb 3-1: config 0 descriptor??
[ 1417.754344][T22667] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1417.770425][T22667] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1417.834796][ T7206] usb 3-1: ucan: probing device on interface #0
[ 1417.934243][ T7204] usb 4-1: new high-speed USB device number 81 using dummy_hcd
[ 1418.258652][ T7206] usb 3-1: ucan: could not read protocol version, ret=83
[ 1418.275857][ T7204] usb 4-1: unable to read config index 0 descriptor/start: -61
[ 1418.285499][ T7206] usb 3-1: ucan: probe failed; try to update the device firmware
[ 1418.301708][ T7204] usb 4-1: can't read configurations, error -61
[ 1418.624193][ T7204] usb 4-1: new high-speed USB device number 82 using dummy_hcd
[ 1418.650846][   T30] audit: type=1400 audit(1770355700.319:1414): avc:  denied  { bind } for  pid=22685 comm="syz.4.4314" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[ 1418.681916][   T30] audit: type=1400 audit(1770355700.319:1415): avc:  denied  { listen } for  pid=22685 comm="syz.4.4314" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[ 1418.685749][T22688] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4313'.
[ 1418.714577][T22688] openvswitch: netlink: Missing key (keys=200040, expected=2000)
[ 1418.731844][   T30] audit: type=1400 audit(1770355700.319:1416): avc:  denied  { accept } for  pid=22685 comm="syz.4.4314" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[ 1418.848735][ T7204] usb 4-1: unable to read config index 0 descriptor/start: -61
[ 1418.864053][ T7204] usb 4-1: can't read configurations, error -61
[ 1418.864548][T15547] IPVS: starting estimator thread 0...
[ 1418.953078][   T30] audit: type=1400 audit(1770355700.609:1417): avc:  denied  { create } for  pid=22690 comm="syz.4.4316" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[ 1418.974226][T22694] IPVS: using max 40 ests per chain, 96000 per kthread
[ 1419.253936][ T7204] usb usb4-port1: attempt power cycle
[ 1419.267854][   T30] audit: type=1400 audit(1770355700.609:1418): avc:  denied  { bind } for  pid=22690 comm="syz.4.4316" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 1419.652514][ T7204] usb 4-1: new high-speed USB device number 83 using dummy_hcd
[ 1419.686308][ T7204] usb 4-1: unable to read config index 0 descriptor/start: -61
[ 1419.686424][T22705] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4318'.
[ 1419.696687][ T7204] usb 4-1: can't read configurations, error -61
[ 1419.717403][T22702] syzkaller0: entered promiscuous mode
[ 1419.723004][T22702] syzkaller0: entered allmulticast mode
[ 1419.734769][T22705] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[ 1419.864869][ T7204] usb 4-1: new high-speed USB device number 84 using dummy_hcd
[ 1419.874743][T22709] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4319'.
[ 1420.062995][ T7204] usb 4-1: unable to read config index 0 descriptor/start: -61
[ 1420.099778][ T7204] usb 4-1: can't read configurations, error -61
[ 1420.115282][ T7206] usb 3-1: USB disconnect, device number 80
[ 1420.125090][ T7204] usb usb4-port1: unable to enumerate USB device
[ 1420.221443][T22711] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4320'.
[ 1421.719338][   T30] audit: type=1400 audit(1770355703.389:1419): avc:  denied  { execute } for  pid=22732 comm="syz.3.4327" path=2F6D656D66643A01FDAE2E2BA68CB63F32193994532C7C783F55655BBDE1210333BC2723FF179B25F35B642006202864656C6574656429 dev="hugetlbfs" ino=93476 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[ 1421.756616][   T30] audit: type=1326 audit(1770355703.389:1420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22726 comm="syz.2.4325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0192d9aeb9 code=0x7ffc0000
[ 1421.814151][   T30] audit: type=1326 audit(1770355703.459:1421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22726 comm="syz.2.4325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7f0192d9aeb9 code=0x7ffc0000
[ 1421.863452][   T36] Bluetooth: hci4: Frame reassembly failed (-84)
[ 1421.934237][ T7204] usb 5-1: new high-speed USB device number 88 using dummy_hcd
[ 1421.957668][   T30] audit: type=1326 audit(1770355703.459:1422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22726 comm="syz.2.4325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0192d9aeb9 code=0x7ffc0000
[ 1422.064437][   T30] audit: type=1326 audit(1770355703.459:1423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22726 comm="syz.2.4325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0192d9aeb9 code=0x7ffc0000
[ 1422.218659][T22740] fuse: Unknown parameter 'íìæ”õ'
[ 1422.967515][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[ 1422.974214][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[ 1423.874362][T18998] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 1424.145024][   T30] kauditd_printk_skb: 67 callbacks suppressed
[ 1424.145042][   T30] audit: type=1400 audit(1770355705.819:1491): avc:  denied  { read } for  pid=22754 comm="syz.0.4332" name="usbmon9" dev="devtmpfs" ino=743 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[ 1424.187905][   T30] audit: type=1400 audit(1770355705.819:1492): avc:  denied  { open } for  pid=22754 comm="syz.0.4332" path="/dev/usbmon9" dev="devtmpfs" ino=743 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[ 1424.226074][T22759] ieee802154 phy0 wpan0: encryption failed: -22
[ 1424.226168][   T30] audit: type=1400 audit(1770355705.899:1493): avc:  denied  { write } for  pid=22758 comm="syz.1.4333" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[ 1424.556067][T22765] syzkaller0: entered promiscuous mode
[ 1424.582010][T22765] syzkaller0: entered allmulticast mode
[ 1425.121140][T22773] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4336'.
[ 1426.396773][   T30] audit: type=1400 audit(1770355708.069:1494): avc:  denied  { execute } for  pid=22792 comm="syz.2.4343" path="/dev/snd/pcmC0D0p" dev="devtmpfs" ino=1288 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sound_device_t tclass=chr_file permissive=1
[ 1426.534154][ T7194] usb 4-1: new high-speed USB device number 85 using dummy_hcd
[ 1426.684146][ T7194] usb 4-1: Using ep0 maxpacket: 8
[ 1426.759997][ T7194] usb 4-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2
[ 1426.865995][ T7194] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1426.926934][ T7194] usb 4-1: Product: syz
[ 1426.951379][ T7194] usb 4-1: Manufacturer: syz
[ 1426.977721][ T7194] usb 4-1: SerialNumber: syz
[ 1427.020030][ T7194] usb 4-1: config 0 descriptor??
