last executing test programs:

12.241897698s ago: executing program 4 (id=604):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x11, 0x5d032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000)
socket$key(0xf, 0x3, 0x2)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[@ANYBLOB="020300030f000000000700000000000005000900e000000001d78771b90bd8a3b4914783c58777003d5b9538a9d03e6e9bfdac5500000000030006000000000002000000000000000000000000000000020001000000007ffffffe1600000000030005000000000002"], 0x78}, 0x1, 0x7}, 0x0)
accept$unix(r1, &(0x7f0000000100)=@abs, 0x0)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000040)={0x84, @dev={0xac, 0x14, 0x14, 0xb}, 0x15, 0x3, 'sh\x00', 0x1, 0x4, 0x72}, 0x2c)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(r4, 0x0, 0x487, &(0x7f0000000000)={{0x84, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e1f, 0x3, 'lc\x00', 0x4, 0x81, 0x5}, {@rand_addr=0x64010102, 0x4e26, 0x0, 0xcb, 0x12d60, 0x9}}, 0x44)
setsockopt$IP_VS_SO_SET_EDITDEST(0xffffffffffffffff, 0x0, 0x489, &(0x7f0000000380)={{0x84, @multicast1, 0x4e20, 0x3, 'sh\x00', 0x0, 0x60000000, 0xc}, {@rand_addr=0x64010102, 0x4e26, 0x12002, 0x3, 0x8001, 0x1}}, 0x44)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x30, r6, 0x1, 0x70bd25, 0x25dfdbff, {{}, {}, {0x14, 0x18, {0x0, @bearer=@udp='udp:syz2\x00'}}}}, 0x30}, 0x1, 0x0, 0x0, 0x4880}, 0x40090)
setsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@mcast1, @in=@multicast2, 0x0, 0x0, 0x4e22, 0x0, 0xa, 0x0, 0x80, 0x0, 0x0, 0xee01}, {0x10000, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x34e, 0xfffffffffffffffd}, {0x0, 0x6, 0x0, 0x8}, 0x0, 0x0, 0x2, 0x0, 0x1}, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x2, 0x6c}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x5, 0x1, 0xb7, 0x0, 0x0, 0x1}}, 0xe8)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200003, 0x0, 0x0, 0x7})
setgroups(0x0, 0x0)
r7 = fsopen(&(0x7f00000000c0)='autofs\x00', 0x0)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
close_range(r7, 0xffffffffffffffff, 0x200000000000000)

9.199992658s ago: executing program 0 (id=613):
mkdir(&(0x7f0000000180)='./file0\x00', 0x30)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, 0x0)
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x10)
r3 = syz_usb_connect(0x5, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="120100000cb768405e0483020b990102030109021b000100000000090400000101292000090509"], 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
gettid()
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
ioctl$vim2m_VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045612, &(0x7f0000000000)=0x1)
ioctl$vim2m_VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f0000000200)=@userptr={0x2000000, 0x1, 0x4, 0x2, 0x0, {0x0, 0x2710}, {0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '#\x00'}, 0x0, 0x2, {0x0}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), r0)
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, 0x0, 0x8000)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$audion(&(0x7f00000011c0), 0x3, 0x8c4201)
sendmsg$SOCK_DIAG_BY_FAMILY(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000005c0)=ANY=[@ANYRES64=r2], 0x14}}, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)

8.790931755s ago: executing program 4 (id=614):
mkdir(&(0x7f0000000180)='./file0\x00', 0x30)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, 0x0)
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x10)
r4 = syz_usb_connect(0x5, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="120100000cb768405e0483020b990102030109021b000100000000090400000101292000090509"], 0x0)
syz_usb_control_io$hid(r4, 0x0, 0x0)
gettid()
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
ioctl$vim2m_VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045612, &(0x7f0000000000)=0x1)
ioctl$vim2m_VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f0000000200)=@userptr={0x2000000, 0x1, 0x4, 0x2, 0x0, {0x0, 0x2710}, {0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '#\x00'}, 0x0, 0x2, {0x0}})
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), r0)
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, 0x0, 0x8000)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$audion(&(0x7f00000011c0), 0x3, 0x8c4201)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)

