last executing test programs:

1m3.112046491s ago: executing program 0 (id=856):
fanotify_init(0xf00, 0x0)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
close(0x3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x2, 0x8, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x1, 0x1}, 0x18, 0x0)
landlock_restrict_self(r4, 0x0)
landlock_restrict_self(r4, 0x0)
r5 = landlock_create_ruleset(&(0x7f0000000040)={0x1000, 0x3, 0x1}, 0x18, 0x0)
landlock_restrict_self(r5, 0x0)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)

1m1.948023711s ago: executing program 0 (id=859):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r1, 0x0, 0x0, 0x0, <r2=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r0, 0x3ba0, &(0x7f00000001c0)={0x48, 0x2, r1, 0x0, 0x0, 0x0, <r3=>0x0, 0x1})
r4 = socket$kcm(0x23, 0x2, 0x0)
mount(&(0x7f0000000100)=@md0, &(0x7f0000000040)='.\x00', &(0x7f0000000000)='virtiofs\x00', 0x5, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r5}, 0x10)
ioctl$sock_kcm_SIOCKCMATTACH(r4, 0x89ef, &(0x7f0000000000)={r4})
ioctl$IOMMU_HWPT_ALLOC$NONE(r0, 0x3b89, &(0x7f0000000040)={0xfffffffffffffd81, 0x1, r3, r1, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$IOMMU_HWPT_ALLOC$TEST(r0, 0x3b89, &(0x7f0000000000)={0x28, 0x0, r2, r1, <r6=>0x0, 0x0, 0xdead, 0x4, &(0x7f0000000240)})
ioctl$IOMMU_DESTROY$hwpt(r0, 0x3b80, &(0x7f0000000300)={0x8, r6})

1m1.118020378s ago: executing program 0 (id=865):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001080)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="0000000000000000b7020000140000fbb703000000e31f008500000083000000bf090000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000c00)='sys_enter\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000005", @ANYRES32, @ANYBLOB='\x00'/18, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000004b5ac7a4e6d600edaecded3b00"/35], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$binfmt_format(0xffffff9c, &(0x7f0000000040)='/proc/sys/fs/binfmt_misc/syz0\x00', 0x2, 0x0)
write$binfmt_format(r4, &(0x7f0000000100)='-1\x00', 0x2)
close(0x3)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x26, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sendmsg$NLBL_MGMT_C_ADD(0xffffffffffffffff, &(0x7f0000000d80)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NLBL_MGMT_C_VERSION(0xffffffffffffffff, 0x0, 0x20040090)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_MSFILTER(r6, 0x0, 0x30, 0x0, 0x110)
gettid()

1m0.940063098s ago: executing program 0 (id=867):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x891018, 0x0) (fail_nth: 9)

59.922116892s ago: executing program 0 (id=869):
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f00000004c0)=@abs, 0x6e)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000002240)={{}, &(0x7f00000021c0), &(0x7f0000002200)='%-010d \x00'}, 0x20)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001f80)=ANY=[], 0x50)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000001c0)={&(0x7f0000001d00)=ANY=[], 0x1f4}, 0x1, 0x0, 0x0, 0x804}, 0x810)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x6a)
getsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x7, &(0x7f0000000000)=0x1, &(0x7f00000002c0)=0x4)

59.308364014s ago: executing program 0 (id=872):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$dri(0x0, 0x2, 0x9a402)
socket(0x10, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
userfaultfd(0x80001)
syz_open_procfs(0x0, &(0x7f00000000c0)='fdinfo/4\x00') (fail_nth: 6)

58.31236525s ago: executing program 32 (id=872):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$dri(0x0, 0x2, 0x9a402)
socket(0x10, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
userfaultfd(0x80001)
syz_open_procfs(0x0, &(0x7f00000000c0)='fdinfo/4\x00') (fail_nth: 6)

20.987427866s ago: executing program 4 (id=1001):
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
pipe(&(0x7f0000000080))
r0 = syz_io_uring_setup(0x10c, &(0x7f00000000c0)={0x0, 0xf989, 0x400, 0x40000, 0x115}, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
epoll_create1(0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_usbip_server_init(0x4)
syz_usbip_server_init(0x1)
syz_usbip_server_init(0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x3000001, 0x810, r0, 0x0)
syz_usbip_server_init(0x4)
socket$inet6_sctp(0xa, 0x5, 0x84)
syz_usbip_server_init(0x2)
r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
r2 = syz_open_procfs(0x0, &(0x7f0000000200)='net/if_inet6\x00')
mount$9p_fd(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000040), 0x80, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00', @ANYRESHEX=r1, @ANYBLOB=',\x00'])
syz_usbip_server_init(0x2)
syz_usbip_server_init(0x0)
syz_usbip_server_init(0x0)
syz_usbip_server_init(0x3)
socket$inet6_sctp(0xa, 0x5, 0x84)
r3 = syz_io_uring_setup(0x42e6, &(0x7f00000002c0)={0x0, 0x11, 0x10100, 0x2}, &(0x7f0000000040)=<r4=>0x0, &(0x7f0000000140)=<r5=>0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpu.stat\x00', 0x275a, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000001c0))
write$UHID_CREATE2(r6, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r6, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x49, 0x0, 0x0, 0x0, 0x12345, 0x0, 0x0, 0x1})
io_uring_enter(r3, 0x7330, 0x0, 0x0, 0x0, 0x0)

18.805948236s ago: executing program 5 (id=1007):
fanotify_init(0xf00, 0x0)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
close(0x3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x2, 0x8, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x1, 0x1}, 0x18, 0x0)
landlock_restrict_self(r4, 0x0)
landlock_restrict_self(r4, 0x0)
r5 = landlock_create_ruleset(&(0x7f0000000040)={0x1000, 0x3, 0x1}, 0x18, 0x0)
landlock_restrict_self(r5, 0x0)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)

18.451786065s ago: executing program 1 (id=1008):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x8010, 0xffffffffffffffff, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r2 = epoll_create(0x101)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, 0xffffffffffffffff, 0x0)
socket(0x10, 0x3, 0x0)
ioctl$USBDEVFS_CLAIM_PORT(0xffffffffffffffff, 0x80045518, &(0x7f0000000000)=0x1)
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
write$uinput_user_dev(r3, &(0x7f00000005c0)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0xffffffdd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x47b07c7d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd], [0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0xfff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe04, 0x0, 0x0, 0xffff8000, 0x0, 0x0, 0xffffffff], [0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x758, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x7, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9d8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}, 0x45c)
ioctl$UI_DEV_CREATE(r3, 0x5501)
r4 = dup(r3)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000000c0)={0x0, &(0x7f00000001c0)=""/90, 0x0, &(0x7f0000000540), 0x20000000, r4}, 0x38)
r5 = syz_open_dev$vim2m(&(0x7f0000000080), 0xffe, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r5, 0xc058560f, &(0x7f00000000c0)=@mmap={0x1, 0x1, 0x4, 0x0, 0x0, {0x77359400}, {0x0, 0x0, 0x0, 0x5, 0x0, 0x1, "bf631e4b"}})
ioctl$vim2m_VIDIOC_QBUF(r5, 0xc058560f, &(0x7f0000000140)=@multiplanar_mmap={0x0, 0x1, 0x4, 0x0, 0xd, {0x0, 0x2710}, {0x0, 0x0, 0x0, 0x3d, 0x0, 0x0, "a730ba01"}, 0x0, 0x1, {0x0}})
ioctl$vim2m_VIDIOC_STREAMOFF(r5, 0x40045612, &(0x7f0000000000)=0x1)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x6c}}, 0x0)
r6 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000040)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f00020000000905050200067e001009058b1e20"], 0x0)
syz_usb_control_io(r6, 0x0, &(0x7f0000000980)={0x84, &(0x7f0000001b80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r7 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r7, 0xc04064a0, &(0x7f00000003c0)={0x0, &(0x7f0000000300)=[<r8=>0x0], &(0x7f0000000340)=[<r9=>0x0], 0x0, 0x0, 0x1, 0x1})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r7, 0xc01864c6, &(0x7f0000000140)={&(0x7f0000000100)=[r9, r8, r8], 0x3})

18.027539022s ago: executing program 2 (id=1009):
r0 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ppoll(&(0x7f0000000140)=[{r1, 0x8211}], 0x1, 0x0, 0x0, 0x0)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000000)=0x8)
socket$packet(0x11, 0x3, 0x300)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000dc0), r2)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r3, &(0x7f0000000ec0)={0x0, 0x0, &(0x7f0000000e80)={&(0x7f00000003c0)=ANY=[@ANYBLOB="fd0000f1", @ANYRES16=r4, @ANYBLOB="c78025bd7000fbdbdf25250000000a0001007770616e3400000005002a00fc000000"], 0x28}, 0x1, 0x0, 0x0, 0x880}, 0x40010)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x3, 0x1d9}, &(0x7f0000000180), &(0x7f0000000140))
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000240)=ANY=[@ANYRES32, @ANYRES32, @ANYRES32=r5, @ANYRES64=0x0, @ANYRES64], 0x20)
syz_io_uring_setup(0x498b, &(0x7f0000000280)={0x0, 0xe60a, 0x200, 0x0, 0x36a, 0x0, r6}, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
rt_sigaction(0xd, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x100008b}, 0x0)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000300)=0x2)
read$msr(r7, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000840), 0xffffffffffffffff)

17.735775106s ago: executing program 5 (id=1011):
r0 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r0, &(0x7f0000000040)={0x2a, 0x2, 0xfffffffe}, 0xb)
r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(0x0, r2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = syz_open_dev$vim2m(&(0x7f0000000140), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f00000000c0)={0xfc, 0x2, 0x4})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x101041)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000540)={r1, 0x0, &(0x7f0000000340)=""/39}, 0x20)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000380)=ANY=[@ANYBLOB="940000001d00000226bd7000fbdbdf258400050000000000000000000000000000000000000004d32b00000002000000ac14140700000047b35c7de3b393b59a000000000000000000013500000201040006000000ff010000ff000000ac141426000000000000000000000000000004d53c0000000a"], 0x94}, 0x1, 0x0, 0x0, 0x48014}, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r6 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
ioctl$FS_IOC_SETFLAGS(r1, 0x40186f40, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x9)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TLS_TX(r7, 0x6, 0x1, &(0x7f0000000180)=@gcm_128={{0x303}, "df4c26f37e9339cb", "e093298983089d4a21535c9a5c4911eb", "98869f09", "124490ba92c902fd"}, 0x28)
setsockopt$inet6_tcp_int(r7, 0x6, 0x3, &(0x7f0000000000), 0x4)
setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)

16.84509337s ago: executing program 4 (id=1013):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000480), 0x1a1040, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$GIO_CMAP(0xffffffffffffffff, 0x4bfa, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r2, 0x40286608, &(0x7f0000000240)={0x1, 0x9, 0x0, 0x401, 0x5, 0x2})
r4 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r4, &(0x7f00000003c0)=@id={0x1e, 0x3, 0x1, {0x4e22, 0x1}}, 0x10)
ioctl$AUTOFS_IOC_FAIL(r0, 0x4c80, 0x7000000)

16.772145913s ago: executing program 2 (id=1014):
writev(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a300000000040000000030a010200ffe60000000000010000000900030073797a3100000000140004800800024000000000080001400000000009000100b61a834579b682c073797a300000000054000000060a010400000000000000000100000008000b40000000000900010073797a30000000002c0062001c00028008000140000000110800024000000003080003400000002914000000110001000000007cea0000000000000a00"/228], 0xdc}}, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @random="6a2ddcf6177a", @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x5}}}}}}, 0x0)

15.757028644s ago: executing program 4 (id=1015):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140))
sendmsg$BATADV_CMD_SET_MESH(r0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x24}, 0x0)
unshare(0x24040000)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000020017e9c0000000000000000850000007b00"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000080)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xa2, 0x7}}, './file0\x00'})
r5 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0)
ioctl$SG_GET_VERSION_NUM(r5, 0x2284, &(0x7f0000000080))
unshare(0x15ed0d1b0eef5a4b)
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsopen(&(0x7f00000000c0)='ecryptfs\x00', 0x1)

15.718408211s ago: executing program 5 (id=1016):
r0 = memfd_create(&(0x7f0000001200)='-B\xd5NI\xc5j\x9a\b\x00\x00\x00\b\x84\xa2{\x00\v\x18\x00\xca6\x96\x00\x01\x00\x00\x00\x00\x00\x00\x00\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x06\xfb\xb8G\xd1c\xe1$\xff\x97k\xde\xc5\xe96\xdd\xbdQ\x8a\xb4\x9d\xd9\x1d\xa8\xda\x95\x03U)\xc98M\xcd\xfb\xc83\x12\xd7\xdb\x93\xcc]x\xaa\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x05\x81\x01\xe5\x98\r\x1d\xa1\xce\x8b\x19\xea\xef\xe3\x00\x00\x00\x00\x00\x00\x00\x00\x00\xa9\xf0I{\xf0:\xd7\x802\xf3\r|\x86\x82\xdc*\xc3\xafj\xef\x9bF\xa2\xa6\xedA\xb7\x0f\xda\x9d<\xd6l\xbcF\xcb\xec\x83#?\xf4\x81\x16+\x14\xd0\xb8\x88`W\xd9Y\xac^c>\x9f\xc1Jm\x97PQ{\xc0\xf9H\xb2\b\xca_ki\xbf\xf2l&\x8dBc\x01\xcc\xd4\x00\x00\x00\x00', 0x1)
r1 = dup(r0)
r2 = fanotify_init(0x0, 0x0)
fanotify_mark(r2, 0x1, 0x40000031, r1, 0x0)
write$nbd(r1, &(0x7f0000000680)=ANY=[], 0x10)
copy_file_range(r1, &(0x7f0000000040)=0x5, r0, 0x0, 0x36e7, 0x0)
r3 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r4 = syz_open_dev$media(&(0x7f0000000680), 0x8, 0x8000)
ioctl$MEDIA_IOC_REQUEST_ALLOC(r4, 0x80047c05, 0x0)
r5 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x80000, 0x0)
ioctl$PTP_PIN_GETFUNC2(r5, 0xc0603d0f, &(0x7f0000000300)={'\x00', 0x5, 0x0, 0x3})
close_range(r3, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x7e, &(0x7f0000000400)={@broadcast, @random="12ad0800dbde", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @source_quench={0x4, 0x0, 0x0, 0x0, {0x15, 0x4, 0x1, 0x9, 0x48b8, 0x64, 0x7, 0x6, 0x84, 0x80, @private=0xa010100, @local, {[@timestamp_prespec={0x44, 0x4, 0x7c}, @ra={0x94, 0x4, 0x1}, @timestamp_addr={0x44, 0x34, 0xa4, 0x1, 0x1, [{@remote, 0x3}, {@broadcast, 0x3}, {@rand_addr=0x64010100, 0xfffffff2}, {@multicast2, 0xad}, {@remote, 0x1}, {@rand_addr=0x64010100, 0xc}]}, @generic={0x94, 0x2}]}}}}}}}, 0x0)
r6 = pidfd_getfd(0xffffffffffffffff, r3, 0x0)
r7 = syz_io_uring_setup(0x1714, &(0x7f0000000300)={0x0, 0x0, 0x10100, 0x1}, &(0x7f0000000100), &(0x7f0000000080))
r8 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_buf(r8, 0x0, 0x8008000000010, &(0x7f0000005e40), 0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r7, 0x16, &(0x7f0000000380)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1)
io_uring_enter(r7, 0x27e2, 0x0, 0x0, 0x0, 0x0)
r9 = syz_open_dev$dri(&(0x7f0000000300), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r9, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r9, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r10=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r9, 0xc02064b6, &(0x7f00000001c0)={r10, <r11=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r9, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000240)=[<r12=>0x0], &(0x7f0000000040), 0x1, r11})
ioctl$DRM_IOCTL_MODE_ATOMIC(r9, 0xc03864bc, &(0x7f0000000380)={0x201, 0x1, &(0x7f0000000440)=[r12], 0x0, 0x0, &(0x7f0000000040), 0x0, 0x80000000})
ioctl$FICLONERANGE(r6, 0x4020940d, &(0x7f0000000000)={{r7}, 0x7fffffffffffffff, 0x9, 0x9})

15.717922442s ago: executing program 2 (id=1017):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
capset(&(0x7f0000000080)={0x20071026}, 0x0)
syz_clone(0x81c080, &(0x7f0000000400)="d32980c3946accfd301bf02a3e1570e41cf2dc47e41c0be161e46ca48bd1ca9ba8c553e45c51ceae97ec665b815dad85c1741ef484035a7f39551ae42b985033e59b9983d6c0a7bb968a2fda95eb735360df7341da081d71c21c621810e19a01f939138b6c44c221871e0c4493d7220f447473bba10dff9a114e22a1b49df6a8a0ab28ddfe000c20b0a1ac7ff3e9fd8b034b5feb234215775053dbf33f52c15c3d823b239ac94bc99b64a4126e416a029a2b383f1c85778ddd74964021c8e2c8500964aa5259b7ef7ef86168afb158062a8a61921ef13a2cbe107c56f5ee7de15311e4707cfd050133348ad1d4624d672508e0d594c3bca3f455764fa4eedeab9203e332ce35b042d08e4169dd524e43448fb8806eb5", 0x116, &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000300)="8f55dc560e1cad11a201b22ad109393dc6ac1c0f998d226882680ae62a7e16a2483076e54afa7e4e3ac5f46105d746618f3d598ea77a3eb88334f9453d964f8874067a7e44555c92b852155297974c056cbd183513e19e5cd4d9dc0d64544a6f1138a4e8c4112d2e733fba18c8788eb4a508b1a9b71ac462874edbba1872154c6430e586bd944d4b738d6e938db3ad7668d57258a9d210ab9b895c50b6faff4bae337ab7ce28851df91f6ca152c2bb")
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x8501, 0x0)
r3 = socket$l2tp6(0xa, 0x2, 0x73)
setsockopt$inet6_int(r3, 0x29, 0x21, &(0x7f00000000c0)=0x46, 0x4)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000039c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REQ_SET_REG(r4, &(0x7f0000003ac0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000003a00)={0x1c, r5, 0x851, 0x70bd29, 0x25dfdbfd, {}, [@NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x1c}}, 0x20000000)
socket$inet6_udp(0xa, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000180)={r6, &(0x7f0000000100), 0x0, 0x1}, 0x20)
sendmmsg$inet6(r3, &(0x7f0000001640)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
ptrace$setregs(0xf, 0x0, 0xbb6, &(0x7f0000000280)="940a113cc73f1ad4d338b21dd7e3bb233c76e70ca4aa334fd24f9eae70511ccf6b98c3c6676a93fee89a255ad8dff5fc48d65cc1877e1ffc98f4d1d9f5378e0fb2aae9dedbc410e6fbed90f7d1881c1b42a8c60d25d24662252b5e11a0344d772bfcdf2dcfd961c36053eb068d78b864b8beb068d4")

15.239873524s ago: executing program 5 (id=1019):
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x4)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000280)={{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@loopback, 0x0, 0x0, 0xfffc, 0x40, 0x2}, {0x0, 0x0, 0x0, 0x9, 0x40000000000005}, {0x0, 0x0, 0x3fc00}, 0x7ff, 0x0, 0x1, 0x0, 0x0, 0x3}, {{@in=@empty, 0x0, 0x6c}, 0x2, @in6=@mcast1, 0xfffffffd, 0x1, 0x2, 0x0, 0x9075}}, 0xe8)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/protocols\x00')
setsockopt$netrom_NETROM_N2(r2, 0x103, 0x3, &(0x7f000001a240)=0x9, 0x4)
socket$kcm(0xa, 0x2, 0x73)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000001a300)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000001c0)={0x5c, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_MAXELEM={0x8, 0x13, 0x1, 0x0, 0x76ea}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x5c}, 0x1, 0x0, 0x0, 0x24000000}, 0x0)
pread64(r6, &(0x7f0000001240)=""/102400, 0x19000, 0xfffffffffffffffb)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f00000014c0), 0xffffffffffffffff)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r11=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000380)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010000000000000000006600000008000300", @ANYRES32=r11, @ANYBLOB="080026008f0900000800b7"], 0x2c}}, 0x0)

14.468071319s ago: executing program 3 (id=1020):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
r1 = socket$inet6(0xa, 0x5, 0x0)
r2 = landlock_create_ruleset(&(0x7f0000000080)={0x8000, 0x2, 0x1}, 0x18, 0x1)
landlock_add_rule$LANDLOCK_RULE_NET_PORT(r2, 0x2, &(0x7f0000000140)={0x2, 0x80}, 0x0)
setsockopt$inet_int(r1, 0x0, 0xf, &(0x7f0000000340)=0xfffffffffffffff9, 0x4)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000100)=[@in={0x2, 0x0, @loopback}, @in6={0xa, 0x0, 0x0, @private0}], 0x2c)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r1, 0x84, 0x65, &(0x7f0000000000)=[@in6={0xa, 0x4e22, 0xfa9, @mcast1, 0x9}], 0x1c)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0)
syz_emit_ethernet(0x3a, &(0x7f0000000100)={@link_local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x3, 0x0, 0x0, 0x6, 0x0, @empty, @empty}, {{0x30, 0x4e24, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x200, 0x0, 0x0, {[@mss={0x2, 0x4, 0xa005}]}}}}}}}, 0x0)
unshare(0xe48086787e67a7e6)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmsg$nl_generic(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000400)=ANY=[@ANYBLOB="200000002d00091327bd70000000000006"], 0x20}}, 0x84)
ioctl$VIDIOC_S_STD(r0, 0x40085618, &(0x7f0000000040)=0x200)

14.217965045s ago: executing program 5 (id=1021):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x2, &(0x7f0000000140)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @jmp={0x5, 0x1, 0x1, 0x7, 0x3, 0xffffffffffffffc0, 0x8}], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0xffffffb3, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getpgrp(r0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
pidfd_send_signal(r3, 0x16, &(0x7f0000000140)={0x0, 0x20000000, 0xd2000000}, 0x4)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
r5 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = dup(r5)
io_setup(0x19, &(0x7f00000009c0)=<r7=>0x0)
io_submit(r7, 0x1, &(0x7f0000000500)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x5, 0x0, r6, 0x0}])
ioctl$SNDCTL_DSP_SPEED(r5, 0xc0045002, &(0x7f0000000040))
bind$inet(r4, &(0x7f0000000100)={0x2, 0x4e1e, @multicast2}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f00000000c0)='westwood\x00', 0x9)
sendto$inet(r4, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
read$msr(r6, &(0x7f0000000000)=""/27, 0x1b)
recvfrom$inet(r4, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
socket$nl_rdma(0x10, 0x3, 0x14)
socket$key(0xf, 0x3, 0x2)