[ 1427.110481][   T30] audit: type=1400 audit(1770355708.779:1495): avc:  denied  { connect } for  pid=22803 comm="syz.4.4345" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[ 1427.130362][   T30] audit: type=1400 audit(1770355708.799:1496): avc:  denied  { sqpoll } for  pid=22803 comm="syz.4.4345" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[ 1427.238256][ T7194] usb 4-1: dvb_usb_v2: found a 'Terratec H7' in warm state
[ 1427.273576][T22796] ceph: No mds server is up or the cluster is laggy
[ 1427.405326][ T7204] usb 1-1: new high-speed USB device number 86 using dummy_hcd
[ 1427.438728][ T7194] usb write operation failed. (-71)
[ 1427.455705][ T7194] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 1427.476857][ T7194] dvbdev: DVB: registering new adapter (Terratec H7)
[ 1427.483623][ T7194] usb 4-1: media controller created
[ 1427.490908][ T7194] usb read operation failed. (-71)
[ 1427.497846][ T7194] usb write operation failed. (-71)
[ 1427.507200][ T7194] dvb_usb_az6007 4-1:0.0: probe with driver dvb_usb_az6007 failed with error -5
[ 1427.525154][ T7194] usb 4-1: USB disconnect, device number 85
[ 1427.559934][T22820] syzkaller0: entered promiscuous mode
[ 1427.570455][T22820] syzkaller0: entered allmulticast mode
[ 1427.589803][ T7204] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1427.603180][ T7204] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1427.613259][ T7204] usb 1-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[ 1427.622847][ T7204] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1427.645041][ T7204] usb 1-1: config 0 descriptor??
[ 1428.010887][T22824] can0: slcan on ttyS3.
[ 1428.437473][ T7204] hid-steam 0003:28DE:1142.0048: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.0-1/input0
[ 1428.487538][   T30] audit: type=1400 audit(1770355710.159:1497): avc:  denied  { module_load } for  pid=22828 comm="syz.3.4350" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[ 1428.534249][ T7204] hid-steam 0003:28DE:1142.0048: Steam wireless receiver connected
[ 1428.584481][ T7204] hid-steam 0003:28DE:1142.0049: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.0-1/input0
[ 1428.673476][ T7204] usb 1-1: USB disconnect, device number 86
[ 1428.881743][   T30] audit: type=1400 audit(1770355710.529:1498): avc:  denied  { bind } for  pid=22826 comm="syz.4.4349" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 1428.904440][T22821] can0 (unregistered): slcan off ttyS3.
[ 1428.926898][T18998] Bluetooth: hci2: ACL packet for unknown connection handle 200
[ 1429.191980][   T30] audit: type=1400 audit(1770355710.529:1499): avc:  denied  { map } for  pid=22826 comm="syz.4.4349" path="/dev/dri/card0" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[ 1429.229004][ T7204] hid-steam 0003:28DE:1142.0048: Steam wireless receiver disconnected
[ 1429.237941][T22831] fido_id[22831]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/1-1/report_descriptor': No such file or directory
[ 1429.243578][   T30] audit: type=1400 audit(1770355710.529:1500): avc:  denied  { execute } for  pid=22826 comm="syz.4.4349" path="/dev/dri/card0" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[ 1429.373747][T22842] FAULT_INJECTION: forcing a failure.
[ 1429.373747][T22842] name failslab, interval 1, probability 0, space 0, times 0
[ 1429.438711][T22842] CPU: 1 UID: 0 PID: 22842 Comm: syz.0.4354 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1429.438743][T22842] Tainted: [L]=SOFTLOCKUP
[ 1429.438749][T22842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1429.438760][T22842] Call Trace:
[ 1429.438766][T22842]  <TASK>
[ 1429.438774][T22842]  dump_stack_lvl+0x100/0x190
[ 1429.438802][T22842]  should_fail_ex.cold+0x5/0xa
[ 1429.438822][T22842]  should_failslab+0xc2/0x120
[ 1429.438847][T22842]  ? genl_family_rcv_msg_attrs_parse.isra.0+0xc8/0x290
[ 1429.438866][T22842]  __kmalloc_noprof+0xf6/0x9c0
[ 1429.438884][T22842]  ? kasan_quarantine_put+0x104/0x240
[ 1429.438904][T22842]  ? lockdep_hardirqs_on+0x78/0x100
[ 1429.438930][T22842]  ? genl_family_rcv_msg_attrs_parse.isra.0+0xc8/0x290
[ 1429.438958][T22842]  genl_family_rcv_msg_attrs_parse.isra.0+0xc8/0x290
[ 1429.438983][T22842]  genl_family_rcv_msg_doit+0xc7/0x300
[ 1429.439004][T22842]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1429.439022][T22842]  ? genl_get_cmd+0x3ef/0x720
[ 1429.439056][T22842]  ? __dev_queue_xmit+0x7fd/0x46f0
[ 1429.439076][T22842]  ? __radix_tree_lookup+0x217/0x2b0
[ 1429.439108][T22842]  genl_rcv_msg+0x560/0x800
[ 1429.439128][T22842]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1429.439147][T22842]  ? __pfx_ovs_flow_cmd_get+0x10/0x10
[ 1429.439175][T22842]  netlink_rcv_skb+0x159/0x420
[ 1429.439201][T22842]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1429.439220][T22842]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1429.439256][T22842]  ? netlink_deliver_tap+0x1ae/0xcc0
[ 1429.439285][T22842]  genl_rcv+0x28/0x40
[ 1429.439301][T22842]  netlink_unicast+0x5aa/0x870
[ 1429.439331][T22842]  ? __pfx_netlink_unicast+0x10/0x10
[ 1429.439367][T22842]  netlink_sendmsg+0x8b0/0xda0
[ 1429.439397][T22842]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1429.439421][T22842]  ? __might_fault+0x90/0x140
[ 1429.439450][T22842]  ____sys_sendmsg+0xa54/0xc30
[ 1429.439471][T22842]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1429.439500][T22842]  ___sys_sendmsg+0x190/0x1e0
[ 1429.439521][T22842]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1429.439552][T22842]  ? find_held_lock+0x2b/0x80
[ 1429.439593][T22842]  __sys_sendmsg+0x170/0x220
[ 1429.439618][T22842]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1429.439659][T22842]  do_syscall_64+0xc9/0xf80
[ 1429.439682][T22842]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1429.439700][T22842] RIP: 0033:0x7f89fdd9aeb9
[ 1429.439715][T22842] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1429.439731][T22842] RSP: 002b:00007f89fed3a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1429.439749][T22842] RAX: ffffffffffffffda RBX: 00007f89fe015fa0 RCX: 00007f89fdd9aeb9
[ 1429.439760][T22842] RDX: 000000000000c000 RSI: 0000200000000000 RDI: 0000000000000003
[ 1429.439770][T22842] RBP: 00007f89fed3a090 R08: 0000000000000000 R09: 0000000000000000
[ 1429.439781][T22842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1429.439791][T22842] R13: 00007f89fe016038 R14: 00007f89fe015fa0 R15: 00007ffef82c1698
[ 1429.439816][T22842]  </TASK>
[ 1429.839676][T22850] FAULT_INJECTION: forcing a failure.
