last executing test programs:

7.036528665s ago: executing program 3 (id=1094):
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(0xffffffffffffffff, 0x0, 0x0)
r3 = syz_io_uring_setup(0x110, &(0x7f00000000c0)={0x0, 0x10, 0x0, 0x3}, &(0x7f0000000180)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
io_uring_register$IORING_REGISTER_FILES(r3, 0x2, &(0x7f0000000300)=[0xffffffffffffffff], 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[0xffffffffffffffff], 0x1, 0x0, 0x1})
io_uring_enter(r3, 0x47f6, 0x0, 0x0, 0x0, 0x0)

5.939859191s ago: executing program 2 (id=1096):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000200)="78cabf2dfb73fc020700000000000602258f2e440ab8f9e6aaeb1ae2f6e8bcb5ee52dc06249798093c5102a1bca0b646a7ce904f6e6b788b3219c233e60ddc36024a99a63e72572c9f9b06f96137c8af12b66cb08fc63b", 0x57}], 0x1}, 0x0)
r0 = socket$kcm(0x11, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000080)="1c0000006d0081044e81f782db1f4cb9041c1d08", 0x14}], 0x1}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.events\x00', 0x26e1, 0x0)
sendmsg$kcm(r0, &(0x7f00000001c0)={&(0x7f0000000100)=@phonet={0x23, 0x0, 0x0, 0xd}, 0x80, &(0x7f00000018c0)=[{&(0x7f0000000080)="27050200160014000600002f86dd", 0x5ea}], 0x1}, 0x0)

5.816954708s ago: executing program 3 (id=1098):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)={0x6c, r1, 0x5, 0x10000000, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x35, 0xe, {{{}, {}, @device_b, @broadcast, @from_mac}, 0x0, @random=0x4, 0x1, @void, @val, @val={0x3, 0x1, 0xb7}, @void, @void, @void, @void, @void, @void, @void, @val={0x72, 0x6}, @void, @void}}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_P2P_OPPPS={0x5}]}, 0x6c}}, 0x0)

5.619173493s ago: executing program 2 (id=1100):
syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
r0 = openat$nci(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r3=>0x0)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r3], 0x1c}}, 0x44)
write$nci(r0, &(0x7f0000000000)=@NCI_OP_CORE_CONN_CREDITS_NTF={0x0, 0x1, 0x3, 0x6, 0x7, {0x1, [{0x1, 0xac}]}}, 0x6)

5.570576704s ago: executing program 3 (id=1101):
r0 = syz_open_dev$swradio(&(0x7f0000000080), 0x0, 0x2)
clock_gettime(0x0, &(0x7f0000000380)={<r1=>0x0, <r2=>0x0})
ioctl$VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000400)=@fd={0x0, 0x7, 0x4, 0x20, 0xc, {r1, r2/1000+60000}, {0x3, 0x8, 0x8, 0x9, 0x2, 0x0, "a343236b"}, 0x5, 0x4, {}, 0x6})

5.015374213s ago: executing program 3 (id=1104):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0xd40, 0xd2)
close(r0)
socket$inet6(0xa, 0x5, 0x0)
r1 = socket$phonet_pipe(0x23, 0x5, 0x2)
mount$9p_fd(0x0, &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), 0x200000, &(0x7f0000000000)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

4.997483239s ago: executing program 0 (id=1105):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10)
setsockopt$SO_BINDTODEVICE_wg(r0, 0x1, 0x19, 0x0, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

4.799970189s ago: executing program 1 (id=1107):
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x28042, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x8042, 0x0)
fcntl$setlease(r0, 0x400, 0x1)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
fcntl$getflags(r0, 0x401)

4.716154742s ago: executing program 1 (id=1109):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in=@local, 0x0, 0x5, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff}, {0x0, 0xa20, 0x40800000000000, 0x800000000000002}}}, 0xb8}}, 0x0)
syz_emit_ethernet(0x52, &(0x7f0000000fc0)={@multicast, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "000980", 0x1c, 0x3c, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @local, {[@hopopts={0x33}], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

4.630591782s ago: executing program 1 (id=1110):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = dup(r3)
sendmsg$inet(r4, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001600)=[{&(0x7f0000000140)="be38", 0xffdf}], 0x1, &(0x7f0000000c80)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @private}}}, @ip_retopts={{0x1c, 0x0, 0x7, {[@timestamp={0x44, 0x4, 0x73}, @noop]}}}], 0x40}, 0x0)
read$char_usb(r4, 0x0, 0x0)

4.44350721s ago: executing program 2 (id=1111):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
setns(0xffffffffffffffff, 0x24020000)
pselect6(0x0, 0x0, 0x0, &(0x7f0000000080)={0xd, 0x3cae, 0xfffffffffffffffa, 0x7, 0x9, 0x9, 0x400, 0x1}, 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r3 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
setsockopt$ax25_int(r3, 0x101, 0x2, &(0x7f0000000040), 0x4)

2.960127796s ago: executing program 1 (id=1114):
socket$nl_route(0x10, 0x3, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x80040005, 0x0, 0x0, 0x40f00, 0x18, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl(r0, 0x8b1a, &(0x7f0000000040))

2.911882789s ago: executing program 0 (id=1115):
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000004, 0x28011, r2, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
ftruncate(r2, 0x796c)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)

2.911676192s ago: executing program 3 (id=1116):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
gettid()
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$sock_TIOCINQ(r3, 0x541b, &(0x7f00000005c0))

2.835392234s ago: executing program 4 (id=1117):
socketpair(0x1, 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x1b, 0x5, &(0x7f0000000580)=ANY=[@ANYRES8], 0x0, 0x5b4230ff, 0x0, 0x0, 0x41100, 0x2a, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xf739}, 0x94)
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @empty, 0xc7ec}, 0x1c)
r1 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000004c0)=ANY=[@ANYBLOB="581b0800", @ANYRES16, @ANYBLOB="04002dbd7000f2dbdf254f0000000c00839ced540000680000004c007a8008000400000000181c000200134ecc4d908540c3c8630b918a29360800040004005111335ced5fd94e0800040009000000080004000300000048007a801400010003d869f47d8c428eaa74b31794b4b314b5000400000000000c0003004180081ee4f88f1a080004000c0000000c0003007858754e3c504054080004000800000004007a8020007a800800040005000000140002002929590c"], 0xd8}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x9521, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0x5dc}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)

2.783361025s ago: executing program 2 (id=1118):

2.783102676s ago: executing program 1 (id=1119):
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x17, 0x0, 0x0, &(0x7f00000001c0)='GPL\x00', 0xfffffffc, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @cgroup_sysctl, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000600)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18)
accept4(r0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0, r4}, 0x18)
r5 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0x5867, 0x10, 0xfffffffc, 0x24d}, &(0x7f00000006c0)=<r6=>0x0, &(0x7f00000001c0)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f00000002c0)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x4007, @fd_index=0x4, 0x0, &(0x7f0000000100)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r5, 0x100847c0, 0x0, 0x1, 0x0, 0x0)

2.608304739s ago: executing program 2 (id=1120):
r0 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040), 0x10)
listen(r0, 0x0)
r1 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080), 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000280)="fbb9666385", 0x5}], 0x1)
setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000140)={0x1, 0x9}, 0x8)
close(r1)

2.608145836s ago: executing program 0 (id=1121):
sched_setscheduler(0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="040e0c003920"], 0xf)

2.247022453s ago: executing program 4 (id=1122):
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x129d02, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(r0, 0x40085112, &(0x7f00000001c0)=@e={0xff, 0xa, 0xc, 0x2, @SEQ_CONTROLLER=0xfe, 0x8, 0x6, 0x5})

2.127794616s ago: executing program 4 (id=1123):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x14)

1.943805323s ago: executing program 4 (id=1124):
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
close(0x3)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$kcm(0x29, 0x2, 0x0)
r5 = memfd_create(&(0x7f0000000000)='e\xf4E\x88-\x00', 0x0)
pwritev(r5, &(0x7f00000003c0)=[{&(0x7f0000000280)="111ec20239e2", 0x6}], 0x1, 0x4000001, 0x0)
sendfile(r4, r5, 0x0, 0x8000fb00)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0xc0185879, 0x0)

1.639836569s ago: executing program 3 (id=1125):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x218, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket(0x26, 0x4, 0x0)
r3 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r3, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0)
ioctl$BLKZEROOUT(r3, 0x127f, &(0x7f00000000c0)={0x4000, 0x80600})
dup(0xffffffffffffffff)

955.927502ms ago: executing program 0 (id=1126):
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x6, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000100001ff00000000000000000000000a2c000000050a01020000000000000000020000000900030073797a32000000000900010073797a300000000014000000020a031747d214"], 0x68}, 0x1, 0x0, 0x0, 0x4006000}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x1b, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000b000000000000000000000a20000000000a0300000000f5ffffff00010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f08000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xe8}}, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[], 0xe8}}, 0x8040)

892.945602ms ago: executing program 4 (id=1127):
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000040)='hybla\x00', 0x6)
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_CLEAR_HALT(r0, 0xc0105502, &(0x7f0000000300)={0x1, 0x1})

787.854712ms ago: executing program 2 (id=1128):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xffffffff}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r4=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r3, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r4, 0x0, <r5=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_REPLACE(r3, 0x3ba0, &(0x7f0000000800)={0x48, 0xa, r5, 0x0, r4})

731.858953ms ago: executing program 0 (id=1129):
r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x8042, 0x0)
fcntl$setlease(r0, 0x400, 0x1)
openat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x183203, 0x0)
fcntl$setlease(r0, 0x400, 0x1)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x3, 0x7fff7ffc}]})
close_range(r1, 0xffffffffffffffff, 0x0)

456.50306ms ago: executing program 4 (id=1130):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000340)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0x2c, 0x24, 0xd0f, 0x70bd25, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xa}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8004004}, 0x44080)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)=@newqdisc={0x30, 0x24, 0xd0f, 0x70bd29, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffe0, 0xa}, {0x2, 0x10}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0xc051}, 0x4800)

96.387447ms ago: executing program 1 (id=1131):
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
prlimit64(r0, 0xe, &(0x7f0000000140)={0x800, 0x20000008a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
prctl$PR_SET_IO_FLUSHER(0x43, 0x1)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000400)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f0000000180)={0x0, 0xb9b, 0x10, 0x3, 0x3}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
r4 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000040)={r4, r4, r4}, 0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={'sha224\x00'}})

0s ago: executing program 0 (id=1132):
r0 = fsopen(&(0x7f0000000100)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
lseek(r2, 0xfffffffffdfffff5, 0x0)

kernel console output (not intermixed with test programs):