8.42423676s ago: executing program 2 (id=615):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x80002, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000004c0)={0xc, 0x0, <r1=>0x0})
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x4200, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(r2, 0x3b85, &(0x7f0000000080)={0xffffff25, 0x7, r1, 0x0, &(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x5})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f00000001c0)={0x48, 0x5, r1, 0x0, <r3=>0xffffffffffffffff})
r4 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f00000000c0), 0x80, 0x0)
ioctl$IOMMU_VFIO_IOAS$GET(r2, 0x3b88, &(0x7f0000000100)={0xc, <r5=>0x0})
ioctl$IOMMU_OPTION$IOMMU_OPTION_HUGE_PAGES(r4, 0x3b87, &(0x7f0000000140)={0x18, 0x1, 0x1, 0x0, r5, 0x401})
ioctl$IOMMU_TEST_OP_ACCESS_RW(r2, 0x3ba0, &(0x7f0000000300)={0x48, 0x8, r3, 0x0, 0x3, 0x2, &(0x7f0000000380)="012d", 0x1})

8.281086285s ago: executing program 1 (id=617):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x8, &(0x7f0000000000)=0xfffffffd, 0x4)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
pselect6(0xffffffffffffffa5, &(0x7f00000001c0)={0x0, 0x0, 0x1fffffffffe, 0xfffffffffffffffd, 0x0, 0x3, 0x1000001000, 0x9}, 0x0, &(0x7f00000003c0)={0x3fb, 0xa, 0x400000000001, 0x6, 0x9, 0xf, 0x80000002, 0x2}, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$audio(0xffffffffffffff9c, 0x0, 0x40000000040201, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x14)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
r3 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee4, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x8001}})
io_uring_enter(r3, 0x2b93, 0xf9d0, 0x22, 0x0, 0x0)