14.113834056s ago: executing program 3 (id=1022):
r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
symlink(&(0x7f0000000080)='.\x00', &(0x7f0000000240)='./file0\x00')
chmod(&(0x7f0000000180)='./file0\x00', 0x379) (async)
lchown(&(0x7f00000001c0)='./file0\x00', 0xee00, 0x0) (async)
open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0) (async)
close(r0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
r2 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000240)="5c00000015006b47880000d86e6c1d000a887ea6ea65670000000000000090f9c3dc90f8f41f8ecff32c6e020075e300250045586c8da718ad4b4460bc24eab55600000000000000bf9367b4fa51f60a64c9f4d4938037e786a6d0bd", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

11.099992456s ago: executing program 3 (id=1023):
r0 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
pipe2(&(0x7f0000000040)={<r1=>0xffffffffffffffff}, 0x0)
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x12)
r3 = fsopen(&(0x7f00000001c0)='devpts\x00', 0x0)
r4 = socket$kcm(0x23, 0x2, 0x0)
sendmsg$sock(r4, &(0x7f0000000340)={&(0x7f00000002c0)=@phonet, 0x80, &(0x7f0000000180)=[{&(0x7f00000003c0)="a0", 0x1}, {0x0, 0x2}], 0x2}, 0x0)
setrlimit(0x7, &(0x7f0000000400))
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
fsmount(r3, 0x0, 0xf)
fsconfig$FSCONFIG_SET_FLAG(r3, 0x0, &(0x7f0000000040)='ro\x00', 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r3, 0x7, 0x0, 0x0, 0x0)
vmsplice(r2, &(0x7f0000000100)=[{&(0x7f00000000c0)}], 0x1, 0x5)
ioctl$VIDIOC_QUERYMENU(r0, 0xc02c5625, &(0x7f0000000080)={0x3, 0xfffffffd, @name="0a6f05000000000000002b1b18a049330eca050077ff161032b4650a6da4466a"})
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)

9.708777051s ago: executing program 5 (id=1024):
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newqdisc={0x44, 0x24, 0x2, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x0, 0x5}, {0x0, 0x6}, {0xd, 0xd}}, [@qdisc_kind_options=@q_codel={{0xa}, {0x14, 0x2, [@TCA_CODEL_ECN={0x8}, @TCA_CODEL_LIMIT={0x8, 0x2, 0x101}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff752b056800080000faff8141", @ANYRES32=r0, @ANYBLOB="e467a9fde50000faff270012800a00010076786c61"], 0x3}, 0x1, 0x0, 0x0, 0x20008801}, 0x20000050)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, &(0x7f0000000100)={<r3=>0x0, 0x87a}, &(0x7f0000000140)=0x8)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f00000001c0)={r3, 0x9}, 0x8)
socket$nl_route(0x10, 0x3, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000340), 0x535080, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r5 = userfaultfd(0x1)
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'bridge_slave_0\x00', <r7=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)=ANY=[@ANYBLOB="280000b31b000100020300000000000007000000", @ANYRES32=r7, @ANYBLOB="03003e060a000200aaaaaaaaaa1c0000"], 0x28}, 0x1, 0x0, 0x0, 0x20040055}, 0x0)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f00000000c0))
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r5, 0xc028aa05, &(0x7f0000000180)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00003ab000/0x2000)=nil, 0x400000, 0x2, 0x2})
write$char_usb(0xffffffffffffffff, &(0x7f0000000040)="e2", 0x2250)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYRES32=r5], 0x68}}, 0x0)
connect$l2tp6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x7}, 0x20)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x40000, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r10, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0xdddd0000, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)

7.254598306s ago: executing program 3 (id=1025):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
recvmmsg(r0, &(0x7f0000000b40)=[{{&(0x7f0000000000)=@can, 0x80, &(0x7f0000000080), 0x0, &(0x7f00000000c0)=""/136, 0x88}, 0x8001}, {{&(0x7f0000000180)=@nfc, 0x80, &(0x7f0000000440)=[{&(0x7f0000000200)=""/120, 0x78}, {&(0x7f0000000280)=""/19, 0x13}, {&(0x7f00000002c0)=""/122, 0x7a}, {&(0x7f0000000340)=""/128, 0x80}, {&(0x7f00000003c0)=""/127, 0x7f}], 0x5, &(0x7f00000004c0)=""/206, 0xce}, 0xfffffffa}, {{&(0x7f00000005c0)=@can={0x1d, <r1=>0x0}, 0x80, &(0x7f00000006c0)=[{&(0x7f0000000640)=""/93, 0x5d}], 0x1}, 0xe}, {{&(0x7f0000000700)=@alg, 0x80, &(0x7f0000000880)=[{&(0x7f0000000780)=""/205, 0xcd}], 0x1, &(0x7f00000008c0)=""/182, 0xb6}, 0x3}, {{&(0x7f0000000980)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @dev}}}, 0x80, &(0x7f0000000a80)=[{&(0x7f0000000a00)=""/117, 0x75}], 0x1, &(0x7f0000000ac0)=""/99, 0x63}, 0x2}], 0x5, 0x0, &(0x7f0000000c80)={0x0, 0x3938700})
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000d40)={{0x1, <r2=>0xffffffffffffffff}, &(0x7f0000000cc0), &(0x7f0000000d00)='%pK    \x00'}, 0x20)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000e00)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000d80), &(0x7f0000000dc0)='%pi6   \x00'}, 0x20)
r4 = syz_io_uring_setup(0x6249, &(0x7f0000000e40)={0x0, 0x3eda, 0x20000, 0x1, 0x1f0}, &(0x7f0000000ec0), &(0x7f0000000f00))
io_uring_setup(0x6232, &(0x7f0000000f40)={0x0, 0x805d, 0x8000, 0x1, 0x13c, 0x0, r4})
syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000fc0)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x20, 0x18d1, 0x5061, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x8, 0x10, 0x8, [{{0x9, 0x4, 0x0, 0x6, 0x2, 0x3, 0x1, 0x2, 0x1, {0x9, 0x21, 0x10, 0x0, 0x1, {0x22, 0xaf0}}, {{{0x9, 0x5, 0x81, 0x3, 0x400, 0xa, 0x1, 0x1}}}}}]}}]}}, &(0x7f0000001500)={0xa, &(0x7f0000001000)={0xa, 0x6, 0x250, 0x9, 0x10, 0x0, 0x40, 0x80}, 0x5, &(0x7f0000001040)={0x5, 0xf, 0x5}, 0x9, [{0x4, &(0x7f0000001080)=@lang_id={0x4}}, {0x57, &(0x7f00000010c0)=@string={0x57, 0x3, "4ebc7bc1935ca466dce8b017a14deb7b7e86039ed775339abe4c4573ff26eb78691ef8b11959d6f7f48aad3c05b341d250d6d374b9569676a89fc26d11535d1dd715770af85c0b90062789c3e41f8bd887019f3f45"}}, {0x4, &(0x7f0000001140)=@lang_id={0x4, 0x3, 0xc1a}}, {0x4, &(0x7f0000001180)=@lang_id={0x4, 0x3, 0x300a}}, {0xd7, &(0x7f00000011c0)=@string={0xd7, 0x3, "40a62ad9763805e0bcf95e8f27e0bdc68f8643be32d7e43a1295e8402cfea50ce0c70c0600a7bd6d4a6b95e36d7e7ffdd4dc7106a93ad08e519112bff2f575d61c94edc1223fd600bb08cde40bc9758d5d7bd6bf5b46ec1c05866a91ea29aa5bcfa68cbe1ed2ed150800452553a51e6d4ea884b90c57493354430b4c7f9178b8930d717651774acf578a3f80d6ed1b890715486d984c2bea9ac69c972d4187919ae38d3d3dd441f3f342f61e352973e099921732c120aceceb07609ea4c5478974561eb89348dc8417a61128fbcecc2b90eda06869"}}, {0x4, &(0x7f00000012c0)=@lang_id={0x4, 0x3, 0x83e}}, {0x8e, &(0x7f0000001300)=@string={0x8e, 0x3, "21d7e30e391438b46184c039a76ed52e964713c3696dc3b202b12b5c30c405f44f5bd419707e7c0e342f9b4ddfc8a9197fd143fafb173f5db008b182d6f4c3e496a13141c12851a325042b0f285543bcb315a865cb4e47960c878165cfc51475d2300e7ff695366ea4de4ae2f7db2a0afe5fbb7e71d4b9c119649f146ee5a0986a7e9f2e5884ab9016bdaeab"}}, {0xbd, &(0x7f00000013c0)=@string={0xbd, 0x3, "c865069a94b78a453b3d45157414d398010f714091ade593672ecc08b83138853867f2344c6f569ef3a78342b8d76a029308ebc74bffb190caf62cfa9e85546071b80b845a9c4656ab9089764a724401dd2fa558722f5e67e087c7ca9ed017b88508a1dc267f71f6adafa3cbfea5ce45fc0b22e6d41b9058b26b4a939efc4a6e6ee08d5cc662f43023171ddd0d4abedfade960afe4eb4ab5a088a090ca82523ac35bfa04e9e79a07e649f524d7bc33c6bbd6f63cce68153024c208"}}, {0x4b, &(0x7f0000001480)=@string={0x4b, 0x3, "04b2859ede00661a2ffd871ab95b6b4677f9c8f0a4d549364ccc0cc08f330432903ee9c8fdf50d9ccc2b142b2e146bb1293932b776b575bb78f4c7f42cac2f1fae3cd1053cbebe26ff"}}]})
ioctl$BTRFS_IOC_INO_PATHS(r3, 0xc0389423, &(0x7f0000001600)={0x270, 0x38, [0x1c00, 0x8001, 0xf6c, 0x80000001], &(0x7f00000015c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r5 = openat$selinux_user(0xffffffffffffff9c, &(0x7f0000001640), 0x2, 0x0)
pread64(r5, &(0x7f0000001680)=""/5, 0x5, 0x8)
r6 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f00000016c0), 0x2, 0x0)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r6, 0x18, &(0x7f0000001700)={0x100, r2, 0x30, {0x0, 0x9}, 0x3e}, 0x1)
write$P9_RFSYNC(r6, &(0x7f0000001740)={0x7, 0x33, 0x1}, 0x7)
ioctl$EXT4_IOC_SETFSUUID(r5, 0x4008662c, &(0x7f0000001780)={0x10, 0x0, "7cef43e06dff41190f45c3f1024d2166"})
ioctl$PPPIOCSNPMODE(r6, 0x4008744b, &(0x7f00000017c0)={0x3d, 0x3})
ioctl$VIDIOC_SUBDEV_G_FRAME_INTERVAL(r6, 0xc0305615, &(0x7f0000001800)={0x0, {0x9, 0x5}})
sendmsg$RDMA_NLDEV_CMD_SET(r6, &(0x7f0000001900)={&(0x7f0000001840)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000018c0)={&(0x7f0000001880)={0x38, 0x1402, 0x200, 0x70bd29, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_DEV_DIM={0x5}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz2\x00'}, @RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz0\x00'}]}, 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r7, 0x8982, &(0x7f0000001940)={0x1, 'tunl0\x00', {}, 0x7})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r7, 0x89f8, &(0x7f0000001a40)={'syztnl2\x00', &(0x7f00000019c0)={'sit0\x00', <r9=>r1, 0x8000, 0x7800, 0x8, 0x6, {{0x11, 0x4, 0x3, 0x3, 0x44, 0x68, 0x0, 0x13, 0x2d, 0x0, @private=0xa010100, @empty, {[@end, @timestamp={0x44, 0x18, 0xab, 0x0, 0x9, [0x2, 0x0, 0xb, 0xe, 0x7]}, @timestamp_prespec={0x44, 0x14, 0xaa, 0x3, 0x7, [{@broadcast, 0x1}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0xffffffff}]}]}}}}})
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r8, &(0x7f0000001b40)={&(0x7f0000001980)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000001b00)={&(0x7f0000001a80)={0x70, 0x0, 0x300, 0x70bd2c, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x2}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x2ff3e5ea}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x3c, 0x6, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @dev={0xac, 0x14, 0x14, 0x25}}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e20}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x9}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8, 0x7, r9}]}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x8}, @MPTCP_PM_ATTR_ADDR_REMOTE={0x4}]}, 0x70}, 0x1, 0x0, 0x0, 0x4855}, 0xc040)
r10 = signalfd4(r8, &(0x7f0000001b80)={[0x101]}, 0x8, 0x800)
sendmsg$RDMA_NLDEV_CMD_SET(r10, &(0x7f0000001c80)={&(0x7f0000001bc0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000001c40)={&(0x7f0000001c00)={0x28, 0x1402, 0x800, 0x70bd2c, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_DEV_DIM={0x5}, @RDMA_NLDEV_ATTR_DEV_DIM={0x5}, @RDMA_NLDEV_ATTR_DEV_DIM={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0x4004080}, 0x0)
ioctl$SIOCX25SENDCALLACCPT(r10, 0x89e9)
r11 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$sock_inet_SIOCSIFADDR(r11, 0x8916, &(0x7f0000001cc0)={'veth1_to_team\x00', {0x2, 0x4e24, @empty}})
r12 = syz_genetlink_get_family_id$fou(&(0x7f0000001d40), r6)
sendmsg$FOU_CMD_ADD(r10, &(0x7f0000001e40)={&(0x7f0000001d00)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000001e00)={&(0x7f0000001d80)={0x44, r12, 0x100, 0x70bd28, 0x25dfdbff, {}, [@FOU_ATTR_REMCSUM_NOPARTIAL={0x4}, @FOU_ATTR_IPPROTO={0x5, 0x3, 0x73}, @FOU_ATTR_PORT={0x6, 0x1, 0x4e20}, @FOU_ATTR_PORT={0x6, 0x1, 0x4e24}, @FOU_ATTR_LOCAL_V6={0x14, 0x7, @local}]}, 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x93)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r10, 0x84, 0x22, &(0x7f0000001e80)={0x8, 0x6, 0x5, 0x8}, &(0x7f0000001ec0)=0x10)

7.244434247s ago: executing program 1 (id=1026):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000480), 0x1a1040, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$GIO_CMAP(0xffffffffffffffff, 0x4bfa, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r2, 0x40286608, &(0x7f0000000240)={0x1, 0x9, 0x0, 0x401, 0x5, 0x2})
r4 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r4, &(0x7f00000003c0)=@id={0x1e, 0x3, 0x1, {0x4e22, 0x1}}, 0x10)
ioctl$AUTOFS_IOC_FAIL(r0, 0x4c80, 0x7000000)

6.421271867s ago: executing program 4 (id=1027):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x400, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000040), 0x208000, 0x0)
ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r4, 0x8008ae9d, &(0x7f00000001c0)=""/60)
ioctl$KVM_SIGNAL_MSI(r3, 0x4020aea5, &(0x7f0000000180)={0x81aa001, 0xeeef0000, 0x43, 0x1, 0x2})
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback, 0x8}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f0000000680)=@gcm_128={{0x303}, "000037d7009400", "c0b6c5b29ca2b838d41ac2fc7ddf972d", "e9be1eae", "bb10000000000001"}, 0x28)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r6 = socket$kcm(0x10, 0x2, 0x4)
clock_getres(0x5, 0x0)
listen(r0, 0x2)
listen(r5, 0x220c)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r7, 0x0)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r8, 0x0)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r9, 0x0)
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r10, 0x0)
sendmsg$kcm(r6, &(0x7f0000000240)={0x0, 0xf0ffffff, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08060cdc030000007f03e3f7000000006ee2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec0012100001400d0c0c00bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0)

5.343433699s ago: executing program 1 (id=1028):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x18, &(0x7f00000005c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r1, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b8000005f0000000", &(0x7f0000000300)=""/8, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

5.183760643s ago: executing program 1 (id=1029):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, 0x0, 0x0)
prctl$PR_GET_TSC(0x59616d61, &(0x7f0000000040))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f00000002c0), 0x26e014005b545943, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f00000003c0)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r3, &(0x7f0000000300)={0x50, 0x0, r4, {0x7, 0x2b, 0x6, 0x1005, 0xb, 0x11e, 0x81, 0x8, 0x0, 0x0, 0x40, 0x40}}, 0x50)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="18000000", @ANYRES16=r5, @ANYBLOB="31834000ffffef0000001900000004000180"], 0x18}}, 0x0)
r6 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT_DONE(r6, 0x0, 0xc9, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r1, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x24, r5, 0x10, 0x70bd2d, 0x25dfdbfe, {}, [@ETHTOOL_A_COALESCE_RATE_SAMPLE_INTERVAL={0x8, 0x17, 0x10}, @ETHTOOL_A_COALESCE_USE_CQE_MODE_TX={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x24000084}, 0x4004041)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)={0x28, 0x3, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x28}}, 0x20000090)
r8 = syz_open_procfs(0x0, &(0x7f0000000180)='map_files\x00')
fchdir(r8)
sendmsg$key(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x15, 0xdc, 0x7, 0xe, 0x0, 0x70bd28, 0x25dfdbfb, [@sadb_x_policy={0x8, 0x12, 0x1, 0x1, 0x0, 0x6e6bb7, 0x5, {0x6, 0x6c, 0x7, 0x5, 0x0, 0x6, 0x0, @in6=@private2, @in=@broadcast}}, @sadb_lifetime={0x4, 0x2, 0x1000, 0xed5f, 0x3, 0x7}]}, 0x70}}, 0x8090)

5.050692026s ago: executing program 1 (id=1030):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x8, 0x4})
socket(0x10, 0x3, 0x0)
write$sndseq(0xffffffffffffffff, &(0x7f0000000000), 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000400)={0x18, 0x0, {0x2, @local, 'lo\x00'}}, 0xfffffffffffffd12)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x800)
syz_io_uring_setup(0x79b4, &(0x7f0000000300)={0x0, 0x35dd, 0x10, 0x0, 0x1}, &(0x7f00000001c0), &(0x7f0000000140))
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0x9d)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
mlockall(0x1)
mlockall(0x7)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000003c0)={[{@nfs_export_on}]})
mknodat$loop(0xffffffffffffffff, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00')
unlinkat(0xffffffffffffffff, &(0x7f0000000000)='./file1\x00', 0x0)

2.612470045s ago: executing program 2 (id=1031):
recvmmsg(0xffffffffffffffff, &(0x7f0000000b00)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000440)=""/176, 0xb0}], 0x1}, 0x8}], 0x1, 0x2, 0x0)
write$vga_arbiter(0xffffffffffffffff, &(0x7f0000000000)=@unlock_all, 0x7)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000180)=0x3fc9, 0x4)
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000), 0x10, &(0x7f0000000080)={0x0}, 0x8}, 0x0)

2.395906291s ago: executing program 3 (id=1032):
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffffffffffffffff080045000051bb3faf3cc430000000000067907800050000ffffffff21009078120002282500000000000086000000007f00"], 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="00000000000000ffffff7f000000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1, 0x2010, r0, 0xd57ac000)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r1)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCBRDELBR(r2, 0x89a1, &(0x7f0000000000)='macvtap0\x00')
setsockopt$sock_timeval(r1, 0x1, 0x15, &(0x7f0000000040)={0x0, 0xea60}, 0x10)
setsockopt$inet6_tcp_int(r1, 0x6, 0x3, &(0x7f0000000180)=0x400000001, 0x4)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000340), 0xffffffffffffffff)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000040)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000180)=@abs={0x0, 0x0, 0x10000000}, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r7, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="18020000004000000000000000000000850000007d00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000540)=ANY=[@ANYRES32=r9, @ANYRES32=r8, @ANYBLOB='\a\x00'/12, @ANYRES32, @ANYBLOB="78e8a51f032ba2ef4339012bc7d6205540d22c334e355c9c0559efe308f17a960795b6d3852d00", @ANYRES64=0x0], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r9, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r7}, 0x20)
pipe2(&(0x7f00000002c0)={0xffffffffffffffff, <r10=>0xffffffffffffffff}, 0x0)
ioctl$TCSETAW(r10, 0x5407, &(0x7f0000000300)={0x2, 0xfff, 0x3, 0x6, 0x7, "b8dddb9323241281"})

2.172457969s ago: executing program 2 (id=1033):
r0 = io_uring_setup(0x5f41, &(0x7f00000001c0)={0x0, 0x0, 0x2, 0x0, 0x10000000})
r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r3=>0x0})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="8c000000", @ANYRES16=r4, @ANYBLOB="010026bd7000000f73003b00000008000300", @ANYRES32=r3, @ANYBLOB="6d00330080200900ffffffffffff0802110000005050505050505f40ffffffffffffffff6400000201011b0301"], 0x8c}, 0x1, 0x0, 0x0, 0xc0}, 0x4004880)
bind$netrom(r1, &(0x7f0000000000)={{0x6, @rose}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @netrom, @bcast, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null]}, 0x48)
close_range(r0, 0xffffffffffffffff, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x1f, 0x80000, 0x4)
sendmsg$NFT_MSG_GETSETELEM(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000009c0)=ANY=[@ANYBLOB="2c0000000d0a010e000000000000000001f6ffff0800010073797a30000000000900020073797a3200000000"], 0x2c}, 0x1f}, 0x0)

1.214567185s ago: executing program 3 (id=1034):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x2, &(0x7f0000000140)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @jmp={0x5, 0x1, 0x1, 0x7, 0x3, 0xffffffffffffffc0, 0x8}], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0xffffffb3, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getpgrp(r0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
pidfd_send_signal(r3, 0x16, &(0x7f0000000140)={0x0, 0x20000000, 0xd2000000}, 0x4)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
r5 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r6 = dup(r5)
io_setup(0x19, &(0x7f00000009c0)=<r7=>0x0)
io_submit(r7, 0x1, &(0x7f0000000500)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x5, 0x0, r6, 0x0}])
ioctl$SNDCTL_DSP_SPEED(r5, 0xc0045002, &(0x7f0000000040))
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f00000000c0)='westwood\x00', 0x9)
sendto$inet(r4, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
read$msr(r6, &(0x7f0000000000)=""/27, 0x1b)
recvfrom$inet(r4, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
socket$nl_rdma(0x10, 0x3, 0x14)
socket$key(0xf, 0x3, 0x2)

999.367315ms ago: executing program 4 (id=1035):
prlimit64(0x0, 0x7, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYRES8=r0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10) (async)
socket$inet6_mptcp(0xa, 0x1, 0x106) (async)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)

997.755211ms ago: executing program 2 (id=1036):
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$int_in(r1, 0x5452, &(0x7f0000000200)=0xfffffffffffffff7)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x589e42, 0x0)
write$cgroup_pressure(r1, &(0x7f0000000040)={'some', 0x20, 0x2, 0x20, 0xeeb5}, 0x2f)
splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0)