8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  257.022469][ T8076] RSP: 002b:00007f4489b6b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  257.022481][ T8076] RAX: ffffffffffffffda RBX: 00007f4488fb5fa0 RCX: 00007f4488d8e929
[  257.022488][ T8076] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  257.022494][ T8076] RBP: 00007f4489b6b090 R08: 0000000000000000 R09: 0000000000000000
[  257.022500][ T8076] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  257.022506][ T8076] R13: 0000000000000000 R14: 00007f4488fb5fa0 R15: 00007ffcd7d8bda8
[  257.022520][ T8076]  </TASK>
[  257.197246][ T8077] trusted_key: encrypted_key: insufficient parameters specified
[  257.216803][ T8079] usb usb1: usbfs: interface 0 claimed by hub while 'syz.0.579' sets config #-511
[  257.266800][ T5888] usb 5-1: USB disconnect, device number 14
[  257.275463][ T5888] ldusb 5-1:0.0: LD USB Device #0 now disconnected
[  257.325317][ T5895] usb 4-1: new full-speed USB device number 18 using dummy_hcd
[  257.455135][ T5895] usb 4-1: device descriptor read/64, error -71
[  257.568378][ T5895] usb usb4-port1: attempt power cycle
[  257.867587][ T8090] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  257.892059][ T8090] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  257.932456][ T8093] netlink: 'syz.4.582': attribute type 39 has an invalid length.
[  257.984867][ T5895] usb 4-1: new full-speed USB device number 19 using dummy_hcd
[  258.015884][ T5895] usb 4-1: device descriptor read/8, error -71
[  258.254865][ T5895] usb 4-1: new full-speed USB device number 20 using dummy_hcd
[  258.291457][ T5895] usb 4-1: device descriptor read/8, error -71
[  258.339827][   T30] audit: type=1400 audit(2000000110.142:398): avc:  denied  { read } for  pid=8096 comm="syz.0.585" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  258.406652][ T5895] usb usb4-port1: unable to enumerate USB device
[  259.475739][ T5827] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  259.634825][ T5827] usb 2-1: Using ep0 maxpacket: 32
[  259.643502][ T5827] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  259.757648][ T5827] usb 2-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  259.757715][ T5827] usb 2-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  259.757759][ T5827] usb 2-1: Product: syz
[  259.757798][ T5827] usb 2-1: Manufacturer: syz
[  259.757838][ T5827] usb 2-1: SerialNumber: syz
[  259.967403][ T5827] usb 2-1: config 0 descriptor??
[  259.969278][ T8112] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  259.996245][ T5827] hub 2-1:0.0: bad descriptor, ignoring hub
[  259.996282][ T5827] hub 2-1:0.0: probe with driver hub failed with error -5
[  260.168558][ T8127] trusted_key: encrypted_key: insufficient parameters specified
[  260.266105][ T5827] usb 2-1: USB disconnect, device number 22
[  260.434004][   T30] audit: type=1400 audit(2000000112.182:399): avc:  denied  { name_bind } for  pid=8110 comm="syz.1.589" src=18464 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  260.571078][   T30] audit: type=1400 audit(2000000112.302:400): avc:  denied  { ioctl } for  pid=8117 comm="syz.2.592" path="socket:[16515]" dev="sockfs" ino=16515 ioctlcmd=0x7453 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  261.415537][ T8139] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.595' sets config #-511
[  261.694956][ T5827] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  261.728406][ T8149] input: syz0 as /devices/virtual/input/input11
[  261.865142][ T5827] usb 4-1: Using ep0 maxpacket: 32
[  261.878192][ T5827] usb 4-1: config 0 has an invalid interface number: 35 but max is 0
[  261.887366][ T5827] usb 4-1: config 0 has no interface number 0
[  261.908214][ T5827] usb 4-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f
[  261.918465][ T5827] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  261.944539][ T5827] usb 4-1: Product: syz
[  262.023729][ T8153] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  262.036244][ T5827] usb 4-1: Manufacturer: syz
[  262.044273][ T5827] usb 4-1: SerialNumber: syz
[  262.053514][ T8153] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  262.062127][ T5827] usb 4-1: config 0 descriptor??
[  262.281802][ T5827] radio-si470x 4-1:0.35: this is not a si470x device.
[  262.291296][ T8145] netlink: 'syz.0.598': attribute type 10 has an invalid length.
[  262.336125][ T8145] bridge0: port 2(bridge_slave_1) entered disabled state
[  262.343906][ T8145] bridge0: port 1(bridge_slave_0) entered disabled state
[  262.928456][ T8145] bridge0: port 2(bridge_slave_1) entered blocking state
[  262.935734][ T8145] bridge0: port 2(bridge_slave_1) entered forwarding state
[  262.943975][ T8145] bridge0: port 1(bridge_slave_0) entered blocking state
[  262.951829][ T8145] bridge0: port 1(bridge_slave_0) entered forwarding state
[  263.101929][ T8145] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  263.199326][ T8154] bridge_slave_1: left allmulticast mode
[  263.206719][ T5827] radio-raremono 4-1:0.35: Thanko's Raremono connected: (10C4:818A)
[  263.234962][ T8154] bridge_slave_1: left promiscuous mode
[  263.240778][ T8154] bridge0: port 2(bridge_slave_1) entered disabled state
[  263.302220][ T8154] bridge_slave_0: left allmulticast mode
[  263.333879][ T8154] bridge_slave_0: left promiscuous mode
[  263.396908][ T5827] radio-raremono 4-1:0.35: raremono_cmd_main failed (-71)
[  263.408887][ T8154] bridge0: port 1(bridge_slave_0) entered disabled state
[  263.417632][ T5827] radio-raremono 4-1:0.35: V4L2 device registered as radio48
[  263.517100][ T5827] usb 4-1: USB disconnect, device number 21
[  263.559496][ T5827] radio-raremono 4-1:0.35: Thanko's Raremono disconnected
[  264.164868][   T43] SELinux: failure in sel_netif_sid_slow(), invalid network interface (13)
[  264.408820][ T8154] bond0: (slave bridge0): Releasing backup interface
[  264.645192][  T838] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  265.134375][  T838] usb 5-1: Using ep0 maxpacket: 16
[  265.172622][  T838] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  265.204716][  T838] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  265.214546][  T838] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  265.227802][  T838] usb 5-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  265.236893][  T838] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  265.252932][  T838] usb 5-1: config 0 descriptor??
[  265.883875][ T8192] random: crng reseeded on system resumption
[  265.890175][   T30] audit: type=1400 audit(2000000117.643:401): avc:  denied  { read write } for  pid=8176 comm="syz.4.606" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  266.120710][   T30] audit: type=1400 audit(2000000117.643:402): avc:  denied  { ioctl } for  pid=8176 comm="syz.4.606" path="/dev/snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  266.605606][ T8199] usb usb1: usbfs: interface 0 claimed by hub while 'syz.3.612' sets config #-511
[  266.712122][  T838] input: HID 0955:7214 Haptics as /devices/virtual/input/input12
[  267.829128][ T8214] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[  267.858706][  T838] shield 0003:0955:7214.0007: Registered Thunderstrike controller
[  267.885256][  T838] shield 0003:0955:7214.0007: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.4-1/input0
[  267.923560][ T8214] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  268.098038][   T30] audit: type=1400 audit(2000000119.903:403): avc:  denied  { write } for  pid=8218 comm="syz.2.616" path="socket:[16680]" dev="sockfs" ino=16680 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  268.265378][ T5915] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  268.431361][ T8226] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  268.434266][ T5915] usb 4-1: Using ep0 maxpacket: 8
[  268.444602][ T8226] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  268.448916][ T5915] usb 4-1: config index 0 descriptor too short (expected 73, got 45)
[  268.462910][ T5915] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  268.614018][ T5895] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  268.664197][ T5827] shield 0003:0955:7214.0007: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  268.683284][   T10] usb 5-1: USB disconnect, device number 15
[  268.767000][ T5827] shield 0003:0955:7214.0007: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  268.809851][ T5915] usb 4-1: config 0 has no interfaces?
[  268.815974][ T5827] shield 0003:0955:7214.0007: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  268.828318][ T5827] shield 0003:0955:7214.0007: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  268.841289][ T5915] usb 4-1: New USB device found, idVendor=05da, idProduct=0099, bcdDevice=d5.82
[  268.924998][ T5895] usb 2-1: Using ep0 maxpacket: 32
[  268.933065][ T5915] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  268.965522][ T5895] usb 2-1: config 0 has an invalid interface number: 35 but max is 0
[  268.999758][ T5915] usb 4-1: Product: syz
[  269.004401][ T5895] usb 2-1: config 0 has no interface number 0
[  269.016953][ T5915] usb 4-1: Manufacturer: syz
[  269.022200][ T5895] usb 2-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f
[  269.041952][ T5915] usb 4-1: SerialNumber: syz
[  269.046867][ T5895] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  269.052721][ T5915] usb 4-1: config 0 descriptor??
[  269.178194][ T5895] usb 2-1: Product: syz
[  269.182873][ T5895] usb 2-1: Manufacturer: syz
[  269.204459][ T5895] usb 2-1: SerialNumber: syz
[  269.220071][ T5895] usb 2-1: config 0 descriptor??
[  269.564620][ T5895] radio-si470x 2-1:0.35: this is not a si470x device.
[  269.783460][ T5895] radio-raremono 2-1:0.35: this is not Thanko's Raremono.
[  269.796438][   T30] audit: type=1400 audit(2000000121.533:404): avc:  denied  { ioctl } for  pid=8232 comm="syz.0.620" path="socket:[15751]" dev="sockfs" ino=15751 ioctlcmd=0x89e8 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  269.965361][ T5895] usb 2-1: USB disconnect, device number 23
[  270.565643][   T30] audit: type=1400 audit(2000000122.373:405): avc:  denied  { create } for  pid=8247 comm="syz.4.623" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  270.594683][ T5915] usb 4-1: USB disconnect, device number 22
[  270.982345][   T30] audit: type=1400 audit(2000000122.373:406): avc:  denied  { bind } for  pid=8247 comm="syz.4.623" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  271.064128][   T30] audit: type=1400 audit(2000000122.373:407): avc:  denied  { bind } for  pid=8247 comm="syz.4.623" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  271.973843][ T8267] netlink: 8 bytes leftover after parsing attributes in process `syz.3.629'.
[  272.071816][ T8272] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  272.147308][ T8272] syzkaller0: entered promiscuous mode
[  272.184268][ T8272] syzkaller0: entered allmulticast mode
[  272.297476][ T8272] xt_socket: unknown flags 0xc
[  272.743715][ T8285] random: crng reseeded on system resumption
[  273.065249][ T5895] tipc: Node number set to 1829805580
[  273.127956][ T8295] netlink: 20 bytes leftover after parsing attributes in process `syz.2.637'.
[  273.341331][ T8300] FAULT_INJECTION: forcing a failure.
[  273.341331][ T8300] name failslab, interval 1, probability 0, space 0, times 0
[  273.354533][ T8300] CPU: 0 UID: 0 PID: 8300 Comm: syz.3.638 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) 
[  273.354559][ T8300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  273.354570][ T8300] Call Trace:
[  273.354576][ T8300]  <TASK>
[  273.354583][ T8300]  dump_stack_lvl+0x16c/0x1f0
[  273.354615][ T8300]  should_fail_ex+0x512/0x640
[  273.354640][ T8300]  ? __kmalloc_noprof+0xbf/0x510
[  273.354669][ T8300]  ? vmalloc_info_show+0x74/0xcf0
[  273.354694][ T8300]  should_failslab+0xc2/0x120
[  273.354722][ T8300]  __kmalloc_noprof+0xd2/0x510
[  273.354751][ T8300]  vmalloc_info_show+0x74/0xcf0
[  273.354777][ T8300]  ? seq_read_iter+0x826/0x12c0
[  273.354807][ T8300]  seq_read_iter+0x509/0x12c0
[  273.354840][ T8300]  proc_reg_read_iter+0x220/0x310
[  273.354871][ T8300]  vfs_read+0x8bc/0xc60
[  273.354901][ T8300]  ? __pfx_vfs_read+0x10/0x10
[  273.354921][ T8300]  ? find_held_lock+0x2b/0x80
[  273.354964][ T8300]  __x64_sys_pread64+0x1eb/0x250
[  273.354989][ T8300]  ? __pfx___x64_sys_pread64+0x10/0x10
[  273.355021][ T8300]  do_syscall_64+0xcd/0x4c0
[  273.355049][ T8300]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  273.355067][ T8300] RIP: 0033:0x7f63d758e929
[  273.355082][ T8300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  273.355098][ T8300] RSP: 002b:00007f63d8497038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[  273.355116][ T8300] RAX: ffffffffffffffda RBX: 00007f63d77b6160 RCX: 00007f63d758e929
[  273.355127][ T8300] RDX: 00000000000000c8 RSI: 00002000000001c0 RDI: 0000000000000006
[  273.355138][ T8300] RBP: 00007f63d8497090 R08: 0000000000000000 R09: 0000000000000000
[  273.355148][ T8300] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  273.355159][ T8300] R13: 0000000000000000 R14: 00007f63d77b6160 R15: 00007ffd0ee51f98
[  273.355184][ T8300]  </TASK>
[  276.454007][ T8318] 9pnet_virtio: no channels available for device syz
[  276.937818][ T8322] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.643' sets config #-511
[  279.561994][ T8342] trusted_key: encrypted_key: insufficient parameters specified
[  281.055074][ T8369] usb usb1: usbfs: interface 0 claimed by hub while 'syz.0.654' sets config #-511
[  282.003475][   T43] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  282.169583][   T43] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  282.224910][   T43] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  282.520946][   T43] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  282.531355][   T43] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  282.546110][   T43] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  282.556082][   T43] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  282.565328][   T43] usb 2-1: Manufacturer: syz
[  282.580534][   T43] usb 2-1: config 0 descriptor??
[  282.663349][   T30] audit: type=1400 audit(2000000134.464:408): avc:  denied  { append } for  pid=8386 comm="syz.2.660" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  282.907488][   T30] audit: type=1400 audit(2000000134.714:409): avc:  denied  { bind } for  pid=8393 comm="syz.3.662" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  282.992681][   T43] appleir 0003:05AC:8243.0008: item fetching failed at offset 0/1
[  283.033510][   T30] audit: type=1400 audit(2000000134.804:410): avc:  denied  { ioctl } for  pid=8397 comm="syz.3.664" path="socket:[16937]" dev="sockfs" ino=16937 ioctlcmd=0x9410 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  283.101237][   T43] appleir 0003:05AC:8243.0008: parse failed
[  283.281936][   T43] appleir 0003:05AC:8243.0008: probe with driver appleir failed with error -22
[  283.521923][   T30] audit: type=1400 audit(2000000134.824:411): avc:  denied  { block_suspend } for  pid=8397 comm="syz.3.664" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  283.559391][   T43] usb 2-1: USB disconnect, device number 24
[  283.624934][ T8406] FAULT_INJECTION: forcing a failure.
[  283.624934][ T8406] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  283.639505][ T8406] CPU: 0 UID: 0 PID: 8406 Comm: syz.2.665 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) 
[  283.639531][ T8406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  283.639542][ T8406] Call Trace:
[  283.639548][ T8406]  <TASK>
[  283.639554][ T8406]  dump_stack_lvl+0x16c/0x1f0
[  283.639586][ T8406]  should_fail_ex+0x512/0x640
[  283.639612][ T8406]  _copy_to_user+0x32/0xd0
[  283.639631][ T8406]  iommufd_ioas_alloc_ioctl+0x23c/0x400
[  283.639650][ T8406]  iommufd_fops_ioctl+0x33f/0x4e0
[  283.639666][ T8406]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  283.639683][ T8406]  ? hook_file_ioctl_common+0x145/0x410
[  283.639706][ T8406]  ? selinux_file_ioctl+0x180/0x270
[  283.639730][ T8406]  ? selinux_file_ioctl+0xb4/0x270
[  283.639754][ T8406]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[  283.639778][ T8406]  __x64_sys_ioctl+0x18e/0x210
[  283.639800][ T8406]  do_syscall_64+0xcd/0x4c0
[  283.639818][ T8406]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  283.639830][ T8406] RIP: 0033:0x7f5d93f8e929
[  283.639840][ T8406] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  283.639851][ T8406] RSP: 002b:00007f5d94e33038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  283.639862][ T8406] RAX: ffffffffffffffda RBX: 00007f5d941b6080 RCX: 00007f5d93f8e929
[  283.639869][ T8406] RDX: 0000200000000100 RSI: 0000000000003b81 RDI: 0000000000000006
[  283.639875][ T8406] RBP: 00007f5d94e33090 R08: 0000000000000000 R09: 0000000000000000
[  283.639881][ T8406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  283.639887][ T8406] R13: 0000000000000000 R14: 00007f5d941b6080 R15: 00007fff0618fb78
[  283.639901][ T8406]  </TASK>