8.255329029s ago: executing program 2 (id=618):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0x6, 0xfa11, 0xffffffff}, 0x0)
r2 = memfd_create(&(0x7f0000000d00)='Y\xff\xff\x00\x00\x00\x00\x00K\xb2\x02\x80B\xe9\xe8\xcc\xde\x06\x00l\xa8\x1aJ\xaf\xb2M\xba\xb8_\x05U\xcd<|>\x9e\xec^\x0e\xbe\x18+-\x9b\x893\x02\x00\xa6\x1f+\xb3\xc5\x90z5\xe0\xdfi\xb7\x9f\xb4QW\xc9\xc9\x92\x03\t\x00\x00\x00\x00\x00\xb2\x0f\xee\xbe\f8\xcc\x7f\x00\x00\x00Z\x81\x00\x00\x00\x00\x18I\x13\xf1\xa2x\x04\x81R\xd45R\xae\x05\x00\x00\x00\x00\x00\x00\x00_M^dQ:\xbc\xafq\x88\x19nSF|;]\xe1A\x8c\x8a\x98\xd7|\xdcLF\r\xb1\xfd\xbf!\xc7u\xccP\xdd\x13~\x89\xcf\x85\xca\xa0%\xc6\xc7\x11\x00\x00\x00\x00\x00\x00\x00?M9\\\av~\'\xd9\xb0\xacdya]8\x9d\xb7\v\xf39\xc5{\x9c!\x0f/\xb8o8\xb9\x8d\x19\xe2\xca\x01y\x83\xe7\ng\x87\xd93<u\xbe\xeag\xd2\x04e\xf2s\xde}o#\x90\xda\x9cs,r\xfd:\xcb\xc7\vTmPZJ\xac\x8b\xd0\xc0\xbcRK\xcb\x1e8\xce\xbd[N\xb0\xb4<\xeb\x86[\xec\x8f\x14\n\x83\x9e&\\\xb7!\xed\xa0\xc3,\x90m\x0f\x00\x00\x00\x00\x00\x00\xff\xd0\xb3\x94\x00\x00\x00\x00\x00\x00\x00\x9dH\xf8\xffRo\xa3W\xe1\xed\x8eS\xaeX\x93\x7f\xd3\xb9\x84Q\x9c\"\xd9\xf5\xe4e\xf9\xcam\xe3\x03\xe4\xad\xd5&A\x02\xc8\xa9\xfe\xcb\x87\xd9\xd3\x8c\f\xc08T~\xc4\xbd\x90?\x1f\x9c\x9b0\x19 \x9f\xd1p`\xc0/\x00u\x19\x1d\xac\xe8%\xb7\t\x9f4\xbb\x89\xe9\xc1\x81\xb0\xd6\xf7\x90\x1f\x94\x01M.\x16\x05\x16\xb9\xe9\xdc~\xd3-s\xe6;\x94\x1c^\x06\xdav;\xccD\x95sj\xe0\xd5\xbeS\xac\xe5N\xea\x9eyl[[\xce5\xee\x05\x9c\x96\xabJ^c\xf7\x19\xb4\xd8\xe4\x87\x9dp\xea?/\xcb\x9a\xaa5\'Q\fuG\x81\x8a@\x97M=v\xfe\a\xabp\xf3\x93\x9d\x7f@9\xc0\xd2\xf1\x00\x10\x00\x00\x00\x00\x00\x00\x82\x13\xb2\xa9\xef\xa5\xf8\x8bk\xb3\x9ev\x92\x0e\xd1\x1f\x17Dx[\xad\xb0\x9d/\x96\xe42mO\x9fh\xea\xf3\x14\xcd\x96\x89_)\x1b\xe2\xd6\b\x94b\xaf;\x92T\xafz\x94\x9fG\xfb\xfd|$k\x03\xd7;\x9ay\xee\xf9W?\xb3\xf9\xf8I.E4\xc3eWq\xfa\":$\xd0\x17Q\x94\xf5\xe5mk\x8e&\xf1;#z\xef*\xce\x99\x04\xb9\x90\xbc\xc9#-\x8di\xae\xc5\xdf\x13\xd2K\x8b\xf5\f\xb2x\xdd\xd5\xb4\xa9^~O<\x12\xe3\xc3P|7\xc4\xc8\xb1r0Z\x98\x87^\xc8C\x1b\x96\xb4lsyF\xc5\xbc\xffOE\xe9\xd70\xe7\xfep\x83\xa7\xa1\xd9\xe4\xba\x92\x17\xbf\xe0\xe1\x01\xb7\x8b\x18j\x19n\xc8\xff\xe9\xf4\xf4\xcf a\xd7_w\x0f\x9dF\xae\xccA-/\x83\xabU\xd5\xbf8\xa4O\xb4\xef\xc8\xccH\xd1=\xbe\xbex\xb5-\x05\x01\x11\xfa\xcf\x1dm\xb5X\xe9\xb5O\x15\xc7;Lb\xce\x1a\xcc\x98\xe8\xe9e\xe0\xc2N\xe7\xd7\x1d\x92\x87F8\x9e\xf7\xdd\xdaW\xf5X\x80\xa0f\xceo\xd8\x7f\xc0\x96\bSB\xce&\x04$\xc3\xe31U\x84\x82\xf0{i\x1d\x02\x10\xc6C\x01^\xcf\x93?w\x01\x84\xa0\xd6\xa2\x10\xa4\xfcG\xabD\xd6dGZ\xb2Cx\x1b\xfdD9\x17\xe6\xcauM\xe3\x05)\xe2\x03\xe2j$F1n@\xde\n9t.[\xad\xb5\f<o\xdb\xa4\x90\xc4\xd0I\xa6\x96\xa1\x00\xbb\xdd\x94\x00t/1YekG\x7f\xbdrI\x1e\x8a4=\xa2\xe9\x82<\x9e|\xf5\xa4\x05#\x7f\xa8\x01\x00\x82ih\xf9?\x03Q\xf5\xc4\x95\x99 \xa7v~:$\x02O\xe3\xaa\x1f\x00\xebh\'\xd2q\x10\x1e\x94n\xd7w\xb1\xc8G\x89\xf4\x8ct\xf9R\x85\x1b8OE\x04\x9a\xd8\x80\x10x\xbf\n0\b,r\xc6r\xf7=\xfe\xc1\x16\xe6\xee\xbb:-h\xba\x8b\x14\x9a?\x8e\x03;\xe5\x04\xd8\xa9\x9a\xd3\x05(\x7f|\xadU\xafe\x87V.i4$6U,R\x9b\n{\'\xfe1\xc4\xb09\x96{\xc0e\xa1\xe7\xa9\xb4\x1a\n\xf5\xd7zuvz\x972\xd4\xfb\x13u2\xab\x18\x01~r\xbbcW!)\xf4\x9b\x1dI\x9ex;\xb2\xe3I\xbd\x16T\xb75\xa6\a\xb7\xa1\x8d\xc9\x12\xb1\xbd\xbc\xd9c\xe9\xe6k\xee\x06\x83\xf4\xab\x18\x038\x8f\xc9^\x0f\xab\xea&P\b\xef#\xf6\xc3\xfc\xd4\xa0\xfd\x15N\xd3\xa0\x80\x9f\bU\xa63\xf6\xc9\xecZ`\xa4\xa0(\xf9\x98B\xaf\xde*\x91\xddk\xa1`d\xf0\x97\xc9e\xc1\"EC\x9a?x\x89\x8d\xb3\xfaF}\x82D\xf8\f\xf1`\x90D\xd1|%(\xd8\t\xea\x00C\xce\x7fo+?v\xee\xc6bL\x1d\xbe\x84p\x8d\xa3\xec\xf7\xe0\xfe\x8c=<\xf2\x1f@\xe66E\xa7\x9c\xd3\xb6\xf5\xe0\x14\xb8\xd4`\x85\xe3;\x8c\xf8\xf2\xd9)\x0e\xd0\xff\xa5K\xf3\xf1\xc4\x18\xf4Z\xdci\x91\x84\xe8\xb7\x10\x90\xbc\xect\x14\xdfR\xe2\x80\xf8a\x92\xb2R\xdf0\xcaQ\xdf\x87\xbdjp\x1ch3h\xcf<\x82\x97\xa5s/m\xb2\x1dd\xf7\xfc\xf5\xa9\x1d\xd34{\xcc\x1f\t,i\x16\x82\xad\x8e\xb6\x17\x0f\xaa\x85^/w\xbb~\xff\xce\x92\x90\x83\n\xe5\x14\x95\x92|\xfe-S%\x91i\xafh\x97z\x00@K\xbb\xc2\fcD\xff\xdcl\xa1\xfaR\xbc\xd0k\\\x92\x19a6Sv\x05%{\xe2\xe9\xf1\xddRB$8\xb0q9\xa1g&\x17\xe5P\xef\xb1<\xb6\xe2\xb2\xc06^\x0f4\xba\x10\xba\x00\x00\x00\x00\x00\x00\x00\x00\xef\xba\"\xb7\xc7~T\xc4Ei\xfdk\xa9\"F\xa9C\xa0\xd3\xa0\x1b\xbf\x13\xfb\x14S<\xa6\n5\x86\x9e\xb2=8\'g`\x8f\xa8\x027\xbd\xb5s\xe9dti\xc0\xbd\\H\xe5v\xdd\x0fP\x8b+-\x02i\x8eZU\xa8YB\xfc\xc2R7\xe9\x11\x06\x1aRd\xa93\xa1\\\xf4_s\xf7\xe8+\xbdg\x13\xaea\x04\xd8\x82\xf6\x90\xaf1\x86b\x81J\xb7E\xb0\xe2\xd6\x93S\xb3\x98\xcb\xf9\xde=\xd6T\x8d\xea\xab\xa9Z!\xd3-\xa6_\xc4\xa4\xb6+\x89\xdc]O<g\x06~\x12W\x86\x06\xba\x15#\xa7Q\xffa\x926>\xf0y\xd6\xb0\xf2\x9f\xa7\xcf\xad\x86\\\xec\xec\xd6\x9d\bT\xcd\xa2\xea', 0xe)
fcntl$addseals(r2, 0x409, 0x3f)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
memfd_create(0x0, 0x3)
r3 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$SNDCTL_DSP_SUBDIVIDE(r3, 0xc0045009, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x40080, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(0xffffffffffffffff, 0xc4c85513, &(0x7f0000000540)={{0x0, 0x0, 0x0, 0xc, 'syz0\x00'}, 0x0, [0xfffffffffffffffe, 0xfffffffffffffffd, 0x3, 0x6c4ba42, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0xcd, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffffc, 0x3, 0x7fffffffffffffff, 0x2, 0x0, 0x0, 0x0, 0x1, 0x3, 0x87f, 0x0, 0x0, 0x4, 0x0, 0x0, 0x3, 0x4, 0x3, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0xfffffffffffffffd, 0x9, 0x0, 0xfffffffffffffffb, 0xfffffffffffffffd, 0x2, 0x2, 0x4, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80003, 0x0, 0x0, 0x400000, 0x200, 0x0, 0xfff, 0x801, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000, 0x0, 0x0, 0x0, 0x0, 0x400000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000, 0x6, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x2, 0x0, 0x2, 0x0, 0x3, 0x10, 0x4000100000001]})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340))
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})