660.149858ms ago: executing program 1 (id=1037):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x8, 0x4})
socket(0x10, 0x3, 0x0)
write$sndseq(0xffffffffffffffff, &(0x7f0000000000), 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000400)={0x18, 0x0, {0x2, @local, 'lo\x00'}}, 0xfffffffffffffd12)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x800)
syz_io_uring_setup(0x79b4, &(0x7f0000000300)={0x0, 0x35dd, 0x10, 0x0, 0x1}, &(0x7f00000001c0), &(0x7f0000000140))
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r3, 0xae03, 0x9d)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
mlockall(0x1)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000003c0)={[{@nfs_export_on}]})
r4 = open(&(0x7f0000000140)='./file0\x00', 0x800, 0x70)
mknodat$loop(r4, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00')
unlinkat(r4, &(0x7f0000000000)='./file1\x00', 0x0)

0s ago: executing program 4 (id=1038):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8919, &(0x7f0000000000)={{0x2, 0x4e23, @multicast2}, {0x1, @multicast}, 0x1d, {0x2, 0x0, @multicast1}, 'vlan0\x00'})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
preadv(r1, &(0x7f00000015c0)=[{0x0}], 0x1, 0x0, 0x0)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000040)={0x1f, 0xffffffffffffffff}, 0x67)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000040)={0x3c, &(0x7f00000000c0)=[{0x7}, {0x3, 0x5, 0x2c, 0x6}, {0xfac3, 0x2, 0x4, 0x2}, {0x77cf, 0x7f, 0x1, 0x80000001}, {0x7, 0x11, 0xcf, 0x7}]})
bind$bt_hci(r2, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r2, &(0x7f0000000040)=ANY=[], 0x6)

kernel console output (not intermixed with test programs):