[  283.700754][ T8406] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  283.888155][   T30] audit: type=1400 audit(2000000135.684:412): avc:  denied  { write } for  pid=8402 comm="syz.2.665" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  284.003354][   T10] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  284.646254][   T10] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  284.657124][   T10] usb 4-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  284.672738][ T8418] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.668' sets config #-511
[  284.702347][   T10] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66
[  284.730982][   T10] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  284.738543][ T8420] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  284.745804][   T10] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  284.787541][   T10] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  284.833394][ T8420] batman_adv: batadv0: Removing interface: batadv_slave_0
[  284.860113][   T10] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  284.903615][ T8420] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  284.912484][   T10] usb 4-1: Product: syz
[  284.918242][   T10] usb 4-1: Manufacturer: syz
[  284.924699][ T8420] batman_adv: batadv0: Removing interface: batadv_slave_1
[  284.937848][   T10] cdc_wdm 4-1:1.0: skipping garbage
[  284.946277][   T10] cdc_wdm 4-1:1.0: skipping garbage
[  284.948896][ T8428] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.669'.
[  284.953104][   T10] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[  284.967591][   T10] cdc_wdm 4-1:1.0: Unknown control protocol
[  285.506104][ T8432] block nbd0: shutting down sockets
[  285.984672][ T8420] 9pnet_fd: Insufficient options for proto=fd
[  286.032836][ T8435] loop9: detected capacity change from 0 to 8
[  286.050417][ T6062] Dev loop9: unable to read RDB block 8
[  286.058928][ T6062]  loop9: unable to read partition table
[  286.066944][ T6062] loop9: partition table beyond EOD, truncated
[  286.084400][ T8435] Dev loop9: unable to read RDB block 8
[  286.094306][ T8435]  loop9: unable to read partition table
[  286.100476][ T8435] loop9: partition table beyond EOD, truncated
[  286.116264][ T8435] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  286.522422][ T8440] loop4: detected capacity change from 0 to 7
[  286.538035][ T5831] Dev loop4: unable to read RDB block 7
[  286.550551][ T5831]  loop4: unable to read partition table
[  286.564882][ T5831] loop4: partition table beyond EOD, truncated
[  286.595296][ T8440] Dev loop4: unable to read RDB block 7
[  286.604844][ T8440]  loop4: unable to read partition table
[  286.619418][ T8440] loop4: partition table beyond EOD, truncated
[  286.643234][ T8440] loop_reread_partitions: partition scan of loop4 (þ被xü—ŸÑà– ) failed (rc=-5)
[  288.035797][ T5202] Dev loop4: unable to read RDB block 7
[  288.036834][ T8445] netlink: 8 bytes leftover after parsing attributes in process `syz.0.676'.
[  288.051678][ T5202]  loop4: unable to read partition table
[  288.062041][ T5202] loop4: partition table beyond EOD, truncated
[  288.064754][   T30] audit: type=1400 audit(2000000139.874:413): avc:  denied  { read } for  pid=8462 comm="syz.4.681" name="usbmon7" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  288.095684][   T30] audit: type=1400 audit(2000000139.874:414): avc:  denied  { open } for  pid=8462 comm="syz.4.681" path="/dev/usbmon7" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  288.122345][   T30] audit: type=1400 audit(2000000139.904:415): avc:  denied  { map } for  pid=8462 comm="syz.4.681" path="/dev/usbmon7" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  288.145849][    C0] vkms_vblank_simulate: vblank timer overrun
[  288.170277][   T30] audit: type=1400 audit(2000000139.904:416): avc:  denied  { execute } for  pid=8462 comm="syz.4.681" path="/dev/usbmon7" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  288.194194][    C0] vkms_vblank_simulate: vblank timer overrun
[  288.614524][   T30] audit: type=1400 audit(2000000140.044:417): avc:  denied  { cmd } for  pid=8460 comm="syz.1.680" path="socket:[16236]" dev="sockfs" ino=16236 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  289.045498][   T43] usb 4-1: USB disconnect, device number 23
[  289.053107][ T5202] Dev loop4: unable to read RDB block 7
[  289.059870][ T5202]  loop4: unable to read partition table
[  289.067325][ T5202] loop4: partition table beyond EOD, truncated
[  289.198112][ T8470] netlink: 4388 bytes leftover after parsing attributes in process `syz.0.683'.
[  289.322909][   T30] audit: type=1400 audit(2000000141.124:418): avc:  denied  { mount } for  pid=8472 comm="syz.2.685" name="/" dev="autofs" ino=16259 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  289.345476][    C0] vkms_vblank_simulate: vblank timer overrun
[  289.383056][  T838] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  289.853521][  T838] usb 5-1: device descriptor read/64, error -71
[  289.923070][   T43] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  290.103007][   T43] usb 1-1: Using ep0 maxpacket: 32
[  290.109680][   T43] usb 1-1: config 0 has an invalid interface number: 35 but max is 0
[  290.113009][  T838] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  290.118108][   T43] usb 1-1: config 0 has no interface number 0
[  290.135743][   T43] usb 1-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f
[  290.144986][   T43] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  290.153133][   T43] usb 1-1: Product: syz
[  290.160435][   T30] audit: type=1400 audit(2000000141.964:419): avc:  denied  { unmount } for  pid=5839 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  290.163624][   T43] usb 1-1: Manufacturer: syz
[  290.180393][    C0] vkms_vblank_simulate: vblank timer overrun
[  290.193392][   T43] usb 1-1: SerialNumber: syz
[  290.233721][   T43] usb 1-1: config 0 descriptor??
[  290.298349][  T838] usb 5-1: device descriptor read/64, error -71
[  290.341593][   T30] audit: type=1400 audit(2000000142.144:420): avc:  denied  { read } for  pid=8487 comm="syz.2.688" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  290.360973][    C0] vkms_vblank_simulate: vblank timer overrun
[  290.364835][ T8491] hsr0 speed is unknown, defaulting to 1000
[  290.375716][ T8491] hsr0 speed is unknown, defaulting to 1000
[  290.391262][ T8491] hsr0 speed is unknown, defaulting to 1000
[  290.431179][  T838] usb usb5-port1: attempt power cycle
[  290.432394][ T8491] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  290.455094][ T8491] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  290.457138][   T43] radio-si470x 1-1:0.35: this is not a si470x device.
[  290.495668][   T43] radio-raremono 1-1:0.35: this is not Thanko's Raremono.
[  290.520735][   T43] usb 1-1: USB disconnect, device number 20
[  290.522142][ T8491] hsr0 speed is unknown, defaulting to 1000
[  290.540903][ T8491] hsr0 speed is unknown, defaulting to 1000
[  290.550988][ T8491] hsr0 speed is unknown, defaulting to 1000
[  290.558656][ T8491] hsr0 speed is unknown, defaulting to 1000
[  290.574569][ T8491] hsr0 speed is unknown, defaulting to 1000
[  290.653114][ T5888] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  290.773004][  T838] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  290.793534][  T838] usb 5-1: device descriptor read/8, error -71
[  290.822989][ T5888] usb 4-1: Using ep0 maxpacket: 16
[  290.830063][ T5888] usb 4-1: config 0 has an invalid interface number: 198 but max is 0
[  290.838361][ T5888] usb 4-1: config 0 has no interface number 0
[  290.847510][ T5888] usb 4-1: New USB device found, idVendor=1a0a, idProduct=0101, bcdDevice=30.1d
[  290.856705][ T5888] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  290.864943][ T5888] usb 4-1: Product: syz
[  290.869160][ T5888] usb 4-1: Manufacturer: syz
[  290.873933][ T5888] usb 4-1: SerialNumber: syz
[  290.893567][ T5888] usb 4-1: config 0 descriptor??
[  290.911643][ T5888] usb_ehset_test 4-1:0.198: probe with driver usb_ehset_test failed with error -32
[  291.043046][  T838] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  291.069332][  T838] usb 5-1: device descriptor read/8, error -71
[  291.121972][   T10] usb 4-1: USB disconnect, device number 24
[  291.196270][ T8502] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  291.205634][ T8502] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  291.217700][ T8502] overlayfs: missing 'lowerdir'
[  291.241048][  T838] usb usb5-port1: unable to enumerate USB device
[  291.719069][   T30] audit: type=1400 audit(2000000143.524:421): avc:  denied  { ioctl } for  pid=8512 comm="syz.3.694" path="/137/file0" dev="tmpfs" ino=781 ioctlcmd=0x8983 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  292.154087][ T8514] relay: one or more items not logged [item size (56) > sub-buffer size (10)]
[  292.452945][ T5888] usb 1-1: new full-speed USB device number 21 using dummy_hcd
[  292.675433][ T5888] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  292.683997][ T5888] usb 1-1: config 0 has no interface number 0
[  292.712664][ T5888] usb 1-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[  292.787794][ T8522] netlink: 203516 bytes leftover after parsing attributes in process `syz.3.697'.
[  292.798151][ T8522] openvswitch: netlink: ufid size 3068 bytes exceeds the range (1, 16)
[  292.810436][ T8522] openvswitch: netlink: Duplicate key (type 0).
[  292.822494][ T5888] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  292.953424][ T5888] usb 1-1: config 0 descriptor??
[  293.057009][ T5888] usb 1-1: selecting invalid altsetting 1
[  293.067500][ T5888] dvb_ttusb_budget: ttusb_init_controller: error
[  293.220681][ T5888] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[  293.239102][   T30] audit: type=1400 audit(2000000145.044:422): avc:  denied  { watch_reads } for  pid=8515 comm="syz.0.695" path="pipe:[16311]" dev="pipefs" ino=16311 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  293.291082][ T8525] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  293.298439][ T8524] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  293.556845][ T5888] DVB: Unable to find symbol cx22700_attach()
[  294.763040][ T5888] DVB: Unable to find symbol tda10046_attach()
[  294.845124][ T5888] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[  294.880674][ T5888] usb 1-1: USB disconnect, device number 21
[  295.208155][ T8538] FAULT_INJECTION: forcing a failure.
[  295.208155][ T8538] name failslab, interval 1, probability 0, space 0, times 0
[  295.221318][ T8538] CPU: 1 UID: 0 PID: 8538 Comm: syz.3.699 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) 
[  295.221344][ T8538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  295.221356][ T8538] Call Trace:
[  295.221362][ T8538]  <TASK>
[  295.221369][ T8538]  dump_stack_lvl+0x16c/0x1f0
[  295.221402][ T8538]  should_fail_ex+0x512/0x640
[  295.221427][ T8538]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  295.221455][ T8538]  should_failslab+0xc2/0x120
[  295.221482][ T8538]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  295.221505][ T8538]  ? ktime_get_coarse_real_ts64_mg+0x240/0x300
[  295.221525][ T8538]  ? __d_alloc+0x31/0xaa0
[  295.221546][ T8538]  __d_alloc+0x31/0xaa0
[  295.221566][ T8538]  d_alloc_pseudo+0x1c/0xc0
[  295.221604][ T8538]  alloc_file_pseudo+0xcf/0x230
[  295.221626][ T8538]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  295.221652][ T8538]  ioctx_alloc+0x5ab/0x2120
[  295.221677][ T8538]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  295.221713][ T8538]  ? find_held_lock+0x2b/0x80
[  295.221736][ T8538]  ? __pfx_ioctx_alloc+0x10/0x10
[  295.221758][ T8538]  ? __might_fault+0x13b/0x190
[  295.221790][ T8538]  __x64_sys_io_setup+0xc9/0x210
[  295.221816][ T8538]  do_syscall_64+0xcd/0x4c0
[  295.221844][ T8538]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  295.221862][ T8538] RIP: 0033:0x7f63d758e929
[  295.221878][ T8538] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  295.221895][ T8538] RSP: 002b:00007f63d8497038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce
[  295.221913][ T8538] RAX: ffffffffffffffda RBX: 00007f63d77b6160 RCX: 00007f63d758e929
[  295.221924][ T8538] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000003
[  295.221935][ T8538] RBP: 00007f63d8497090 R08: 0000000000000000 R09: 0000000000000000
[  295.221946][ T8538] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  295.221956][ T8538] R13: 0000000000000000 R14: 00007f63d77b6160 R15: 00007ffd0ee51f98
[  295.221982][ T8538]  </TASK>
[  297.068821][ T8546] sd 0:0:1:0: PR command failed: 1026
[  297.074628][ T8546] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  297.081575][ T8546] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  297.102925][   T30] audit: type=1400 audit(2000000148.875:423): avc:  denied  { read } for  pid=8533 comm="syz.1.698" name="file0" dev="fuse" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  297.563204][   T30] audit: type=1400 audit(2000000148.875:424): avc:  denied  { open } for  pid=8533 comm="syz.1.698" path="/137/file0/file0" dev="fuse" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  297.590413][   T30] audit: type=1400 audit(2000000148.875:425): avc:  denied  { ioctl } for  pid=8533 comm="syz.1.698" path="/137/file0/file0" dev="fuse" ino=3 ioctlcmd=0x70c9 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  298.482095][ T8554] netlink: 24 bytes leftover after parsing attributes in process `syz.3.703'.
[  298.574751][ T8559] FAULT_INJECTION: forcing a failure.
[  298.574751][ T8559] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  298.625114][ T8559] CPU: 0 UID: 0 PID: 8559 Comm: syz.1.705 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) 
[  298.625143][ T8559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  298.625153][ T8559] Call Trace:
[  298.625159][ T8559]  <TASK>
[  298.625167][ T8559]  dump_stack_lvl+0x16c/0x1f0
[  298.625201][ T8559]  should_fail_ex+0x512/0x640
[  298.625234][ T8559]  _copy_to_user+0x32/0xd0
[  298.625264][ T8559]  simple_read_from_buffer+0xcb/0x170
[  298.625292][ T8559]  proc_fail_nth_read+0x197/0x270
[  298.625317][ T8559]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  298.625342][ T8559]  ? rw_verify_area+0xcf/0x680
[  298.625362][ T8559]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  298.625384][ T8559]  vfs_read+0x1e1/0xc60
[  298.625410][ T8559]  ? __pfx___mutex_lock+0x10/0x10
[  298.625436][ T8559]  ? __pfx_vfs_read+0x10/0x10
[  298.625466][ T8559]  ? __fget_files+0x20e/0x3c0
[  298.625499][ T8559]  ksys_read+0x12a/0x250
[  298.625522][ T8559]  ? __pfx_ksys_read+0x10/0x10
[  298.625552][ T8559]  do_syscall_64+0xcd/0x4c0
[  298.625593][ T8559]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.625612][ T8559] RIP: 0033:0x7f9b5a18d33c
[  298.625627][ T8559] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  298.625644][ T8559] RSP: 002b:00007f9b5af42030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  298.625662][ T8559] RAX: ffffffffffffffda RBX: 00007f9b5a3b5fa0 RCX: 00007f9b5a18d33c
[  298.625674][ T8559] RDX: 000000000000000f RSI: 00007f9b5af420a0 RDI: 0000000000000005
[  298.625685][ T8559] RBP: 00007f9b5af42090 R08: 0000000000000000 R09: 0000000000000000
[  298.625695][ T8559] R10: 0000200000000380 R11: 0000000000000246 R12: 0000000000000001
[  298.625706][ T8559] R13: 0000000000000000 R14: 00007f9b5a3b5fa0 R15: 00007ffdb5c40068
[  298.625730][ T8559]  </TASK>
[  299.332441][ T8575] PM: Enabling pm_trace changes system date and time during resume.
[  299.332441][ T8575] PM: Correct system time has to be restored manually after resume.
[  301.264194][ T8592] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  301.677347][ T8597] tls_set_device_offload: netdev not found
[  302.442319][   T30] audit: type=1400 audit(2000000154.245:426): avc:  denied  { module_request } for  pid=8594 comm="syz.3.714" kmod=6E66742D657870722D372D6C617374CB scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  303.974346][ T8630] PM: Enabling pm_trace changes system date and time during resume.
[  303.974346][ T8630] PM: Correct system time has to be restored manually after resume.
[  304.742170][  T838] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  305.614393][  T838] usb 4-1: Using ep0 maxpacket: 32
[  305.765716][  T838] usb 4-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=39.ac
[  305.775094][  T838] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  305.783174][  T838] usb 4-1: Product: syz
[  305.791004][  T838] usb 4-1: Manufacturer: syz
[  305.805992][  T838] usb 4-1: SerialNumber: syz
[  306.049225][ T8649] sp0: Synchronizing with TNC
[  306.129449][  T838] usb 4-1: config 0 descriptor??
[  306.240820][ T8648] block nbd0: shutting down sockets
[  306.289194][ T8641] [U] è
[  306.894544][   T30] audit: type=1400 audit(2000000158.685:427): avc:  denied  { remount } for  pid=8635 comm="syz.3.724" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  307.114319][  T838] peak_usb 4-1:0.0 can0: unable to request usb[type=0 value=1] err=-32
[  307.268101][  T838] peak_usb 4-1:0.0: unable to read PCAN-USB X6 firmware info (err -32)