7.216233177s ago: executing program 3 (id=619):
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
gettid()
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x3000009, 0x13, 0xffffffffffffffff, 0xb7d4000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x87}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0xa, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
read$msr(r0, &(0x7f0000002240)=""/102400, 0x19000)
r1 = syz_open_dev$I2C(&(0x7f0000000040), 0x0, 0x0)
ioctl$I2C_SMBUS(r1, 0x720, &(0x7f0000000080)={0x1, 0x0, 0x1, &(0x7f0000000000)={0x1f, "06c4ce00000000006eb5e52829e7cc839300000400"}})
open(0x0, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="500000001000010428bd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="08000300000000001c001a8018000a801402070000fcff000000000000000000000000011400030569703667726530000000000000000000"], 0x50}, 0x1, 0x0, 0x0, 0x840}, 0x0)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0xc00, &(0x7f0000000480)=ANY=[@ANYBLOB="71756f7413dc6195dd1154c9152c75736c71756f74615f696e6f64655f686172646c696d1928f7d447a1012d89e37e58eb3e29253ecf711d076369a77f2be7e5ccf484b9f3f76dcec9f87b3c191f538301f7c7977d361794712a4ab5149a7a957db0bb9da6e5160228be89b2cd07551083072e2f4876b7c500a1d5a65a085022afba847148285016ec225d99fbc3e5528ecd97594ead727fcddbca0c8290844d9835f90228e5ec2ff9176d33a8680517b38709d13ee1720686aa00af99e639d18caf6424b461b56428dafc0adbae256bf12530b000db38add908a061478afd460f49504a04f089608e371f05e7a6005e9ad8a80b65d73628175686f0c061068d85083ccc220e517945f2fef1f172c2f2dae6e38055308d79e4c05223f0ba5813f8a3ac7be677a930121598b291a83a314c2ad9057b2829756f3e287f7c75382c"])
chdir(&(0x7f0000000240)='./file0\x00')
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x14}, [@ldst={0x2, 0x0, 0x3, 0x1c10a1, 0x0, 0xc}], {0x95, 0x0, 0x9}}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x85}, 0x52)