5830776.697:486): avc:  denied  { ioctl } for  pid=8239 comm="syz.2.604" path="/dev/fb0" dev="devtmpfs" ino=629 ioctlcmd=0x4601 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  250.378587][   T30] audit: type=1400 audit(1745830776.957:487): avc:  denied  { write } for  pid=8261 comm="syz.3.608" name="sg0" dev="devtmpfs" ino=752 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  251.513694][ T8282] sd 0:0:1:0: device reset
[  253.202246][ T8299] vlan2: entered allmulticast mode
[  253.348279][ T8301] xt_l2tp: unknown flags: 17
[  253.490553][ T8299] netlink: 64 bytes leftover after parsing attributes in process `syz.1.617'.
[  253.526311][ T8301] FAULT_INJECTION: forcing a failure.
[  253.526311][ T8301] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  253.552177][ T8303] FAULT_INJECTION: forcing a failure.
[  253.552177][ T8303] name failslab, interval 1, probability 0, space 0, times 0
[  253.573327][ T8301] CPU: 0 UID: 0 PID: 8301 Comm: syz.0.616 Not tainted 6.15.0-rc4-syzkaller #0 PREEMPT(full) 
[  253.573350][ T8301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  253.573359][ T8301] Call Trace:
[  253.573364][ T8301]  <TASK>
[  253.573371][ T8301]  dump_stack_lvl+0x16c/0x1f0
[  253.573392][ T8301]  should_fail_ex+0x512/0x640
[  253.573409][ T8301]  _copy_from_user+0x2e/0xd0
[  253.573424][ T8301]  copy_msghdr_from_user+0x98/0x160
[  253.573441][ T8301]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  253.573464][ T8301]  ___sys_sendmsg+0xfe/0x1d0
[  253.573502][ T8301]  ? __pfx____sys_sendmsg+0x10/0x10
[  253.573534][ T8301]  __sys_sendmsg+0x16d/0x220
[  253.573551][ T8301]  ? __pfx___sys_sendmsg+0x10/0x10
[  253.573571][ T8301]  ? rcu_is_watching+0x12/0xc0
[  253.573587][ T8301]  do_syscall_64+0xcd/0x260
[  253.573601][ T8301]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.573612][ T8301] RIP: 0033:0x7fb45a18e969
[  253.573621][ T8301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  253.573632][ T8301] RSP: 002b:00007fb45afe5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  253.573642][ T8301] RAX: ffffffffffffffda RBX: 00007fb45a3b6080 RCX: 00007fb45a18e969
[  253.573649][ T8301] RDX: 0000000000040000 RSI: 00002000000005c0 RDI: 0000000000000005
[  253.573655][ T8301] RBP: 00007fb45afe5090 R08: 0000000000000000 R09: 0000000000000000
[  253.573662][ T8301] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  253.573668][ T8301] R13: 0000000000000000 R14: 00007fb45a3b6080 R15: 00007fff1ae7f318
[  253.573681][ T8301]  </TASK>
[  253.737390][    C0] vkms_vblank_simulate: vblank timer overrun
[  253.748887][ T8303] CPU: 0 UID: 0 PID: 8303 Comm: syz.1.617 Not tainted 6.15.0-rc4-syzkaller #0 PREEMPT(full) 
[  253.748913][ T8303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  253.748923][ T8303] Call Trace:
[  253.748930][ T8303]  <TASK>
[  253.748937][ T8303]  dump_stack_lvl+0x16c/0x1f0
[  253.748962][ T8303]  should_fail_ex+0x512/0x640
[  253.748982][ T8303]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  253.749012][ T8303]  should_failslab+0xc2/0x120
[  253.749031][ T8303]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  253.749057][ T8303]  ? __alloc_skb+0x2b2/0x380
[  253.749085][ T8303]  __alloc_skb+0x2b2/0x380
[  253.749108][ T8303]  ? __pfx___alloc_skb+0x10/0x10
[  253.749134][ T8303]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  253.749155][ T8303]  netlink_alloc_large_skb+0x69/0x130
[  253.749174][ T8303]  netlink_sendmsg+0x6a1/0xdd0
[  253.749195][ T8303]  ? __pfx_netlink_sendmsg+0x10/0x10
[  253.749221][ T8303]  ____sys_sendmsg+0xa95/0xc70
[  253.749241][ T8303]  ? copy_msghdr_from_user+0x10a/0x160
[  253.749265][ T8303]  ? __pfx_____sys_sendmsg+0x10/0x10
[  253.749295][ T8303]  ___sys_sendmsg+0x134/0x1d0
[  253.749321][ T8303]  ? __pfx____sys_sendmsg+0x10/0x10
[  253.749375][ T8303]  __sys_sendmsg+0x16d/0x220
[  253.749400][ T8303]  ? __pfx___sys_sendmsg+0x10/0x10
[  253.749432][ T8303]  ? rcu_is_watching+0x12/0xc0
[  253.749459][ T8303]  do_syscall_64+0xcd/0x260
[  253.749481][ T8303]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.749504][ T8303] RIP: 0033:0x7fea7338e969
[  253.749518][ T8303] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  253.749534][ T8303] RSP: 002b:00007fea7417c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  253.749552][ T8303] RAX: ffffffffffffffda RBX: 00007fea735b6080 RCX: 00007fea7338e969
[  253.749564][ T8303] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 000000000000000a
[  253.749574][ T8303] RBP: 00007fea7417c090 R08: 0000000000000000 R09: 0000000000000000
[  253.749584][ T8303] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  253.749594][ T8303] R13: 0000000000000000 R14: 00007fea735b6080 R15: 00007ffe0d6c2358
[  253.749617][ T8303]  </TASK>
[  253.963251][    C0] vkms_vblank_simulate: vblank timer overrun
[  255.281447][ T1293] ieee802154 phy0 wpan0: encryption failed: -22
[  255.287982][ T1293] ieee802154 phy1 wpan1: encryption failed: -22
[  255.339030][ T8327] overlayfs: option "index=on" is useless in a non-upper mount, ignore
[  255.362589][ T8328] overlayfs: option "index=on" is useless in a non-upper mount, ignore
[  255.384871][ T8327] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  255.434450][ T8327] overlayfs: missing 'lowerdir'
[  255.439630][ T8328] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  255.503653][ T8328] overlayfs: missing 'lowerdir'
[  255.588977][   T30] audit: type=1400 audit(1745830782.177:488): avc:  denied  { sys_chroot } for  pid=8332 comm="dhcpcd" capability=18  scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1
[  255.610179][    C0] vkms_vblank_simulate: vblank timer overrun
[  255.640392][   T30] audit: type=1400 audit(1745830782.217:489): avc:  denied  { setgid } for  pid=8332 comm="dhcpcd" capability=6  scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1
[  255.661086][    C0] vkms_vblank_simulate: vblank timer overrun
[  256.184038][ T8350] ptrace attach of "./syz-executor exec"[5815] was attempted by "./syz-executor exec"[8350]
[  256.241616][   T30] audit: type=1400 audit(1745830782.797:490): avc:  denied  { accept } for  pid=8345 comm="syz.3.625" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  259.230667][ T1203] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  259.301911][ T8388] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  259.375953][   T30] audit: type=1400 audit(1745830785.967:491): avc:  denied  { mount } for  pid=8379 comm="syz.3.633" name="/" dev="9p" ino=17889801302421081418 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  259.492268][   T30] audit: type=1400 audit(1745830786.077:492): avc:  denied  { unmount } for  pid=5815 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  259.523836][ T1203] usb 1-1: New USB device found, idVendor=110a, idProduct=1450, bcdDevice=c2.c6
[  259.553832][ T1203] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  259.583061][ T1203] usb 1-1: config 0 descriptor??
[  259.807095][ T8406] netlink: 36 bytes leftover after parsing attributes in process `syz.3.637'.
[  259.823957][ T8406] netlink: 36 bytes leftover after parsing attributes in process `syz.3.637'.
[  259.835791][ T8406] netlink: 36 bytes leftover after parsing attributes in process `syz.3.637'.
[  259.878373][ T8409] netlink: 36 bytes leftover after parsing attributes in process `syz.3.637'.
[  259.893805][ T8409] netlink: 36 bytes leftover after parsing attributes in process `syz.3.637'.
[  259.903213][   T58] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  259.914181][ T8409] netlink: 36 bytes leftover after parsing attributes in process `syz.3.637'.
[  260.070604][   T58] usb 3-1: Using ep0 maxpacket: 32
[  260.090921][   T58] usb 3-1: config 0 has an invalid interface number: 48 but max is 0
[  260.099166][   T58] usb 3-1: config 0 has no interface number 0
[  260.195697][   T58] usb 3-1: New USB device found, idVendor=046d, idProduct=0960, bcdDevice=4b.cc
[  260.205193][   T58] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  260.219406][   T58] usb 3-1: Product: syz
[  260.236512][   T58] usb 3-1: Manufacturer: syz
[  260.259427][   T58] usb 3-1: SerialNumber: syz
[  260.325438][   T58] usb 3-1: config 0 descriptor??
[  260.345098][   T58] gspca_main: sunplus-2.14.0 probing 046d:0960
[  260.600841][ T5920] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  260.803100][ T5920] usb 4-1: Using ep0 maxpacket: 32
[  260.809834][ T5920] usb 4-1: config 0 has an invalid interface number: 184 but max is 0
[  260.818651][ T5920] usb 4-1: config 0 has no interface number 0
[  260.825089][ T5920] usb 4-1: config 0 interface 184 has no altsetting 0
[  260.834992][ T5920] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  260.844456][ T5920] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  260.852854][ T5920] usb 4-1: Product: syz
[  261.060701][   T58] gspca_sunplus: reg_w_riv err -110
[  261.089980][   T58] sunplus 3-1:0.48: probe with driver sunplus failed with error -110
[  261.323970][ T1203] mxuport 1-1:0.0: mxuport_recv_ctrl_urb - usb_control_msg failed (-71)
[  261.378486][   T58] usb 3-1: USB disconnect, device number 14
[  261.390318][ T5920] usb 4-1: Manufacturer: syz
[  261.394962][ T5920] usb 4-1: SerialNumber: syz
[  261.400373][ T1203] mxuport 1-1:0.0: probe with driver mxuport failed with error -5
[  261.410601][ T1203] usb 1-1: USB disconnect, device number 4
[  261.418949][ T5920] usb 4-1: config 0 descriptor??
[  261.431007][ T5920] smsc75xx v1.0.0
[  261.579002][ T8426] FAULT_INJECTION: forcing a failure.
[  261.579002][ T8426] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  261.607740][ T8428] openvswitch: netlink: IP tunnel attribute has 16 unknown bytes.
[  261.629197][ T8426] CPU: 1 UID: 0 PID: 8426 Comm: syz.2.642 Not tainted 6.15.0-rc4-syzkaller #0 PREEMPT(full) 
[  261.629230][ T8426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  261.629240][ T8426] Call Trace:
[  261.629246][ T8426]  <TASK>
[  261.629253][ T8426]  dump_stack_lvl+0x16c/0x1f0
[  261.629279][ T8426]  should_fail_ex+0x512/0x640
[  261.629304][ T8426]  _copy_from_user+0x2e/0xd0
[  261.629327][ T8426]  inet_ioctl+0x31c/0x3f0
[  261.629347][ T8426]  ? __pfx_inet_ioctl+0x10/0x10
[  261.629379][ T8426]  ? tomoyo_path_number_perm+0x18d/0x580
[  261.629404][ T8426]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  261.629434][ T8426]  sock_do_ioctl+0x115/0x280
[  261.629453][ T8426]  ? __pfx_sock_do_ioctl+0x10/0x10
[  261.629487][ T8426]  ? ioctl_has_perm.constprop.0.isra.0+0x2f4/0x450
[  261.629513][ T8426]  ? ioctl_has_perm.constprop.0.isra.0+0x2fe/0x450
[  261.629539][ T8426]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  261.629568][ T8426]  sock_ioctl+0x227/0x6b0
[  261.629588][ T8426]  ? __pfx_sock_ioctl+0x10/0x10
[  261.629605][ T8426]  ? hook_file_ioctl_common+0x145/0x410
[  261.629638][ T8426]  ? selinux_file_ioctl+0x180/0x270
[  261.629661][ T8426]  ? selinux_file_ioctl+0xb4/0x270
[  261.629685][ T8426]  ? __pfx_sock_ioctl+0x10/0x10
[  261.629706][ T8426]  __x64_sys_ioctl+0x190/0x200
[  261.629728][ T8426]  do_syscall_64+0xcd/0x260
[  261.629750][ T8426]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.629768][ T8426] RIP: 0033:0x7fdd8f58e969
[  261.629781][ T8426] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  261.629798][ T8426] RSP: 002b:00007fdd904a0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  261.629814][ T8426] RAX: ffffffffffffffda RBX: 00007fdd8f7b5fa0 RCX: 00007fdd8f58e969
[  261.629826][ T8426] RDX: 0000200000000280 RSI: 000000000000890c RDI: 0000000000000005
[  261.629835][ T8426] RBP: 00007fdd904a0090 R08: 0000000000000000 R09: 0000000000000000
[  261.629846][ T8426] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  261.629854][ T8426] R13: 0000000000000000 R14: 00007fdd8f7b5fa0 R15: 00007ffeea52bb48
[  261.629876][ T8426]  </TASK>
[  262.157081][   T30] audit: type=1400 audit(1745830788.627:493): avc:  denied  { write } for  pid=8423 comm="syz.0.641" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  262.421936][ T5920] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[  262.422404][ T8417] xt_l2tp: invalid flags combination: 0
[  262.432824][ T5920] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  263.473049][ T5920] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000010: -71
[  263.507804][ T5920] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to write HW_CFG: -71
[  263.526024][ T5920] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  263.535997][ T5920] smsc75xx 4-1:0.184: probe with driver smsc75xx failed with error -71
[  263.568606][ T5920] usb 4-1: USB disconnect, device number 9
[  264.099727][   T30] audit: type=1400 audit(1745830790.687:494): avc:  denied  { append } for  pid=8446 comm="syz.0.648" name="cec0" dev="devtmpfs" ino=948 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  264.768076][ T8456] netdevsim netdevsim1: Direct firmware load for ./file0 failed with error -2
[  264.777725][ T8456] netdevsim netdevsim1: Falling back to sysfs fallback for: ./file0
[  264.868749][   T30] audit: type=1400 audit(1745830791.447:495): avc:  denied  { setopt } for  pid=8457 comm="syz.0.650" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  265.041642][   T30] audit: type=1400 audit(1745830791.547:496): avc:  denied  { create } for  pid=8457 comm="syz.0.650" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  265.506384][ T2324] pvrusb2: request_firmware fatal error with code=-110
[  265.575961][ T2324] pvrusb2: Failure uploading firmware1
[  265.625805][ T2324] pvrusb2: Device initialization was not successful.
[  265.654002][ T2324] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  265.672027][ T2324] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  265.681452][ T2324] pvrusb2: Failed to submit write-control URB status=-19
[  265.684772][ T5892] pvrusb2: Device being rendered inoperable
[  265.688881][ T2324] usb 2-1: Direct firmware load for v4l-pvrusb2-29xxx-01.fw failed with error -2
[  265.707276][ T2324] usb 2-1: Falling back to sysfs fallback for: v4l-pvrusb2-29xxx-01.fw
[  265.876027][   T30] audit: type=1400 audit(1745830792.457:497): avc:  denied  { ioctl } for  pid=8478 comm="syz.1.654" path="/dev/vhost-net" dev="devtmpfs" ino=1274 ioctlcmd=0xaf00 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  266.060371][   T58] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  266.340327][   T58] usb 1-1: Using ep0 maxpacket: 16
[  266.351526][   T58] usb 1-1: config 0 interface 0 has no altsetting 0
[  266.358216][   T58] usb 1-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00
[  266.389265][   T58] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  266.410087][   T58] usb 1-1: config 0 descriptor??
[  266.460548][ T1203] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  266.685046][ T1203] usb 4-1: config 1 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 255
[  266.715166][ T1203] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  266.844767][ T8499] netlink: 8 bytes leftover after parsing attributes in process `syz.2.660'.
[  266.866353][ T8499] netlink: 8 bytes leftover after parsing attributes in process `syz.2.660'.
[  266.890717][ T1203] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  266.954721][ T1203] usb 4-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00
[  266.986456][ T1203] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  267.008962][   T58] input: HID 0458:5013 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0458:5013.0004/input/input13
[  267.011053][ T1203] usb-storage 4-1:1.0: USB Mass Storage device detected
[  267.061638][   T30] audit: type=1400 audit(1745830793.647:498): avc:  denied  { remount } for  pid=8501 comm="syz.1.662" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  267.216261][ T1203] usb-storage 4-1:1.0: Quirks match for vid 1908 pid 1315: 20000
[  267.233732][ T8477] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  267.328132][ T8477] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  267.390107][   T58] input: HID 0458:5013 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0458:5013.0004/input/input14
[  267.427624][ T8477] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  267.441136][ T8477] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  267.465914][   T58] kye 0003:0458:5013.0004: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0458:5013] on usb-dummy_hcd.0-1/input0
[  267.505931][   T58] usb 1-1: USB disconnect, device number 5
[  267.580091][ T8489] fuse: Bad value for 'user_id'
[  267.592247][ T8489] fuse: Bad value for 'user_id'
[  267.626496][ T8509] netlink: 16 bytes leftover after parsing attributes in process `syz.4.663'.
[  267.642676][ T8489] netlink: 156 bytes leftover after parsing attributes in process `syz.3.658'.
[  267.654778][ T8509] netlink: 16 bytes leftover after parsing attributes in process `syz.4.663'.
[  267.689439][ T5920] usb 4-1: USB disconnect, device number 10
[  267.701484][ T8509] netlink: 16 bytes leftover after parsing attributes in process `syz.4.663'.
[  267.749197][ T8509] netlink: 16 bytes leftover after parsing attributes in process `syz.4.663'.
[  267.761614][ T8509] netlink: 16 bytes leftover after parsing attributes in process `syz.4.663'.
[  267.773198][ T8509] netlink: 16 bytes leftover after parsing attributes in process `syz.4.663'.
[  267.824002][ T8509] netlink: 16 bytes leftover after parsing attributes in process `syz.4.663'.
[  268.130425][ T5920] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  268.281953][ T5920] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  268.303831][ T5920] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  268.331775][ T5920] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  268.345341][ T5920] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  268.374470][ T5920] usb 5-1: SerialNumber: syz
[  268.850399][   T30] audit: type=1400 audit(1745830795.397:499): avc:  denied  { append } for  pid=8513 comm="syz.4.664" name="loop7" dev="devtmpfs" ino=654 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  268.873935][    C1] vkms_vblank_simulate: vblank timer overrun
[  269.026868][ T5920] usb 5-1: 0:2 : does not exist
[  269.032082][ T5920] usb 5-1: unit 1 not found!
[  269.060533][ T5920] usb 5-1: USB disconnect, device number 9
[  269.127296][ T5924] udevd[5924]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  269.849285][   T30] audit: type=1400 audit(1745830796.287:500): avc:  denied  { map } for  pid=8536 comm="syz.3.672" path="socket:[17334]" dev="sockfs" ino=17334 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[  269.872238][    C1] vkms_vblank_simulate: vblank timer overrun
[  271.070353][   T30] audit: type=1800 audit(1745830797.647:501): pid=8558 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.4.677" name="/" dev="fuse" ino=0 res=0 errno=0
[  272.348362][   T30] audit: type=1400 audit(1745830798.938:502): avc:  denied  { setopt } for  pid=8578 comm="syz.1.682" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  272.520187][   T30] audit: type=1400 audit(1745830798.938:503): avc:  denied  { connect } for  pid=8578 comm="syz.1.682" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  273.708747][   T30] audit: type=1400 audit(1745830800.298:504): avc:  denied  { shutdown } for  pid=8598 comm="syz.4.686" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  273.849501][   T30] audit: type=1400 audit(1745830800.438:505): avc:  denied  { mount } for  pid=8600 comm="syz.3.687" name="/" dev="autofs" ino=18523 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  273.960247][    T9] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  274.141866][    T9] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  274.163477][    T9] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  274.186201][    T9] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  274.250988][    T9] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  274.742861][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  274.751637][    T9] usb 5-1: Product: syz
[  274.756161][    T9] usb 5-1: Manufacturer: syz
[  274.761062][    T9] usb 5-1: SerialNumber: syz
[  274.994956][    T9] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 10 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  275.127197][   T30] audit: type=1400 audit(1745830801.718:506): avc:  denied  { write } for  pid=8612 comm="syz.3.691" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  275.195949][   T30] audit: type=1400 audit(1745830801.788:507): avc:  denied  { read write } for  pid=8598 comm="syz.4.686" name="lp0" dev="devtmpfs" ino=2925 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1
[  275.457720][   T30] audit: type=1400 audit(1745830801.788:508): avc:  denied  { open } for  pid=8598 comm="syz.4.686" path="/dev/usb/lp0" dev="devtmpfs" ino=2925 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1
[  276.406996][    T9] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  276.578687][    T9] usb 4-1: Using ep0 maxpacket: 16
[  276.601928][    T9] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 8
[  276.613333][    T9] usb 4-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  276.639198][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  276.665009][    T9] usb 4-1: Product: syz
[  276.669274][    T9] usb 4-1: Manufacturer: syz
[  276.689989][    T9] usb 4-1: SerialNumber: syz
[  276.709766][    T9] usb 4-1: config 0 descriptor??
[  276.722537][    T9] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected
[  276.740232][   T24] usb 5-1: USB disconnect, device number 10
[  276.746642][    T9] usb 4-1: Detected FT232R
[  276.774757][   T24] usblp0: removed
[  276.955331][    T9] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  277.064048][   T30] audit: type=1400 audit(1745830803.578:509): avc:  denied  { ioctl } for  pid=8634 comm="syz.4.699" path="socket:[17879]" dev="sockfs" ino=17879 ioctlcmd=0x8923 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  277.626202][    T9] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  277.644622][   T30] audit: type=1400 audit(1745830804.238:510): avc:  denied  { read } for  pid=8641 comm="syz.1.701" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  277.660773][    T9] usb 4-1: USB disconnect, device number 11
[  277.710176][    T9] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  277.733776][    T9] ftdi_sio 4-1:0.0: device disconnected
[  279.228197][ T1203] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  279.471023][ T1203] usb 1-1: Using ep0 maxpacket: 16
[  279.489241][ T1203] usb 1-1: config 0 has an invalid interface number: 145 but max is 0
[  279.502753][ T1203] usb 1-1: config 0 has no interface number 0
[  279.531445][ T1203] usb 1-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25
[  279.573301][ T1203] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  279.583120][ T1203] usb 1-1: Product: syz
[  279.587472][ T1203] usb 1-1: Manufacturer: syz
[  279.592850][ T1203] usb 1-1: SerialNumber: syz
[  279.601566][ T1203] usb 1-1: config 0 descriptor??
[  279.633406][ T1203] hub 1-1:0.145: bad descriptor, ignoring hub
[  279.659792][ T1203] hub 1-1:0.145: probe with driver hub failed with error -5
[  279.682820][ T1203] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.145/input/input15
[  280.194098][   T24] usb 5-1: new low-speed USB device number 11 using dummy_hcd
[  280.420007][   T24] usb 5-1: device descriptor read/64, error -71
[  280.660131][   T24] usb 5-1: new low-speed USB device number 12 using dummy_hcd
[  280.909904][   T24] usb 5-1: device descriptor read/64, error -71
[  281.041602][   T24] usb usb5-port1: attempt power cycle
[  281.489793][   T24] usb 5-1: new low-speed USB device number 13 using dummy_hcd
[  282.107281][ T8697] FAULT_INJECTION: forcing a failure.
[  282.107281][ T8697] name failslab, interval 1, probability 0, space 0, times 0
[  282.137046][ T8697] CPU: 1 UID: 0 PID: 8697 Comm: syz.2.716 Not tainted 6.15.0-rc4-syzkaller #0 PREEMPT(full) 
[  282.137073][ T8697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  282.137083][ T8697] Call Trace:
[  282.137089][ T8697]  <TASK>
[  282.137096][ T8697]  dump_stack_lvl+0x16c/0x1f0
[  282.137123][ T8697]  should_fail_ex+0x512/0x640
[  282.137144][ T8697]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  282.137173][ T8697]  should_failslab+0xc2/0x120
[  282.137190][ T8697]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  282.137216][ T8697]  ? mas_alloc_nodes+0x18b/0x8b0
[  282.137237][ T8697]  mas_alloc_nodes+0x18b/0x8b0
[  282.137260][ T8697]  mas_node_count_gfp+0x105/0x130
[  282.137279][ T8697]  mas_preallocate+0x53e/0xcd0
[  282.137305][ T8697]  ? __pfx_mas_preallocate+0x10/0x10
[  282.137334][ T8697]  ? vm_area_alloc+0x1f/0x160
[  282.137357][ T8697]  ? lockdep_init_map_type+0x5c/0x280
[  282.137385][ T8697]  __mmap_region+0x139b/0x27c0
[  282.137403][ T8697]  ? __pfx___mmap_region+0x10/0x10
[  282.137417][ T8697]  ? finish_task_switch.isra.0+0x2fa/0xc10
[  282.137443][ T8697]  ? __schedule+0x1186/0x5de0
[  282.137506][ T8697]  ? mm_get_unmapped_area_vmflags+0x97/0xe0
[  282.137537][ T8697]  mmap_region+0x1ab/0x3f0
[  282.137557][ T8697]  do_mmap+0xd8e/0x11b0
[  282.137583][ T8697]  ? __pfx_do_mmap+0x10/0x10
[  282.137604][ T8697]  ? __pfx_down_write_killable+0x10/0x10
[  282.137631][ T8697]  vm_mmap_pgoff+0x281/0x450
[  282.137663][ T8697]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  282.137681][ T8697]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  282.137713][ T8697]  ksys_mmap_pgoff+0x1c8/0x5c0
[  282.137737][ T8697]  __x64_sys_mmap+0x125/0x190
[  282.137759][ T8697]  do_syscall_64+0xcd/0x260
[  282.137780][ T8697]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  282.137796][ T8697] RIP: 0033:0x7fdd8f58e969
[  282.137811][ T8697] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  282.137827][ T8697] RSP: 002b:00007fdd9047f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  282.137844][ T8697] RAX: ffffffffffffffda RBX: 00007fdd8f7b6080 RCX: 00007fdd8f58e969
[  282.137856][ T8697] RDX: 0000000003000003 RSI: 0000000000400000 RDI: 0000200000000000