[  307.533309][ T8660] tls_set_device_offload: netdev not found
[  308.119693][  T838] peak_usb 4-1:0.0: probe with driver peak_usb failed with error -32
[  308.133576][  T838] usb 4-1: USB disconnect, device number 25
[  308.952524][   T30] audit: type=1400 audit(2000000160.755:428): avc:  denied  { ioctl } for  pid=8682 comm="syz.2.735" path="socket:[18529]" dev="sockfs" ino=18529 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  309.059747][   T30] audit: type=1400 audit(2000000160.815:429): avc:  denied  { connect } for  pid=8682 comm="syz.2.735" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  309.096137][ T8683] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  309.259007][ T8683] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  309.282499][ T5915] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  309.472630][ T8683] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  309.580960][ T5915] usb 4-1: Using ep0 maxpacket: 16
[  309.589783][ T5915] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  309.600892][ T5915] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  309.621895][ T5915] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  310.025703][   T30] audit: type=1400 audit(2000000161.495:430): avc:  denied  { getopt } for  pid=8689 comm="syz.1.739" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  310.260126][ T5915] usb 4-1: New USB device found, idVendor=0457, idProduct=07da, bcdDevice= 0.00
[  310.330637][ T8683] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  310.342077][ T5915] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  310.380263][ T5915] usb 4-1: config 0 descriptor??
[  310.667215][ T8683] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  310.715049][ T8683] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  310.755082][ T8683] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  310.779802][ T8683] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  310.902226][  T838] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  311.054518][ T8712] binder_alloc: 8702: binder_alloc_buf, no vma
[  311.182748][   T30] audit: type=1400 audit(2000000162.865:431): avc:  denied  { call } for  pid=8702 comm="syz.1.741" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  311.338043][   T30] audit: type=1400 audit(2000000163.145:432): avc:  denied  { write } for  pid=8717 comm="syz.2.745" name="loop-control" dev="devtmpfs" ino=646 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  312.454832][  T838] usb 5-1: device descriptor read/64, error -71
[  312.468907][ T5915] usbhid 4-1:0.0: can't add hid device: -71
[  312.484024][ T5915] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  312.732084][  T838] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  312.909331][ T5915] usb 4-1: USB disconnect, device number 26
[  312.961288][  T838] usb 5-1: device descriptor read/64, error -71
[  313.084121][  T838] usb usb5-port1: attempt power cycle
[  313.486968][  T838] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  313.560649][ T8730] trusted_key: encrypted_key: insufficient parameters specified
[  313.570216][  T838] usb 5-1: device descriptor read/8, error -71
[  313.758395][   T30] audit: type=1400 audit(2000000165.555:433): avc:  denied  { execute } for  pid=8743 comm="syz.1.751" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  313.781623][    C1] vkms_vblank_simulate: vblank timer overrun
[  314.155848][   T30] audit: type=1400 audit(2000000165.965:434): avc:  denied  { map } for  pid=8750 comm="syz.4.755" path="/dev/vbi9" dev="devtmpfs" ino=1007 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  314.292669][   T30] audit: type=1400 audit(2000000165.965:435): avc:  denied  { execute } for  pid=8750 comm="syz.4.755" path="/dev/vbi9" dev="devtmpfs" ino=1007 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  314.316102][    C1] vkms_vblank_simulate: vblank timer overrun
[  314.908350][ T8760] vlan2: entered allmulticast mode
[  315.683223][  T838] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  315.934720][  T838] usb 4-1: device descriptor read/64, error -71
[  316.174044][ T8788] netlink: 'syz.1.764': attribute type 12 has an invalid length.
[  316.502935][   T30] audit: type=1400 audit(2000000168.316:436): avc:  denied  { append } for  pid=8789 comm="syz.0.765" name="loop6" dev="devtmpfs" ino=653 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  316.572036][  T838] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  316.739494][  T838] usb 4-1: device descriptor read/64, error -71
[  316.802220][ T5915] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  316.814070][ T8792] FAULT_INJECTION: forcing a failure.
[  316.814070][ T8792] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  316.852464][  T838] usb usb4-port1: attempt power cycle
[  316.858248][ T8792] CPU: 0 UID: 0 PID: 8792 Comm: syz.1.766 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) 
[  316.858272][ T8792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  316.858282][ T8792] Call Trace:
[  316.858289][ T8792]  <TASK>
[  316.858296][ T8792]  dump_stack_lvl+0x16c/0x1f0
[  316.858327][ T8792]  should_fail_ex+0x512/0x640
[  316.858356][ T8792]  _copy_from_user+0x2e/0xd0
[  316.858381][ T8792]  video_usercopy+0xedd/0x1720
[  316.858408][ T8792]  ? __pfx___video_do_ioctl+0x10/0x10
[  316.858429][ T8792]  ? selinux_kernel_read_file+0xd0/0x130
[  316.858455][ T8792]  ? __pfx_video_usercopy+0x10/0x10
[  316.858495][ T8792]  v4l2_ioctl+0x1ba/0x250
[  316.858517][ T8792]  ? __pfx_v4l2_ioctl+0x10/0x10
[  316.858553][ T8792]  __x64_sys_ioctl+0x18e/0x210
[  316.858577][ T8792]  do_syscall_64+0xcd/0x4c0
[  316.858605][ T8792]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.858623][ T8792] RIP: 0033:0x7f9b5a18e929
[  316.858638][ T8792] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  316.858654][ T8792] RSP: 002b:00007f9b5af42038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  316.858672][ T8792] RAX: ffffffffffffffda RBX: 00007f9b5a3b5fa0 RCX: 00007f9b5a18e929
[  316.858683][ T8792] RDX: 00002000000001c0 RSI: 00000000c02c564a RDI: 0000000000000003
[  316.858694][ T8792] RBP: 00007f9b5af42090 R08: 0000000000000000 R09: 0000000000000000
[  316.858704][ T8792] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  316.858714][ T8792] R13: 0000000000000000 R14: 00007f9b5a3b5fa0 R15: 00007ffdb5c40068
[  316.858736][ T8792]  </TASK>
[  317.281514][ T5915] usb 1-1: Using ep0 maxpacket: 8
[  317.289802][ T5915] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[  317.291503][ T5888] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  317.298148][ T5915] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  317.317208][ T5915] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  317.328747][ T5915] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  317.340464][ T5915] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  317.355566][ T5915] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  317.364872][ T5915] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  317.461719][ T5888] usb 5-1: Using ep0 maxpacket: 32
[  317.470139][ T5888] usb 5-1: New USB device found, idVendor=0c72, idProduct=0014, bcdDevice=39.ac
[  317.480369][ T5888] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  317.491057][ T5888] usb 5-1: Product: syz
[  317.495651][ T5888] usb 5-1: Manufacturer: syz
[  317.500289][ T5888] usb 5-1: SerialNumber: syz
[  317.513222][ T5888] usb 5-1: config 0 descriptor??
[  317.551467][  T838] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  317.582579][  T838] usb 4-1: device descriptor read/8, error -71
[  317.595006][ T5915] usb 1-1: usb_control_msg returned -32
[  317.601023][ T5915] usbtmc 1-1:16.0: can't read capabilities
[  317.725589][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  317.736607][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  317.851599][  T838] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[  317.864989][ T5888] peak_usb 5-1:0.0: PEAK-System PCAN-USB X6 v0 fw v0.0.0 (2 channels)
[  317.895153][  T838] usb 4-1: device descriptor read/8, error -71
[  318.024001][  T838] usb usb4-port1: unable to enumerate USB device
[  318.075378][ T5888] peak_usb 5-1:0.0 can0: sending command failure: -22
[  318.082638][ T5888] peak_usb 5-1:0.0 can0: sending command failure: -22
[  318.089703][ T5888] peak_usb 5-1:0.0 can0: sending command failure: -22
[  318.294028][ T5888] peak_usb 5-1:0.0: probe with driver peak_usb failed with error -22
[  318.329472][ T5888] usb 5-1: USB disconnect, device number 24
[  318.772334][ T8811] usbtmc 1-1:16.0: usb_clear_halt returned -32
[  318.847285][ T8815] loop6: detected capacity change from 0 to 524287999
[  319.523584][ T5936] usb 1-1: USB disconnect, device number 22
[  319.681167][ T8829] tls_set_device_offload: netdev not found
[  319.866181][ T8835] FAULT_INJECTION: forcing a failure.
[  319.866181][ T8835] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  319.881565][ T8835] CPU: 0 UID: 0 PID: 8835 Comm: syz.4.780 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) 
[  319.881591][ T8835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  319.881601][ T8835] Call Trace:
[  319.881608][ T8835]  <TASK>
[  319.881614][ T8835]  dump_stack_lvl+0x16c/0x1f0
[  319.881646][ T8835]  should_fail_ex+0x512/0x640
[  319.881674][ T8835]  _copy_to_user+0x32/0xd0
[  319.881702][ T8835]  simple_read_from_buffer+0xcb/0x170
[  319.881729][ T8835]  proc_fail_nth_read+0x197/0x270
[  319.881780][ T8835]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  319.881803][ T8835]  ? rw_verify_area+0xcf/0x680
[  319.881824][ T8835]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  319.881846][ T8835]  vfs_read+0x1e1/0xc60
[  319.881872][ T8835]  ? __pfx___mutex_lock+0x10/0x10
[  319.881898][ T8835]  ? __pfx_vfs_read+0x10/0x10
[  319.881927][ T8835]  ? __fget_files+0x20e/0x3c0
[  319.881959][ T8835]  ksys_read+0x12a/0x250
[  319.881981][ T8835]  ? __pfx_ksys_read+0x10/0x10
[  319.882011][ T8835]  do_syscall_64+0xcd/0x4c0
[  319.882045][ T8835]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  319.882064][ T8835] RIP: 0033:0x7f6a5a78d33c
[  319.882080][ T8835] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  319.882097][ T8835] RSP: 002b:00007f6a5b61f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  319.882114][ T8835] RAX: ffffffffffffffda RBX: 00007f6a5a9b5fa0 RCX: 00007f6a5a78d33c
[  319.882125][ T8835] RDX: 000000000000000f RSI: 00007f6a5b61f0a0 RDI: 0000000000000005
[  319.882136][ T8835] RBP: 00007f6a5b61f090 R08: 0000000000000000 R09: 0000000000000000
[  319.882146][ T8835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  319.882155][ T8835] R13: 0000000000000000 R14: 00007f6a5a9b5fa0 R15: 00007ffe1a534f78
[  319.882179][ T8835]  </TASK>
[  321.098812][ T8847] tty tty27: ldisc open failed (-12), clearing slot 26
[  321.221393][ T8848] ptm ptm0: ldisc open failed (-12), clearing slot 0
[  322.027830][   T30] audit: type=1400 audit(2000000173.836:437): avc:  denied  { append } for  pid=8864 comm="syz.4.787" name="media8" dev="devtmpfs" ino=1014 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  322.233963][ T8868] batman_adv: batadv0: Removing interface: batadv_slave_0
[  322.308154][ T8868] batman_adv: batadv0: Removing interface: batadv_slave_1
[  322.333801][ T8872] FAULT_INJECTION: forcing a failure.
[  322.333801][ T8872] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  322.371110][ T8872] CPU: 0 UID: 0 PID: 8872 Comm: syz.1.790 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) 
[  322.371135][ T8872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  322.371145][ T8872] Call Trace:
[  322.371151][ T8872]  <TASK>
[  322.371157][ T8872]  dump_stack_lvl+0x16c/0x1f0
[  322.371185][ T8872]  should_fail_ex+0x512/0x640
[  322.371205][ T8872]  _copy_from_user+0x2e/0xd0
[  322.371222][ T8872]  do_vfs_ioctl+0x13a9/0x1a60
[  322.371238][ T8872]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  322.371256][ T8872]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  322.371286][ T8872]  ? hook_file_ioctl_common+0x145/0x410
[  322.371301][ T8872]  ? selinux_file_ioctl+0x180/0x270
[  322.371315][ T8872]  ? selinux_file_ioctl+0xb4/0x270
[  322.371333][ T8872]  __x64_sys_ioctl+0x114/0x210
[  322.371347][ T8872]  do_syscall_64+0xcd/0x4c0
[  322.371365][ T8872]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  322.371377][ T8872] RIP: 0033:0x7f9b5a18e929
[  322.371387][ T8872] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  322.371398][ T8872] RSP: 002b:00007f9b5af42038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  322.371408][ T8872] RAX: ffffffffffffffda RBX: 00007f9b5a3b5fa0 RCX: 00007f9b5a18e929
[  322.371415][ T8872] RDX: 0000200000000200 RSI: 00000000401c5820 RDI: 0000000000000003
[  322.371422][ T8872] RBP: 00007f9b5af42090 R08: 0000000000000000 R09: 0000000000000000
[  322.371431][ T8872] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  322.371437][ T8872] R13: 0000000000000000 R14: 00007f9b5a3b5fa0 R15: 00007ffdb5c40068
[  322.371450][ T8872]  </TASK>
[  322.671235][ T5936] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  322.691178][ T5888] usb 4-1: new full-speed USB device number 31 using dummy_hcd
[  322.727004][ T8883] netlink: 8 bytes leftover after parsing attributes in process `syz.0.794'.
[  322.760383][   T30] audit: type=1400 audit(2000000174.566:438): avc:  denied  { append } for  pid=8881 comm="syz.2.795" name="video7" dev="devtmpfs" ino=951 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  322.893147][ T5888] usb 4-1: config 0 has an invalid interface number: 47 but max is 0
[  323.094408][ T5936] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  323.171532][ T5888] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  323.215220][ T5936] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xA has an invalid bInterval 48, changing to 7
[  323.232657][ T5888] usb 4-1: config 0 has no interface number 0
[  323.238241][ T8890] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  323.238901][ T5888] usb 4-1: config 0 interface 47 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  323.249787][ T8890] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  323.264190][ T5936] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid maxpacket 24624, setting to 1024
[  323.283506][ T5936] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  323.283535][ T5936] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  323.283555][ T5936] usb 5-1: Product: syz
[  323.305477][ T5888] usb 4-1: New USB device found, idVendor=18ec, idProduct=3188, bcdDevice=99.bc
[  323.305506][ T5888] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  323.305525][ T5888] usb 4-1: Product: syz
[  323.305540][ T5888] usb 4-1: Manufacturer: syz
[  323.305555][ T5888] usb 4-1: SerialNumber: syz
[  323.308192][ T5888] usb 4-1: config 0 descriptor??
[  323.342071][ T5936] usb 5-1: Manufacturer: syz
[  323.342093][ T5936] usb 5-1: SerialNumber: syz
[  323.344718][ T5936] usb 5-1: config 0 descriptor??
[  323.367784][ T5936] usb 5-1: 0:0 : invalid sync pipe. bmAttributes e5, bLength 9, bSynchAddress 30
[  323.389915][ T8888] trusted_key: encrypted_key: insufficient parameters specified
[  323.479384][ T8897] FAULT_INJECTION: forcing a failure.
[  323.479384][ T8897] name failslab, interval 1, probability 0, space 0, times 0
[  323.495246][ T8897] CPU: 0 UID: 0 PID: 8897 Comm: syz.0.799 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) 
[  323.495273][ T8897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  323.495284][ T8897] Call Trace:
[  323.495308][ T8897]  <TASK>
[  323.495316][ T8897]  dump_stack_lvl+0x16c/0x1f0
[  323.495348][ T8897]  should_fail_ex+0x512/0x640
[  323.495372][ T8897]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  323.495396][ T8897]  should_failslab+0xc2/0x120
[  323.495421][ T8897]  __kmalloc_cache_noprof+0x6a/0x3e0
[  323.495440][ T8897]  ? lockdep_hardirqs_on+0x7c/0x110
[  323.495465][ T8897]  ? alloc_fs_context+0x57/0x9c0
[  323.495493][ T8897]  alloc_fs_context+0x57/0x9c0
[  323.495521][ T8897]  __x64_sys_fsopen+0xeb/0x240
[  323.495539][ T8897]  do_syscall_64+0xcd/0x4c0
[  323.495565][ T8897]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  323.495582][ T8897] RIP: 0033:0x7f4488d8e929
[  323.495596][ T8897] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  323.495611][ T8897] RSP: 002b:00007f4489b6b038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae
[  323.495628][ T8897] RAX: ffffffffffffffda RBX: 00007f4488fb5fa0 RCX: 00007f4488d8e929
[  323.495640][ T8897] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000
[  323.495649][ T8897] RBP: 00007f4489b6b090 R08: 0000000000000000 R09: 0000000000000000
[  323.495659][ T8897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  323.495669][ T8897] R13: 0000000000000001 R14: 00007f4488fb5fa0 R15: 00007ffcd7d8bda8
[  323.495691][ T8897]  </TASK>
[  323.667041][ T8874] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  323.679477][ T8874] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  323.690325][ T8874] IPVS: length: 231 != 24