[ 1429.839676][T22850] name failslab, interval 1, probability 0, space 0, times 0
[ 1429.853961][T22850] CPU: 1 UID: 0 PID: 22850 Comm: syz.2.4352 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1429.853991][T22850] Tainted: [L]=SOFTLOCKUP
[ 1429.853998][T22850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1429.854008][T22850] Call Trace:
[ 1429.854014][T22850]  <TASK>
[ 1429.854021][T22850]  dump_stack_lvl+0x100/0x190
[ 1429.854050][T22850]  should_fail_ex.cold+0x5/0xa
[ 1429.854073][T22850]  should_failslab+0xc2/0x120
[ 1429.854095][T22850]  kmem_cache_alloc_noprof+0x83/0x780
[ 1429.854115][T22850]  ? security_file_alloc+0x34/0x2c0
[ 1429.854136][T22850]  ? security_file_alloc+0x34/0x2c0
[ 1429.854152][T22850]  security_file_alloc+0x34/0x2c0
[ 1429.854180][T22850]  init_file+0x93/0x4c0
[ 1429.854206][T22850]  alloc_empty_file+0x73/0x1c0
[ 1429.854233][T22850]  path_openat+0xe8/0x3120
[ 1429.854265][T22850]  ? __pfx_path_openat+0x10/0x10
[ 1429.854286][T22850]  ? stack_trace_save+0x8e/0xc0
[ 1429.854311][T22850]  ? __pfx_stack_trace_save+0x10/0x10
[ 1429.854338][T22850]  ? stack_depot_save_flags+0x27/0x9c0
[ 1429.854369][T22850]  do_filp_open+0x1f7/0x420
[ 1429.854394][T22850]  ? __pfx_do_filp_open+0x10/0x10
[ 1429.854414][T22850]  ? __do_sys_io_uring_enter+0x6b4/0x15b0
[ 1429.854432][T22850]  ? do_syscall_64+0xc9/0xf80
[ 1429.854451][T22850]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1429.854487][T22850]  ? alloc_fd+0x476/0x790
[ 1429.854513][T22850]  ? build_open_flags+0x4b6/0x760
[ 1429.854541][T22850]  io_openat2+0x20e/0x8e0
[ 1429.854565][T22850]  ? __pfx_io_openat2+0x10/0x10
[ 1429.854595][T22850]  __io_issue_sqe+0xe8/0x7a0
[ 1429.854623][T22850]  io_issue_sqe+0x85/0x1430
[ 1429.854641][T22850]  ? __io_openat_prep+0x312/0x410
[ 1429.854665][T22850]  io_submit_sqes+0xb3d/0x21c0
[ 1429.854696][T22850]  __do_sys_io_uring_enter+0x6b4/0x15b0
[ 1429.854721][T22850]  ? __fget_files+0x21f/0x3d0
[ 1429.854742][T22850]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[ 1429.854765][T22850]  ? fput+0x79/0x100
[ 1429.854789][T22850]  ? ksys_write+0x1ac/0x250
[ 1429.854808][T22850]  ? __pfx_ksys_write+0x10/0x10
[ 1429.854836][T22850]  do_syscall_64+0xc9/0xf80
[ 1429.854858][T22850]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1429.854877][T22850] RIP: 0033:0x7f0192d9aeb9
[ 1429.854894][T22850] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1429.854912][T22850] RSP: 002b:00007f0193cf6028 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1429.854929][T22850] RAX: ffffffffffffffda RBX: 00007f0193016180 RCX: 00007f0192d9aeb9
[ 1429.854941][T22850] RDX: 0000000000000000 RSI: 0000000000003516 RDI: 0000000000000007
[ 1429.854952][T22850] RBP: 00007f0193cf6090 R08: 0000000000000000 R09: 00000000fffffdcf
[ 1429.854964][T22850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1429.854975][T22850] R13: 00007f0193016218 R14: 00007f0193016180 R15: 00007ffcdc757f68
[ 1429.855000][T22850]  </TASK>
[ 1430.347883][   T30] audit: type=1400 audit(1770355712.019:1501): avc:  denied  { read } for  pid=22853 comm="syz.0.4355" name="sg0" dev="devtmpfs" ino=771 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[ 1430.790703][T22854] sg_write: data in/out 732/38 bytes for SCSI command 0x8-- guessing data in;
[ 1430.790703][T22854]    program syz.0.4355 not setting count and/or reply_len properly
[ 1431.261491][   T30] audit: type=1400 audit(1770355712.929:1502): avc:  denied  { setopt } for  pid=22862 comm="syz.0.4357" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 1431.819103][T22883] netlink: 92 bytes leftover after parsing attributes in process `syz.0.4360'.
[ 1431.917918][T22885] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4360'.
[ 1432.181794][T22894] can0: slcan on ttyS3.
[ 1432.369381][T18205] usb 3-1: new low-speed USB device number 81 using dummy_hcd
[ 1432.607270][   T30] audit: type=1400 audit(1770355714.269:1503): avc:  denied  { write } for  pid=22899 comm="syz.0.4365" name="binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[ 1432.645585][T18205] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[ 1432.653935][T18205] usb 3-1: config 0 has no interface number 0
[ 1432.660928][T18205] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[ 1432.676492][T18205] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[ 1432.745881][T22900] netlink: 84 bytes leftover after parsing attributes in process `syz.0.4365'.
[ 1432.764180][T18205] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1432.773462][   T30] audit: type=1400 audit(1770355714.419:1504): avc:  denied  { shutdown } for  pid=22899 comm="syz.0.4365" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 1432.798216][T18205] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1432.851371][T18205] usb 3-1: config 0 descriptor??
[ 1432.863045][T22891] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1432.898641][T22901] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4365'.
[ 1432.910052][T18205] iowarrior 3-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[ 1433.054783][T22884] can0 (unregistered): slcan off ttyS3.
[ 1433.149612][T22914] SELinux:  Context system_u:object_r:systemd_logger_exec_t:s0 is not valid (left unmapped).
[ 1433.179341][   T30] audit: type=1400 audit(1770355714.839:1505): avc:  denied  { relabelto } for  pid=22904 comm="syz.1.4366" name="321" dev="tmpfs" ino=1755 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:systemd_logger_exec_t:s0"
[ 1433.538471][   T30] audit: type=1400 audit(1770355714.839:1506): avc:  denied  { associate } for  pid=22904 comm="syz.1.4366" name="321" dev="tmpfs" ino=1755 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:systemd_logger_exec_t:s0"
[ 1433.576046][   T30] audit: type=1400 audit(1770355714.839:1507): avc:  denied  { mounton } for  pid=22904 comm="syz.1.4366" path="/321" dev="tmpfs" ino=1755 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:systemd_logger_exec_t:s0"
[ 1433.649139][T18205] usb 3-1: USB disconnect, device number 81
[ 1433.655109][    C1] iowarrior 3-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[ 1433.696189][   T30] audit: type=1400 audit(1770355714.839:1508): avc:  denied  { mount } for  pid=22904 comm="syz.1.4366" name="/" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[ 1434.210553][T22910] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4367'.
[ 1434.858660][   T30] kauditd_printk_skb: 5 callbacks suppressed
[ 1434.858692][   T30] audit: type=1326 audit(1770355716.529:1514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22947 comm="syz.4.4373" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f648d99aeb9 code=0x0
[ 1435.693098][T22966] 9p: Bad value for 'rfdno'
[ 1436.012775][T22974] can0: slcan on ttyS3.
[ 1436.027450][T22974] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4378'.
[ 1436.037033][T22974] openvswitch: netlink: Flow actions attr not present in new flow.