6.88315483s ago: executing program 1 (id=620):
close(0x3)
syz_usb_connect(0x3, 0x2d, &(0x7f0000000480)=ANY=[@ANYBLOB="1201000263708b10b404316856880102030109021b0002020270ec0904c410006d812e0709fe0000000000000018fdaca633cc014d85272d6d37627573f1c42c65dfedac09258fb658d488fc725d0729bdff5a5c67cb89a7a7e02980100212fb8963254bd33d07973248869ba7b70581c91bea4142f6694c8e388f5a7c777f6f4e8e420985d0541d2a2bac74dccad6b44e062d80ddffe5d8e42a"], 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x7, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
msgget(0x1, 0x2b0)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vxcan0\x00'})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000440))
r1 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r1, &(0x7f00000001c0)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$MPTCP_PM_CMD_SUBFLOW_CREATE(r2, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16, @ANYBLOB="00022bbd7000fddbdf250a000000040025800800030006000000"], 0x20}, 0x1, 0x0, 0x0, 0xc000}, 0x20004048)
setsockopt$sock_linger(r3, 0x1, 0x3c, &(0x7f0000000180)={0x0, 0x5}, 0x8)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0xfffffffd, @local, 0x2}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

6.732818097s ago: executing program 3 (id=621):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0)
sendfile(r0, r0, 0x0, 0x200000)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r2 = dup(r1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000002, 0x28011, r2, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)

6.493809763s ago: executing program 0 (id=622):
mkdir(&(0x7f0000000180)='./file0\x00', 0x30)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, 0x0)
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x10)
r4 = syz_usb_connect(0x5, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="120100000cb768405e0483020b990102030109021b000100000000090400000101292000090509"], 0x0)
syz_usb_control_io$hid(r4, 0x0, 0x0)
gettid()
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
ioctl$vim2m_VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045612, &(0x7f0000000000)=0x1)
ioctl$vim2m_VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f0000000200)=@userptr={0x2000000, 0x1, 0x4, 0x2, 0x0, {0x0, 0x2710}, {0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '#\x00'}, 0x0, 0x2, {0x0}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), r0)
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, 0x0, 0x8000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$audion(&(0x7f00000011c0), 0x3, 0x8c4201)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
sendmsg$SOCK_DIAG_BY_FAMILY(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000005c0)=ANY=[@ANYRES64=r2], 0x14}}, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)