[  323.948228][   T30] audit: type=1400 audit(2000000175.496:439): avc:  denied  { mounton } for  pid=8873 comm="syz.3.792" path="/syzcgroup/cpu/syz3/cgroup.procs" dev="cgroup" ino=178 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=file permissive=1
[  324.110475][   T30] audit: type=1400 audit(2000000175.906:440): avc:  denied  { accept } for  pid=8873 comm="syz.3.792" laddr=172.20.20.67 lport=57526 faddr=100.1.1.0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=udp_socket permissive=1
[  324.334008][ T8899] block nbd4: shutting down sockets
[  324.350824][ T8911] netlink: 830 bytes leftover after parsing attributes in process `syz.2.802'.
[  324.820949][    C1] hrtimer: interrupt took 40085 ns
[  325.385226][   T30] audit: type=1400 audit(2000000177.196:441): avc:  denied  { map } for  pid=8916 comm="syz.2.804" path="socket:[19034]" dev="sockfs" ino=19034 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  325.522201][   T30] audit: type=1400 audit(2000000177.196:442): avc:  denied  { read } for  pid=8916 comm="syz.2.804" path="socket:[19034]" dev="sockfs" ino=19034 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  325.546441][   T30] audit: type=1400 audit(2000000177.196:443): avc:  denied  { ioctl } for  pid=8916 comm="syz.2.804" path="socket:[19034]" dev="sockfs" ino=19034 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  326.003664][ T5888] usb 4-1: Found UVC 0.00 device syz (18ec:3188)
[  326.033894][ T5888] usb 4-1: No valid video chain found.
[  326.051699][ T8921] tls_set_device_offload: netdev not found
[  326.058221][ T5202] udevd[5202]: worker [6449] terminated by signal 33 (Unknown signal 33)
[  326.073555][ T5888] usb 4-1: USB disconnect, device number 31
[  326.085523][ T5202] udevd[5202]: worker [6449] failed while handling '/devices/virtual/vc/vcsu24'
[  326.284709][ T5202] udevd[5202]: worker [6733] terminated by signal 33 (Unknown signal 33)
[  326.675787][ T5202] udevd[5202]: worker [6733] failed while handling '/devices/virtual/vc/vcsa24'
[  327.792055][ T5936] usb 5-1: USB disconnect, device number 25
[  327.859366][ T8937] trusted_key: encrypted_key: insufficient parameters specified
[  327.874013][   T30] audit: type=1400 audit(2000000179.686:444): avc:  denied  { bind } for  pid=8940 comm="syz.4.810" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  327.894747][ T5837] udevd[5837]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  328.109029][ T8943] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3070988179 (3070988179 ns) > initial count (1876204212 ns). Using initial count to start timer.
[  328.261051][ T5936] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  328.340324][ T8957] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  328.470869][ T5936] usb 5-1: Using ep0 maxpacket: 16
[  328.740843][ T5936] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  328.780775][ T5936] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  328.800805][ T5936] usb 5-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00
[  328.809956][ T5936] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  328.829744][ T5936] usb 5-1: config 0 descriptor??
[  329.990618][ T5936] hid-picolcd 0003:04D8:F002.0009: unknown main item tag 0x0
[  330.108184][ T8964] netlink: 8 bytes leftover after parsing attributes in process `syz.2.817'.
[  330.400812][ T5936] hid-picolcd 0003:04D8:F002.0009: No report with id 0xf4 found
[  330.408554][ T5936] hid-picolcd 0003:04D8:F002.0009: No report with id 0xf3 found
[  330.418513][ T5936] usb 5-1: USB disconnect, device number 26
[  331.198436][ T8978] sp0: Synchronizing with TNC
[  331.706821][ T8985] sp0: Synchronizing with TNC
[  331.864399][   T30] audit: type=1400 audit(2000000183.676:445): avc:  denied  { setopt } for  pid=8995 comm="syz.2.828" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  331.907857][   T30] audit: type=1400 audit(2000000183.716:446): avc:  denied  { getopt } for  pid=8999 comm="syz.4.829" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  332.326137][   T30] audit: type=1400 audit(2000000184.137:447): avc:  denied  { read } for  pid=9005 comm="syz.2.830" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  332.418703][ T9010] trusted_key: encrypted_key: insufficient parameters specified
[  332.437684][   T30] audit: type=1400 audit(2000000184.247:448): avc:  denied  { shutdown } for  pid=9005 comm="syz.2.830" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  333.262758][ T9031] FAULT_INJECTION: forcing a failure.
[  333.262758][ T9031] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  333.275996][ T9031] CPU: 0 UID: 0 PID: 9031 Comm: syz.1.838 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) 
[  333.276020][ T9031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  333.276030][ T9031] Call Trace:
[  333.276037][ T9031]  <TASK>
[  333.276043][ T9031]  dump_stack_lvl+0x16c/0x1f0
[  333.276075][ T9031]  should_fail_ex+0x512/0x640
[  333.276103][ T9031]  strncpy_from_user+0x3b/0x2e0
[  333.276128][ T9031]  getname_flags.part.0+0x8f/0x550
[  333.276153][ T9031]  getname_flags+0x93/0xf0
[  333.276176][ T9031]  __x64_sys_link+0x58/0xa0
[  333.276203][ T9031]  do_syscall_64+0xcd/0x4c0
[  333.276230][ T9031]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  333.276249][ T9031] RIP: 0033:0x7f9b5a18e929
[  333.276264][ T9031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  333.276281][ T9031] RSP: 002b:00007f9b57ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000056
[  333.276299][ T9031] RAX: ffffffffffffffda RBX: 00007f9b5a3b6160 RCX: 00007f9b5a18e929
[  333.276310][ T9031] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000200000000200
[  333.276321][ T9031] RBP: 00007f9b57ff6090 R08: 0000000000000000 R09: 0000000000000000
[  333.276331][ T9031] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  333.276342][ T9031] R13: 0000000000000000 R14: 00007f9b5a3b6160 R15: 00007ffdb5c40068
[  333.276365][ T9031]  </TASK>
[  333.418170][    C0] vkms_vblank_simulate: vblank timer overrun
[  334.133778][ T9040] kAFS: Can only specify source 'none' with -o dyn
[  334.406712][ T9043] overlay: Unknown parameter 'dont_hash'
[  334.445820][ T5838] Bluetooth: hci4: command 0x0406 tx timeout
[  334.543741][ T9044] cgroup: fork rejected by pids controller in /syz2
[  335.112313][ T9054] FAULT_INJECTION: forcing a failure.
[  335.112313][ T9054] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  335.173278][ T9054] CPU: 0 UID: 0 PID: 9054 Comm: syz.1.844 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) 
[  335.173305][ T9054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  335.173314][ T9054] Call Trace:
[  335.173319][ T9054]  <TASK>
[  335.173325][ T9054]  dump_stack_lvl+0x16c/0x1f0
[  335.173354][ T9054]  should_fail_ex+0x512/0x640
[  335.173380][ T9054]  _copy_to_iter+0x463/0x16f0
[  335.173409][ T9054]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  335.173428][ T9054]  ? __pfx__copy_to_iter+0x10/0x10
[  335.173451][ T9054]  ? find_held_lock+0x2b/0x80
[  335.173472][ T9054]  ? rcu_is_watching+0x12/0xc0
[  335.173491][ T9054]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  335.173515][ T9054]  tun_do_read+0x45a/0x1dc0
[  335.173546][ T9054]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  335.173569][ T9054]  ? __pfx_tun_do_read+0x10/0x10
[  335.173594][ T9054]  ? __pfx_default_wake_function+0x10/0x10
[  335.173615][ T9054]  ? tun_get+0x191/0x370
[  335.173642][ T9054]  tun_chr_read_iter+0x101/0x290
[  335.173666][ T9054]  do_iter_readv_writev+0x738/0x950
[  335.173687][ T9054]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  335.173704][ T9054]  ? __import_iovec+0x1dd/0x650
[  335.173725][ T9054]  ? avc_policy_seqno+0x9/0x20
[  335.173740][ T9054]  ? selinux_file_permission+0x126/0x660
[  335.173763][ T9054]  ? bpf_lsm_file_permission+0x9/0x10
[  335.173779][ T9054]  ? security_file_permission+0x71/0x210
[  335.173804][ T9054]  ? rw_verify_area+0xcf/0x680
[  335.173823][ T9054]  vfs_readv+0x4cb/0x8b0
[  335.173847][ T9054]  ? __pfx_vfs_readv+0x10/0x10
[  335.173879][ T9054]  ? __fget_files+0x20e/0x3c0
[  335.173900][ T9054]  ? __fget_files+0x1d0/0x3c0
[  335.173927][ T9054]  ? do_readv+0x132/0x340
[  335.173942][ T9054]  do_readv+0x132/0x340
[  335.173960][ T9054]  ? __pfx_do_readv+0x10/0x10
[  335.173983][ T9054]  do_syscall_64+0xcd/0x4c0
[  335.174017][ T9054]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  335.174034][ T9054] RIP: 0033:0x7f9b5a18e929
[  335.174046][ T9054] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  335.174061][ T9054] RSP: 002b:00007f9b5af42038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[  335.174076][ T9054] RAX: ffffffffffffffda RBX: 00007f9b5a3b5fa0 RCX: 00007f9b5a18e929
[  335.174086][ T9054] RDX: 0000000000000022 RSI: 00002000000001c0 RDI: 0000000000000003
[  335.174095][ T9054] RBP: 00007f9b5af42090 R08: 0000000000000000 R09: 0000000000000000
[  335.174104][ T9054] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  335.174113][ T9054] R13: 0000000000000000 R14: 00007f9b5a3b5fa0 R15: 00007ffdb5c40068
[  335.174146][ T9054]  </TASK>
[  335.436083][    C0] vkms_vblank_simulate: vblank timer overrun
[  335.500860][ T5895] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  335.560204][   T30] audit: type=1400 audit(2000000187.367:449): avc:  denied  { append } for  pid=9066 comm="syz.3.849" name="fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  335.583663][    C0] vkms_vblank_simulate: vblank timer overrun
[  335.589572][ T9067] mmap: syz.3.849 (9067) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  335.603030][   T30] audit: type=1400 audit(2000000187.397:450): avc:  denied  { map } for  pid=9066 comm="syz.3.849" path="/dev/fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  335.654382][ T5888] usb 3-1: USB disconnect, device number 16
[  335.665239][ T5895] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  335.683809][ T9068] trusted_key: encrypted_key: insufficient parameters specified
[  335.693872][ T5895] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  335.705503][ T5895] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  335.716226][ T5895] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  335.726163][ T5895] usb 5-1: SerialNumber: syz
[  335.786648][ T5983] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  335.879755][ T5983] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  335.947328][ T5983] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  335.962196][  T838] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  335.973952][   T30] audit: type=1400 audit(2000000187.787:451): avc:  denied  { watch watch_reads } for  pid=9049 comm="syz.4.842" path="/175" dev="tmpfs" ino=934 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  336.036640][ T5983] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  336.076424][ T5895] usb 5-1: invalid UAC_HEADER (v1)
[  336.099164][ T5895] snd-usb-audio 5-1:1.0: probe with driver snd-usb-audio failed with error -22
[  336.133383][  T838] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  336.139440][ T5895] usb 5-1: USB disconnect, device number 27
[  336.164756][  T838] usb 4-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  336.192736][ T6062] udevd[6062]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  336.210116][  T838] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66
[  336.231243][  T838] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  336.249773][ T5983] bridge_slave_1: left allmulticast mode
[  336.259175][  T838] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  336.265482][ T5983] bridge_slave_1: left promiscuous mode
[  336.279888][ T5983] bridge0: port 2(bridge_slave_1) entered disabled state
[  336.282019][  T838] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  336.298317][ T5983] bridge_slave_0: left allmulticast mode
[  336.305127][ T5983] bridge_slave_0: left promiscuous mode
[  336.309775][  T838] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  336.311333][ T5983] bridge0: port 1(bridge_slave_0) entered disabled state
[  336.319065][ T5838] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  336.335596][ T5838] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  336.345001][  T838] usb 4-1: Product: syz
[  336.349249][ T5838] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  336.357856][  T838] usb 4-1: Manufacturer: syz
[  336.363179][ T5838] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  336.372060][ T5838] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  336.404202][   T30] audit: type=1400 audit(2000000188.217:452): avc:  denied  { mounton } for  pid=9075 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  336.422567][  T838] cdc_wdm 4-1:1.0: skipping garbage
[  336.439390][  T838] cdc_wdm 4-1:1.0: skipping garbage
[  336.448180][  T838] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[  336.468131][  T838] cdc_wdm 4-1:1.0: Unknown control protocol
[  336.503108][   T30] audit: type=1400 audit(2000000188.307:453): avc:  denied  { map } for  pid=9077 comm="syz.0.853" path="/dev/dri/card0" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  336.526927][    C0] SELinux: failure in sel_netif_sid_slow(), invalid network interface (3)
[  336.527033][    C0] SELinux: failure in sel_netif_sid_slow(), invalid network interface (3)
[  336.620941][   T30] audit: type=1400 audit(2000000188.307:454): avc:  denied  { execute } for  pid=9077 comm="syz.0.853" path="/dev/dri/card0" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  336.644682][    C0] vkms_vblank_simulate: vblank timer overrun
[  336.688185][   T30] audit: type=1400 audit(2000000188.467:455): avc:  denied  { unmount } for  pid=5831 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  336.724069][ T5983] xfrm0 (unregistering): left allmulticast mode
[  337.080456][ T5888] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  337.136856][    C1] cdc_wdm 4-1:1.0: nonzero urb status received: -EPIPE
[  337.326275][ T5888] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  337.347060][ T5888] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  337.361794][ T5888] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  337.381439][ T5888] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  337.419924][ T5888] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  337.441979][ T5888] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  337.458892][ T5888] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  337.473450][ T5888] usb 5-1: Product: syz
[  337.478072][ T5888] usb 5-1: Manufacturer: syz
[  337.492134][ T9067] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  337.523545][ T5888] cdc_wdm 5-1:1.0: skipping garbage
[  337.528944][ T9067] CIFS: Unable to determine destination address
[  337.536851][ T5888] cdc_wdm 5-1:1.0: skipping garbage
[  337.545887][ T5888] cdc_wdm 5-1:1.0: cdc-wdm1: USB WDM device
[  337.552258][ T5888] cdc_wdm 5-1:1.0: Unknown control protocol
[  337.658053][ T5983] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  337.718531][ T5983] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  337.719558][ T5888] usb 4-1: USB disconnect, device number 32
[  337.738594][ T5983] bond0 (unregistering): Released all slaves
[  337.766431][ T5983] bond1 (unregistering): Released all slaves
[  338.026329][ T9075] hsr0 speed is unknown, defaulting to 1000
[  338.133655][ T9103] loop4: detected capacity change from 0 to 7
[  338.208622][ T9103] Dev loop4: unable to read RDB block 7
[  338.247495][ T9103]  loop4: unable to read partition table
[  338.301378][ T9103] loop4: partition table beyond EOD, truncated
[  338.328774][ T5983] tipc: Disabling bearer <udp:syz2>
[  338.376642][ T9103] loop_reread_partitions: partition scan of loop4 (þ被xü—ŸÑà– ) failed (rc=-5)
[  338.401645][ T5983] tipc: Left network mode
[  338.440316][ T5838] Bluetooth: hci3: command tx timeout
[  338.878170][ T9111] block device autoloading is deprecated and will be removed.
[  338.958680][ T9114] trusted_key: encrypted_key: insufficient parameters specified
[  340.282671][   T30] audit: type=1400 audit(2000000192.097:456): avc:  denied  { map } for  pid=9121 comm="syz.1.865" path="/dev/vsock" dev="devtmpfs" ino=1313 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  340.520201][ T5838] Bluetooth: hci3: command tx timeout
[  340.529014][ T5827] usb 5-1: USB disconnect, device number 28
[  340.550818][   T30] audit: type=1400 audit(2000000192.127:457): avc:  denied  { execute } for  pid=9121 comm="syz.1.865" path="/dev/vsock" dev="devtmpfs" ino=1313 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  340.673889][   T30] audit: type=1400 audit(2000000192.487:458): avc:  denied  { read } for  pid=9133 comm="syz.4.867" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  340.799447][ T9137] netlink: 176 bytes leftover after parsing attributes in process `syz.4.867'.
[  340.958235][ T5983] hsr_slave_0: left promiscuous mode
[  341.113110][ T5983] hsr_slave_1: left promiscuous mode
[  341.145983][ T5983] veth1_macvtap: left promiscuous mode
[  341.153552][ T5983] veth0_macvtap: left promiscuous mode
[  341.166196][ T5983] veth1_vlan: left promiscuous mode