[ 1436.470796][T22980] tmpfs: Unknown parameter 'usrquotaãü´—•î±hdë<�GOØ/'
[ 1436.676137][T22970] can0 (unregistered): slcan off ttyS3.
[ 1436.844168][ T7204] usb 5-1: new high-speed USB device number 89 using dummy_hcd
[ 1437.024260][ T7204] usb 5-1: Using ep0 maxpacket: 16
[ 1437.041102][ T7204] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[ 1437.074192][ T7204] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1437.536879][ T7204] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1437.581477][ T7204] usb 5-1: Product: syz
[ 1437.606340][ T7204] usb 5-1: Manufacturer: syz
[ 1437.627770][ T7204] usb 5-1: SerialNumber: syz
[ 1437.662868][ T7204] usb 5-1: config 0 descriptor??
[ 1437.688506][ T7204] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 1437.720941][ T7204] em28xx 5-1:0.0: DVB interface 0 found: bulk
[ 1437.944525][ T7204] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[ 1438.025806][ T7204] em28xx 5-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[ 1438.045657][ T7204] em28xx 5-1:0.0: board has no eeprom
[ 1438.076710][T23002] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4384'.
[ 1438.116406][ T7204] em28xx 5-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[ 1438.129203][ T7204] em28xx 5-1:0.0: dvb set to bulk mode.
[ 1438.136420][ T7206] em28xx 5-1:0.0: Binding DVB extension
[ 1438.159048][ T7204] usb 5-1: USB disconnect, device number 89
[ 1438.203073][ T7204] em28xx 5-1:0.0: Disconnecting em28xx
[ 1438.288710][ T7206] em28xx 5-1:0.0: Registering input extension
[ 1438.305883][ T7204] em28xx 5-1:0.0: Closing input extension
[ 1438.348838][ T7204] em28xx 5-1:0.0: Freeing device
[ 1438.532882][T23029] 8021q: VLANs not supported on tunl0
[ 1438.532887][   T30] audit: type=1400 audit(1770355720.199:1515): avc:  denied  { ioctl } for  pid=23027 comm="syz.4.4387" path="socket:[94403]" dev="sockfs" ino=94403 ioctlcmd=0x8983 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1438.974174][ T7206] usb 5-1: new high-speed USB device number 90 using dummy_hcd
[ 1439.123648][T23035] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4388'.
[ 1439.135397][ T7206] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1439.146582][ T7206] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1439.156419][ T7206] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1439.169299][ T7206] usb 5-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[ 1439.172813][T23024] ceph: No mds server is up or the cluster is laggy
[ 1439.178418][ T7206] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1439.194257][ T7206] usb 5-1: config 0 descriptor??
[ 1439.203533][T23036] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4388'.
[ 1439.232484][   T30] audit: type=1400 audit(1770355720.899:1516): avc:  denied  { ioctl } for  pid=23034 comm="syz.2.4388" path="/dev/sg0" dev="devtmpfs" ino=771 ioctlcmd=0x5385 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[ 1439.544650][ T7194] usb 1-1: new high-speed USB device number 87 using dummy_hcd
[ 1439.631881][T23041] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=9495 sclass=netlink_xfrm_socket pid=23041 comm=syz.3.4391
[ 1439.704483][ T7194] usb 1-1: device descriptor read/64, error -71
[ 1439.965692][ T7194] usb 1-1: new high-speed USB device number 88 using dummy_hcd
[ 1440.231132][ T7194] usb 1-1: device descriptor read/64, error -71
[ 1440.306624][T23049] can0: slcan on ttyS3.
[ 1440.317676][T23049] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4392'.
[ 1440.326916][T23049] openvswitch: netlink: Flow actions attr not present in new flow.
[ 1441.062521][T23050] Invalid ELF header magic: != ELF
[ 1441.592701][ T7194] usb usb1-port1: attempt power cycle
[ 1441.632039][ T7206] usbhid 5-1:0.0: can't add hid device: -71
[ 1441.645181][T23044] can0 (unregistered): slcan off ttyS3.
[ 1441.656363][ T7206] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1441.738757][ T7206] usb 5-1: USB disconnect, device number 90
[ 1442.550072][ T7194] usb 1-1: new high-speed USB device number 89 using dummy_hcd
[ 1443.079953][ T7194] usb 1-1: device descriptor read/8, error -71
[ 1443.482851][T15547] usb 4-1: new high-speed USB device number 86 using dummy_hcd
[ 1444.474172][ T7194] usb 1-1: new high-speed USB device number 90 using dummy_hcd
[ 1444.502210][T15547] usb 4-1: Using ep0 maxpacket: 16
[ 1444.509131][ T7194] usb 1-1: device descriptor read/8, error -71
[ 1444.529021][T15547] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1444.540745][T15547] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1444.552196][   T30] audit: type=1400 audit(1770355726.219:1517): avc:  denied  { write } for  pid=23081 comm="syz.4.4403" name="nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[ 1444.556402][T23082] FAULT_INJECTION: forcing a failure.
[ 1444.556402][T23082] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1444.575778][T15547] usb 4-1: New USB device found, idVendor=046d, idProduct=c091, bcdDevice= 0.00
[ 1444.598169][   T30] audit: type=1400 audit(1770355726.229:1518): avc:  denied  { open } for  pid=23081 comm="syz.4.4403" path="/dev/nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[ 1444.622492][T15547] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1444.624439][T23082] CPU: 0 UID: 0 PID: 23082 Comm: syz.4.4403 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1444.624463][T23082] Tainted: [L]=SOFTLOCKUP
[ 1444.624469][T23082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1444.624478][T23082] Call Trace:
[ 1444.624483][T23082]  <TASK>
[ 1444.624489][T23082]  dump_stack_lvl+0x100/0x190
[ 1444.624513][T23082]  should_fail_ex.cold+0x5/0xa
[ 1444.624532][T23082]  _copy_to_user+0x32/0xd0
[ 1444.624554][T23082]  simple_read_from_buffer+0xcb/0x170
[ 1444.624574][T23082]  proc_fail_nth_read+0x1af/0x230
[ 1444.624596][T23082]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1444.624618][T23082]  ? rw_verify_area+0xce/0x6d0
[ 1444.624633][T23082]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1444.624654][T23082]  vfs_read+0x1e4/0xb30
[ 1444.624673][T23082]  ? __pfx_vfs_read+0x10/0x10
[ 1444.624688][T23082]  ? find_held_lock+0x2b/0x80
[ 1444.624708][T23082]  ? __fget_files+0x215/0x3d0
[ 1444.624730][T23082]  ? __fget_files+0x21f/0x3d0
[ 1444.624754][T23082]  ksys_read+0x12a/0x250
[ 1444.624770][T23082]  ? __pfx_ksys_read+0x10/0x10
[ 1444.624793][T23082]  do_syscall_64+0xc9/0xf80
[ 1444.624821][T23082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1444.624836][T23082] RIP: 0033:0x7f648d95b78e
[ 1444.624849][T23082] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1444.624863][T23082] RSP: 002b:00007f648e85afe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1444.624879][T23082] RAX: ffffffffffffffda RBX: 00007f648e85b6c0 RCX: 00007f648d95b78e
[ 1444.624889][T23082] RDX: 000000000000000f RSI: 00007f648e85b0a0 RDI: 0000000000000004
[ 1444.624898][T23082] RBP: 00007f648e85b090 R08: 0000000000000000 R09: 0000000000000000
[ 1444.624908][T23082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1444.624917][T23082] R13: 00007f648dc16038 R14: 00007f648dc15fa0 R15: 00007ffdcad732c8
[ 1444.624939][T23082]  </TASK>
[ 1444.833131][ T7194] usb usb1-port1: unable to enumerate USB device
[ 1444.865316][T15547] usb 4-1: config 0 descriptor??