6.368384066s ago: executing program 2 (id=623):
listen(0xffffffffffffffff, 0x3)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/crypto\x00', 0x0, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000000180)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x41}}, 0x10)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendfile(r2, r1, 0x0, 0x20000023893)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
r3 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
fsopen(&(0x7f00000000c0)='zonefs\x00', 0x1)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$NFT_MSG_GETOBJ(r4, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="18010000130a01080000000000000000070000020c00064000000000000000040900010073797a31000000000c0006400000000000000002c6000800086c7ec92c5c293811424d5ddfdeb6a7d6f9ee0f652bf4bed87a99f1a0c3c84b9987663e80a06998b3e104c9eed4d736ea2aee31accf99cc7b3c10c84f12a39be24816bb89d92ec84a0e00ab7c1ae9aad1d6ccf76cdb386bcde60de52566ceb713b60dba2659b9a7be0f97d6a5f54289a1ac1ce954075718b13af6a090ec737a6a0b0eb551f85eca2b582f570ba40fc2337ba6793e2347b44d7c35a20439ff30a9ac1579e6040e5e249415986186996cd610601b3e7cff22cd8d68b3e811521f0de900000900010073797a30000000000900020073797a32000000008b26a0184922e891a627efb818ad3f577aca4bd59cd07cbb45940fdbfcbe740d64606c089ffef034c158434b937d0e6dc221756d344ea4f84d55c4fcab20345445db545046ddc1d82b"], 0x118}, 0x1, 0x0, 0x0, 0x40000c5}, 0x1)

6.049075061s ago: executing program 3 (id=624):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x14}, [@ldst={0x2, 0x0, 0x3, 0x1c10a1, 0x0, 0xc}], {0x95, 0x0, 0x9}}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x85}, 0x52)

5.966947967s ago: executing program 3 (id=625):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x40085}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x190, 0x5230}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_AD_SELECT={0x5, 0x16, 0x1}]}}}]}, 0x3c}}, 0x814)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
pipe(&(0x7f00000002c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
splice(r1, 0x0, r0, 0x0, 0x6, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
pipe2$9p(0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x3, 0x0)
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300)=<r3=>0x0)
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r3, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000001040)={0xc, {"a2e3ad214fc752f91b3e090987f70e06d038e7ff7fc6e5539b3264078b089b0e083871090890e0878f0e1ac6e7049b334c959b669a240d9b67f3988f7ef319520100ffe8d178708c523c921b1b5b31360d3b5d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d780231c9c99a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f068bb87af8b90fd8f08876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b281769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e51074b41bc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x7c4}}, 0x1006)
preadv2(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000240)=""/77, 0x4d}, {0x0}, {&(0x7f0000000340)=""/102, 0x66}], 0x3, 0x5ecf, 0x401c3, 0x1)
capget(&(0x7f0000000180)={0x19980330}, &(0x7f0000000400)={0x2, 0x7, 0x3a88b4bb, 0xffffff80, 0x5, 0xf})
io_uring_register$IORING_UNREGISTER_EVENTFD(r2, 0x5, 0x0, 0x0)

5.007566402s ago: executing program 3 (id=626):
syz_open_dev$video(&(0x7f0000000080), 0x7, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
syz_open_dev$cec(&(0x7f0000000080), 0x0, 0x0)
fspick(0xffffffffffffff9c, 0x0, 0xa02772d7866b1541)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x101001, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000080))
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0)
close(r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
ioctl$SIOCSIFHWADDR(r1, 0x8b04, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=@newtaction={0x80, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x6c, 0x1, [@m_tunnel_key={0x68, 0x1, 0x0, 0x0, {{0xf}, {0x38, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0xd, @multicast1}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @broadcast}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @empty}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x80}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000480)={r0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x10c, &(0x7f0000000140), 0x0, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=@framed={{0x6, 0x0, 0x0, 0x0, 0x0, 0x79, 0x10, 0xb8}, [@ldst={0x5}], {0x95, 0x0, 0xc00}}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f2, 0x10, &(0x7f0000000000), 0xfffffe51}, 0x48)
r3 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_DELTABLE={0x14, 0x2, 0xa, 0x5, 0x0, 0x0, {0x0, 0x0, 0x80}}], {0x14}}, 0x3c}, 0x1, 0x1200}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00'}, 0x90)
r5 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000040341d0400000000000001090224000100000001090400000000000100000000000001220700090581030000000003"], 0x0)
syz_usb_control_io$hid(r5, 0x0, 0x0)
syz_usb_control_io(r5, &(0x7f00000000c0)={0x2c, &(0x7f0000000300)=ANY=[@ANYBLOB="0000080000000800106d8665d7f039ab4a73"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r8, 0x4048aecb, &(0x7f0000000080)=ANY=[@ANYRES16=r7])