[  341.175051][ T5983] veth0_vlan: left promiscuous mode
[  341.214357][ T9146] netlink: 60 bytes leftover after parsing attributes in process `syz.3.870'.
[  341.223449][ T9146] netlink: 32 bytes leftover after parsing attributes in process `syz.3.870'.
[  341.913262][   T30] audit: type=1400 audit(2000000193.057:459): avc:  denied  { ioctl } for  pid=9139 comm="syz.1.868" path="pid:[4026532797]" dev="nsfs" ino=4026532797 ioctlcmd=0xb701 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  342.609519][ T5838] Bluetooth: hci3: command tx timeout
[  343.153791][ T9159] FAULT_INJECTION: forcing a failure.
[  343.153791][ T9159] name failslab, interval 1, probability 0, space 0, times 0
[  343.166860][ T9159] CPU: 0 UID: 0 PID: 9159 Comm: syz.1.873 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) 
[  343.166885][ T9159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  343.166896][ T9159] Call Trace:
[  343.166902][ T9159]  <TASK>
[  343.166909][ T9159]  dump_stack_lvl+0x16c/0x1f0
[  343.166942][ T9159]  should_fail_ex+0x512/0x640
[  343.166969][ T9159]  ? fs_reclaim_acquire+0xae/0x150
[  343.166993][ T9159]  ? tomoyo_encode2+0x100/0x3e0
[  343.167019][ T9159]  should_failslab+0xc2/0x120
[  343.167046][ T9159]  __kmalloc_noprof+0xd2/0x510
[  343.167077][ T9159]  tomoyo_encode2+0x100/0x3e0
[  343.167106][ T9159]  tomoyo_encode+0x29/0x50
[  343.167130][ T9159]  tomoyo_realpath_from_path+0x18f/0x6e0
[  343.167157][ T9159]  ? tomoyo_profile+0x47/0x60
[  343.167177][ T9159]  tomoyo_path_number_perm+0x245/0x580
[  343.167198][ T9159]  ? tomoyo_path_number_perm+0x237/0x580
[  343.167223][ T9159]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  343.167245][ T9159]  ? find_held_lock+0x2b/0x80
[  343.167293][ T9159]  ? find_held_lock+0x2b/0x80
[  343.167314][ T9159]  ? hook_file_ioctl_common+0x145/0x410
[  343.167335][ T9159]  ? __fget_files+0x20e/0x3c0
[  343.167364][ T9159]  security_file_ioctl+0x9b/0x240
[  343.167389][ T9159]  __x64_sys_ioctl+0xb7/0x210
[  343.167409][ T9159]  do_syscall_64+0xcd/0x4c0
[  343.167433][ T9159]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  343.167450][ T9159] RIP: 0033:0x7f9b5a18e929
[  343.167466][ T9159] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  343.167483][ T9159] RSP: 002b:00007f9b5af42038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  343.167499][ T9159] RAX: ffffffffffffffda RBX: 00007f9b5a3b5fa0 RCX: 00007f9b5a18e929
[  343.167510][ T9159] RDX: 0000200000000000 RSI: 00000000400442c9 RDI: 0000000000000004
[  343.167520][ T9159] RBP: 00007f9b5af42090 R08: 0000000000000000 R09: 0000000000000000
[  343.167529][ T9159] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  343.167539][ T9159] R13: 0000000000000000 R14: 00007f9b5a3b5fa0 R15: 00007ffdb5c40068
[  343.167561][ T9159]  </TASK>
[  343.167894][ T9159] ERROR: Out of memory at tomoyo_realpath_from_path.
[  343.740395][   T30] audit: type=1400 audit(2000000195.457:460): avc:  denied  { getopt } for  pid=9156 comm="syz.3.872" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  343.769497][ T9165] trusted_key: encrypted_key: insufficient parameters specified
[  344.063778][ T5983] team0 (unregistering): Port device team_slave_1 removed
[  344.430487][ T5983] team0 (unregistering): Port device team_slave_0 removed
[  344.580511][   T30] audit: type=1400 audit(2000000196.347:461): avc:  denied  { mount } for  pid=9171 comm="syz.3.876" name="/" dev="configfs" ino=1151 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  344.684899][ T5832] Bluetooth: hci3: command tx timeout
[  345.097555][   T30] audit: type=1400 audit(2000000196.347:462): avc:  denied  { search } for  pid=9171 comm="syz.3.876" name="/" dev="configfs" ino=1151 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  345.121272][   T30] audit: type=1400 audit(2000000196.347:463): avc:  denied  { search } for  pid=9171 comm="syz.3.876" name="/" dev="configfs" ino=1151 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  345.145124][   T30] audit: type=1400 audit(2000000196.347:464): avc:  denied  { search } for  pid=9171 comm="syz.3.876" name="/" dev="configfs" ino=1151 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  345.168744][   T30] audit: type=1400 audit(2000000196.347:465): avc:  denied  { search } for  pid=9171 comm="syz.3.876" name="/" dev="configfs" ino=1151 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  345.197514][   T30] audit: type=1400 audit(2000000196.357:466): avc:  denied  { add_name } for  pid=9171 comm="syz.3.876" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  345.221678][   T30] audit: type=1400 audit(2000000196.357:467): avc:  denied  { create } for  pid=9171 comm="syz.3.876" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:configfs_t tclass=file permissive=1
[  345.370888][ T9177] overlayfs: missing 'lowerdir'
[  345.455324][ T9075] chnl_net:caif_netlink_parms(): no params data found
[  346.382894][ T9075] bridge0: port 1(bridge_slave_0) entered blocking state
[  346.390756][ T9075] bridge0: port 1(bridge_slave_0) entered disabled state
[  346.398101][ T9075] bridge_slave_0: entered allmulticast mode
[  346.405868][ T9075] bridge_slave_0: entered promiscuous mode
[  346.807795][ T5838] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  346.840377][ T9075] bridge0: port 2(bridge_slave_1) entered blocking state
[  346.857554][ T9075] bridge0: port 2(bridge_slave_1) entered disabled state
[  346.875055][ T9075] bridge_slave_1: entered allmulticast mode
[  346.898521][ T9075] bridge_slave_1: entered promiscuous mode
[  346.960913][ T9075] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  346.972895][ T9075] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  347.009617][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  347.009633][   T30] audit: type=1400 audit(2000000198.817:470): avc:  denied  { read } for  pid=9200 comm="syz.1.882" path="socket:[19875]" dev="sockfs" ino=19875 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  347.062135][ T9075] team0: Port device team_slave_0 added
[  347.140004][   T30] audit: type=1400 audit(2000000198.947:471): avc:  denied  { read write } for  pid=9203 comm="syz.4.883" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  347.185003][ T9075] team0: Port device team_slave_1 added
[  347.213813][   T30] audit: type=1400 audit(2000000198.947:472): avc:  denied  { open } for  pid=9203 comm="syz.4.883" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  347.264278][ T9207] netlink: 4 bytes leftover after parsing attributes in process `syz.0.884'.
[  347.283190][ T9075] batman_adv: batadv0: Adding interface: batadv_slave_0
[  347.290312][ T9075] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  347.442577][ T9075] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  347.455264][ T9075] batman_adv: batadv0: Adding interface: batadv_slave_1
[  347.485273][ T9075] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  347.526633][ T9075] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  347.603167][ T9214] 9pnet_fd: Insufficient options for proto=fd
[  347.724231][   T30] audit: type=1400 audit(2000000199.477:473): avc:  denied  { ioctl } for  pid=9206 comm="syz.0.884" path="socket:[19916]" dev="sockfs" ino=19916 ioctlcmd=0x64a7 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  347.966175][   T30] audit: type=1400 audit(2000000199.477:474): avc:  denied  { read } for  pid=9206 comm="syz.0.884" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  348.249065][ T9075] hsr_slave_0: entered promiscuous mode
[  348.257297][   T30] audit: type=1400 audit(2000000200.067:475): avc:  denied  { getopt } for  pid=9218 comm="syz.0.887" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  348.278061][ T9075] hsr_slave_1: entered promiscuous mode
[  348.308227][ T9075] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  348.316281][ T9075] Cannot create hsr debugfs directory
[  348.489894][   T43] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  348.531709][ T9222] netlink: 'syz.4.888': attribute type 1 has an invalid length.
[  348.609669][  T838] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  348.616712][ T9222] 8021q: adding VLAN 0 to HW filter on device bond2
[  348.626504][   T30] audit: type=1400 audit(2000000200.437:476): avc:  denied  { setopt } for  pid=9223 comm="syz.3.889" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  348.627034][ T9226] ieee802154 phy0 wpan0: encryption failed: -22
[  348.652489][   T43] usb 2-1: Using ep0 maxpacket: 16
[  348.668946][   T30] audit: type=1400 audit(2000000200.437:477): avc:  denied  { write } for  pid=9223 comm="syz.3.889" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  348.681825][   T43] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  348.717232][ T9228] bond2: (slave veth3): Enslaving as an active interface with a down link
[  348.731751][   T43] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  348.740657][   T43] usb 2-1: Product: syz
[  348.744872][   T43] usb 2-1: Manufacturer: syz
[  348.749561][   T43] usb 2-1: SerialNumber: syz
[  348.764603][ T9222] bond2: (slave dummy0): making interface the new active one
[  348.770431][  T838] usb 1-1: Using ep0 maxpacket: 8
[  348.879940][   T43] r8152-cfgselector 2-1: Unknown version 0x0000
[  348.886293][   T43] r8152-cfgselector 2-1: config 0 descriptor??
[  348.897217][ T9222] dummy0: entered promiscuous mode
[  348.899973][  T838] usb 1-1: config 0 has an invalid interface number: 186 but max is 0
[  348.903794][ T9222] bond2: (slave dummy0): Enslaving as an active interface with an up link
[  348.912441][  T838] usb 1-1: config 0 has no interface number 0
[  349.000655][ T9232] netlink: 'syz.3.890': attribute type 4 has an invalid length.
[  349.008442][ T9232] netlink: 17 bytes leftover after parsing attributes in process `syz.3.890'.
[  349.308537][  T838] usb 1-1: config 0 interface 186 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  349.328817][  T838] usb 1-1: config 0 interface 186 altsetting 0 has an endpoint descriptor with address 0x9A, changing to 0x8A
[  349.351833][  T838] usb 1-1: config 0 interface 186 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  349.386400][  T838] usb 1-1: config 0 interface 186 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  349.396664][  T838] usb 1-1: config 0 interface 186 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  349.414091][  T838] usb 1-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5
[  349.427117][  T838] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  349.435261][  T838] usb 1-1: Product: syz
[  349.439471][  T838] usb 1-1: Manufacturer: syz
[  349.444170][  T838] usb 1-1: SerialNumber: syz
[  349.450776][  T838] usb 1-1: config 0 descriptor??
[  349.529017][ T5827] r8152-cfgselector 2-1: USB disconnect, device number 25
[  349.673783][  T838] iowarrior 1-1:0.186: IOWarrior product=0x1505, serial= interface=186 now attached to iowarrior0
[  349.719971][  T838] usb 1-1: USB disconnect, device number 23
[  349.778120][ T9075] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  349.814174][ T9075] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  349.828898][ T9075] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  349.850207][ T9075] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  350.044047][ T9075] 8021q: adding VLAN 0 to HW filter on device bond0
[  350.068617][ T9075] 8021q: adding VLAN 0 to HW filter on device team0
[  350.086202][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[  350.093441][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[  350.124412][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[  350.131598][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[  350.770486][ T9243] netlink: 8 bytes leftover after parsing attributes in process `syz.3.893'.
[  350.982951][ T9075] 8021q: adding VLAN 0 to HW filter on device batadv0
[  351.058235][ T5895] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  351.138452][ T9075] veth0_vlan: entered promiscuous mode
[  351.155128][ T9075] veth1_vlan: entered promiscuous mode
[  351.195924][ T9075] veth0_macvtap: entered promiscuous mode
[  351.213628][ T9075] veth1_macvtap: entered promiscuous mode
[  351.236600][ T9075] batman_adv: batadv0: Interface activated: batadv_slave_0
[  351.246229][ T5895] usb 5-1: Using ep0 maxpacket: 16
[  351.263017][ T5895] usb 5-1: New USB device found, idVendor=0c45, idProduct=800a, bcdDevice=db.47
[  351.306499][ T9075] batman_adv: batadv0: Interface activated: batadv_slave_1
[  351.314630][ T5895] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  351.328363][ T9075] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  351.338030][ T5895] usb 5-1: Product: syz
[  351.342713][ T5895] usb 5-1: Manufacturer: syz
[  351.347685][ T5895] usb 5-1: SerialNumber: syz
[  351.352785][ T9075] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  351.363090][ T9075] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  351.371961][   T43] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[  351.379642][ T5936] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  351.388649][ T5895] usb 5-1: config 0 descriptor??
[  351.394505][ T9075] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  351.405809][ T5895] gspca_main: sn9c2028-2.14.0 probing 0c45:800a
[  351.493350][ T2993] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  351.507797][ T2993] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  351.539690][   T43] usb 4-1: Using ep0 maxpacket: 16
[  351.544950][ T5936] usb 1-1: Using ep0 maxpacket: 32
[  351.565531][   T43] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  351.589678][ T5936] usb 1-1: config 0 has an invalid interface number: 35 but max is 0
[  351.597918][ T5936] usb 1-1: config 0 has no interface number 0
[  351.604186][   T43] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  351.614543][   T43] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  351.623409][ T5985] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  351.652920][   T43] usb 4-1: New USB device found, idVendor=0457, idProduct=07da, bcdDevice= 0.00
[  351.654775][ T5985] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  351.663354][   T43] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  351.679251][ T5936] usb 1-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f
[  351.689802][ T5936] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  351.697919][ T5936] usb 1-1: Product: syz
[  351.703552][ T5936] usb 1-1: Manufacturer: syz
[  351.708219][ T5936] usb 1-1: SerialNumber: syz
[  351.717735][   T43] usb 4-1: config 0 descriptor??
[  351.731445][ T9275] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  351.740264][ T9275] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  351.756363][ T5936] usb 1-1: config 0 descriptor??
[  351.846628][   T30] audit: type=1400 audit(2000000203.658:478): avc:  denied  { mounton } for  pid=9075 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  351.994426][ T5936] radio-si470x 1-1:0.35: this is not a si470x device.
[  352.194727][ T5936] radio-raremono 1-1:0.35: Thanko's Raremono connected: (10C4:818A)
[  352.233444][ T5895] gspca_sn9c2028: read1 error -71
[  352.239854][ T5895] gspca_sn9c2028: read1 error -71
[  352.251342][   T43] hid-multitouch 0003:0457:07DA.000A: hidraw0: USB HID v0.00 Device [HID 0457:07da] on usb-dummy_hcd.3-1/input0
[  352.271325][ T5895] sn9c2028 5-1:0.0: probe with driver sn9c2028 failed with error -71
[  352.297817][ T5895] usb 5-1: USB disconnect, device number 29
[  352.458900][ T5936] radio-raremono 1-1:0.35: raremono_cmd_main failed (-71)
[  352.505287][ T5936] radio-raremono 1-1:0.35: V4L2 device registered as radio48
[  352.539252][ T9269] netlink: 'syz.3.899': attribute type 32 has an invalid length.
[  352.547201][ T9269] netlink: 8 bytes leftover after parsing attributes in process `syz.3.899'.
[  352.556118][ T9269] (unnamed net_device) (uninitialized): option coupled_control: invalid value (17)
[  352.566295][ T5936] usb 1-1: USB disconnect, device number 24
[  352.575596][ T5936] radio-raremono 1-1:0.35: Thanko's Raremono disconnected
[  352.581062][ T9297] netlink: 8 bytes leftover after parsing attributes in process `syz.2.902'.
[  352.866165][ T9296] random: crng reseeded on system resumption
[  353.971160][ T5827] usb 4-1: USB disconnect, device number 33
[  354.534401][ T9316] netlink: 8 bytes leftover after parsing attributes in process `syz.2.907'.
[  355.930098][ T9323] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  356.206108][   T30] audit: type=1400 audit(2000000208.018:479): avc:  denied  { bind } for  pid=9338 comm="syz.1.914" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  356.392508][ T9313] netlink: 8 bytes leftover after parsing attributes in process `syz.4.909'.
[  356.708719][   T30] audit: type=1400 audit(2000000208.518:480): avc:  denied  { override_creds } for  pid=9354 comm="syz.4.919" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  356.785459][   T30] audit: type=1400 audit(2000000208.598:481): avc:  denied  { read } for  pid=9351 comm="syz.1.917" path="socket:[21536]" dev="sockfs" ino=21536 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  356.881652][ T9361] netlink: 8 bytes leftover after parsing attributes in process `syz.1.917'.