[  282.137867][ T8697] RBP: 00007fdd9047f090 R08: ffffffffffffffff R09: 0000000000000000
[  282.137878][ T8697] R10: 000200000006c832 R11: 0000000000000246 R12: 0000000000000002
[  282.137889][ T8697] R13: 0000000000000001 R14: 00007fdd8f7b6080 R15: 00007ffeea52bb48
[  282.137913][ T8697]  </TASK>
[  282.471396][ T8699] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  282.484420][   T24] usb 5-1: device descriptor read/8, error -71
[  282.548327][ T8699] bond1: entered allmulticast mode
[  283.931112][ T5920] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  284.108107][ T5920] usb 4-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  284.263417][ T8726] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  284.299753][ T5920] usb 4-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18
[  284.456499][ T1203] usb 1-1: USB disconnect, device number 6
[  284.471759][ T5920] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  284.504522][ T5920] gspca_main: stv0680-2.14.0 probing 041e:4007
[  285.648907][   T30] audit: type=1400 audit(1745830812.228:511): avc:  denied  { create } for  pid=8738 comm="syz.4.729" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  285.729589][   T30] audit: type=1400 audit(1745830812.288:512): avc:  denied  { allowed } for  pid=8738 comm="syz.4.729" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  285.756454][ T8742] (unnamed net_device) (uninitialized): Unable to set peer notification delay as MII monitoring is disabled
[  285.826458][ T8745] sd 0:0:1:0: device reset
[  285.831148][ T5920] gspca_stv0680: usb_control_msg error 0, request = 0x88, error = -71
[  285.839491][ T5920] stv0680 4-1:4.0: STV(e): camera ping failed!!
[  285.846107][ T5920] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71
[  285.877175][ T5920] stv0680 4-1:4.0: last error: 0,  command = 0x0
[  285.975827][ T5920] usb 4-1: USB disconnect, device number 12
[  286.301385][ T5865] usb 5-1: new full-speed USB device number 15 using dummy_hcd
[  286.581628][ T5865] usb 5-1: config 4 has an invalid interface number: 44 but max is 0
[  287.425946][ T5865] usb 5-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  287.445465][   T30] audit: type=1400 audit(1745830814.038:513): avc:  denied  { append } for  pid=8753 comm="syz.3.734" name="card1" dev="devtmpfs" ino=628 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  287.468475][    C1] vkms_vblank_simulate: vblank timer overrun
[  287.699626][ T5865] usb 5-1: config 4 has no interface number 0
[  287.706777][ T8762] SELinux:  Context system_u:object_r:var_auth_t:s0 is not valid (left unmapped).
[  287.717594][ T5865] usb 5-1: config 4 interface 44 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  287.723610][   T30] audit: type=1400 audit(1745830814.308:514): avc:  denied  { relabelto } for  pid=8758 comm="syz.0.736" name="syz0" dev="cgroup2" ino=96 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:var_auth_t:s0"
[  287.756540][    C1] vkms_vblank_simulate: vblank timer overrun
[  287.810192][ T5865] usb 5-1: New USB device found, idVendor=1044, idProduct=7001, bcdDevice= 5.20
[  287.822349][ T5865] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  287.879403][   T30] audit: type=1400 audit(1745830814.388:515): avc:  denied  { associate } for  pid=8758 comm="syz.0.736" name="syz0" dev="cgroup2" ino=96 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 srawcon="system_u:object_r:var_auth_t:s0"
[  287.906376][    C1] vkms_vblank_simulate: vblank timer overrun
[  287.938864][ T5865] usb 5-1: Product: syz
[  287.945636][ T5865] usb 5-1: Manufacturer: syz
[  287.951583][ T5865] usb 5-1: SerialNumber: syz
[  288.847878][ T5865] dvb-usb: found a 'Gigabyte U7000' in cold state, will try to load a firmware
[  288.903486][ T5865] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[  288.914316][   T30] audit: type=1400 audit(1745830815.508:516): avc:  denied  { connect } for  pid=8772 comm="syz.1.738" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  288.953227][ T5865] dib0700: firmware download failed at 7 with -22
[  288.966783][   T30] audit: type=1400 audit(1745830815.558:517): avc:  denied  { accept } for  pid=8772 comm="syz.1.738" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  288.975168][ T5865] usb 5-1: USB disconnect, device number 15
[  288.986010][    C1] vkms_vblank_simulate: vblank timer overrun
[  289.683270][ T8784] __nla_validate_parse: 2 callbacks suppressed
[  289.683292][ T8784] netlink: 16 bytes leftover after parsing attributes in process `syz.2.741'.
[  290.419514][ T8799] xt_bpf: check failed: parse error
[  290.571727][   T30] audit: type=1400 audit(1745830817.159:518): avc:  denied  { connect } for  pid=8806 comm="syz.1.747" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  290.593394][   T24] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  290.646956][   T30] audit: type=1400 audit(1745830817.159:519): avc:  denied  { bind } for  pid=8806 comm="syz.1.747" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  290.727694][   T30] audit: type=1400 audit(1745830817.159:520): avc:  denied  { write } for  pid=8806 comm="syz.1.747" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  290.833661][   T24] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  290.846872][   T24] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  290.921525][   T24] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  290.941767][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  290.960807][ T8796] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  290.977276][   T24] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  290.987478][ T8822] FAULT_INJECTION: forcing a failure.
[  290.987478][ T8822] name failslab, interval 1, probability 0, space 0, times 0
[  291.056575][ T8822] CPU: 1 UID: 0 PID: 8822 Comm: syz.3.750 Not tainted 6.15.0-rc4-syzkaller #0 PREEMPT(full) 
[  291.056603][ T8822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  291.056613][ T8822] Call Trace:
[  291.056619][ T8822]  <TASK>
[  291.056626][ T8822]  dump_stack_lvl+0x16c/0x1f0
[  291.056657][ T8822]  should_fail_ex+0x512/0x640
[  291.056679][ T8822]  ? fs_reclaim_acquire+0xae/0x150
[  291.056703][ T8822]  ? tomoyo_encode2+0x100/0x3e0
[  291.056725][ T8822]  should_failslab+0xc2/0x120
[  291.056743][ T8822]  __kmalloc_noprof+0xd2/0x510
[  291.056769][ T8822]  ? d_absolute_path+0x136/0x1a0
[  291.056795][ T8822]  tomoyo_encode2+0x100/0x3e0
[  291.056821][ T8822]  tomoyo_encode+0x29/0x50
[  291.056842][ T8822]  tomoyo_realpath_from_path+0x18f/0x6e0
[  291.056873][ T8822]  tomoyo_path_number_perm+0x245/0x580
[  291.056893][ T8822]  ? tomoyo_path_number_perm+0x237/0x580
[  291.056915][ T8822]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  291.056937][ T8822]  ? find_held_lock+0x2b/0x80
[  291.056980][ T8822]  ? find_held_lock+0x2b/0x80
[  291.056999][ T8822]  ? hook_file_ioctl_common+0x145/0x410
[  291.057031][ T8822]  ? __fget_files+0x20e/0x3c0
[  291.057061][ T8822]  security_file_ioctl+0x9b/0x240
[  291.057086][ T8822]  __x64_sys_ioctl+0xb7/0x200
[  291.057110][ T8822]  do_syscall_64+0xcd/0x260
[  291.057132][ T8822]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  291.057149][ T8822] RIP: 0033:0x7f43e218e969
[  291.057163][ T8822] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  291.057179][ T8822] RSP: 002b:00007f43e3002038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  291.057197][ T8822] RAX: ffffffffffffffda RBX: 00007f43e23b5fa0 RCX: 00007f43e218e969
[  291.057208][ T8822] RDX: 0000200000000940 RSI: 00000000c0205647 RDI: 0000000000000003
[  291.057219][ T8822] RBP: 00007f43e3002090 R08: 0000000000000000 R09: 0000000000000000
[  291.057229][ T8822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  291.057238][ T8822] R13: 0000000000000000 R14: 00007f43e23b5fa0 R15: 00007ffc9c6578a8
[  291.057262][ T8822]  </TASK>
[  291.057278][ T8822] ERROR: Out of memory at tomoyo_realpath_from_path.
[  292.131348][ T8825] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  292.154807][ T8796] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  292.428878][   T30] audit: type=1400 audit(1745830819.019:521): avc:  denied  { read } for  pid=8812 comm="syz.4.749" name="file0" dev="tmpfs" ino=717 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  292.435857][ T8796] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  292.451044][    C1] vkms_vblank_simulate: vblank timer overrun
[  292.699615][ T8796] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  292.741028][ T8796] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  293.056562][   T30] audit: type=1400 audit(1745830819.649:522): avc:  denied  { setattr } for  pid=8844 comm="syz.3.754" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  293.641433][   T30] audit: type=1400 audit(1745830819.679:523): avc:  denied  { read write } for  pid=8844 comm="syz.3.754" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  293.736733][   T30] audit: type=1400 audit(1745830819.679:524): avc:  denied  { open } for  pid=8844 comm="syz.3.754" path="/161/file0" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  293.838872][ T8857] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  293.869634][   T30] audit: type=1804 audit(1745830819.689:525): pid=8849 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.3.754" name="/newroot/161/file0" dev="9p" ino=2 res=1 errno=0
[  293.923102][ T8857] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  294.101710][   T30] audit: type=1400 audit(1745830819.849:526): avc:  denied  { write } for  pid=8845 comm="syz.1.755" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  294.147187][   T30] audit: type=1400 audit(1745830819.849:527): avc:  denied  { open } for  pid=8845 comm="syz.1.755" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  294.171342][   T30] audit: type=1400 audit(1745830819.849:528): avc:  denied  { ioctl } for  pid=8845 comm="syz.1.755" path="/dev/nullb0" dev="devtmpfs" ino=696 ioctlcmd=0x127f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  294.755286][   T58] usb 3-1: USB disconnect, device number 15
[  295.604277][ T8878] netlink: 'syz.0.761': attribute type 1 has an invalid length.
[  295.614710][ T8878] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  295.622318][ T8878] IPv6: NLM_F_CREATE should be set when creating new route
[  296.232856][ T1203] kernel read not supported for file /dsp1 (pid: 1203 comm: kworker/0:2)
[  296.324818][   T30] audit: type=1400 audit(1745830822.919:529): avc:  denied  { ioctl } for  pid=8879 comm="syz.3.762" path="socket:[19317]" dev="sockfs" ino=19317 ioctlcmd=0x9425 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  296.805916][ T8904] SELinux: syz.2.767 (8904) set checkreqprot to 1. This is no longer supported.
[  296.826049][   T30] audit: type=1400 audit(1745830823.399:530): avc:  denied  { setcheckreqprot } for  pid=8900 comm="syz.2.767" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  296.855218][ T8910] netlink: 8 bytes leftover after parsing attributes in process `syz.1.768'.
[  296.864516][   T30] audit: type=1400 audit(1745830823.449:531): avc:  denied  { write } for  pid=8900 comm="syz.2.767" name="fd" dev="proc" ino=19336 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  298.555134][ T8965] input: syz1 as /devices/virtual/input/input16
[  298.692266][ T8968] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  298.775228][ T5865] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  298.978881][ T5865] usb 3-1: Using ep0 maxpacket: 8
[  298.993149][ T5865] usb 3-1: config 179 has an invalid interface number: 65 but max is 0
[  299.007951][ T5865] usb 3-1: config 179 has no interface number 0
[  299.032200][ T5865] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 64, changing to 10
[  299.089013][ T5865] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 1029, setting to 1024
[  299.155562][ T5865] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  299.231806][ T5865] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[  299.270359][ T9003] block device autoloading is deprecated and will be removed.
[  299.283571][ T5865] usb 3-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  299.310365][ T9003] syz.3.778: attempt to access beyond end of device
[  299.310365][ T9003] md2: rw=2048, sector=0, nr_sectors = 8 limit=0
[  299.356077][ T5865] usb 3-1: config 179 interface 65 has no altsetting 0
[  299.358667][   T30] audit: type=1400 audit(1745830825.949:532): avc:  denied  { write } for  pid=9002 comm="syz.3.778" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  299.370328][ T1203] usb 1-1: new full-speed USB device number 7 using dummy_hcd
[  299.402903][ T5865] usb 3-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  299.432211][ T5865] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  299.498943][ T8955] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  299.574316][ T5865] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:179.65/input/input17
[  299.594678][ T1203] usb 1-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[  299.798261][ T9024] netlink: 4 bytes leftover after parsing attributes in process `syz.3.779'.
[  299.829746][   T30] audit: type=1400 audit(1745830826.389:533): avc:  denied  { name_bind } for  pid=9016 comm="syz.3.779" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  300.157384][ T1203] usb 1-1: New USB device found, idVendor=7a69, idProduct=0001, bcdDevice=a8.6b
[  300.323693][   T30] audit: type=1400 audit(1745830826.389:534): avc:  denied  { bind } for  pid=9016 comm="syz.3.779" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  300.568695][ T1203] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  300.614050][ T1203] usb 1-1: Product: syz
[  300.636471][ T1203] usb 1-1: Manufacturer: syz
[  300.667627][ T1203] usb 1-1: SerialNumber: syz
[  300.714180][ T1203] usb 1-1: dvb_usb_v2: found a '774 Friio White ISDB-T USB2.0' in warm state
[  300.833741][   T30] audit: type=1400 audit(1745830827.429:535): avc:  denied  { create } for  pid=9034 comm="syz.4.780" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_dnrt_socket permissive=1
[  300.967465][ T9040] netlink: 40 bytes leftover after parsing attributes in process `syz.0.777'.
[  301.381940][ T9040] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  301.394576][ T1203] usb 1-1: dvb_usb_v2: this USB2.0 device cannot be run on a USB1.1 port (it lacks a hardware PID filter)
[  301.410878][ T9040] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  301.574071][   T58] usb 3-1: USB disconnect, device number 16
[  301.574072][    C0] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  301.588684][   T58] xpad 3-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  302.162081][ T9075] FAULT_INJECTION: forcing a failure.
[  302.162081][ T9075] name failslab, interval 1, probability 0, space 0, times 0
[  302.215856][   T30] audit: type=1400 audit(1745830828.809:536): avc:  denied  { create } for  pid=9076 comm="syz.1.785" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  302.253627][ T9075] CPU: 1 UID: 0 PID: 9075 Comm: syz.4.783 Not tainted 6.15.0-rc4-syzkaller #0 PREEMPT(full) 
[  302.253652][ T9075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  302.253662][ T9075] Call Trace:
[  302.253667][ T9075]  <TASK>
[  302.253674][ T9075]  dump_stack_lvl+0x16c/0x1f0
[  302.253697][ T9075]  should_fail_ex+0x512/0x640
[  302.253717][ T9075]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  302.253742][ T9075]  should_failslab+0xc2/0x120
[  302.253758][ T9075]  __kmalloc_cache_noprof+0x6a/0x3e0
[  302.253778][ T9075]  ? __pfx_down_write_killable+0x10/0x10
[  302.253797][ T9075]  ? alloc_ldt_struct+0x5d/0x1a0
[  302.253819][ T9075]  alloc_ldt_struct+0x5d/0x1a0
[  302.253838][ T9075]  write_ldt+0x3c0/0xc30
[  302.253856][ T9075]  ? __fget_files+0x20e/0x3c0
[  302.253883][ T9075]  ? __pfx_write_ldt+0x10/0x10
[  302.253902][ T9075]  ? fput+0x70/0xf0
[  302.253920][ T9075]  ? ksys_write+0x1b9/0x240
[  302.253941][ T9075]  ? __pfx_ksys_write+0x10/0x10
[  302.253962][ T9075]  ? rcu_is_watching+0x12/0xc0
[  302.253986][ T9075]  __x64_sys_modify_ldt+0xb1/0x170
[  302.254007][ T9075]  do_syscall_64+0xcd/0x260
[  302.254028][ T9075]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  302.254045][ T9075] RIP: 0033:0x7f0f8698e969
[  302.254058][ T9075] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  302.254074][ T9075] RSP: 002b:00007f0f8770f038 EFLAGS: 00000246 ORIG_RAX: 000000000000009a
[  302.254090][ T9075] RAX: ffffffffffffffda RBX: 00007f0f86bb5fa0 RCX: 00007f0f8698e969
[  302.254101][ T9075] RDX: 0000000000000010 RSI: 0000200000000000 RDI: 0000000000000001
[  302.254110][ T9075] RBP: 00007f0f8770f090 R08: 0000000000000000 R09: 0000000000000000
[  302.254120][ T9075] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  302.254129][ T9075] R13: 0000000000000000 R14: 00007f0f86bb5fa0 R15: 00007ffe85d8b9b8
[  302.254152][ T9075]  </TASK>
[  302.328657][   T30] audit: type=1400 audit(1745830828.839:537): avc:  denied  { override_creds } for  pid=9076 comm="syz.1.785" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  302.510806][ T9090] netlink: 'syz.4.786': attribute type 10 has an invalid length.
[  302.565657][ T5920] usb 1-1: USB disconnect, device number 7
[  302.656664][   T30] audit: type=1400 audit(1745830828.839:538): avc:  denied  { write } for  pid=9076 comm="syz.1.785" path="socket:[20516]" dev="sockfs" ino=20516 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  302.687701][ T9090] netlink: 2 bytes leftover after parsing attributes in process `syz.4.786'.
[  302.768190][ T9090] team0: entered promiscuous mode
[  302.776723][ T9090] team_slave_0: entered promiscuous mode
[  302.795008][   T30] audit: type=1400 audit(1745830828.839:539): avc:  denied  { nlmsg_read } for  pid=9076 comm="syz.1.785" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  302.863438][ T9105] netlink: 32 bytes leftover after parsing attributes in process `syz.0.788'.
[  302.876734][ T9090] team_slave_1: entered promiscuous mode
[  302.898947][ T9090] bridge0: port 3(team0) entered blocking state
[  302.905362][ T9090] bridge0: port 3(team0) entered disabled state
[  302.923379][   T30] audit: type=1400 audit(1745830829.139:540): avc:  denied  { read append } for  pid=9087 comm="syz.4.786" name="rtc0" dev="devtmpfs" ino=921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  302.990259][ T9090] team0: entered allmulticast mode
[  302.995427][ T9090] team_slave_0: entered allmulticast mode
[  303.018539][   T30] audit: type=1400 audit(1745830829.139:541): avc:  denied  { open } for  pid=9087 comm="syz.4.786" path="/dev/rtc0" dev="devtmpfs" ino=921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  303.041764][    C0] vkms_vblank_simulate: vblank timer overrun
[  303.078581][   T30] audit: type=1400 audit(1745830829.589:542): avc:  denied  { ioctl } for  pid=9087 comm="syz.4.786" path="/dev/rtc0" dev="devtmpfs" ino=921 ioctlcmd=0xae03 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  303.109512][ T9090] team_slave_1: entered allmulticast mode
[  303.163497][   T30] audit: type=1400 audit(1745830829.599:543): avc:  denied  { read } for  pid=9087 comm="syz.4.786" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  303.297099][ T9090] bridge0: port 3(team0) entered blocking state
[  303.303562][ T9090] bridge0: port 3(team0) entered forwarding state
[  304.431082][   T30] audit: type=1400 audit(1745830831.029:544): avc:  denied  { sqpoll } for  pid=9122 comm="syz.0.791" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  307.051828][ T9132] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  307.063878][ T9132] overlayfs: missing 'lowerdir'
[  307.176820][   T30] audit: type=1400 audit(1745830833.770:545): avc:  denied  { write } for  pid=9155 comm="syz.1.796" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  307.176856][ T9157] ieee802154 phy0 wpan0: encryption failed: -90
[  307.532710][   T30] audit: type=1400 audit(1745830834.000:546): avc:  denied  { watch watch_reads } for  pid=9156 comm="syz.0.795" path="/175/file0" dev="tmpfs" ino=962 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  307.556056][    C0] vkms_vblank_simulate: vblank timer overrun
[  307.578277][ T5861] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  308.350444][ T5861] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  308.460894][ T9174] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  308.672773][ T5861] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 2
[  308.729989][ T5861] usb 5-1: New USB device found, idVendor=05ac, idProduct=dc7a, bcdDevice= 0.00
[  308.766059][ T5861] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  308.816757][   T30] audit: type=1400 audit(1745830835.400:547): avc:  denied  { read } for  pid=9169 comm="syz.1.798" lport=59604 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  308.819091][ T5861] usb 5-1: config 0 descriptor??
[  308.880954][ T9186] FAULT_INJECTION: forcing a failure.
[  308.880954][ T9186] name failslab, interval 1, probability 0, space 0, times 0
[  308.915263][ T9186] CPU: 1 UID: 0 PID: 9186 Comm: syz.2.800 Not tainted 6.15.0-rc4-syzkaller #0 PREEMPT(full) 
[  308.915288][ T9186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  308.915295][ T9186] Call Trace:
[  308.915301][ T9186]  <TASK>
[  308.915307][ T9186]  dump_stack_lvl+0x16c/0x1f0
[  308.915330][ T9186]  should_fail_ex+0x512/0x640
[  308.915353][ T9186]  should_failslab+0xc2/0x120
[  308.915369][ T9186]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  308.915397][ T9186]  ? skb_clone+0x190/0x3f0
[  308.915428][ T9186]  skb_clone+0x190/0x3f0
[  308.915455][ T9186]  netlink_deliver_tap+0xabd/0xd30
[  308.915488][ T9186]  netlink_unicast+0x6b2/0x7f0
[  308.915510][ T9186]  ? __pfx_netlink_unicast+0x10/0x10
[  308.915525][ T9186]  ? genl_rcv_msg+0x4bb/0x800
[  308.915548][ T9186]  netlink_ack+0x696/0xb80
[  308.915581][ T9186]  netlink_rcv_skb+0x347/0x440
[  308.915598][ T9186]  ? __pfx_genl_rcv_msg+0x10/0x10
[  308.915619][ T9186]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  308.915649][ T9186]  ? __pfx_down_read+0x10/0x10
[  308.915672][ T9186]  ? netlink_deliver_tap+0x1ae/0xd30
[  308.915703][ T9186]  genl_rcv+0x28/0x40
[  308.915720][ T9186]  netlink_unicast+0x53a/0x7f0
[  308.915740][ T9186]  ? __pfx_netlink_unicast+0x10/0x10
[  308.915764][ T9186]  netlink_sendmsg+0x8d1/0xdd0
[  308.915786][ T9186]  ? __pfx_netlink_sendmsg+0x10/0x10
[  308.915814][ T9186]  ____sys_sendmsg+0xa95/0xc70
[  308.915836][ T9186]  ? copy_msghdr_from_user+0x10a/0x160
[  308.915861][ T9186]  ? __pfx_____sys_sendmsg+0x10/0x10
[  308.915892][ T9186]  ___sys_sendmsg+0x134/0x1d0
[  308.915919][ T9186]  ? __pfx____sys_sendmsg+0x10/0x10
[  308.915976][ T9186]  __sys_sendmsg+0x16d/0x220
[  308.916002][ T9186]  ? __pfx___sys_sendmsg+0x10/0x10
[  308.916035][ T9186]  ? rcu_is_watching+0x12/0xc0
[  308.916064][ T9186]  do_syscall_64+0xcd/0x260
[  308.916086][ T9186]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  308.916103][ T9186] RIP: 0033:0x7fdd8f58e969
[  308.916118][ T9186] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  308.916134][ T9186] RSP: 002b:00007fdd904a0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  308.916151][ T9186] RAX: ffffffffffffffda RBX: 00007fdd8f7b5fa0 RCX: 00007fdd8f58e969
[  308.916162][ T9186] RDX: 0000000004000004 RSI: 0000200000000200 RDI: 0000000000000003
[  308.916172][ T9186] RBP: 00007fdd904a0090 R08: 0000000000000000 R09: 0000000000000000
[  308.916181][ T9186] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  308.916191][ T9186] R13: 0000000000000000 R14: 00007fdd8f7b5fa0 R15: 00007ffeea52bb48
[  308.916215][ T9186]  </TASK>
[  309.961623][ T9148] netlink: 12 bytes leftover after parsing attributes in process `syz.4.794'.
[  310.128878][   T30] audit: type=1400 audit(1745830836.720:548): avc:  denied  { write } for  pid=9204 comm="syz.0.805" name="usbmon0" dev="devtmpfs" ino=716 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  310.330719][   T30] audit: type=1400 audit(1745830836.720:549): avc:  denied  { open } for  pid=9204 comm="syz.0.805" path="/dev/usbmon0" dev="devtmpfs" ino=716 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  310.411510][ T9215] FAULT_INJECTION: forcing a failure.
[  310.411510][ T9215] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  310.424758][ T9215] CPU: 0 UID: 0 PID: 9215 Comm: syz.1.804 Not tainted 6.15.0-rc4-syzkaller #0 PREEMPT(full) 
[  310.424782][ T9215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  310.424792][ T9215] Call Trace:
[  310.424799][ T9215]  <TASK>
[  310.424806][ T9215]  dump_stack_lvl+0x16c/0x1f0
[  310.424831][ T9215]  should_fail_ex+0x512/0x640
[  310.424856][ T9215]  strncpy_from_user+0x3b/0x2e0
[  310.424879][ T9215]  getname_flags.part.0+0x8f/0x550
[  310.424904][ T9215]  getname_flags+0x93/0xf0
[  310.424928][ T9215]  do_sys_openat2+0xb8/0x1d0
[  310.424948][ T9215]  ? __pfx_do_sys_openat2+0x10/0x10
[  310.424968][ T9215]  ? __pfx___schedule+0x10/0x10
[  310.424984][ T9215]  ? __fget_files+0x20e/0x3c0
[  310.425014][ T9215]  __x64_sys_openat+0x174/0x210
[  310.425033][ T9215]  ? __pfx___x64_sys_openat+0x10/0x10
[  310.425051][ T9215]  ? ksys_write+0x1b9/0x240
[  310.425083][ T9215]  do_syscall_64+0xcd/0x260
[  310.425105][ T9215]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  310.425123][ T9215] RIP: 0033:0x7fea7338e969
[  310.425137][ T9215] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  310.425154][ T9215] RSP: 002b:00007fea7415b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  310.425172][ T9215] RAX: ffffffffffffffda RBX: 00007fea735b6160 RCX: 00007fea7338e969
[  310.425183][ T9215] RDX: 000000000000275a RSI: 0000200000000080 RDI: ffffffffffffff9c
[  310.425193][ T9215] RBP: 00007fea7415b090 R08: 0000000000000000 R09: 0000000000000000
[  310.425203][ T9215] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  310.425213][ T9215] R13: 0000000000000000 R14: 00007fea735b6160 R15: 00007ffe0d6c2358
[  310.425235][ T9215]  </TASK>
[  310.598111][    C0] vkms_vblank_simulate: vblank timer overrun