[ 1445.356808][T15547] hid (null): report_id 0 is invalid
[ 1445.421041][T15547] logitech-hidpp-device 0003:046D:C091.004A: report_id 0 is invalid
[ 1445.436207][T15547] logitech-hidpp-device 0003:046D:C091.004A: item 0 0 1 8 parsing failed
[ 1445.449101][T15547] logitech-hidpp-device 0003:046D:C091.004A: hidpp_probe:parse failed
[ 1445.459510][T15547] logitech-hidpp-device 0003:046D:C091.004A: probe with driver logitech-hidpp-device failed with error -22
[ 1445.604612][   T30] audit: type=1326 audit(1770355727.269:1519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23087 comm="syz.2.4402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0192d9aeb9 code=0x7ffc0000
[ 1445.643581][T23090] fuse: Bad value for 'fd'
[ 1445.663993][   T30] audit: type=1326 audit(1770355727.269:1520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23087 comm="syz.2.4402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f0192d9aeb9 code=0x7ffc0000
[ 1445.703200][   T30] audit: type=1326 audit(1770355727.309:1521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23087 comm="syz.2.4402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0192d9aeb9 code=0x7ffc0000
[ 1445.727236][   T30] audit: type=1326 audit(1770355727.309:1522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23087 comm="syz.2.4402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0192d9aeb9 code=0x7ffc0000
[ 1445.751591][   T30] audit: type=1326 audit(1770355727.309:1523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23087 comm="syz.2.4402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=333 compat=0 ip=0x7f0192d9aeb9 code=0x7ffc0000
[ 1445.777189][   T30] audit: type=1326 audit(1770355727.309:1524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23087 comm="syz.2.4402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0192d9aeb9 code=0x7ffc0000
[ 1445.801201][   T30] audit: type=1326 audit(1770355727.309:1525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23087 comm="syz.2.4402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0192d9aeb9 code=0x7ffc0000
[ 1445.825197][   T30] audit: type=1326 audit(1770355727.309:1526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23087 comm="syz.2.4402" exe="/root/syz-executor" sig=0 arch=c000003e syscall=154 compat=0 ip=0x7f0192d9aeb9 code=0x7ffc0000
[ 1446.309899][T23104] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4406'.
[ 1446.323004][T23104] FAULT_INJECTION: forcing a failure.
[ 1446.323004][T23104] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1446.344366][T23104] CPU: 0 UID: 0 PID: 23104 Comm: syz.1.4406 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1446.344395][T23104] Tainted: [L]=SOFTLOCKUP
[ 1446.344402][T23104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1446.344413][T23104] Call Trace:
[ 1446.344418][T23104]  <TASK>
[ 1446.344426][T23104]  dump_stack_lvl+0x100/0x190
[ 1446.344454][T23104]  should_fail_ex.cold+0x5/0xa
[ 1446.344474][T23104]  _copy_to_user+0x32/0xd0
[ 1446.344500][T23104]  simple_read_from_buffer+0xcb/0x170
[ 1446.344524][T23104]  proc_fail_nth_read+0x1af/0x230
[ 1446.344549][T23104]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1446.344575][T23104]  ? rw_verify_area+0xce/0x6d0
[ 1446.344593][T23104]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1446.344617][T23104]  vfs_read+0x1e4/0xb30
[ 1446.344640][T23104]  ? __pfx_vfs_read+0x10/0x10
[ 1446.344657][T23104]  ? find_held_lock+0x2b/0x80
[ 1446.344682][T23104]  ? __fget_files+0x215/0x3d0
[ 1446.344708][T23104]  ? __fget_files+0x21f/0x3d0
[ 1446.344736][T23104]  ksys_read+0x12a/0x250
[ 1446.344755][T23104]  ? __pfx_ksys_read+0x10/0x10
[ 1446.344781][T23104]  do_syscall_64+0xc9/0xf80
[ 1446.344809][T23104]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1446.344827][T23104] RIP: 0033:0x7f6b60f5b78e
[ 1446.344842][T23104] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1446.344859][T23104] RSP: 002b:00007f6b61d75fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1446.344876][T23104] RAX: ffffffffffffffda RBX: 00007f6b61d766c0 RCX: 00007f6b60f5b78e
[ 1446.344887][T23104] RDX: 000000000000000f RSI: 00007f6b61d760a0 RDI: 0000000000000006
[ 1446.344898][T23104] RBP: 00007f6b61d76090 R08: 0000000000000000 R09: 0000000000000000
[ 1446.344909][T23104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1446.344923][T23104] R13: 00007f6b61216128 R14: 00007f6b61216090 R15: 00007ffff2b11038
[ 1446.344948][T23104]  </TASK>
[ 1446.598355][T23098] geneve2: entered promiscuous mode
[ 1446.603587][T23098] geneve2: entered allmulticast mode
[ 1446.643444][T23107] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4408'.
[ 1446.662044][T23107] openvswitch: netlink: Flow key attr not present in new flow.
[ 1446.678594][T23101] bond1 (unregistering): Released all slaves
[ 1446.968533][ T7194] usb 4-1: USB disconnect, device number 86
[ 1447.014622][T15547] usb 3-1: new full-speed USB device number 82 using dummy_hcd
[ 1447.094175][ T7206] usb 5-1: new high-speed USB device number 91 using dummy_hcd
[ 1447.206763][T15547] usb 3-1: config 0 interface 0 altsetting 164 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[ 1447.257974][T15547] usb 3-1: config 0 interface 0 has no altsetting 0
[ 1447.266069][T15547] usb 3-1: New USB device found, idVendor=0458, idProduct=0087, bcdDevice= 0.00
[ 1447.284393][T15547] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1447.339896][T15547] usb 3-1: config 0 descriptor??
[ 1447.400671][T23110] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[ 1448.130776][T15547] kye 0003:0458:0087.004B: unbalanced collection at end of report description
[ 1448.148156][T15547] kye 0003:0458:0087.004B: parse failed
[ 1448.154368][T15547] kye 0003:0458:0087.004B: probe with driver kye failed with error -22
[ 1448.966896][T15547] usb 3-1: USB disconnect, device number 82
[ 1448.986725][T23142] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4418'.
[ 1449.231994][T23138] fuse: Bad value for 'group_id'
[ 1449.237174][T23138] fuse: Bad value for 'group_id'
[ 1449.244650][T23153] FAULT_INJECTION: forcing a failure.