[  358.989292][ T5838] Bluetooth: hci4: unexpected event for opcode 0x0c25
[  359.355920][   T30] audit: type=1400 audit(2000000211.168:482): avc:  denied  { setopt } for  pid=9397 comm="syz.1.926" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  359.475080][ T9401] netlink: 4 bytes leftover after parsing attributes in process `syz.1.926'.
[  359.956852][   T30] audit: type=1400 audit(2000000211.288:483): avc:  denied  { write } for  pid=9397 comm="syz.1.926" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  360.160289][ T9404] fuse: Bad value for 'rootmode'
[  360.211755][ T9394] netlink: 'syz.4.925': attribute type 10 has an invalid length.
[  360.255217][ T5915] Process accounting resumed
[  360.922039][ T9403] Process accounting resumed
[  361.019076][ T5915] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  361.209474][ T5915] usb 1-1: Using ep0 maxpacket: 16
[  361.231733][ T5915] usb 1-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[  361.249234][ T5888] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[  361.256978][ T5915] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  361.277347][ T5915] usb 1-1: config 0 descriptor??
[  361.288744][ T9419] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=14109 sclass=netlink_route_socket pid=9419 comm=syz.1.933
[  361.292143][ T5915] gspca_main: sonixj-2.14.0 probing 0471:0327
[  361.312780][ T9419] fuse: Bad value for 'fd'
[  361.318815][   T30] audit: type=1326 audit(2000000213.128:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9418 comm="syz.1.933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9b5a18e929 code=0x7ffc0000
[  361.342027][    C0] vkms_vblank_simulate: vblank timer overrun
[  361.381447][   T30] audit: type=1326 audit(2000000213.138:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9418 comm="syz.1.933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9b5a18d290 code=0x7ffc0000
[  361.404673][    C0] vkms_vblank_simulate: vblank timer overrun
[  361.416163][ T5888] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  361.434087][ T5888] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  361.446501][   T30] audit: type=1326 audit(2000000213.138:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9418 comm="syz.1.933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9b5a18e52b code=0x7ffc0000
[  361.446695][ T5888] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  361.485265][ T5888] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  361.501190][   T30] audit: type=1326 audit(2000000213.138:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9418 comm="syz.1.933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9b5a18e52b code=0x7ffc0000
[  361.508639][ T5888] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  361.524301][    C0] vkms_vblank_simulate: vblank timer overrun
[  361.547644][ T5888] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  361.559003][   T43] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  361.574718][   T30] audit: type=1326 audit(2000000213.148:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9418 comm="syz.1.933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9b5a18e52b code=0x7ffc0000
[  361.589893][ T5888] usb 4-1: config 0 descriptor??
[  361.598655][   T30] audit: type=1326 audit(2000000213.148:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9418 comm="syz.1.933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9b5a18e52b code=0x7ffc0000
[  361.620795][ T9417] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  361.625909][    C0] vkms_vblank_simulate: vblank timer overrun
[  361.640065][   T30] audit: type=1326 audit(2000000213.248:490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9418 comm="syz.1.933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9b5a18e52b code=0x7ffc0000
[  361.667621][   T30] audit: type=1326 audit(2000000213.318:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9418 comm="syz.1.933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9b5a18e52b code=0x7ffc0000
[  361.690752][    C0] vkms_vblank_simulate: vblank timer overrun
[  361.700141][   T30] audit: type=1326 audit(2000000213.388:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9418 comm="syz.1.933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9b5a18e52b code=0x7ffc0000
[  361.723299][    C0] vkms_vblank_simulate: vblank timer overrun
[  361.723369][   T43] usb 2-1: Using ep0 maxpacket: 16
[  361.739364][   T30] audit: type=1326 audit(2000000213.388:493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9418 comm="syz.1.933" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f9b5a18e52b code=0x7ffc0000
[  361.748972][   T43] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  361.763041][ T5915] gspca_sonixj: reg_r err -71
[  361.786054][ T5915] sonixj 1-1:0.0: probe with driver sonixj failed with error -71
[  361.793861][   T43] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  361.809600][ T5915] usb 1-1: USB disconnect, device number 25
[  361.821729][   T43] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  361.838818][   T43] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  361.879276][   T43] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  361.909951][   T43] usb 2-1: config 0 descriptor??
[  362.080537][ T5888] plantronics 0003:047F:FFFF.000B: reserved main item tag 0xd
[  362.126959][ T5888] plantronics 0003:047F:FFFF.000B: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  362.168608][ T9421] netlink: 16 bytes leftover after parsing attributes in process `syz.2.934'.
[  362.371665][ T5915] usb 4-1: USB disconnect, device number 34
[  362.421066][   T43] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.000C/input/input14
[  363.220784][   T43] microsoft 0003:045E:07DA.000C: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0
[  363.803822][ T5888] usb 2-1: reset high-speed USB device number 26 using dummy_hcd
[  364.525169][   T12] dummy0: left promiscuous mode
[  364.532997][ T9444] netlink: 'syz.1.939': attribute type 39 has an invalid length.
[  364.669762][ T9426] orangefs_mount: mount request failed with -4
[  364.803661][ T9451] 9pnet_fd: Insufficient options for proto=fd
[  365.104495][   T43] usb 2-1: USB disconnect, device number 26
[  365.368740][ T5895] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  365.473274][ T9461] tls_set_device_offload: netdev not found
[  365.558901][ T5895] usb 5-1: Using ep0 maxpacket: 8
[  365.580431][ T5895] usb 5-1: unable to get BOS descriptor or descriptor too short
[  365.595670][ T5895] usb 5-1: unable to read config index 0 descriptor/start: -71
[  365.625734][ T5895] usb 5-1: can't read configurations, error -71
[  366.181798][   T43] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[  367.030203][   T43] usb 4-1: Using ep0 maxpacket: 32
[  367.668655][   T43] usb 4-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=27.9b
[  367.697849][   T43] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  367.720942][   T43] usb 4-1: Product: syz
[  367.739400][   T43] usb 4-1: Manufacturer: syz
[  367.747203][   T43] usb 4-1: SerialNumber: syz
[  367.773099][   T43] usb 4-1: config 0 descriptor??
[  367.823916][ T9493] netlink: 'syz.4.954': attribute type 39 has an invalid length.
[  367.968820][ T5915] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  368.054719][   T30] kauditd_printk_skb: 34 callbacks suppressed
[  368.054735][   T30] audit: type=1400 audit(2000000219.869:528): avc:  denied  { getopt } for  pid=9496 comm="syz.1.955" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  368.191941][ T9499] FAULT_INJECTION: forcing a failure.
[  368.191941][ T9499] name failslab, interval 1, probability 0, space 0, times 0
[  368.192010][ T9499] CPU: 1 UID: 0 PID: 9499 Comm: syz.1.955 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) 
[  368.192031][ T9499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  368.192041][ T9499] Call Trace:
[  368.192048][ T9499]  <TASK>
[  368.192055][ T9499]  dump_stack_lvl+0x16c/0x1f0
[  368.192088][ T9499]  should_fail_ex+0x512/0x640
[  368.192113][ T9499]  ? __kmalloc_cache_node_noprof+0x5a/0x420
[  368.192143][ T9499]  should_failslab+0xc2/0x120
[  368.192167][ T9499]  __kmalloc_cache_node_noprof+0x6d/0x420
[  368.192188][ T9499]  ? __get_vm_area_node+0x101/0x330
[  368.192210][ T9499]  __get_vm_area_node+0x101/0x330
[  368.192230][ T9499]  __vmalloc_node_range_noprof+0x271/0x14b0
[  368.192250][ T9499]  ? vc_uniscr_check+0x1a0/0x5a0
[  368.192280][ T9499]  ? vc_uniscr_check+0x1a0/0x5a0
[  368.192304][ T9499]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  368.192333][ T9499]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  368.192359][ T9499]  ? input_handler_for_each_handle+0x116/0x250
[  368.192389][ T9499]  ? vc_uniscr_check+0x1a0/0x5a0
[  368.192412][ T9499]  __vmalloc_node_noprof+0xad/0xf0
[  368.192432][ T9499]  ? vc_uniscr_check+0x1a0/0x5a0
[  368.192459][ T9499]  vc_uniscr_check+0x1a0/0x5a0
[  368.192491][ T9499]  do_con_write+0x662/0x8280
[  368.192536][ T9499]  ? __pfx_do_con_write+0x10/0x10
[  368.192561][ T9499]  ? lockdep_hardirqs_on+0x7c/0x110
[  368.192605][ T9499]  con_write+0x23/0xb0
[  368.192631][ T9499]  n_tty_write+0x40f/0x1160
[  368.192664][ T9499]  ? __pfx_n_tty_write+0x10/0x10
[  368.192693][ T9499]  ? rcu_is_watching+0x12/0xc0
[  368.192719][ T9499]  ? __pfx_woken_wake_function+0x10/0x10
[  368.192743][ T9499]  ? kfree+0x24f/0x4d0
[  368.192761][ T9499]  ? file_tty_write.constprop.0+0x6ef/0x9b0
[  368.192789][ T9499]  ? __pfx_n_tty_write+0x10/0x10
[  368.192809][ T9499]  file_tty_write.constprop.0+0x501/0x9b0
[  368.192844][ T9499]  vfs_write+0x6c4/0x1150
[  368.192868][ T9499]  ? __pfx_tty_write+0x10/0x10
[  368.192896][ T9499]  ? __pfx_vfs_write+0x10/0x10
[  368.192916][ T9499]  ? find_held_lock+0x2b/0x80
[  368.192957][ T9499]  ksys_write+0x12a/0x250
[  368.192980][ T9499]  ? __pfx_ksys_write+0x10/0x10
[  368.193012][ T9499]  do_syscall_64+0xcd/0x4c0
[  368.193040][ T9499]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  368.193058][ T9499] RIP: 0033:0x7f9b5a18e929
[  368.193074][ T9499] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  368.193091][ T9499] RSP: 002b:00007f9b57ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  368.193110][ T9499] RAX: ffffffffffffffda RBX: 00007f9b5a3b6160 RCX: 00007f9b5a18e929
[  368.193121][ T9499] RDX: 00000000fffffecc RSI: 0000200000000240 RDI: 0000000000000003
[  368.193132][ T9499] RBP: 00007f9b57ff6090 R08: 0000000000000000 R09: 0000000000000000
[  368.193142][ T9499] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  368.193152][ T9499] R13: 0000000000000001 R14: 00007f9b5a3b6160 R15: 00007ffdb5c40068
[  368.193178][ T9499]  </TASK>
[  368.193449][ T9499] syz.1.955: vmalloc error: size 147456, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  368.193690][ T9499] CPU: 1 UID: 0 PID: 9499 Comm: syz.1.955 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) 
[  368.193713][ T9499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  368.193724][ T9499] Call Trace:
[  368.193729][ T9499]  <TASK>
[  368.193736][ T9499]  dump_stack_lvl+0x16c/0x1f0
[  368.193764][ T9499]  warn_alloc+0x248/0x3a0
[  368.193793][ T9499]  ? __pfx_warn_alloc+0x10/0x10
[  368.193818][ T9499]  ? __kmalloc_cache_node_noprof+0x272/0x420
[  368.193844][ T9499]  ? __kasan_kmalloc+0x8a/0xb0
[  368.193867][ T9499]  ? __get_vm_area_node+0x208/0x330
[  368.193892][ T9499]  __vmalloc_node_range_noprof+0xb2d/0x14b0
[  368.193922][ T9499]  ? vc_uniscr_check+0x1a0/0x5a0
[  368.193947][ T9499]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  368.193972][ T9499]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  368.193996][ T9499]  ? input_handler_for_each_handle+0x116/0x250
[  368.194023][ T9499]  ? vc_uniscr_check+0x1a0/0x5a0
[  368.194046][ T9499]  __vmalloc_node_noprof+0xad/0xf0
[  368.194065][ T9499]  ? vc_uniscr_check+0x1a0/0x5a0
[  368.194090][ T9499]  vc_uniscr_check+0x1a0/0x5a0
[  368.194121][ T9499]  do_con_write+0x662/0x8280
[  368.194165][ T9499]  ? __pfx_do_con_write+0x10/0x10
[  368.194189][ T9499]  ? lockdep_hardirqs_on+0x7c/0x110
[  368.194230][ T9499]  con_write+0x23/0xb0
[  368.194256][ T9499]  n_tty_write+0x40f/0x1160
[  368.194287][ T9499]  ? __pfx_n_tty_write+0x10/0x10
[  368.194304][ T9499]  ? rcu_is_watching+0x12/0xc0
[  368.194328][ T9499]  ? __pfx_woken_wake_function+0x10/0x10
[  368.194350][ T9499]  ? kfree+0x24f/0x4d0
[  368.194367][ T9499]  ? file_tty_write.constprop.0+0x6ef/0x9b0
[  368.194394][ T9499]  ? __pfx_n_tty_write+0x10/0x10
[  368.194413][ T9499]  file_tty_write.constprop.0+0x501/0x9b0
[  368.194448][ T9499]  vfs_write+0x6c4/0x1150
[  368.194473][ T9499]  ? __pfx_tty_write+0x10/0x10
[  368.194499][ T9499]  ? __pfx_vfs_write+0x10/0x10
[  368.194520][ T9499]  ? find_held_lock+0x2b/0x80
[  368.194561][ T9499]  ksys_write+0x12a/0x250
[  368.194584][ T9499]  ? __pfx_ksys_write+0x10/0x10
[  368.194624][ T9499]  do_syscall_64+0xcd/0x4c0
[  368.194652][ T9499]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  368.194669][ T9499] RIP: 0033:0x7f9b5a18e929
[  368.194685][ T9499] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  368.194700][ T9499] RSP: 002b:00007f9b57ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  368.194715][ T9499] RAX: ffffffffffffffda RBX: 00007f9b5a3b6160 RCX: 00007f9b5a18e929
[  368.194726][ T9499] RDX: 00000000fffffecc RSI: 0000200000000240 RDI: 0000000000000003
[  368.194737][ T9499] RBP: 00007f9b57ff6090 R08: 0000000000000000 R09: 0000000000000000
[  368.194747][ T9499] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  368.194758][ T9499] R13: 0000000000000001 R14: 00007f9b5a3b6160 R15: 00007ffdb5c40068
[  368.194784][ T9499]  </TASK>
[  368.194815][ T9499] Mem-Info:
[  368.194829][ T9499] active_anon:15427 inactive_anon:0 isolated_anon:0
[  368.194829][ T9499]  active_file:19812 inactive_file:40719 isolated_file:0
[  368.194829][ T9499]  unevictable:768 dirty:364 writeback:0
[  368.194829][ T9499]  slab_reclaimable:11822 slab_unreclaimable:100993
[  368.194829][ T9499]  mapped:33521 shmem:1388 pagetables:1257
[  368.194829][ T9499]  sec_pagetables:0 bounce:0
[  368.194829][ T9499]  kernel_misc_reclaimable:0
[  368.194829][ T9499]  free:1285146 free_pcp:17036 free_cma:0
[  368.194873][ T9499] Node 0 active_anon:61708kB inactive_anon:0kB active_file:79248kB inactive_file:162676kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:134084kB dirty:1456kB writeback:0kB shmem:4016kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12164kB pagetables:4900kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  368.194916][ T9499] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:128kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  368.194982][ T9499] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  368.195029][ T9499] lowmem_reserve[]: 0 2480 2481 2481 2481
[  368.195069][ T9499] Node 0 DMA32 free:1224452kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:61580kB inactive_anon:0kB active_file:79248kB inactive_file:161352kB unevictable:1536kB writepending:1456kB present:3129332kB managed:2540080kB mlocked:0kB bounce:0kB free_pcp:51048kB local_pcp:23796kB free_cma:0kB
[  368.195139][ T9499] lowmem_reserve[]: 0 0 1 1 1
[  368.195177][ T9499] Node 0 Normal free:8kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:28kB inactive_anon:0kB active_file:0kB inactive_file:1324kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:28kB local_pcp:28kB free_cma:0kB
[  368.195224][ T9499] lowmem_reserve[]: 0 0 0 0 0
[  368.195283][ T9499] Node 1 Normal free:3900764kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:17096kB local_pcp:8136kB free_cma:0kB
[  368.195333][ T9499] lowmem_reserve[]: 0 0 0 0 0
[  368.195372][ T9499] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  368.195529][ T9499] Node 0 DMA32: 1833*4kB (ME) 598*8kB (UM) 119*16kB (ME) 1*32kB (M) 311*64kB (UM) 50*128kB (UME) 29*256kB (M) 24*512kB (UM) 7*1024kB (UME) 11*2048kB (UME) 277*4096kB (UM) = 1224356kB
[  368.195745][ T9499] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
[  368.195870][ T9499] Node 1 Normal: 189*4kB (UE) 45*8kB (UME) 38*16kB (UME) 137*32kB (UME) 42*64kB (UME) 10*128kB (UME) 4*256kB (M) 3*512kB (UM) 3*1024kB (UM) 1*2048kB (M) 948*4096kB (M) = 3900764kB
[  368.196059][ T9499] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  368.196078][ T9499] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  368.196111][ T9499] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  368.196126][ T9499] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  368.196140][ T9499] 61916 total pagecache pages
[  368.196151][ T9499] 0 pages in swap cache
[  368.196159][ T9499] Free swap  = 124996kB
[  368.196166][ T9499] Total swap = 124996kB
[  368.196174][ T9499] 2097051 pages RAM
[  368.196181][ T9499] 0 pages HighMem/MovableOnly
[  368.196187][ T9499] 430053 pages reserved
[  368.196194][ T9499] 0 pages cma reserved
[  368.408697][ T5915] usb 3-1: Using ep0 maxpacket: 32
[  368.434885][ T5915] usb 3-1: config 0 has an invalid interface number: 35 but max is 0