[  310.637736][   T30] audit: type=1400 audit(1745830837.210:550): avc:  denied  { write } for  pid=5168 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  310.799009][   T30] audit: type=1400 audit(1745830837.210:551): avc:  denied  { remove_name } for  pid=5168 comm="syslogd" name="messages" dev="tmpfs" ino=7 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  310.822337][    C0] vkms_vblank_simulate: vblank timer overrun
[  310.832301][   T30] audit: type=1400 audit(1745830837.210:552): avc:  denied  { add_name } for  pid=5168 comm="syslogd" name="messages.0" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  310.854767][    C0] vkms_vblank_simulate: vblank timer overrun
[  311.198871][   T30] audit: type=1400 audit(1745830837.770:553): avc:  denied  { map } for  pid=9226 comm="syz.2.808" path="/dev/zero" dev="devtmpfs" ino=6 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:zero_device_t tclass=chr_file permissive=1
[  311.221939][    C0] vkms_vblank_simulate: vblank timer overrun
[  311.914061][   T24] usb 5-1: USB disconnect, device number 16
[  312.102809][ T9265] Bluetooth: MGMT ver 1.23
[  312.289883][ T9272] IPVS: length: 246 != 24
[  313.535039][ T9284] netlink: 156 bytes leftover after parsing attributes in process `syz.0.819'.
[  314.374132][ T9305] netlink: 4 bytes leftover after parsing attributes in process `syz.1.823'.
[  314.711751][ T9329] netlink: 'syz.0.830': attribute type 4 has an invalid length.
[  315.000227][ T1203] libceph: connect (1)[c::]:6789 error -101
[  315.017122][ T1203] libceph: mon0 (1)[c::]:6789 connect error
[  315.026242][ T9305] ceph: No mds server is up or the cluster is laggy
[  315.051388][ T9336] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10)
[  315.058028][ T9336] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  315.074400][ T9336] vhci_hcd vhci_hcd.0: Device attached
[  315.090142][ T9341] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(13)
[  315.096793][ T9341] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  315.108948][ T9341] vhci_hcd vhci_hcd.0: Device attached
[  315.118393][ T1203] libceph: connect (1)[c::]:6789 error -101
[  315.120883][ T9336] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  315.124495][ T1203] libceph: mon0 (1)[c::]:6789 connect error
[  315.150987][ T9336] vhci_hcd vhci_hcd.0: pdev(2) rhport(3) sockfd(16)
[  315.157657][ T9336] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  315.166015][ T9336] vhci_hcd vhci_hcd.0: Device attached
[  315.174964][ T9336] vhci_hcd vhci_hcd.0: pdev(2) rhport(4) sockfd(19)
[  315.181606][ T9336] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  315.189709][ T9336] vhci_hcd vhci_hcd.0: Device attached
[  315.216041][ T9336] 9pnet_fd: Insufficient options for proto=fd
[  315.237568][ T9336] vhci_hcd vhci_hcd.0: pdev(2) rhport(5) sockfd(23)
[  315.244217][ T9336] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  315.277972][ T9336] vhci_hcd vhci_hcd.0: Device attached
[  315.348479][  T910] vhci_hcd: vhci_device speed not set
[  315.356987][ T9341] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  315.425816][ T9361] misc userio: Begin command sent, but we're already running
[  315.427811][  T910] usb 37-1: new full-speed USB device number 3 using vhci_hcd
[  315.457207][ T9336] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  315.671909][   T30] audit: type=1400 audit(1745830842.060:554): avc:  denied  { setopt } for  pid=9358 comm="syz.4.833" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  315.691136][    C0] vkms_vblank_simulate: vblank timer overrun
[  315.704186][ T9336] vhci_hcd vhci_hcd.0: port 0 already used
[  315.742246][ T9356] vhci_hcd: connection closed
[  315.744087][ T9342] vhci_hcd: connection closed
[  315.750429][ T9339] vhci_hcd: connection reset by peer
[  315.774985][ T9344] vhci_hcd: connection closed
[  315.775243][ T9348] vhci_hcd: connection closed
[  315.823909][ T3557] vhci_hcd: stop threads
[  315.834390][ T3557] vhci_hcd: release socket
[  315.857874][ T3557] vhci_hcd: disconnect device
[  315.862878][ T3557] vhci_hcd: stop threads
[  315.868180][ T3557] vhci_hcd: release socket
[  315.872975][ T3557] vhci_hcd: disconnect device
[  315.912574][ T3557] vhci_hcd: stop threads
[  315.927031][ T3557] vhci_hcd: release socket
[  315.954880][ T3557] vhci_hcd: disconnect device
[  315.979941][ T3557] vhci_hcd: stop threads
[  316.002287][ T3557] vhci_hcd: release socket
[  316.065822][ T3557] vhci_hcd: disconnect device
[  316.081117][ T3557] vhci_hcd: stop threads
[  316.085497][ T3557] vhci_hcd: release socket
[  316.090137][ T3557] vhci_hcd: disconnect device
[  316.708739][ T1293] ieee802154 phy0 wpan0: encryption failed: -22
[  316.715470][ T1293] ieee802154 phy1 wpan1: encryption failed: -22
[  316.959583][ T9399] evm: overlay not supported
[  317.477978][   T24] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  317.787921][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  317.821371][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  317.832430][   T24] usb 5-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  317.847311][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  317.849098][ T9413] syz.3.843 (9413): drop_caches: 0
[  317.961432][   T24] usb 5-1: config 0 descriptor??
[  318.595910][   T24] usbhid 5-1:0.0: can't add hid device: -71
[  318.614901][   T24] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  318.643171][   T24] usb 5-1: USB disconnect, device number 17
[  319.337951][   T30] audit: type=1400 audit(1745830845.930:555): avc:  denied  { mount } for  pid=9439 comm="syz.3.847" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  319.359906][    C0] vkms_vblank_simulate: vblank timer overrun
[  320.758311][  T910] vhci_hcd: vhci_device speed not set
[  321.100383][ T9447] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(10)
[  321.107034][ T9447] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  321.136078][   T30] audit: type=1800 audit(1745830846.060:556): pid=9438 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.0.846" name="/" dev="fuse" ino=0 res=0 errno=0
[  321.160732][ T9447] vhci_hcd vhci_hcd.0: Device attached
[  321.176703][ T9447] vhci_hcd vhci_hcd.0: pdev(4) rhport(1) sockfd(12)
[  321.183364][ T9447] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  321.193933][ T9447] vhci_hcd vhci_hcd.0: Device attached
[  321.201201][ T9447] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  321.271232][ T9461] vhci_hcd vhci_hcd.0: pdev(4) rhport(4) sockfd(20)
[  321.277907][ T9461] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  321.289227][ T9447] vhci_hcd vhci_hcd.0: pdev(4) rhport(3) sockfd(16)
[  321.295871][ T9447] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  321.431854][ T5920] vhci_hcd: vhci_device speed not set
[  321.457614][ T9447] vhci_hcd vhci_hcd.0: Device attached
[  321.517449][ T5920] usb 41-1: new full-speed USB device number 2 using vhci_hcd
[  322.177441][   T30] audit: type=1400 audit(1745830848.760:557): avc:  denied  { name_bind } for  pid=9468 comm="syz.0.852" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  322.226828][ T9473] lo speed is unknown, defaulting to 1000
[  322.255098][ T9461] vhci_hcd vhci_hcd.0: Device attached
[  322.274500][ T9473] lo speed is unknown, defaulting to 1000
[  322.290642][ T9473] lo speed is unknown, defaulting to 1000
[  322.371933][ T9473] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  322.458239][ T9473] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  322.474691][ T9447] 9pnet_fd: Insufficient options for proto=fd
[  322.525724][ T9447] vhci_hcd vhci_hcd.0: pdev(4) rhport(5) sockfd(23)
[  322.532385][ T9447] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  322.547588][ T9461] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  322.564576][ T9447] vhci_hcd vhci_hcd.0: Device attached
[  322.602196][ T9447] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  322.711332][ T9473] lo speed is unknown, defaulting to 1000
[  322.772215][ T9447] vhci_hcd vhci_hcd.0: port 0 already used
[  322.779021][ T9473] lo speed is unknown, defaulting to 1000
[  322.801534][ T9473] lo speed is unknown, defaulting to 1000
[  322.811038][ T9473] lo speed is unknown, defaulting to 1000
[  322.823847][   T30] audit: type=1400 audit(1745830849.420:558): avc:  denied  { accept } for  pid=9466 comm="syz.3.850" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  322.847632][ T9478] vhci_hcd: connection closed
[  322.847830][ T9462] vhci_hcd: connection closed
[  322.848643][ T9450] vhci_hcd: connection reset by peer
[  322.852803][ T9457] vhci_hcd: connection closed
[  322.862616][ T9452] vhci_hcd: connection closed
[  322.877492][   T52] vhci_hcd: stop threads
[  322.909358][   T52] vhci_hcd: release socket
[  322.919856][   T52] vhci_hcd: disconnect device
[  322.935596][   T52] vhci_hcd: stop threads
[  322.944210][   T52] vhci_hcd: release socket
[  322.954314][   T52] vhci_hcd: disconnect device
[  323.099397][ T9473] lo speed is unknown, defaulting to 1000
[  323.122409][   T52] vhci_hcd: stop threads
[  323.126730][   T52] vhci_hcd: release socket
[  323.298717][   T52] vhci_hcd: disconnect device
[  323.317892][   T52] vhci_hcd: stop threads
[  323.322301][   T52] vhci_hcd: release socket
[  323.327225][   T52] vhci_hcd: disconnect device
[  323.349588][   T52] vhci_hcd: stop threads
[  323.354954][   T52] vhci_hcd: release socket
[  323.356160][ T9498] : entered promiscuous mode
[  323.360465][   T52] vhci_hcd: disconnect device
[  323.464851][ T9498] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  323.486936][    T9] IPVS: starting estimator thread 0...
[  323.617472][ T9504] IPVS: using max 76 ests per chain, 182400 per kthread
[  323.766352][   T30] audit: type=1400 audit(1745830850.350:559): avc:  denied  { append } for  pid=9511 comm="syz.3.857" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  324.190948][ T9518] netlink: 256 bytes leftover after parsing attributes in process `syz.3.857'.
[  325.274870][ T9525] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  325.329166][ T9533] virtio-fs: tag </dev/md0> not found
[  325.377073][   T30] audit: type=1400 audit(1745830851.961:560): avc:  denied  { ioctl } for  pid=9521 comm="syz.0.859" path="socket:[21235]" dev="sockfs" ino=21235 ioctlcmd=0x89ef scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  325.417679][ T9531] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  325.716862][   T30] audit: type=1400 audit(1745830852.311:561): avc:  denied  { bind } for  pid=9555 comm="syz.2.864" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  326.171501][ T9567] FAULT_INJECTION: forcing a failure.
[  326.171501][ T9567] name failslab, interval 1, probability 0, space 0, times 0
[  326.184501][ T9567] CPU: 1 UID: 0 PID: 9567 Comm: syz.0.867 Not tainted 6.15.0-rc4-syzkaller #0 PREEMPT(full) 
[  326.184524][ T9567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  326.184534][ T9567] Call Trace:
[  326.184540][ T9567]  <TASK>
[  326.184547][ T9567]  dump_stack_lvl+0x16c/0x1f0
[  326.184573][ T9567]  should_fail_ex+0x512/0x640
[  326.184594][ T9567]  ? fs_reclaim_acquire+0xae/0x150
[  326.184617][ T9567]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  326.184640][ T9567]  should_failslab+0xc2/0x120
[  326.184658][ T9567]  __kmalloc_noprof+0xd2/0x510
[  326.184690][ T9567]  tomoyo_realpath_from_path+0xc2/0x6e0
[  326.184720][ T9567]  tomoyo_mount_acl+0x664/0x850
[  326.184740][ T9567]  ? kernel_text_address+0x8d/0x100
[  326.184759][ T9567]  ? __kernel_text_address+0xd/0x40
[  326.184781][ T9567]  ? __pfx_tomoyo_mount_acl+0x10/0x10
[  326.184832][ T9567]  ? tomoyo_domain+0xbb/0x150
[  326.184846][ T9567]  ? tomoyo_profile+0x47/0x60
[  326.184873][ T9567]  tomoyo_mount_permission+0x16d/0x420
[  326.184893][ T9567]  ? tomoyo_mount_permission+0x14f/0x420
[  326.184916][ T9567]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[  326.184954][ T9567]  security_sb_mount+0x9b/0x260
[  326.184976][ T9567]  path_mount+0x128/0x1f20
[  326.184996][ T9567]  ? kmem_cache_free+0x2d4/0x4d0
[  326.185020][ T9567]  ? __pfx_path_mount+0x10/0x10
[  326.185041][ T9567]  ? putname+0x154/0x1a0
[  326.185062][ T9567]  __x64_sys_mount+0x28d/0x310
[  326.185081][ T9567]  ? __pfx___x64_sys_mount+0x10/0x10
[  326.185097][ T9567]  ? rcu_is_watching+0x12/0xc0
[  326.185124][ T9567]  do_syscall_64+0xcd/0x260
[  326.185146][ T9567]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.185162][ T9567] RIP: 0033:0x7fb45a18e969
[  326.185177][ T9567] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  326.185193][ T9567] RSP: 002b:00007fb45afe5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  326.185210][ T9567] RAX: ffffffffffffffda RBX: 00007fb45a3b6080 RCX: 00007fb45a18e969
[  326.185221][ T9567] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000200000000000
[  326.185231][ T9567] RBP: 00007fb45afe5090 R08: 0000000000000000 R09: 0000000000000000
[  326.185241][ T9567] R10: 0000000000891018 R11: 0000000000000246 R12: 0000000000000001
[  326.185251][ T9567] R13: 0000000000000000 R14: 00007fb45a3b6080 R15: 00007fff1ae7f318
[  326.185275][ T9567]  </TASK>
[  326.185282][ T9567] ERROR: Out of memory at tomoyo_realpath_from_path.
[  326.260327][ T1203] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  326.570500][ T9556] syz.2.864 (9556): drop_caches: 2
[  326.620323][ T5920] vhci_hcd: vhci_device speed not set
[  326.677163][ T1203] usb 4-1: Using ep0 maxpacket: 16
[  326.685623][ T1203] usb 4-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[  326.702930][ T1203] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  326.711236][ T1203] usb 4-1: Product: syz
[  326.718595][ T1203] usb 4-1: Manufacturer: syz
[  326.733570][ T1203] usb 4-1: SerialNumber: syz
[  326.764467][ T1203] usb 4-1: config 0 descriptor??
[  326.790419][ T1203] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected
[  326.807140][ T1203] usb 4-1: Detected FT232H
[  326.975245][ T2324] pvrusb2: request_firmware fatal error with code=-110
[  326.991713][   T30] audit: type=1400 audit(1745830853.591:562): avc:  denied  { setopt } for  pid=9540 comm="syz.3.863" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  327.042121][   T30] audit: type=1400 audit(1745830853.591:563): avc:  denied  { bind } for  pid=9540 comm="syz.3.863" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  327.105420][ T1203] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  327.136252][ T1203] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  327.148803][ T2324] pvrusb2: Failure uploading firmware1
[  327.154377][ T2324] pvrusb2: Device initialization was not successful.
[  327.167414][ T2324] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  327.173152][ T1203] ftdi_sio 4-1:0.0: GPIO initialisation failed: -71
[  327.178107][ T2324] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  327.200709][ T5892] pvrusb2: Device being rendered inoperable
[  327.643752][ T1203] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  327.708282][ T1203] usb 4-1: USB disconnect, device number 13
[  327.741949][ T5892] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  327.765143][ T3557] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.776696][ T1203] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  327.949023][ T1203] ftdi_sio 4-1:0.0: device disconnected
[  327.964061][ T5892] usb 2-1: Using ep0 maxpacket: 16
[  328.000128][ T5892] usb 2-1: New USB device found, idVendor=2137, idProduct=0001, bcdDevice=2a.35
[  328.017273][ T5892] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  328.037100][ T5892] usb 2-1: Product: syz
[  328.048284][ T5892] usb 2-1: Manufacturer: syz
[  328.053946][ T5892] usb 2-1: SerialNumber: syz
[  328.070700][ T5892] usb 2-1: config 0 descriptor??
[  328.089257][ T3557] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  328.093872][ T5892] as10x_usb: device has been detected
[  328.137743][ T5892] dvbdev: DVB: registering new adapter (Sky IT Digital Key (green led))
[  328.201673][ T5892] usb 2-1: DVB: registering adapter 1 frontend 0 (Sky IT Digital Key (green led))...
[  328.261220][ T3557] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  328.331541][ T5892] as10x_usb: error during firmware upload part1
[  328.377651][ T5892] Registered device Sky IT Digital Key (green led)
[  328.486644][ T5860] usb 2-1: USB disconnect, device number 20
[  328.530370][ T3557] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  328.602449][ T5860] Unregistered device Sky IT Digital Key (green led)
[  328.625261][ T5860] as10x_usb: device has been disconnected
[  329.839948][   T54] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  329.856408][ T3557] bridge_slave_1: left allmulticast mode
[  329.863204][ T3557] bridge_slave_1: left promiscuous mode
[  329.869672][   T54] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  329.878936][   T54] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  329.888045][ T3557] bridge0: port 2(bridge_slave_1) entered disabled state
[  329.900993][   T54] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  329.990119][   T54] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  330.019168][ T3557] bridge_slave_0: left allmulticast mode
[  330.123467][ T3557] bridge_slave_0: left promiscuous mode
[  330.136462][ T3557] bridge0: port 1(bridge_slave_0) entered disabled state
[  330.216814][   T30] audit: type=1400 audit(1745830856.801:564): avc:  denied  { mounton } for  pid=9676 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  330.249682][ T9698] xt_CT: You must specify a L4 protocol and not use inversions on it
[  332.196969][ T9714] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10)
[  332.203618][ T9714] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  332.230982][ T9718] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(13)
[  332.237636][ T9718] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  332.266642][ T9721] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  332.297026][   T54] Bluetooth: hci2: command tx timeout
[  332.301261][ T9714] vhci_hcd vhci_hcd.0: Device attached
[  332.322595][ T9718] vhci_hcd vhci_hcd.0: Device attached
[  332.331897][ T9726] vhci_hcd vhci_hcd.0: pdev(2) rhport(3) sockfd(19)
[  332.338541][ T9726] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  332.426896][ T9726] vhci_hcd vhci_hcd.0: Device attached
[  332.435002][ T9714] vhci_hcd vhci_hcd.0: pdev(2) rhport(4) sockfd(15)
[  332.441641][ T9714] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  332.449561][ T9714] vhci_hcd vhci_hcd.0: Device attached
[  332.458688][ T9714] 9pnet_fd: Insufficient options for proto=fd
[  332.479377][ T9714] vhci_hcd vhci_hcd.0: pdev(2) rhport(5) sockfd(23)
[  332.486031][ T9714] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  332.524148][ T9718] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  332.537706][  T910] vhci_hcd: vhci_device speed not set
[  332.548374][ T9714] vhci_hcd vhci_hcd.0: Device attached
[  332.569139][ T9714] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  332.581894][ T9714] vhci_hcd vhci_hcd.0: port 0 already used
[  332.597114][  T910] usb 37-1: new full-speed USB device number 4 using vhci_hcd
[  332.626447][ T9733] vhci_hcd: connection closed
[  332.626658][  T998] vhci_hcd: stop threads
[  332.648208][ T9716] vhci_hcd: connection reset by peer
[  332.648484][  T998] vhci_hcd: release socket
[  332.653718][ T9731] vhci_hcd: connection closed
[  332.660412][  T998] vhci_hcd: disconnect device
[  332.669270][ T9719] vhci_hcd: connection closed
[  332.669986][ T9727] vhci_hcd: connection closed
[  332.673675][  T998] vhci_hcd: stop threads
[  332.685204][  T998] vhci_hcd: release socket
[  332.701387][  T998] vhci_hcd: disconnect device
[  332.706477][  T998] vhci_hcd: stop threads
[  332.747808][  T998] vhci_hcd: release socket
[  332.752984][  T998] vhci_hcd: disconnect device
[  332.768806][  T998] vhci_hcd: stop threads
[  332.773096][  T998] vhci_hcd: release socket
[  332.781745][  T998] vhci_hcd: disconnect device
[  332.793389][  T998] vhci_hcd: stop threads
[  332.801235][  T998] vhci_hcd: release socket
[  332.805833][  T998] vhci_hcd: disconnect device
[  332.994033][ T9753] netlink: 36 bytes leftover after parsing attributes in process `syz.3.891'.
[  333.004060][ T9753] netlink: 36 bytes leftover after parsing attributes in process `syz.3.891'.
[  333.004347][ T3557] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  333.013039][ T9753] netlink: 36 bytes leftover after parsing attributes in process `syz.3.891'.
[  333.039865][ T3557] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  333.051111][ T9755] netlink: 36 bytes leftover after parsing attributes in process `syz.3.891'.
[  333.060208][ T9755] netlink: 36 bytes leftover after parsing attributes in process `syz.3.891'.
[  333.075596][ T9755] netlink: 36 bytes leftover after parsing attributes in process `syz.3.891'.
[  333.090692][ T3557] bond0 (unregistering): Released all slaves
[  333.109482][ T9753] netlink: 36 bytes leftover after parsing attributes in process `syz.3.891'.
[  333.116339][ T3557] bond1 (unregistering): Released all slaves
[  333.184249][ T9698] 
@�: renamed from veth0_vlan (while UP)
[  333.193945][ T9753] netlink: 36 bytes leftover after parsing attributes in process `syz.3.891'.
[  333.292376][ T9753] netlink: 36 bytes leftover after parsing attributes in process `syz.3.891'.
[  333.321735][ T3557] tipc: Disabling bearer <udp:syz2>
[  333.348733][ T3557] tipc: Left network mode
[  333.542424][ T9755] netlink: 36 bytes leftover after parsing attributes in process `syz.3.891'.
[  334.032874][ T9784] trusted_key: encrypted_key: key user:syz not found
[  334.112316][ T9676] lo speed is unknown, defaulting to 1000
[  334.407352][   T24] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  334.418686][   T54] Bluetooth: hci2: command tx timeout
[  334.569272][   T30] audit: type=1400 audit(1745830861.171:565): avc:  denied  { accept } for  pid=9813 comm="syz.4.896" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  334.587969][   T24] usb 4-1: Using ep0 maxpacket: 32
[  334.779309][   T24] usb 4-1: config 0 interface 0 altsetting 10 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  334.805755][   T24] usb 4-1: config 0 interface 0 has no altsetting 0
[  334.821018][   T24] usb 4-1: New USB device found, idVendor=046d, idProduct=c20a, bcdDevice= 0.00
[  334.837118][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  334.881064][   T24] usb 4-1: config 0 descriptor??
[  335.132385][ T3557] hsr_slave_0: left promiscuous mode
[  335.146992][ T3557] hsr_slave_1: left promiscuous mode
[  335.153126][ T3557] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  335.161766][ T3557] batman_adv: batadv0: Removing interface: batadv_slave_0
[  335.455267][   T30] audit: type=1400 audit(1745830861.951:566): avc:  denied  { getopt } for  pid=9850 comm="syz.1.900" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  335.593174][ T3557] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  335.688376][ T3557] batman_adv: batadv0: Removing interface: batadv_slave_1
[  335.689613][   T24] usbhid 4-1:0.0: can't add hid device: -71
[  335.703731][   T24] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  335.707043][ T9859] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(10)
[  335.716487][   T24] usb 4-1: USB disconnect, device number 14
[  335.718052][ T9859] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  335.730654][ T9859] vhci_hcd vhci_hcd.0: Device attached
[  335.755580][ T3557] veth1_macvtap: left promiscuous mode
[  335.765795][ T9859] vhci_hcd vhci_hcd.0: pdev(4) rhport(1) sockfd(12)
[  335.772451][ T9859] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  335.772965][ T3557] veth0_macvtap: left promiscuous mode
[  335.782516][ T9859] vhci_hcd vhci_hcd.0: Device attached
[  335.796313][ T9859] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  335.807824][ T3557] veth1_vlan: left promiscuous mode
[  335.813319][ T3557] veth0_vlan: left promiscuous mode
[  335.818856][ T9859] vhci_hcd vhci_hcd.0: pdev(4) rhport(3) sockfd(16)
[  335.826715][ T9859] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  335.827004][ T9859] vhci_hcd vhci_hcd.0: Device attached
[  335.835709][ T9850] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  335.868316][ T9873] vhci_hcd vhci_hcd.0: pdev(4) rhport(4) sockfd(20)
[  335.874963][ T9873] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  335.890036][ T9873] vhci_hcd vhci_hcd.0: Device attached
[  335.904831][ T9859] 9pnet_fd: Insufficient options for proto=fd
[  335.916745][ T5859] vhci_hcd: vhci_device speed not set
[  335.924310][ T9859] vhci_hcd vhci_hcd.0: pdev(4) rhport(5) sockfd(23)
[  335.930947][ T9859] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  335.941769][ T9859] vhci_hcd vhci_hcd.0: Device attached
[  335.949581][ T9859] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  335.959416][ T9859] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  335.976677][ T5859] usb 41-1: new full-speed USB device number 3 using vhci_hcd
[  335.992475][ T9859] vhci_hcd vhci_hcd.0: port 0 already used
[  336.026338][ T9876] vhci_hcd: connection closed
[  336.026539][ T9874] vhci_hcd: connection closed
[  336.028352][ T9871] vhci_hcd: connection closed
[  336.038992][   T52] vhci_hcd: stop threads
[  336.044245][ T9869] vhci_hcd: connection closed
[  336.049334][   T52] vhci_hcd: release socket
[  336.050664][ T9863] vhci_hcd: connection reset by peer
[  336.054079][   T52] vhci_hcd: disconnect device
[  336.071732][   T52] vhci_hcd: stop threads
[  336.076000][   T52] vhci_hcd: release socket
[  336.081260][   T52] vhci_hcd: disconnect device
[  336.086031][   T52] vhci_hcd: stop threads
[  336.091017][   T52] vhci_hcd: release socket
[  336.095533][   T52] vhci_hcd: disconnect device
[  336.100825][   T52] vhci_hcd: stop threads
[  336.105084][   T52] vhci_hcd: release socket
[  336.114042][   T52] vhci_hcd: disconnect device
[  336.121490][   T52] vhci_hcd: stop threads
[  336.125768][   T52] vhci_hcd: release socket
[  336.130734][   T52] vhci_hcd: disconnect device
[  336.247167][   T24] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  336.448162][   T54] Bluetooth: hci2: command tx timeout