[ 1449.244650][T23153] name failslab, interval 1, probability 0, space 0, times 0
[ 1449.259989][T23153] CPU: 0 UID: 0 PID: 23153 Comm: syz.4.4422 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1449.260007][T23153] Tainted: [L]=SOFTLOCKUP
[ 1449.260011][T23153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1449.260017][T23153] Call Trace:
[ 1449.260021][T23153]  <TASK>
[ 1449.260025][T23153]  dump_stack_lvl+0x100/0x190
[ 1449.260043][T23153]  should_fail_ex.cold+0x5/0xa
[ 1449.260055][T23153]  should_failslab+0xc2/0x120
[ 1449.260070][T23153]  ? tomoyo_encode2+0xfb/0x3c0
[ 1449.260085][T23153]  __kmalloc_noprof+0xf6/0x9c0
[ 1449.260100][T23153]  ? tomoyo_encode2+0xfb/0x3c0
[ 1449.260111][T23153]  tomoyo_encode2+0xfb/0x3c0
[ 1449.260125][T23153]  tomoyo_encode+0x29/0x50
[ 1449.260136][T23153]  tomoyo_realpath_from_path+0x18c/0x690
[ 1449.260152][T23153]  tomoyo_path_number_perm+0x23c/0x580
[ 1449.260169][T23153]  ? tomoyo_path_number_perm+0x22e/0x580
[ 1449.260187][T23153]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1449.260217][T23153]  ? find_held_lock+0x2b/0x80
[ 1449.260232][T23153]  ? hook_file_ioctl_common+0x146/0x410
[ 1449.260245][T23153]  ? __fget_files+0x215/0x3d0
[ 1449.260261][T23153]  ? __fget_files+0x21f/0x3d0
[ 1449.260276][T23153]  security_file_ioctl+0xd3/0x230
[ 1449.260288][T23153]  __x64_sys_ioctl+0xb7/0x210
[ 1449.260300][T23153]  do_syscall_64+0xc9/0xf80
[ 1449.260313][T23153]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1449.260324][T23153] RIP: 0033:0x7f648d99aeb9
[ 1449.260334][T23153] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1449.260344][T23153] RSP: 002b:00007f648e85b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1449.260355][T23153] RAX: ffffffffffffffda RBX: 00007f648dc15fa0 RCX: 00007f648d99aeb9
[ 1449.260362][T23153] RDX: 0000000000000000 RSI: 0000000041009432 RDI: 0000000000000003
[ 1449.260369][T23153] RBP: 00007f648e85b090 R08: 0000000000000000 R09: 0000000000000000
[ 1449.260375][T23153] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1449.260381][T23153] R13: 00007f648dc16038 R14: 00007f648dc15fa0 R15: 00007ffdcad732c8
[ 1449.260395][T23153]  </TASK>
[ 1449.260404][T23153] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1449.574252][   T30] kauditd_printk_skb: 36 callbacks suppressed
[ 1449.574264][   T30] audit: type=1400 audit(1770355731.239:1563): avc:  denied  { write } for  pid=23147 comm="syz.3.4420" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[ 1449.657121][T23160] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[ 1449.672032][T23160] syzkaller0: entered promiscuous mode
[ 1449.688418][T23160] syzkaller0: entered allmulticast mode
[ 1449.696312][T23156] usb usb8: usbfs: process 23156 (syz.3.4420) did not claim interface 0 before use
[ 1449.974115][T23165] /dev/nullb0: Can't open blockdev
[ 1450.163035][   T30] audit: type=1400 audit(1770355731.659:1564): avc:  denied  { bind } for  pid=23163 comm="syz.4.4425" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 1450.196091][   T30] audit: type=1400 audit(1770355731.669:1565): avc:  denied  { setopt } for  pid=23163 comm="syz.4.4425" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1450.269820][   T30] audit: type=1400 audit(1770355731.669:1566): avc:  denied  { read } for  pid=23163 comm="syz.4.4425" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1450.370316][T23171] PKCS7: Unknown OID: [4] 2.19.13055.1334505.0.0.0.0
[ 1450.437027][T23171] PKCS7: Only support pkcs7_signedData type
[ 1450.527839][   T30] audit: type=1400 audit(1770355732.199:1567): avc:  denied  { listen } for  pid=23170 comm="syz.1.4427" lport=57546 faddr=::ffff:172.20.255.187 fport=20001 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 1450.556390][   T30] audit: type=1400 audit(1770355732.199:1568): avc:  denied  { accept } for  pid=23170 comm="syz.1.4427" lport=57546 faddr=::ffff:172.20.255.187 fport=20001 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 1450.581375][   T30] audit: type=1400 audit(1770355732.199:1569): avc:  denied  { write } for  pid=23170 comm="syz.1.4427" lport=57546 faddr=::ffff:172.20.255.187 fport=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[ 1450.778316][   T30] audit: type=1400 audit(1770355732.449:1570): avc:  denied  { setopt } for  pid=23170 comm="syz.1.4427" lport=57546 faddr=::ffff:172.20.255.187 fport=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[ 1450.956522][T23185] SELinux:  Context system_u:object_r:hald_dccm_exec_t:s0 is not valid (left unmapped).
[ 1451.014141][   T30] audit: type=1400 audit(1770355732.679:1571): avc:  denied  { relabelto } for  pid=23181 comm="syz.2.4430" name="userio" dev="devtmpfs" ino=914 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 trawcon="system_u:object_r:hald_dccm_exec_t:s0"
[ 1451.233240][   T30] audit: type=1400 audit(1770355732.679:1572): avc:  denied  { associate } for  pid=23181 comm="syz.2.4430" name="userio" dev="devtmpfs" ino=914 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 srawcon="system_u:object_r:hald_dccm_exec_t:s0"
[ 1454.224316][T15547] usb 1-1: new high-speed USB device number 91 using dummy_hcd
[ 1454.476287][T15547] usb 1-1: Using ep0 maxpacket: 16
[ 1454.492516][T15547] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[ 1454.539324][T15547] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1454.560932][T15547] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1454.584974][T15547] usb 1-1: Product: syz
[ 1455.083958][T15547] usb 1-1: Manufacturer: syz
[ 1455.109594][T15547] usb 1-1: SerialNumber: syz
[ 1455.148828][T15547] usb 1-1: config 0 descriptor??
[ 1455.168301][   T30] kauditd_printk_skb: 3 callbacks suppressed
[ 1455.168319][   T30] audit: type=1400 audit(3917839384.836:1576): avc:  denied  { setopt } for  pid=23258 comm="syz.4.4448" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[ 1455.178529][T15547] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 1455.439403][T15547] em28xx 1-1:0.0: DVB interface 0 found: isoc
[ 1455.683854][T23266] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=23266 comm=syz.0.4443
[ 1457.235241][T15547] em28xx 1-1:0.0: unknown em28xx chip ID (0)
[ 1457.459714][T15547] em28xx 1-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[ 1457.468821][T15547] em28xx 1-1:0.0: board has no eeprom
[ 1457.543439][T15547] em28xx 1-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[ 1457.732053][T15547] em28xx 1-1:0.0: dvb set to isoc mode.