[  368.434913][ T5915] usb 3-1: config 0 has no interface number 0
[  368.456311][ T5915] usb 3-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f
[  368.456340][ T5915] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  368.456359][ T5915] usb 3-1: Product: syz
[  368.456373][ T5915] usb 3-1: Manufacturer: syz
[  368.456388][ T5915] usb 3-1: SerialNumber: syz
[  368.469513][ T5915] usb 3-1: config 0 descriptor??
[  368.700124][ T5915] radio-si470x 3-1:0.35: this is not a si470x device.
[  368.905553][ T5915] radio-raremono 3-1:0.35: Thanko's Raremono connected: (10C4:818A)
[  369.411177][ T5915] radio-raremono 3-1:0.35: raremono_cmd_main failed (-71)
[  369.412414][ T5915] radio-raremono 3-1:0.35: V4L2 device registered as radio48
[  369.420535][ T5915] usb 3-1: USB disconnect, device number 17
[  370.494835][ T5915] radio-raremono 3-1:0.35: Thanko's Raremono disconnected
[  371.592788][ T9515] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  371.608169][   T43] peak_usb 4-1:0.0 can0: unable to request usb[type=2 value=5] err=-71
[  371.816375][   T43] peak_usb 4-1:0.0: probe with driver peak_usb failed with error -71
[  371.859796][   T43] usb 4-1: USB disconnect, device number 35
[  372.028568][ T5895] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  372.047867][ T9538] netlink: 16410 bytes leftover after parsing attributes in process `syz.3.967'.
[  372.133663][   T30] audit: type=1400 audit(2000000736.942:529): avc:  denied  { write } for  pid=9539 comm="syz.4.968" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  372.214975][ T5895] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  372.250771][ T5895] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  372.273280][ T5895] usb 1-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  372.283616][ T5895] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  372.299612][ T5895] usb 1-1: config 0 descriptor??
[  372.743410][ T5895] cp2112 0003:10C4:EA90.000D: unknown main item tag 0x0
[  372.776574][ T5895] cp2112 0003:10C4:EA90.000D: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.0-1/input0
[  372.951788][ T5895] cp2112 0003:10C4:EA90.000D: Part Number: 0x82 Device Version: 0xFE
[  372.995114][ T9560] netlink: 'syz.4.975': attribute type 10 has an invalid length.
[  373.007502][ T9560] macvlan1: entered allmulticast mode
[  373.015414][ T9560] veth1_vlan: entered allmulticast mode
[  373.027585][ T9560] team0: Port device macvlan1 added
[  373.134945][ T9564] capability: warning: `syz.4.977' uses deprecated v2 capabilities in a way that may be insecure
[  373.717023][ T5895] cp2112 0003:10C4:EA90.000D: error reading lock byte: -71
[  373.758791][ T5895] usb 1-1: USB disconnect, device number 26
[  373.996319][   T30] audit: type=1400 audit(2000000738.752:530): avc:  denied  { bind } for  pid=9572 comm="syz.4.980" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  374.071387][ T9578] netlink: 'syz.1.982': attribute type 8 has an invalid length.
[  374.081630][   T30] audit: type=1400 audit(2000000738.752:531): avc:  denied  { node_bind } for  pid=9572 comm="syz.4.980" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[  374.101625][ T5827] usb 4-1: new high-speed USB device number 36 using dummy_hcd
[  374.227571][ T5895] IPVS: starting estimator thread 0...
[  374.386825][ T5827] usb 4-1: Using ep0 maxpacket: 16
[  374.406433][ T5827] usb 4-1: no configurations
[  374.412020][ T5827] usb 4-1: can't read configurations, error -22
[  374.457647][ T9589] IPVS: using max 40 ests per chain, 96000 per kthread
[  374.598654][ T5827] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[  374.828494][ T5827] usb 4-1: Using ep0 maxpacket: 16
[  374.874643][ T5827] usb 4-1: no configurations
[  374.882541][ T5827] usb 4-1: can't read configurations, error -22
[  374.893862][ T5827] usb usb4-port1: attempt power cycle
[  375.234635][ T9607] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[  375.249927][ T5827] usb 4-1: new high-speed USB device number 38 using dummy_hcd
[  375.282184][ T5827] usb 4-1: Using ep0 maxpacket: 16
[  375.312929][ T5827] usb 4-1: no configurations
[  375.319104][ T5827] usb 4-1: can't read configurations, error -22
[  375.459871][ T5827] usb 4-1: new high-speed USB device number 39 using dummy_hcd
[  375.493955][ T9618] netlink: 24 bytes leftover after parsing attributes in process `syz.2.999'.
[  375.510687][ T9618] netlink: 'syz.2.999': attribute type 2 has an invalid length.
[  375.530712][ T5827] usb 4-1: Using ep0 maxpacket: 16
[  375.546201][ T5827] usb 4-1: no configurations
[  375.555590][ T5827] usb 4-1: can't read configurations, error -22
[  375.570091][ T5827] usb usb4-port1: unable to enumerate USB device
[  375.611818][ T9622] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1001'.
[  376.186512][ T9612] delete_channel: no stack
[  376.954544][   T30] audit: type=1400 audit(2000000741.762:532): avc:  denied  { ioctl } for  pid=9643 comm="syz.1.1009" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=1271 ioctlcmd=0xf509 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  377.311679][   T30] audit: type=1400 audit(2000000742.112:533): avc:  denied  { execute } for  pid=9660 comm="syz.1.1017" path="/dev/fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  378.239149][   T30] audit: type=1400 audit(2000000743.042:534): avc:  denied  { getopt } for  pid=9683 comm="syz.3.1023" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  378.760861][ T9690] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  378.962392][ T9698] ieee802154 phy0 wpan0: encryption failed: -22
[  378.981900][ T9701] xt_hashlimit: size too large, truncated to 1048576
[  379.029063][ T9695] bridge0: port 2(bridge_slave_1) entered disabled state
[  379.036597][ T9695] bridge0: port 1(bridge_slave_0) entered disabled state
[  379.162168][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  379.173094][ T9695] team0: Port device bond0 removed
[  379.228552][ T9695] batman_adv: batadv0: Removing interface: team0
[  379.830805][ T9695] bridge_slave_0: left allmulticast mode
[  379.837062][ T9695] bridge_slave_0: left promiscuous mode
[  379.846971][ T9695] bridge0: port 1(bridge_slave_0) entered disabled state
[  379.886312][ T9695] bridge_slave_1: left allmulticast mode
[  379.893589][ T9695] bridge_slave_1: left promiscuous mode
[  379.899995][ T9695] bridge0: port 2(bridge_slave_1) entered disabled state
[  380.004622][   T30] audit: type=1400 audit(2000000744.802:535): avc:  denied  { write } for  pid=9718 comm="syz.0.1037" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  380.085198][   T30] audit: type=1400 audit(2000000744.892:536): avc:  denied  { create } for  pid=9721 comm="syz.2.1039" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  380.132220][ T9695] bond0: (slave bond_slave_0): Releasing backup interface
[  380.150059][   T30] audit: type=1400 audit(2000000744.922:537): avc:  denied  { listen } for  pid=9721 comm="syz.2.1039" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  380.197212][   T30] audit: type=1400 audit(2000000744.922:538): avc:  denied  { ioctl } for  pid=9721 comm="syz.2.1039" path="socket:[23220]" dev="sockfs" ino=23220 ioctlcmd=0x89e3 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  380.258443][ T9695] bond0: (slave bond_slave_1): Releasing backup interface
[  380.291528][ T9695] team0: Port device team_slave_0 removed
[  380.324871][ T9695] team0: Port device team_slave_1 removed
[  380.334270][ T9695] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  380.345666][ T9695] batman_adv: batadv0: Removing interface: batadv_slave_0
[  380.363723][ T9695] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  380.382805][ T9695] batman_adv: batadv0: Removing interface: batadv_slave_1
[  380.484966][ T9695] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  380.494309][ T9695] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  380.504886][ T9695] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  380.514366][ T9695] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  380.607162][ T5992] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  382.180951][   T30] audit: type=1400 audit(2000000746.982:539): avc:  denied  { connect } for  pid=9770 comm="syz.3.1054" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  382.258814][   T30] audit: type=1400 audit(2000000747.052:540): avc:  denied  { ioctl } for  pid=9773 comm="syz.2.1056" path="socket:[23311]" dev="sockfs" ino=23311 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  382.369348][ T9779] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1058'.
[  382.489290][ T9787] input: syz0 as /devices/virtual/input/input16
[  382.791017][   T59] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  383.657779][   T30] audit: type=1400 audit(2000000748.432:541): avc:  denied  { read } for  pid=9823 comm="syz.2.1076" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  384.517812][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  385.696066][ T9847] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  387.157739][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  387.177650][ T9872] netlink: 'syz.0.1089': attribute type 3 has an invalid length.
[  388.861044][ T9903] xt_TCPMSS: Only works on TCP SYN packets
[  389.298772][ T9913] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1103'.
[  389.366584][   T30] audit: type=1400 audit(2000000754.173:542): avc:  denied  { connect } for  pid=9916 comm="syz.0.1105" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  390.934294][   T30] audit: type=1400 audit(2000000754.953:543): avc:  denied  { read } for  pid=9928 comm="syz.1.1110" path="socket:[23590]" dev="sockfs" ino=23590 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  391.520842][   T30] audit: type=1400 audit(2000000756.333:544): avc:  denied  { execute } for  pid=9943 comm="syz.0.1115" path="/blkio.bfq.io_wait_time" dev="ramfs" ino=23612 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=file permissive=1
[  391.544274][    C1] vkms_vblank_simulate: vblank timer overrun
[  391.640092][ T5838] Bluetooth: hci2: command 0x0406 tx timeout
[  391.965388][ T5838] Bluetooth: hci1: unexpected cc 0x2039 length: 9 > 1
[  391.973929][ T5838] Bluetooth: hci1: unexpected event for opcode 0x2039
[  392.090692][ T9963] cgroup: fork rejected by pids controller in /syz1
[  392.510015][   T30] audit: type=1400 audit(2000000757.233:545): avc:  denied  { write } for  pid=9960 comm="syz.2.1120" path="socket:[22413]" dev="sockfs" ino=22413 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  392.597356][    C1] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  392.605340][   T30] audit: type=1400 audit(2000000757.233:546): avc:  denied  { setopt } for  pid=9960 comm="syz.2.1120" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  393.271614][   T30] audit: type=1400 audit(2000000758.083:547): avc:  denied  { map } for  pid=10003 comm="syz.3.1125" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  393.294630][    C1] vkms_vblank_simulate: vblank timer overrun
[  393.341714][   T30] audit: type=1400 audit(2000000758.083:548): avc:  denied  { execute } for  pid=10003 comm="syz.3.1125" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  393.365074][    C1] vkms_vblank_simulate: vblank timer overrun
[  393.584603][T10013] usb usb8: usbfs: process 10013 (syz.4.1127) did not claim interface 0 before use
[  393.853307][T10020] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  394.312120][T10026] Oops: general protection fault, probably for non-canonical address 0xdffffc000000000b: 0000 [#1] SMP KASAN NOPTI
[  394.324213][T10026] KASAN: null-ptr-deref in range [0x0000000000000058-0x000000000000005f]
[  394.332637][T10026] CPU: 0 UID: 0 PID: 10026 Comm: syz.4.1130 Not tainted 6.16.0-rc4-syzkaller-00324-g1f988d0788f5 #0 PREEMPT(full) 
[  394.344712][T10026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  394.354762][T10026] RIP: 0010:__list_del_entry_valid_or_report+0x20/0x200
[  394.361707][T10026] Code: 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 b8 00 00 00 00 00 fc ff df 41 54 55 53 48 89 fb 48 83 c7 08 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 8b 01 00 00 48 89 da 48 8b 6b 08 48 b8 00 00 00
[  394.381314][T10026] RSP: 0018:ffffc900043ff300 EFLAGS: 00010202
[  394.387374][T10026] RAX: dffffc0000000000 RBX: 0000000000000050 RCX: ffffc9000d7ad000
[  394.395331][T10026] RDX: 000000000000000b RSI: ffffffff899358dc RDI: 0000000000000058
[  394.403289][T10026] RBP: 0000000000000050 R08: 0000000000000005 R09: 0000000000000000
[  394.411244][T10026] R10: 00000000000affe0 R11: 0000000000000001 R12: ffffffff8ce8d260
[  394.419197][T10026] R13: 0000000000000058 R14: ffffffff8ce8d240 R15: ffff8880546c9000
[  394.427152][T10026] FS:  00007f6a5b61f6c0(0000) GS:ffff888124715000(0000) knlGS:0000000000000000
[  394.436070][T10026] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  394.442640][T10026] CR2: 000000110c31b4d0 CR3: 000000004c3c2000 CR4: 00000000003526f0
[  394.450600][T10026] Call Trace:
[  394.453865][T10026]  <TASK>
[  394.456786][T10026]  drr_qlen_notify+0x24/0x150
[  394.461460][T10026]  qdisc_tree_reduce_backlog+0x221/0x500
[  394.467086][T10026]  hhf_change+0x892/0xde0
[  394.471410][T10026]  ? __pfx_hhf_change+0x10/0x10
[  394.476249][T10026]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  394.482312][T10026]  hhf_init+0x2f1/0x8c0
[  394.486473][T10026]  ? __pfx_hhf_init+0x10/0x10
[  394.491143][T10026]  qdisc_create+0x457/0xfc0
[  394.495636][T10026]  tc_modify_qdisc+0x12bb/0x2130
[  394.500562][T10026]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  394.505842][T10026]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  394.511113][T10026]  rtnetlink_rcv_msg+0x3c9/0xe90
[  394.516046][T10026]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  394.521499][T10026]  ? __lock_acquire+0x622/0x1c90
[  394.526437][T10026]  netlink_rcv_skb+0x155/0x420
[  394.531186][T10026]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  394.536636][T10026]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  394.541906][T10026]  ? netlink_deliver_tap+0x1ae/0xd30
[  394.547183][T10026]  ? is_vmalloc_addr+0x86/0xa0
[  394.551935][T10026]  netlink_unicast+0x53a/0x7f0
[  394.556683][T10026]  ? __pfx_netlink_unicast+0x10/0x10
[  394.561952][T10026]  netlink_sendmsg+0x8d1/0xdd0
[  394.566700][T10026]  ? __pfx_netlink_sendmsg+0x10/0x10
[  394.571970][T10026]  ____sys_sendmsg+0xa95/0xc70
[  394.576723][T10026]  ? copy_msghdr_from_user+0x10a/0x160
[  394.582168][T10026]  ? __pfx_____sys_sendmsg+0x10/0x10
[  394.587436][T10026]  ? __pfx_futex_wake_mark+0x10/0x10
[  394.592707][T10026]  ___sys_sendmsg+0x134/0x1d0
[  394.597372][T10026]  ? __pfx____sys_sendmsg+0x10/0x10
[  394.602579][T10026]  ? __lock_acquire+0x622/0x1c90
[  394.607511][T10026]  __sys_sendmsg+0x16d/0x220
[  394.612090][T10026]  ? __pfx___sys_sendmsg+0x10/0x10
[  394.617188][T10026]  ? __x64_sys_futex+0x1e0/0x4c0
[  394.622129][T10026]  do_syscall_64+0xcd/0x4c0
[  394.626623][T10026]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  394.632500][T10026] RIP: 0033:0x7f6a5a78e929
[  394.636899][T10026] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  394.656491][T10026] RSP: 002b:00007f6a5b61f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  394.664887][T10026] RAX: ffffffffffffffda RBX: 00007f6a5a9b5fa0 RCX: 00007f6a5a78e929
[  394.672842][T10026] RDX: 0000000000004800 RSI: 0000200000000280 RDI: 0000000000000003
[  394.680797][T10026] RBP: 00007f6a5a810b39 R08: 0000000000000000 R09: 0000000000000000
[  394.688749][T10026] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  394.696702][T10026] R13: 0000000000000000 R14: 00007f6a5a9b5fa0 R15: 00007ffe1a534f78
[  394.704658][T10026]  </TASK>
[  394.707658][T10026] Modules linked in:
[  394.711646][T10026] ---[ end trace 0000000000000000 ]---
[  394.717159][T10026] RIP: 0010:__list_del_entry_valid_or_report+0x20/0x200
[  394.724135][T10026] Code: 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 b8 00 00 00 00 00 fc ff df 41 54 55 53 48 89 fb 48 83 c7 08 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 8b 01 00 00 48 89 da 48 8b 6b 08 48 b8 00 00 00
[  394.743750][T10026] RSP: 0018:ffffc900043ff300 EFLAGS: 00010202
[  394.749809][T10026] RAX: dffffc0000000000 RBX: 0000000000000050 RCX: ffffc9000d7ad000
[  394.757770][T10026] RDX: 000000000000000b RSI: ffffffff899358dc RDI: 0000000000000058
[  394.765719][T10026] RBP: 0000000000000050 R08: 0000000000000005 R09: 0000000000000000
[  394.773682][T10026] R10: 00000000000affe0 R11: 0000000000000001 R12: ffffffff8ce8d260
[  394.781639][T10026] R13: 0000000000000058 R14: ffffffff8ce8d240 R15: ffff8880546c9000
[  394.789598][T10026] FS:  00007f6a5b61f6c0(0000) GS:ffff888124715000(0000) knlGS:0000000000000000
[  394.798518][T10026] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  394.805082][T10026] CR2: 000000110c31b4d0 CR3: 000000004c3c2000 CR4: 00000000003526f0
[  394.813050][T10026] Kernel panic - not syncing: Fatal exception in interrupt
[  394.820419][T10026] Kernel Offset: disabled
[  394.824727][T10026] Rebooting in 86400 seconds..