[  336.461842][   T24] usb 3-1: Using ep0 maxpacket: 8
[  336.480815][   T24] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  336.491743][   T24] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF9, changing to 0x89
[  336.513470][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  336.519086][ T3557] team0 (unregistering): Port device team_slave_1 removed
[  336.678049][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 59391, setting to 1024
[  336.689300][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  336.710004][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  336.720791][   T24] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  336.743837][   T24] usb 3-1: New USB device found, idVendor=0bc7, idProduct=0008, bcdDevice=4f.c8
[  336.753922][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  336.781793][   T24] usb 3-1: Product: syz
[  336.786007][   T24] usb 3-1: Manufacturer: syz
[  336.804713][   T24] usb 3-1: SerialNumber: syz
[  336.814495][ T3557] team0 (unregistering): Port device team_slave_0 removed
[  336.921297][   T24] usb 3-1: config 0 descriptor??
[  336.927978][ T9882] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  336.973109][   T24] ati_remote 3-1:0.0: Initializing ati_remote hardware failed.
[  337.002784][   T24] ati_remote 3-1:0.0: probe with driver ati_remote failed with error -5
[  337.697616][ T9911] BTRFS info: 'norecovery' is for compatibility only, recommended to use 'rescue=nologreplay'
[  337.718313][  T910] vhci_hcd: vhci_device speed not set
[  338.037434][ T5861] usb 3-1: USB disconnect, device number 17
[  338.526685][   T54] Bluetooth: hci2: command tx timeout
[  338.626672][ T9676] chnl_net:caif_netlink_parms(): no params data found
[  338.763721][T10027] __nla_validate_parse: 2 callbacks suppressed
[  338.763736][T10027] netlink: 4 bytes leftover after parsing attributes in process `syz.3.912'.
[  339.049748][T10043] netlink: 28 bytes leftover after parsing attributes in process `syz.3.912'.
[  339.076830][T10041] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10)
[  339.083471][T10041] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  339.157592][T10041] vhci_hcd vhci_hcd.0: Device attached
[  339.187766][T10043] netlink: 32 bytes leftover after parsing attributes in process `syz.3.912'.
[  339.221367][T10046] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(13)
[  339.228009][T10046] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  339.421133][  T910] vhci_hcd: vhci_device speed not set
[  339.665598][T10046] vhci_hcd vhci_hcd.0: Device attached
[  339.712146][  T910] usb 37-1: new full-speed USB device number 5 using vhci_hcd
[  339.721338][T10041] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  339.739422][T10040] netlink: 'syz.3.912': attribute type 10 has an invalid length.
[  339.968784][T10046] vhci_hcd vhci_hcd.0: pdev(2) rhport(3) sockfd(15)
[  339.974174][T10063] 9pnet_fd: Insufficient options for proto=fd
[  339.975441][T10046] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  339.989051][T10063] vhci_hcd vhci_hcd.0: pdev(2) rhport(4) sockfd(24)
[  339.995663][T10063] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  340.038740][T10067] vhci_hcd vhci_hcd.0: pdev(2) rhport(5) sockfd(20)
[  340.045381][T10067] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  340.087996][T10079] FAULT_INJECTION: forcing a failure.
[  340.087996][T10079] name failslab, interval 1, probability 0, space 0, times 0
[  340.100878][T10079] CPU: 0 UID: 0 PID: 10079 Comm: syz.4.916 Not tainted 6.15.0-rc4-syzkaller #0 PREEMPT(full) 
[  340.100901][T10079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  340.100908][T10079] Call Trace:
[  340.100912][T10079]  <TASK>
[  340.100917][T10079]  dump_stack_lvl+0x16c/0x1f0
[  340.100934][T10079]  should_fail_ex+0x512/0x640
[  340.100949][T10079]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  340.100968][T10079]  should_failslab+0xc2/0x120
[  340.100980][T10079]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  340.100996][T10079]  ? __pfx_acct_collect+0x10/0x10
[  340.101013][T10079]  ? taskstats_exit+0x654/0xbe0
[  340.101032][T10079]  taskstats_exit+0x654/0xbe0
[  340.101049][T10079]  ? __pfx_taskstats_exit+0x10/0x10
[  340.101070][T10079]  do_exit+0x85f/0x2c30
[  340.101089][T10079]  ? __pfx_do_exit+0x10/0x10
[  340.101104][T10079]  ? do_raw_spin_lock+0x12c/0x2b0
[  340.101115][T10079]  ? find_held_lock+0x2b/0x80
[  340.101130][T10079]  do_group_exit+0xd3/0x2a0
[  340.101147][T10079]  get_signal+0x2673/0x26d0
[  340.101162][T10079]  ? __pfx_do_recvmmsg+0x10/0x10
[  340.101189][T10079]  ? __pfx_get_signal+0x10/0x10
[  340.101214][T10079]  arch_do_signal_or_restart+0x8f/0x7d0
[  340.101236][T10079]  ? __fget_files+0x20e/0x3c0
[  340.101253][T10079]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  340.101273][T10079]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  340.101289][T10079]  ? rcu_is_watching+0x12/0xc0
[  340.101304][T10079]  syscall_exit_to_user_mode+0x150/0x2a0
[  340.101318][T10079]  do_syscall_64+0xda/0x260
[  340.101331][T10079]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  340.101343][T10079] RIP: 0033:0x7f0f8698e969
[  340.101351][T10079] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  340.101362][T10079] RSP: 002b:00007f0f847d5038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  340.101372][T10079] RAX: fffffffffffffe00 RBX: 00007f0f86bb6160 RCX: 00007f0f8698e969
[  340.101379][T10079] RDX: 0000000000000002 RSI: 0000200000001a40 RDI: 000000000000000c
[  340.101385][T10079] RBP: 00007f0f847d5090 R08: 0000000000000000 R09: 0000000000000000
[  340.101391][T10079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  340.101397][T10079] R13: 0000000000000001 R14: 00007f0f86bb6160 R15: 00007ffe85d8b9b8
[  340.101411][T10079]  </TASK>
[  340.331651][    C0] vkms_vblank_simulate: vblank timer overrun
[  340.403113][T10027] bridge_slave_1: left promiscuous mode
[  340.409648][T10027] bridge0: port 2(bridge_slave_1) entered disabled state
[  340.416972][T10063] vhci_hcd vhci_hcd.0: Device attached
[  340.424839][T10027] bridge_slave_0: left allmulticast mode
[  340.431076][T10027] bridge_slave_0: left promiscuous mode
[  340.436839][T10027] bridge0: port 1(bridge_slave_0) entered disabled state
[  340.450096][T10046] vhci_hcd vhci_hcd.0: Device attached
[  340.461301][T10067] vhci_hcd vhci_hcd.0: Device attached
[  340.474409][T10046] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  340.483561][T10046] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  340.575666][T10046] vhci_hcd vhci_hcd.0: port 0 already used
[  340.587387][T10048] vhci_hcd: connection closed
[  340.587604][ T6925] vhci_hcd: stop threads
[  340.592569][T10075] vhci_hcd: connection closed
[  340.599889][T10073] vhci_hcd: connection closed
[  340.607150][T10080] vhci_hcd: connection closed
[  340.635906][T10044] vhci_hcd: connection reset by peer
[  340.650760][ T6925] vhci_hcd: release socket
[  340.661918][T10056] bridge0: port 1(syz_tun) entered blocking state
[  340.670927][ T6925] vhci_hcd: disconnect device
[  340.676132][T10056] bridge0: port 1(syz_tun) entered disabled state
[  340.684290][ T6925] vhci_hcd: stop threads
[  340.690104][T10056] syz_tun: entered allmulticast mode
[  340.701645][ T6925] vhci_hcd: release socket
[  340.706408][ T6925] vhci_hcd: disconnect device
[  340.713785][ T6925] vhci_hcd: stop threads
[  340.719839][ T6925] vhci_hcd: release socket
[  340.724618][ T6925] vhci_hcd: disconnect device
[  340.734877][ T6925] vhci_hcd: stop threads
[  340.749891][T10056] syz_tun: entered promiscuous mode
[  340.756788][ T6925] vhci_hcd: release socket
[  340.761150][T10056] bridge0: port 1(syz_tun) entered blocking state
[  340.768590][T10056] bridge0: port 1(syz_tun) entered forwarding state
[  340.776882][ T6925] vhci_hcd: disconnect device
[  340.787659][ T6925] vhci_hcd: stop threads
[  340.798404][ T6925] vhci_hcd: release socket
[  340.803923][ T6925] vhci_hcd: disconnect device
[  340.808016][T10040] bridge0: port 1(syz_tun) entered disabled state
[  340.832858][T10040] syz_tun: left allmulticast mode
[  340.844251][T10040] bridge0: port 1(syz_tun) entered disabled state
[  340.867669][T10040] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  341.042048][ T9676] bridge0: port 1(bridge_slave_0) entered blocking state
[  341.058603][ T9676] bridge0: port 1(bridge_slave_0) entered disabled state
[  341.065775][ T9676] bridge_slave_0: entered allmulticast mode
[  341.072703][ T9676] bridge_slave_0: entered promiscuous mode
[  341.082134][ T9676] bridge0: port 2(bridge_slave_1) entered blocking state
[  341.089948][ T9676] bridge0: port 2(bridge_slave_1) entered disabled state
[  341.097050][ T5859] vhci_hcd: vhci_device speed not set
[  341.102566][ T9676] bridge_slave_1: entered allmulticast mode
[  341.109493][ T9676] bridge_slave_1: entered promiscuous mode
[  341.151912][ T9676] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  341.249191][ T9676] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  341.356113][T10176] netlink: 36 bytes leftover after parsing attributes in process `syz.4.919'.
[  341.446653][T10176] netlink: 36 bytes leftover after parsing attributes in process `syz.4.919'.
[  342.272334][T10176] netlink: 36 bytes leftover after parsing attributes in process `syz.4.919'.
[  342.401384][   T54] Bluetooth: hci1: unexpected event for opcode 0x0c47
[  342.402602][T10184] netlink: 36 bytes leftover after parsing attributes in process `syz.4.919'.
[  342.439558][ T9676] team0: Port device team_slave_0 added
[  342.496555][T10184] netlink: 36 bytes leftover after parsing attributes in process `syz.4.919'.
[  342.542243][T10184] netlink: 36 bytes leftover after parsing attributes in process `syz.4.919'.
[  342.579398][ T9676] team0: Port device team_slave_1 added
[  343.901909][T10176] netlink: 36 bytes leftover after parsing attributes in process `syz.4.919'.
[  343.976709][T10176] netlink: 36 bytes leftover after parsing attributes in process `syz.4.919'.
[  343.990196][T10176] netlink: 36 bytes leftover after parsing attributes in process `syz.4.919'.
[  344.033500][T10184] netlink: 36 bytes leftover after parsing attributes in process `syz.4.919'.
[  344.056762][T10184] netlink: 36 bytes leftover after parsing attributes in process `syz.4.919'.
[  344.267982][ T9676] batman_adv: batadv0: Adding interface: batadv_slave_0
[  344.275243][T10184] netlink: 36 bytes leftover after parsing attributes in process `syz.4.919'.
[  344.296851][ T9676] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  344.577989][ T9676] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  344.623904][ T9676] batman_adv: batadv0: Adding interface: batadv_slave_1
[  344.655410][ T9676] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  344.681360][    C0] vkms_vblank_simulate: vblank timer overrun
[  344.713363][ T9676] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  344.845356][ T9676] hsr_slave_0: entered promiscuous mode
[  344.858888][ T9676] hsr_slave_1: entered promiscuous mode
[  344.880222][ T9676] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  344.908548][ T9676] Cannot create hsr debugfs directory
[  345.091839][T10308] qnx6: unable to set blocksize
[  345.099547][  T910] vhci_hcd: vhci_device speed not set
[  345.439356][T10325] netlink: 'syz.3.928': attribute type 11 has an invalid length.
[  346.112287][T10395] FAULT_INJECTION: forcing a failure.
[  346.112287][T10395] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  346.125845][T10395] CPU: 1 UID: 0 PID: 10395 Comm: syz.3.931 Not tainted 6.15.0-rc4-syzkaller #0 PREEMPT(full) 
[  346.125866][T10395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  346.125874][T10395] Call Trace:
[  346.125879][T10395]  <TASK>
[  346.125885][T10395]  dump_stack_lvl+0x16c/0x1f0
[  346.125907][T10395]  should_fail_ex+0x512/0x640
[  346.125931][T10395]  strncpy_from_user+0x3b/0x2e0
[  346.125953][T10395]  getname_flags.part.0+0x8f/0x550
[  346.125972][T10395]  getname_flags+0x93/0xf0
[  346.125996][T10395]  do_sys_openat2+0xb8/0x1d0
[  346.126015][T10395]  ? __pfx_do_sys_openat2+0x10/0x10
[  346.126035][T10395]  ? __fget_files+0x20e/0x3c0
[  346.126064][T10395]  __x64_sys_open+0x153/0x1e0
[  346.126082][T10395]  ? __pfx___x64_sys_open+0x10/0x10
[  346.126107][T10395]  ? rcu_is_watching+0x12/0xc0
[  346.126128][T10395]  do_syscall_64+0xcd/0x260
[  346.126149][T10395]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  346.126166][T10395] RIP: 0033:0x7f43e218e969
[  346.126180][T10395] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  346.126196][T10395] RSP: 002b:00007f43e2fe1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  346.126212][T10395] RAX: ffffffffffffffda RBX: 00007f43e23b6080 RCX: 00007f43e218e969
[  346.126223][T10395] RDX: 0000000000000020 RSI: 00000000004b8e82 RDI: 0000200000000180
[  346.126233][T10395] RBP: 00007f43e2fe1090 R08: 0000000000000000 R09: 0000000000000000
[  346.126243][T10395] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  346.126253][T10395] R13: 0000000000000000 R14: 00007f43e23b6080 R15: 00007ffc9c6578a8
[  346.126276][T10395]  </TASK>
[  346.394105][ T9676] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  346.418668][ T9676] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  346.449045][   T54] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  346.457674][   T54] Bluetooth: hci1: Injecting HCI hardware error event
[  346.465741][   T54] Bluetooth: hci1: hardware error 0x00
[  346.476086][ T9676] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  346.487495][   T30] audit: type=1400 audit(1745830873.092:567): avc:  denied  { create } for  pid=10408 comm="syz.4.933" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_nflog_socket permissive=1
[  346.545617][T10409] netlink: 'syz.4.933': attribute type 1 has an invalid length.
[  346.550132][ T9676] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  346.606090][ T5859] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  346.808001][T10414] batadv1: entered promiscuous mode
[  346.828083][T10414] batadv1: entered allmulticast mode
[  346.836186][ T5859] usb 2-1: Using ep0 maxpacket: 8
[  346.852919][ T5859] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  346.999883][ T5859] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  347.111046][ T5859] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  347.303440][ T5859] usb 2-1: config 0 descriptor??
[  347.303543][ T5921] batman_adv: batadv1: adding TT local entry 33:33:00:00:00:01 to non-existent VLAN -1
[  347.542812][ T5859] iowarrior 2-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  347.670281][ T9676] 8021q: adding VLAN 0 to HW filter on device bond0
[  347.682693][  T910] usb 2-1: USB disconnect, device number 21
[  347.687600][ T9676] 8021q: adding VLAN 0 to HW filter on device team0
[  347.700208][T10445] netlink: 36 bytes leftover after parsing attributes in process `syz.3.936'.
[  348.139698][T10445] netlink: 36 bytes leftover after parsing attributes in process `syz.3.936'.
[  348.158354][ T3557] bridge0: port 1(bridge_slave_0) entered blocking state
[  348.165513][ T3557] bridge0: port 1(bridge_slave_0) entered forwarding state
[  348.174049][T10445] netlink: 36 bytes leftover after parsing attributes in process `syz.3.936'.
[  348.205365][ T3557] bridge0: port 2(bridge_slave_1) entered blocking state
[  348.212489][ T3557] bridge0: port 2(bridge_slave_1) entered forwarding state
[  348.259114][T10462] netlink: 36 bytes leftover after parsing attributes in process `syz.3.936'.
[  348.289187][ T9676] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  348.606276][   T54] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  349.146420][T10490] netlink: 'syz.4.939': attribute type 30 has an invalid length.
[  349.266383][T10490] __nla_validate_parse: 8 callbacks suppressed
[  349.283577][T10490] netlink: 32 bytes leftover after parsing attributes in process `syz.4.939'.
[  349.740050][ T9676] 8021q: adding VLAN 0 to HW filter on device batadv0
[  349.839712][ T5859] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  350.038020][ T5859] usb 4-1: Using ep0 maxpacket: 16
[  350.071224][ T5859] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  350.140823][ T5859] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  350.150825][ T5859] usb 4-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00
[  350.159955][ T5859] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  350.318032][ T5859] usb 4-1: config 0 descriptor??
[  350.385650][   T30] audit: type=1400 audit(1745830876.982:568): avc:  denied  { bind } for  pid=10550 comm="syz.2.944" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  350.788802][ T9676] veth0_vlan: entered promiscuous mode
[  350.832842][ T9676] veth1_vlan: entered promiscuous mode
[  350.922083][ T9676] veth0_macvtap: entered promiscuous mode
[  351.808880][ T5859] corsair 0003:1B1C:1B02.0005: hidraw0: USB HID v0.00 Device [HID 1b1c:1b02] on usb-dummy_hcd.3-1/input0
[  351.809798][ T9676] veth1_macvtap: entered promiscuous mode
[  351.932135][T10583] netlink: 128 bytes leftover after parsing attributes in process `syz.1.947'.
[  351.973389][ T9676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  352.004264][ T9676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  352.033417][ T9676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  352.044030][ T9676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  352.054505][ T9676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  352.065628][ T9676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  352.075587][ T9676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  352.086093][ T9676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  352.543511][ T9676] batman_adv: batadv0: Interface activated: batadv_slave_0
[  352.562299][ T9676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  352.573657][ T9676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  352.585261][ T5859] corsair 0003:1B1C:1B02.0005: Failed to get K90 initial state (error -71).
[  352.609138][ T9676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  352.620400][ T5859] usb 4-1: USB disconnect, device number 15
[  352.631475][ T9676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  352.648546][ T9676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  352.659145][ T9676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  352.669066][ T9676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  352.688977][ T9676] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  352.806846][ T9676] batman_adv: batadv0: Interface activated: batadv_slave_1
[  352.825374][ T9676] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  352.901175][T10614] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  352.952092][   T30] audit: type=1400 audit(1745830879.522:569): avc:  denied  { append } for  pid=10599 comm="syz.1.950" name="mice" dev="devtmpfs" ino=916 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  353.173888][T10617] xt_SECMARK: invalid mode: 2
[  353.246113][ T9676] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  353.254875][ T9676] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  353.263700][ T9676] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  353.415531][   T30] audit: type=1400 audit(1745830880.012:570): avc:  denied  { read } for  pid=10615 comm="syz.4.952" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  353.543895][ T6346] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  353.557560][ T6346] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  353.615850][ T3557] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  353.623814][ T3557] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  353.998580][   T30] audit: type=1400 audit(1745830880.602:571): avc:  denied  { mounton } for  pid=9676 comm="syz-executor" path="/root/syzkaller.z00KPe/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  354.271162][   T30] audit: type=1400 audit(1745830880.872:572): avc:  denied  { mounton } for  pid=9676 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  354.300509][T10652] input: syz1 as /devices/virtual/input/input21
[  354.411353][T10654] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  354.666753][  T910] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  354.683130][   T30] audit: type=1400 audit(1745830881.282:573): avc:  denied  { write } for  pid=10668 comm="syz.4.957" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  354.805821][  T910] usb 4-1: device descriptor read/64, error -71
[  354.941317][T10682] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  354.954293][   T30] audit: type=1400 audit(1745830881.402:574): avc:  denied  { map } for  pid=10668 comm="syz.4.957" path="/dev/null" dev="devtmpfs" ino=5 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:null_device_t tclass=chr_file permissive=1
[  355.045745][  T910] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  355.185567][  T910] usb 4-1: device descriptor read/64, error -71
[  355.262735][T10693] netlink: 8 bytes leftover after parsing attributes in process `syz.1.960'.
[  355.469221][T10669] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  355.507081][T10669] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  355.801852][  T910] usb usb4-port1: attempt power cycle
[  356.035689][T10686] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(10)
[  356.042343][T10686] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  356.129316][   T30] audit: type=1326 audit(1745830881.702:575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10687 comm="syz.1.960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea7338e969 code=0x7ffc0000
[  356.169103][T10699] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  356.175737][T10686] vhci_hcd vhci_hcd.0: Device attached
[  356.182853][   T30] audit: type=1326 audit(1745830881.702:576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10687 comm="syz.1.960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea7338e969 code=0x7ffc0000
[  356.224978][   T30] audit: type=1326 audit(1745830881.712:577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10687 comm="syz.1.960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fea7338d2d0 code=0x7ffc0000
[  356.256267][   T30] audit: type=1326 audit(1745830881.712:578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10687 comm="syz.1.960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea7338e969 code=0x7ffc0000
[  356.284922][T10691] vhci_hcd vhci_hcd.0: pdev(5) rhport(1) sockfd(13)
[  356.291532][T10691] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  356.301576][T10686] vhci_hcd vhci_hcd.0: pdev(5) rhport(3) sockfd(12)
[  356.308176][T10686] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  356.319830][T10691] vhci_hcd vhci_hcd.0: Device attached
[  356.325905][T10686] vhci_hcd vhci_hcd.0: Device attached
[  356.333216][T10686] vhci_hcd vhci_hcd.0: pdev(5) rhport(4) sockfd(18)
[  356.339807][T10686] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  356.361544][T10686] vhci_hcd vhci_hcd.0: Device attached
[  356.368916][T10686] 9pnet_fd: Insufficient options for proto=fd
[  356.395572][   T24] vhci_hcd: vhci_device speed not set
[  356.403947][T10669] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  356.411431][T10669] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  356.418017][  T910] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  356.426590][T10686] vhci_hcd vhci_hcd.0: pdev(5) rhport(5) sockfd(23)
[  356.433197][T10686] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  356.443457][T10691] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  356.452005][T10686] vhci_hcd vhci_hcd.0: Device attached
[  356.456542][T10691] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  356.458224][   T24] usb 43-1: new full-speed USB device number 2 using vhci_hcd
[  356.475352][  T910] usb 4-1: device descriptor read/8, error -71
[  356.509740][T10669] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  356.517201][T10669] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  356.535859][T10669] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  356.542749][T10686] vhci_hcd vhci_hcd.0: port 0 already used
[  356.589007][T10694] vhci_hcd: connection closed
[  356.589225][T10688] vhci_hcd: connection reset by peer
[  356.598294][T10715] input: syz1 as /devices/virtual/input/input22
[  356.599449][T10704] vhci_hcd: connection closed
[  356.605598][T10707] vhci_hcd: connection closed
[  356.605864][T10710] vhci_hcd: connection closed
[  356.614981][  T998] vhci_hcd: stop threads
[  356.630149][  T998] vhci_hcd: release socket
[  356.634680][  T998] vhci_hcd: disconnect device
[  356.641228][  T998] vhci_hcd: stop threads
[  356.651271][  T998] vhci_hcd: release socket
[  356.657133][  T998] vhci_hcd: disconnect device
[  356.686216][  T998] vhci_hcd: stop threads
[  356.703525][  T998] vhci_hcd: release socket
[  356.712691][  T998] vhci_hcd: disconnect device
[  356.944457][  T910] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  357.021537][   T54] Bluetooth: hci0: command 0x0406 tx timeout
[  357.044708][  T998] vhci_hcd: stop threads
[  357.049193][  T998] vhci_hcd: release socket
[  357.053821][  T998] vhci_hcd: disconnect device
[  357.059556][  T998] vhci_hcd: stop threads
[  357.064004][  T998] vhci_hcd: release socket
[  357.071882][  T998] vhci_hcd: disconnect device
[  357.444898][  T910] usb 4-1: device descriptor read/8, error -71
[  357.582822][  T910] usb usb4-port1: unable to enumerate USB device
[  358.445682][   T54] Bluetooth: hci4: command 0x0406 tx timeout
[  358.535592][   T54] Bluetooth: hci2: command 0x0c1a tx timeout
[  358.650246][T10766] fuse: Bad value for 'rootmode'
[  359.085545][   T54] Bluetooth: hci0: command 0x0406 tx timeout
[  359.306844][   T30] kauditd_printk_skb: 29 callbacks suppressed
[  359.307867][   T30] audit: type=1800 audit(1745830885.912:608): pid=10763 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.3.968" name="/" dev="fuse" ino=0 res=0 errno=0