[ 1457.810371][T17230] em28xx 1-1:0.0: Binding DVB extension
[ 1457.840077][T15547] usb 1-1: USB disconnect, device number 91
[ 1457.949612][T15547] em28xx 1-1:0.0: Disconnecting em28xx
[ 1457.982282][T17230] em28xx 1-1:0.0: Registering input extension
[ 1457.998236][T15547] em28xx 1-1:0.0: Closing input extension
[ 1458.063792][T15547] em28xx 1-1:0.0: Freeing device
[ 1458.156138][T23279] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4453'.
[ 1458.946630][T15547] usb 4-1: new high-speed USB device number 87 using dummy_hcd
[ 1458.954137][T17491] usb 1-1: new high-speed USB device number 92 using dummy_hcd
[ 1459.124270][T17491] usb 1-1: device descriptor read/64, error -71
[ 1459.250742][T15547] usb 4-1: Using ep0 maxpacket: 8
[ 1459.259211][T15547] usb 4-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=30.62
[ 1459.294118][T15547] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1459.332705][T15547] usb 4-1: Product: syz
[ 1459.336925][T15547] usb 4-1: Manufacturer: syz
[ 1459.364335][T15547] usb 4-1: SerialNumber: syz
[ 1459.364899][T17491] usb 1-1: new high-speed USB device number 93 using dummy_hcd
[ 1459.445462][T15547] usb 4-1: config 0 descriptor??
[ 1459.467597][T15547] usb 4-1: selecting invalid altsetting 3
[ 1459.473323][T15547] comedi comedi5: could not set alternate setting 3 in high speed
[ 1459.544379][T17491] usb 1-1: device descriptor read/64, error -71
[ 1459.547937][T15547] usbdux 4-1:0.0: driver 'usbdux' failed to auto-configure device.
[ 1459.581905][T15547] usbdux 4-1:0.0: probe with driver usbdux failed with error -22
[ 1459.714265][T17491] usb usb1-port1: attempt power cycle
[ 1459.946397][T23294] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4457'.
[ 1459.958972][T15547] usb 4-1: USB disconnect, device number 87
[ 1460.194823][T17491] usb 1-1: new high-speed USB device number 94 using dummy_hcd
[ 1460.214734][T17491] usb 1-1: device descriptor read/8, error -71
[ 1460.454140][T17491] usb 1-1: new high-speed USB device number 95 using dummy_hcd
[ 1460.495427][T17491] usb 1-1: device descriptor read/8, error -71
[ 1460.614514][T17491] usb usb1-port1: unable to enumerate USB device
[ 1461.479183][   T30] audit: type=1400 audit(3917839391.146:1577): avc:  denied  { read } for  pid=23335 comm="syz.2.4468" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[ 1461.606030][   T30] audit: type=1400 audit(3917839391.276:1578): avc:  denied  { ioctl } for  pid=23340 comm="syz.4.4469" path="/dev/nullb0" dev="devtmpfs" ino=696 ioctlcmd=0x1271 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[ 1461.738375][T23340] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff8880757f5b40 pfn:0x757f5
[ 1461.738424][T23342] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x3e7fffe pfn:0x32675
[ 1461.784789][T23342] memcg:ffff888078c28d40
[ 1461.789846][T23340] memcg:ffff888078c28d40
[ 1461.874090][T23342] flags: 0xfff00000000001(locked|node=0|zone=1|lastcpupid=0x7ff)
[ 1461.885578][T23340] flags: 0xfff00000000001(locked|node=0|zone=1|lastcpupid=0x7ff)
[ 1461.895624][T23340] raw: 00fff00000000001 0000000000000000 dead000000000122 0000000000000000
[ 1461.909870][T23340] raw: ffff8880757f5b40 0000000000000000 00000001ffffffff ffff888078c28d40
[ 1461.909879][T23342] raw: 00fff00000000001 0000000000000000 dead000000000122 0000000000000000
[ 1461.909899][T23342] raw: 0000000003e7fffe 0000000000000000 00000001ffffffff ffff888078c28d40
[ 1461.924821][T23340] page dumped because: VM_BUG_ON_FOLIO(folio_order(folio) < mapping_min_folio_order(mapping))
[ 1461.947661][T23340] page_owner tracks the page as allocated
[ 1461.953947][T23340] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x152c00(GFP_NOIO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 23340, tgid 23340 (syz.4.4469), ts 1461738353107, free_ts 1461634332905
[ 1462.331597][T23342] page dumped because: VM_BUG_ON_FOLIO(folio_order(folio) < mapping_min_folio_order(mapping))
[ 1462.343609][T23342] page_owner tracks the page as allocated
[ 1462.349569][T23342] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x152c00(GFP_NOIO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 23342, tgid 23340 (syz.4.4469), ts 1461738410691, free_ts 1461738294545
[ 1462.349607][T23342]  post_alloc_hook+0x1e1/0x250
[ 1462.349628][T23342]  get_page_from_freelist+0xe3d/0x2e10
[ 1462.349647][T23342]  __alloc_frozen_pages_noprof+0x26c/0x2410
[ 1462.349666][T23342]  alloc_pages_mpol+0x1fb/0x550
[ 1462.349690][T23342]  folio_alloc_noprof+0x22/0x330
[ 1462.349716][T23342]  filemap_alloc_folio_noprof.part.0+0x377/0x450
[ 1462.349750][T23342]  filemap_alloc_folio_noprof+0x5e/0x80
[ 1462.349778][T23342]  page_cache_ra_order+0x54b/0xfe0
[ 1462.349798][T23342]  filemap_fault+0x1b56/0x37c0
[ 1462.349821][T23342]  __do_fault+0x10d/0x550
[ 1462.349843][T23342]  do_fault+0xaf9/0x1990
[ 1462.349868][T23342]  __handle_mm_fault+0x1807/0x2b50
[ 1462.349885][T23342]  handle_mm_fault+0x36d/0xa20
[ 1462.349903][T23342]  __get_user_pages+0xf9c/0x34d0
[ 1462.349927][T23342]  populate_vma_page_range+0x267/0x3f0
[ 1462.349954][T23342]  __mm_populate+0x107/0x3a0
[ 1462.349975][T23342] page last free pid 23341 tgid 23340 stack trace:
[ 1462.349986][T23342]  free_unref_folios+0xb2a/0x1760
[ 1462.350002][T23342]  folios_put_refs+0x53c/0x840
[ 1462.350022][T23342]  truncate_inode_pages_range+0x30c/0x1050
[ 1462.350049][T23342]  set_blocksize+0x2bc/0x510
[ 1462.350072][T23342]  blkdev_bszset+0x19b/0x240
[ 1462.350087][T23342]  blkdev_ioctl+0x513/0x6f0
[ 1462.350102][T23342]  __x64_sys_ioctl+0x18e/0x210
[ 1462.350119][T23342]  do_syscall_64+0xc9/0xf80
[ 1462.350137][T23342]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1462.350266][T23342] ------------[ cut here ]------------
[ 1462.350275][T23342] kernel BUG at mm/filemap.c:858!