[  359.435368][   T30] audit: type=1400 audit(1745830886.032:609): avc:  denied  { listen } for  pid=10775 comm="syz.5.972" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  360.339295][T10795] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10)
[  360.345945][T10795] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  360.361955][T10795] vhci_hcd vhci_hcd.0: Device attached
[  360.455727][T10795] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(12)
[  360.462381][T10795] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  360.485411][T10795] vhci_hcd vhci_hcd.0: Device attached
[  360.518428][T10795] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  360.526934][   T54] Bluetooth: hci4: command 0x0406 tx timeout
[  360.645240][   T54] Bluetooth: hci2: command 0x0c1a tx timeout
[  360.672512][  T910] vhci_hcd: vhci_device speed not set
[  360.702302][T10795] vhci_hcd vhci_hcd.0: pdev(2) rhport(3) sockfd(16)
[  360.708955][T10795] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  360.718160][T10795] vhci_hcd vhci_hcd.0: Device attached
[  360.727908][T10808] vhci_hcd vhci_hcd.0: pdev(2) rhport(4) sockfd(20)
[  360.728539][   T30] audit: type=1400 audit(1745830887.313:610): avc:  denied  { validate_trans } for  pid=10807 comm="syz.3.980" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  360.734519][T10808] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  360.808772][  T910] usb 37-1: new full-speed USB device number 6 using vhci_hcd
[  361.044131][T10808] vhci_hcd vhci_hcd.0: Device attached
[  361.219931][T10795] 9pnet_fd: Insufficient options for proto=fd
[  361.278727][T10808] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  361.312945][T10808] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  361.495641][T10795] vhci_hcd vhci_hcd.0: pdev(2) rhport(5) sockfd(23)
[  361.502289][T10795] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  361.543328][T10795] vhci_hcd vhci_hcd.0: Device attached
[  361.555228][   T24] vhci_hcd: vhci_device speed not set
[  361.610879][T10808] vhci_hcd vhci_hcd.0: port 0 already used
[  361.796934][T10823] vhci_hcd: connection closed
[  361.798590][ T6346] vhci_hcd: stop threads
[  361.808457][T10814] vhci_hcd: connection closed
[  361.815796][T10811] vhci_hcd: connection closed
[  361.824123][T10801] vhci_hcd: connection closed
[  361.831273][T10796] vhci_hcd: connection reset by peer
[  361.831678][ T6346] vhci_hcd: release socket
[  361.855312][ T6346] vhci_hcd: disconnect device
[  361.861316][ T6346] vhci_hcd: stop threads
[  361.866106][ T6346] vhci_hcd: release socket
[  361.870975][ T6346] vhci_hcd: disconnect device
[  361.931560][ T6346] vhci_hcd: stop threads
[  361.949548][ T6346] vhci_hcd: release socket
[  361.954174][ T6346] vhci_hcd: disconnect device
[  361.972882][ T6346] vhci_hcd: stop threads
[  361.977303][ T6346] vhci_hcd: release socket
[  361.982161][ T6346] vhci_hcd: disconnect device
[  362.022651][ T6346] vhci_hcd: stop threads
[  362.032503][ T6346] vhci_hcd: release socket
[  362.052379][ T6346] vhci_hcd: disconnect device
[  363.117043][   T54] Bluetooth: hci2: command 0x0c1a tx timeout
[  364.539829][T10898] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  364.699340][T10898] overlayfs: missing 'lowerdir'
[  365.003344][T10906] syz.3.995: attempt to access beyond end of device
[  365.003344][T10906] nbd3: rw=0, sector=16, nr_sectors = 1 limit=0
[  365.018078][T10906] qnx6: unable to read the first superblock
[  365.027898][T10906] syz.3.995: attempt to access beyond end of device
[  365.027898][T10906] nbd3: rw=0, sector=0, nr_sectors = 1 limit=0
[  365.042480][T10906] qnx6: unable to read the first superblock
[  365.048790][T10906] qnx6: unable to read the first superblock
[  365.299659][   T30] audit: type=1400 audit(1745830891.903:611): avc:  denied  { ioctl } for  pid=10905 comm="syz.2.996" path="socket:[24836]" dev="sockfs" ino=24836 ioctlcmd=0x89e8 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  365.333001][T10908] qrtr: Invalid version 38
[  365.337621][T10910] qrtr: Invalid version 38
[  366.575028][T10924] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(10)
[  366.581690][T10924] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  366.595030][  T910] vhci_hcd: vhci_device speed not set
[  366.618562][T10924] vhci_hcd vhci_hcd.0: Device attached
[  366.645227][T10924] vhci_hcd vhci_hcd.0: pdev(4) rhport(1) sockfd(12)
[  366.651879][T10924] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  366.679762][T10924] vhci_hcd vhci_hcd.0: Device attached
[  366.856680][ T5859] vhci_hcd: vhci_device speed not set
[  366.914932][ T5859] usb 41-1: new full-speed USB device number 4 using vhci_hcd
[  366.970025][T10938] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  367.097981][T10924] vhci_hcd vhci_hcd.0: pdev(4) rhport(3) sockfd(17)
[  367.104623][T10924] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  367.461295][T10924] vhci_hcd vhci_hcd.0: Device attached
[  367.633202][T10947] 9pnet_fd: Insufficient options for proto=fd
[  367.815593][T10938] vhci_hcd vhci_hcd.0: pdev(4) rhport(4) sockfd(20)
[  367.822244][T10938] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  367.854443][T10949] vhci_hcd vhci_hcd.0: pdev(4) rhport(5) sockfd(25)
[  367.861092][T10949] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  367.939283][T10938] vhci_hcd vhci_hcd.0: Device attached
[  367.963192][T10949] vhci_hcd vhci_hcd.0: Device attached
[  367.999580][T10924] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  368.043866][T10947] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  368.105922][T10971] vhci_hcd vhci_hcd.0: port 0 already used
[  368.199609][   T30] audit: type=1400 audit(1745830894.743:612): avc:  denied  { checkpoint_restore } for  pid=10960 comm="syz.3.1006" capability=40  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  368.477978][T10952] vhci_hcd: connection closed
[  368.478896][ T6346] vhci_hcd: stop threads
[  368.488641][T10948] vhci_hcd: connection closed
[  368.489132][T10945] vhci_hcd: connection closed
[  368.519969][T10925] vhci_hcd: connection reset by peer
[  368.538091][T10928] vhci_hcd: connection closed
[  368.588048][ T6346] vhci_hcd: release socket
[  368.658589][ T6346] vhci_hcd: disconnect device
[  368.674797][ T6346] vhci_hcd: stop threads
[  368.679101][ T6346] vhci_hcd: release socket
[  368.683600][ T6346] vhci_hcd: disconnect device
[  368.688982][ T6346] vhci_hcd: stop threads
[  368.693239][ T6346] vhci_hcd: release socket
[  368.700034][ T6346] vhci_hcd: disconnect device
[  368.705974][ T6346] vhci_hcd: stop threads
[  368.710235][ T6346] vhci_hcd: release socket
[  368.716514][ T6346] vhci_hcd: disconnect device
[  368.725017][ T6346] vhci_hcd: stop threads
[  368.729311][ T6346] vhci_hcd: release socket
[  368.733941][ T6346] vhci_hcd: disconnect device
[  368.979463][T10995] input: syz1 as /devices/virtual/input/input23
[  369.058616][T10997] FAULT_INJECTION: forcing a failure.
[  369.058616][T10997] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  369.071782][T10997] CPU: 0 UID: 0 PID: 10997 Comm: syz.3.1010 Not tainted 6.15.0-rc4-syzkaller #0 PREEMPT(full) 
[  369.071805][T10997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  369.071815][T10997] Call Trace:
[  369.071821][T10997]  <TASK>
[  369.071828][T10997]  dump_stack_lvl+0x16c/0x1f0
[  369.071854][T10997]  should_fail_ex+0x512/0x640
[  369.071879][T10997]  _copy_from_user+0x2e/0xd0
[  369.071903][T10997]  map_update_elem+0x581/0x920
[  369.071924][T10997]  ? __pfx_map_update_elem+0x10/0x10
[  369.071941][T10997]  ? selinux_bpf+0xee/0x130
[  369.071960][T10997]  __sys_bpf+0x1616/0x4d80
[  369.071983][T10997]  ? __pfx___sys_bpf+0x10/0x10
[  369.072008][T10997]  ? rcu_is_watching+0x12/0xc0
[  369.072027][T10997]  ? irqentry_exit+0x3b/0x90
[  369.072059][T10997]  ? fput+0xe2/0xf0
[  369.072077][T10997]  ? ksys_write+0x1b9/0x240
[  369.072105][T10997]  ? __pfx_ksys_write+0x10/0x10
[  369.072132][T10997]  __x64_sys_bpf+0x78/0xc0
[  369.072151][T10997]  ? lockdep_hardirqs_on+0x7c/0x110
[  369.072169][T10997]  do_syscall_64+0xcd/0x260
[  369.072190][T10997]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  369.072207][T10997] RIP: 0033:0x7f43e218e969
[  369.072221][T10997] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  369.072238][T10997] RSP: 002b:00007f43e2fc0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  369.072254][T10997] RAX: ffffffffffffffda RBX: 00007f43e23b6160 RCX: 00007f43e218e969
[  369.072265][T10997] RDX: 0000000000000020 RSI: 0000200000000280 RDI: 0000000000000002
[  369.072276][T10997] RBP: 00007f43e2fc0090 R08: 0000000000000000 R09: 0000000000000000
[  369.072285][T10997] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  369.072295][T10997] R13: 0000000000000000 R14: 00007f43e23b6160 R15: 00007ffc9c6578a8
[  369.072318][T10997]  </TASK>
[  369.339135][T11000] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  369.865071][   T58] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  370.087064][   T58] usb 2-1: Using ep0 maxpacket: 8
[  370.564286][   T58] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  370.588740][   T58] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  370.954976][   T58] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  371.011114][   T58] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  371.063035][   T58] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  371.072536][   T58] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  371.124353][T11033] sd 0:0:1:0: device reset
[  371.417437][   T58] usb 2-1: GET_CAPABILITIES returned 0
[  371.437580][   T58] usbtmc 2-1:16.0: can't read capabilities
[  371.494663][   T30] audit: type=1400 audit(1745830898.093:613): avc:  denied  { setopt } for  pid=11046 comm="syz.5.1019" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  371.874095][T11052] netlink: 'syz.3.1018': attribute type 1 has an invalid length.
[  372.114964][ T5859] vhci_hcd: vhci_device speed not set
[  373.943434][   T30] audit: type=1400 audit(1745830899.313:614): avc:  denied  { nlmsg_write } for  pid=11067 comm="syz.3.1022" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  375.574369][    C1] sched: DL replenish lagged too much
[  376.454144][ T5865] usb 2-1: USB disconnect, device number 22
[  379.036553][ T1293] ieee802154 phy0 wpan0: encryption failed: -22
[  379.043504][ T1293] ieee802154 phy1 wpan1: encryption failed: -22
[  379.969859][   T30] audit: type=1400 audit(1745830906.574:615): avc:  denied  { read } for  pid=11096 comm="syz.3.1025" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  380.274294][ T5865] usb 4-1: new full-speed USB device number 20 using dummy_hcd
[  380.447311][ T5865] usb 4-1: config 1 interface 0 altsetting 6 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  380.464501][ T5865] usb 4-1: config 1 interface 0 altsetting 6 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  380.500364][ T5865] usb 4-1: config 1 interface 0 has no altsetting 0
[  380.516078][ T5865] usb 4-1: New USB device found, idVendor=18d1, idProduct=5061, bcdDevice= 0.40
[  380.535668][ T5865] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  380.557833][ T5865] usb 4-1: Product: చ
[  380.562044][ T5865] usb 4-1: Manufacturer: 뱎셻岓暤ឰ䶡篫虾鸃痗騳䲾獅⛿磫ṩ뇸夙諴㲭댅퉁홐瓓嚹皖龨淂匑ᵝᗗ੷峸逋✆쎉ῤƇ㾟
[  380.602911][ T5865] usb 4-1: SerialNumber: 《
[  380.626094][T11101] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  381.017356][   T30] audit: type=1400 audit(1745830907.624:616): avc:  granted  { setsecparam } for  pid=11096 comm="syz.3.1025" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  384.361517][ T5865] usbhid 4-1:1.0: can't add hid device: -71
[  384.399826][ T5865] usbhid 4-1:1.0: probe with driver usbhid failed with error -71
[  384.510699][ T5865] usb 4-1: USB disconnect, device number 20
[  384.556685][T11159] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  385.543806][   T30] audit: type=1400 audit(1745830912.134:617): avc:  denied  { bind } for  pid=11178 comm="syz.2.1033" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  385.572817][T11159] overlayfs: missing 'lowerdir'
[  500.127327][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  500.134319][    C1] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P5859/1:b..l
[  500.142713][    C1] rcu: 	(detected by 1, t=10502 jiffies, g=29281, q=1285386 ncpus=2)
[  500.150787][    C1] task:kworker/0:4     state:R  running task     stack:22552 pid:5859  tgid:5859  ppid:2      task_flags:0x4208060 flags:0x00004000
[  500.165515][    C1] Workqueue: events send_dm_alert
[  500.170573][    C1] Call Trace:
[  500.173854][    C1]  <TASK>
[  500.176785][    C1]  __schedule+0x116f/0x5de0
[  500.181313][    C1]  ? __pfx___schedule+0x10/0x10
[  500.186142][    C1]  ? __lock_acquire+0x5ca/0x1ba0
[  500.191077][    C1]  ? mark_held_locks+0x49/0x80
[  500.195853][    C1]  preempt_schedule_irq+0x51/0x90
[  500.200887][    C1]  irqentry_exit+0x36/0x90
[  500.205311][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  500.211301][    C1] RIP: 0010:__reset_page_owner+0x5f/0x1a0
[  500.217046][    C1] Code: 89 c3 e8 44 90 90 ff 4c 8b 3d 3d 68 30 0c 48 b8 00 00 00 00 00 fc ff df 49 01 df 49 8d 7f 08 48 89 fa 48 c1 ea 03 0f b6 04 02 <84> c0 74 08 3c 03 0f 8e 2a 01 00 00 48 89 df 45 8b 7f 08 0f b7 dd
[  500.236656][    C1] RSP: 0018:ffffc90004c2f930 EFLAGS: 00000a02
[  500.242748][    C1] RAX: 0000000000000000 RBX: ffff88801f5a7480 RCX: ffffffff822c1509
[  500.250737][    C1] RDX: 1ffff11003eb4e92 RSI: ffffffff822aa0bc RDI: ffff88801f5a7490
[  500.258724][    C1] RBP: 0000000000000000 R08: 0000000000000007 R09: 0000000000000000
[  500.266710][    C1] R10: 0000000000000000 R11: 0000000000000000 R12: ffffea0001f52a00
[  500.274689][    C1] R13: 0000005bfdfcb175 R14: 0000000000000000 R15: ffff88801f5a7488
[  500.282663][    C1]  ? lookup_page_ext+0x119/0x190
[  500.287594][    C1]  ? __reset_page_owner+0x3c/0x1a0
[  500.292718][    C1]  __free_frozen_pages+0x69d/0xff0
[  500.297850][    C1]  __put_partials+0x16d/0x1c0
[  500.302535][    C1]  qlist_free_all+0x4e/0x120
[  500.307135][    C1]  kasan_quarantine_reduce+0x195/0x1e0
[  500.312604][    C1]  __kasan_kmalloc+0x8a/0xb0
[  500.317218][    C1]  __kmalloc_node_track_caller_noprof+0x221/0x510
[  500.323636][    C1]  ? __alloc_skb+0x166/0x380
[  500.328232][    C1]  ? trace_kmem_cache_alloc+0x28/0xc0
[  500.333599][    C1]  kmalloc_reserve+0xef/0x2c0
[  500.338265][    C1]  __alloc_skb+0x166/0x380
[  500.342684][    C1]  ? __pfx___alloc_skb+0x10/0x10
[  500.347638][    C1]  reset_per_cpu_data+0x26/0x240
[  500.352582][    C1]  send_dm_alert+0x1e/0xf0
[  500.357015][    C1]  ? rcu_is_watching+0x12/0xc0
[  500.361784][    C1]  process_one_work+0x9cc/0x1b70
[  500.366738][    C1]  ? __pfx_nsim_dev_hwstats_traffic_work+0x10/0x10
[  500.373241][    C1]  ? __pfx_process_one_work+0x10/0x10
[  500.378624][    C1]  ? assign_work+0x1a0/0x250
[  500.383223][    C1]  worker_thread+0x6c8/0xf10
[  500.387820][    C1]  ? __kthread_parkme+0x19e/0x250
[  500.392855][    C1]  ? __pfx_worker_thread+0x10/0x10
[  500.397973][    C1]  kthread+0x3c2/0x780
[  500.402048][    C1]  ? __pfx_kthread+0x10/0x10
[  500.406637][    C1]  ? __pfx_kthread+0x10/0x10
[  500.411244][    C1]  ? __pfx_kthread+0x10/0x10
[  500.415835][    C1]  ? __pfx_kthread+0x10/0x10
[  500.420447][    C1]  ? rcu_is_watching+0x12/0xc0
[  500.425212][    C1]  ? __pfx_kthread+0x10/0x10
[  500.429805][    C1]  ret_from_fork+0x45/0x80
[  500.434220][    C1]  ? __pfx_kthread+0x10/0x10
[  500.438799][    C1]  ret_from_fork_asm+0x1a/0x30
[  500.443583][    C1]  </TASK>
[  500.446622][    C1] rcu: rcu_preempt kthread starved for 9852 jiffies! g29281 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[  500.457740][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  500.467711][    C1] rcu: RCU grace-period kthread stack dump:
[  500.473596][    C1] task:rcu_preempt     state:R  running task     stack:27704 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00004000
[  500.487103][    C1] Call Trace:
[  500.490375][    C1]  <TASK>
[  500.493312][    C1]  __schedule+0x116f/0x5de0
[  500.497831][    C1]  ? __lock_acquire+0x5ca/0x1ba0
[  500.502781][    C1]  ? __pfx___schedule+0x10/0x10
[  500.507639][    C1]  ? find_held_lock+0x2b/0x80
[  500.512338][    C1]  ? schedule+0x2d7/0x3a0
[  500.516687][    C1]  schedule+0xe7/0x3a0
[  500.520768][    C1]  schedule_timeout+0x123/0x290
[  500.525632][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[  500.531012][    C1]  ? __pfx_process_timeout+0x10/0x10
[  500.536279][    C1]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  500.542093][    C1]  ? prepare_to_swait_event+0xf5/0x480
[  500.547567][    C1]  rcu_gp_fqs_loop+0x1ea/0xb00
[  500.552341][    C1]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  500.557635][    C1]  ? rcu_gp_cleanup+0x7c1/0xd90
[  500.562507][    C1]  rcu_gp_kthread+0x270/0x380
[  500.567193][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  500.572409][    C1]  ? rcu_is_watching+0x12/0xc0
[  500.577192][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  500.582409][    C1]  ? __kthread_parkme+0x19e/0x250
[  500.587445][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  500.592661][    C1]  kthread+0x3c2/0x780
[  500.596737][    C1]  ? __pfx_kthread+0x10/0x10
[  500.601328][    C1]  ? __pfx_kthread+0x10/0x10
[  500.605925][    C1]  ? __pfx_kthread+0x10/0x10
[  500.610516][    C1]  ? __pfx_kthread+0x10/0x10
[  500.615104][    C1]  ? rcu_is_watching+0x12/0xc0
[  500.619891][    C1]  ? __pfx_kthread+0x10/0x10
[  500.624494][    C1]  ret_from_fork+0x45/0x80
[  500.628915][    C1]  ? __pfx_kthread+0x10/0x10
[  500.633506][    C1]  ret_from_fork_asm+0x1a/0x30
[  500.638299][    C1]  </TASK>
[  500.641320][    C1] rcu: Stack dump where RCU GP kthread last ran:
[  500.647690][    C1] Sending NMI from CPU 1 to CPUs 0:
[  500.652906][    C0] NMI backtrace for cpu 0
[  500.652919][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted 6.15.0-rc4-syzkaller #0 PREEMPT(full) 
[  500.652934][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  500.652942][    C0] RIP: 0010:__lock_acquire+0x165/0x1ba0
[  500.652965][    C0] Code: 10 48 89 df 66 81 e2 ff 1f 4c 89 7b 18 66 25 00 e0 09 d0 66 89 43 20 48 8b 84 24 b0 00 00 00 48 89 43 08 41 8b 8e d4 0a 00 00 <31> c0 65 8b 15 aa 0d 0c 12 85 c9 44 89 e9 44 8b ac 24 c8 00 00 00
[  500.652977][    C0] RSP: 0018:ffffc90000006a80 EFLAGS: 00000002
[  500.652988][    C0] RAX: ffffffff8169c9dd RBX: ffffffff8e0982a8 RCX: 0000000000000001
[  500.652996][    C0] RDX: 0000000000000007 RSI: ffffffff8e098280 RDI: ffffffff8e0982a8
[  500.653004][    C0] RBP: ffffffff8e098230 R08: 0000000000000000 R09: 0000000000000001
[  500.653012][    C0] R10: 0000000000000000 R11: ffffffff8e3bf5c0 R12: 0000000000000000
[  500.653019][    C0] R13: 0000000000000002 R14: ffffffff8e097740 R15: 0000000000000000
[  500.653027][    C0] FS:  0000000000000000(0000) GS:ffff8881249e4000(0000) knlGS:0000000000000000
[  500.653041][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  500.653049][    C0] CR2: 00007ffeea52adec CR3: 0000000066a63000 CR4: 00000000003526f0
[  500.653057][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  500.653065][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  500.653073][    C0] Call Trace:
[  500.653077][    C0]  <IRQ>
[  500.653084][    C0]  ? lock_acquire+0x179/0x350
[  500.653102][    C0]  lock_acquire+0x179/0x350
[  500.653119][    C0]  ? unwind_next_frame+0xbd/0x20a0
[  500.653135][    C0]  ? unwind_next_frame+0x3f4/0x20a0
[  500.653149][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  500.653165][    C0]  unwind_next_frame+0xd1/0x20a0
[  500.653179][    C0]  ? unwind_next_frame+0xbd/0x20a0
[  500.653192][    C0]  ? rt_dst_alloc+0x35/0x3a0
[  500.653206][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  500.653221][    C0]  arch_stack_walk+0x94/0x100
[  500.653238][    C0]  ? rt_dst_alloc+0x35/0x3a0
[  500.653250][    C0]  stack_trace_save+0x8e/0xc0
[  500.653264][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  500.653278][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  500.653293][    C0]  ? arch_stack_walk+0x94/0x100
[  500.653308][    C0]  kasan_save_stack+0x33/0x60
[  500.653326][    C0]  ? kasan_save_stack+0x33/0x60
[  500.653343][    C0]  ? kasan_save_track+0x14/0x30
[  500.653359][    C0]  ? __kasan_kmalloc+0xaa/0xb0
[  500.653375][    C0]  ? ref_tracker_alloc+0x18e/0x5b0
[  500.653391][    C0]  ? dst_init+0xda/0x580
[  500.653406][    C0]  ? dst_alloc+0xbb/0x1a0
[  500.653419][    C0]  ? rt_dst_alloc+0x35/0x3a0
[  500.653442][    C0]  kasan_save_track+0x14/0x30
[  500.653459][    C0]  __kasan_kmalloc+0xaa/0xb0
[  500.653476][    C0]  ref_tracker_alloc+0x18e/0x5b0
[  500.653491][    C0]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  500.653510][    C0]  ? rcu_is_watching+0x12/0xc0
[  500.653525][    C0]  dst_init+0xda/0x580
[  500.653541][    C0]  dst_alloc+0xbb/0x1a0
[  500.653556][    C0]  rt_dst_alloc+0x35/0x3a0
[  500.653567][    C0]  ip_route_output_key_hash_rcu+0x87a/0x28f0
[  500.653586][    C0]  ip_route_output_key_hash+0x137/0x2e0
[  500.653601][    C0]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  500.653617][    C0]  ? lock_acquire+0x179/0x350
[  500.653633][    C0]  ? find_held_lock+0x2b/0x80
[  500.653648][    C0]  ip_route_output_flow+0x27/0x150
[  500.653663][    C0]  ip_route_me_harder+0x565/0x12f0
[  500.653684][    C0]  ? __pfx_ip_route_me_harder+0x10/0x10
[  500.653701][    C0]  ? rcu_is_watching+0x12/0xc0
[  500.653718][    C0]  ? __pfx_cookie_hash+0x10/0x10
[  500.653733][    C0]  synproxy_send_tcp.isra.0+0x2fa/0x630
[  500.653753][    C0]  synproxy_send_client_synack+0x6f6/0x8f0
[  500.653773][    C0]  ? __pfx_synproxy_send_client_synack+0x10/0x10
[  500.653792][    C0]  ? nft_log_init+0x4c8/0x9c0
[  500.653810][    C0]  nft_synproxy_do_eval+0xa63/0xd80
[  500.653825][    C0]  ? __pfx_nft_synproxy_do_eval+0x10/0x10
[  500.653841][    C0]  ? __lock_acquire+0xaa4/0x1ba0
[  500.653858][    C0]  ? __pfx_nft_synproxy_eval+0x10/0x10
[  500.653871][    C0]  nft_do_chain+0x2e6/0x1920
[  500.653885][    C0]  ? __pfx_nft_do_chain+0x10/0x10
[  500.653896][    C0]  ? ipt_do_table+0xd48/0x1ac0
[  500.653915][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[  500.653932][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[  500.653944][    C0]  ? ipt_do_table+0xd48/0x1ac0
[  500.653961][    C0]  nft_do_chain_inet+0x18a/0x340
[  500.653974][    C0]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  500.653985][    C0]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  500.654004][    C0]  ? __pfx_ipt_do_table+0x10/0x10
[  500.654017][    C0]  ? nf_nat_ipv4_local_in+0x181/0x720
[  500.654033][    C0]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  500.654044][    C0]  nf_hook_slow+0xbb/0x200
[  500.654061][    C0]  nf_hook.constprop.0+0x422/0x750
[  500.654077][    C0]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  500.654094][    C0]  ? __pfx_nf_hook.constprop.0+0x10/0x10
[  500.654109][    C0]  ? __pfx_ip_rcv_finish+0x10/0x10
[  500.654126][    C0]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  500.654144][    C0]  ip_local_deliver+0x169/0x1f0
[  500.654159][    C0]  ? __pfx_ip_local_deliver+0x10/0x10
[  500.654176][    C0]  ip_rcv+0x2c3/0x5d0
[  500.654192][    C0]  ? __pfx_ip_rcv+0x10/0x10
[  500.654206][    C0]  __netif_receive_skb_one_core+0x197/0x1e0
[  500.654223][    C0]  ? __pfx___netif_receive_skb_one_core+0x10/0x10
[  500.654239][    C0]  ? lock_acquire+0x179/0x350
[  500.654258][    C0]  ? process_backlog+0x3f0/0x15e0
[  500.654273][    C0]  __netif_receive_skb+0x1d/0x160
[  500.654288][    C0]  process_backlog+0x442/0x15e0
[  500.654307][    C0]  __napi_poll.constprop.0+0xb7/0x550
[  500.654322][    C0]  ? rcu_is_watching+0x12/0xc0
[  500.654336][    C0]  net_rx_action+0xa97/0x1010
[  500.654354][    C0]  ? __pfx_net_rx_action+0x10/0x10
[  500.654369][    C0]  ? sched_balance_domains+0x283/0xee0
[  500.654391][    C0]  handle_softirqs+0x216/0x8e0
[  500.654407][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  500.654423][    C0]  __irq_exit_rcu+0x109/0x170
[  500.654436][    C0]  irq_exit_rcu+0x9/0x30
[  500.654449][    C0]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  500.654461][    C0]  </IRQ>
[  500.654465][    C0]  <TASK>
[  500.654470][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  500.654483][    C0] RIP: 0010:pv_native_safe_halt+0xf/0x20
[  500.654496][    C0] Code: 95 62 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 73 aa 1d 00 fb f4 <c3> cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
[  500.654507][    C0] RSP: 0018:ffffffff8e007e10 EFLAGS: 000002c6
[  500.654516][    C0] RAX: 0000000001d9b11d RBX: 0000000000000000 RCX: ffffffff8b6c4419
[  500.654524][    C0] RDX: 0000000000000000 RSI: ffffffff8dbdf889 RDI: ffffffff8bf47d60
[  500.654532][    C0] RBP: fffffbfff1c12ee8 R08: 0000000000000001 R09: ffffed10170865bd
[  500.654540][    C0] R10: ffff8880b8432deb R11: 0000000000000000 R12: 0000000000000000
[  500.654547][    C0] R13: ffffffff8e097740 R14: ffffffff9084f010 R15: 0000000000000000
[  500.654558][    C0]  ? ct_kernel_exit+0x139/0x190
[  500.654573][    C0]  default_idle+0x13/0x20
[  500.654586][    C0]  default_idle_call+0x6d/0xb0
[  500.654601][    C0]  do_idle+0x391/0x510
[  500.654615][    C0]  ? __pfx_do_idle+0x10/0x10
[  500.654628][    C0]  ? trace_sched_exit_tp+0x31/0x130
[  500.654645][    C0]  cpu_startup_entry+0x4f/0x60
[  500.654660][    C0]  rest_init+0x16b/0x2b0
[  500.654674][    C0]  ? acpi_subsystem_init+0x133/0x180
[  500.654694][    C0]  ? __pfx_x86_late_time_init+0x10/0x10
[  500.654709][    C0]  start_kernel+0x3e9/0x4d0
[  500.654723][    C0]  x86_64_start_reservations+0x18/0x30
[  500.654736][    C0]  x86_64_start_kernel+0xb0/0xc0
[  500.654749][    C0]  common_startup_64+0x13e/0x148
[  500.654767][    C0]  </TASK>
[  501.633595][ T1293] ieee802154 phy0 wpan0: encryption failed: -22
[  501.849619][ T1293] ieee802154 phy1 wpan1: encryption failed: -22
[  508.038313][ T1293] ieee802154 phy0 wpan0: encryption failed: -22
[  509.218626][ T1293] ieee802154 phy1 wpan1: encryption failed: -22