[ 1462.350293][T23342] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI
[ 1462.350312][T23342] CPU: 1 UID: 0 PID: 23342 Comm: syz.4.4469 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1462.350337][T23342] Tainted: [L]=SOFTLOCKUP
[ 1462.350345][T23342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1462.350356][T23342] RIP: 0010:__filemap_add_folio+0xf7f/0x1220
[ 1462.350379][T23342] Code: c9 c6 ff 48 c7 c6 a0 18 9d 8b 4c 89 ef e8 99 0d 12 00 90 0f 0b e8 51 c9 c6 ff 48 c7 c6 00 19 9d 8b 4c 89 ef e8 82 0d 12 00 90 <0f> 0b e8 3a c9 c6 ff 90 0f 0b 90 e9 9b fe ff ff e8 2c c9 c6 ff 90
[ 1462.350396][T23342] RSP: 0018:ffffc90017bd7458 EFLAGS: 00010246
[ 1462.350412][T23342] RAX: 0000000000080000 RBX: 0000000000112c00 RCX: ffffc90011926000
[ 1462.350424][T23342] RDX: 0000000000080000 RSI: ffffffff82524068 RDI: ffff88801df5a944
[ 1462.350436][T23342] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[ 1462.350448][T23342] R10: 0000000000000001 R11: 1ffffffff1cbde81 R12: 0000000000000004
[ 1462.350460][T23342] R13: ffffea0000c99d40 R14: 0000000000000000 R15: 1ffff92002f7aeb5
[ 1462.350472][T23342] FS:  00007f648e83a6c0(0000) GS:ffff8881246d9000(0000) knlGS:0000000000000000
[ 1462.350491][T23342] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1462.350503][T23342] CR2: 00007f0f41ca1298 CR3: 0000000059d8b000 CR4: 00000000003526f0
[ 1462.350516][T23342] Call Trace:
[ 1462.350522][T23342]  <TASK>
[ 1462.350533][T23342]  ? __pfx___filemap_add_folio+0x10/0x10
[ 1462.350560][T23342]  filemap_add_folio+0x1d8/0x690
[ 1462.350581][T23342]  ? __pfx_filemap_add_folio+0x10/0x10
[ 1462.350606][T23342]  page_cache_ra_order+0x614/0xfe0
[ 1462.350629][T23342]  filemap_fault+0x1b56/0x37c0
[ 1462.350651][T23342]  ? __lock_acquire+0x4a5/0x2630
[ 1462.350670][T23342]  ? __pfx_filemap_fault+0x10/0x10
[ 1462.350695][T23342]  ? __pfx_filemap_map_pages+0x10/0x10
[ 1462.350721][T23342]  __do_fault+0x10d/0x550
[ 1462.350752][T23342]  do_fault+0xaf9/0x1990
[ 1462.350780][T23342]  __handle_mm_fault+0x1807/0x2b50
[ 1462.350801][T23342]  ? mt_find+0x45e/0x8e0
[ 1462.350824][T23342]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1462.350841][T23342]  ? __pfx_mt_find+0x10/0x10
[ 1462.350865][T23342]  handle_mm_fault+0x36d/0xa20
[ 1462.350883][T23342]  __get_user_pages+0xf9c/0x34d0
[ 1462.350909][T23342]  ? __pfx___get_user_pages+0x10/0x10
[ 1462.350934][T23342]  populate_vma_page_range+0x267/0x3f0
[ 1462.350960][T23342]  ? __pfx_populate_vma_page_range+0x10/0x10
[ 1462.350988][T23342]  ? __pfx_find_vma_intersection+0x10/0x10
[ 1462.351012][T23342]  ? do_mmap+0x93f/0x12f0
[ 1462.351039][T23342]  __mm_populate+0x107/0x3a0
[ 1462.351066][T23342]  ? __pfx___mm_populate+0x10/0x10
[ 1462.351094][T23342]  ? up_write+0x290/0x4f0
[ 1462.351113][T23342]  vm_mmap_pgoff+0x37f/0x470
[ 1462.351143][T23342]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 1462.351166][T23342]  ? __fget_files+0x215/0x3d0
[ 1462.351188][T23342]  ? __fget_files+0x21f/0x3d0
[ 1462.351210][T23342]  ksys_mmap_pgoff+0x328/0x5b0
[ 1462.351233][T23342]  ? kcov_ioctl+0x16a/0x720
[ 1462.351259][T23342]  __x64_sys_mmap+0x125/0x190
[ 1462.351281][T23342]  do_syscall_64+0xc9/0xf80
[ 1462.351303][T23342]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1462.351321][T23342] RIP: 0033:0x7f648d99aeb9
[ 1462.351336][T23342] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1462.351355][T23342] RSP: 002b:00007f648e83a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1462.351372][T23342] RAX: ffffffffffffffda RBX: 00007f648dc16090 RCX: 00007f648d99aeb9
[ 1462.351385][T23342] RDX: 0000000001000002 RSI: 0000000000b36000 RDI: 0000200000000000
[ 1462.351397][T23342] RBP: 00007f648da08c1f R08: 0000000000000004 R09: 000000002c93a000
[ 1462.351408][T23342] R10: 0000000000028011 R11: 0000000000000246 R12: 0000000000000000
[ 1462.351419][T23342] R13: 00007f648dc16128 R14: 00007f648dc16090 R15: 00007ffdcad732c8
[ 1462.351437][T23342]  </TASK>
[ 1462.351443][T23342] Modules linked in:
[ 1462.351456][T23342] ---[ end trace 0000000000000000 ]---
[ 1462.351466][T23342] RIP: 0010:__filemap_add_folio+0xf7f/0x1220
[ 1462.351490][T23342] Code: c9 c6 ff 48 c7 c6 a0 18 9d 8b 4c 89 ef e8 99 0d 12 00 90 0f 0b e8 51 c9 c6 ff 48 c7 c6 00 19 9d 8b 4c 89 ef e8 82 0d 12 00 90 <0f> 0b e8 3a c9 c6 ff 90 0f 0b 90 e9 9b fe ff ff e8 2c c9 c6 ff 90
[ 1462.351506][T23342] RSP: 0018:ffffc90017bd7458 EFLAGS: 00010246
[ 1462.351520][T23342] RAX: 0000000000080000 RBX: 0000000000112c00 RCX: ffffc90011926000
[ 1462.351531][T23342] RDX: 0000000000080000 RSI: ffffffff82524068 RDI: ffff88801df5a944
[ 1462.351543][T23342] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[ 1462.351554][T23342] R10: 0000000000000001 R11: 1ffffffff1cbde81 R12: 0000000000000004
[ 1462.351565][T23342] R13: ffffea0000c99d40 R14: 0000000000000000 R15: 1ffff92002f7aeb5
[ 1462.351579][T23342] FS:  00007f648e83a6c0(0000) GS:ffff8881246d9000(0000) knlGS:0000000000000000
[ 1462.351597][T23342] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1462.351609][T23342] CR2: 00007f0f41ca1298 CR3: 0000000059d8b000 CR4: 00000000003526f0
[ 1462.351622][T23342] Kernel panic - not syncing: Fatal exception
[ 1462.351948][T23342] Kernel Offset: disabled