4.76115486s ago: executing program 4 (id=627):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r1, {0x2, 0x4e24, @broadcast}, 0x2, 0x0, 0x3}}, 0x26)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r2, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r0, {0x2, 0x4e22, @broadcast}, 0x2, 0x9800}}, 0x2e)
ioctl$PPPIOCGL2TPSTATS(r0, 0x80487436, &(0x7f0000000080)="770b0098") (fail_nth: 1)

4.305614532s ago: executing program 1 (id=628):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x14}, [@ldst={0x2, 0x0, 0x3, 0x1c10a1, 0x0, 0xc}], {0x95, 0x0, 0x9}}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x85}, 0x52)

4.251328069s ago: executing program 4 (id=629):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000004200)={{0x12, 0x1, 0x0, 0xe2, 0x79, 0x3b, 0x10, 0x5d1, 0x2001, 0x900, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x4d, 0x2f, 0x9c}}]}}]}}, 0x0)
getrandom(0x0, 0x0, 0x6)
r2 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_int(r2, 0x0, 0xf, &(0x7f0000000340)=0xfffffffffffffff9, 0x4)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000100)=[@in={0x2, 0x4e21, @broadcast}], 0x10)
sendto$inet6(r2, &(0x7f00000000c0)="9d", 0x1, 0x20000854, &(0x7f0000000240)={0xa, 0x4e22, 0x65f, @dev={0xfe, 0x80, '\x00', 0x20}, 0x6}, 0x1c)
syz_usb_control_io(r1, 0x0, &(0x7f0000000640)={0x84, &(0x7f0000000200)={0x0, 0x28, 0x4, "cfe99846"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
getcwd(&(0x7f0000000140)=""/115, 0x73)
r3 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
fcntl$setstatus(r3, 0x4, 0x0)
setsockopt$pppl2tp_PPPOL2TP_SO_LNSMODE(r3, 0x111, 0x4, 0x0, 0x4)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000180)={{}, 'syz1\x00', 0x40})
ioctl$UI_DEV_CREATE(r0, 0x5501)
ioctl$UI_SET_ABSBIT(r0, 0x40045567, 0x2)

4.227549108s ago: executing program 1 (id=630):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x400)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb4c, 0x9, 0x6, 0x0, 0x3}, 0x0)
r3 = socket(0x200000100000011, 0x3, 0x0)
r4 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000640), 0x0, 0x0)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r4, 0xc0285700, &(0x7f0000000100)={0x1b, "5660010000000000000005000000ed5100000000000000010000000000007e00"})
ioctl$SW_SYNC_IOC_CREATE_FENCE(r4, 0xc0285700, &(0x7f0000000180)={0x1000, "340b7832ceefd131b8e6498c25f58fad9987ffe93bbabd18cf501922de974a27", <r5=>0xffffffffffffffff})
close_range(r3, r5, 0x0)
sendmsg$inet6(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000001c0)="0bcfcc8b8f9e41dc2f59741c32dbbd98de411e97aa2a306f1fb091e7e8994029d76ccf27f73ec6fdda0475062dcdfc62858ee49dbed0fc7986da5df5ce69096275e3a0e5346985d7178021807642b01d2b5d5b3e9ed8794182b0792e1e2618b9a4fcd955d46ece7ce99cc7326dbeb249090d8d2b45759a56ce35bad7f6bcfdd6bac5db16528bf678a21c26bca3d55d0ab9f8820efaeb3f8e965501aef3a2a22ed60f1b777b3af0df007039e022af0306693b3d25d65a55b864a61403e9744f56f6a71d", 0xc3}, {&(0x7f0000000480)="24c751e6bd3906db3d411c2532e0b6e4ef65ca7cd609ab2a9e7907acb79eb0fc25432c0be758675d2a204ecfa174b9807e5f717a2faddda0a5a189eac119e58b4d37c0ca2e2187a97d27df6907224ebf2d24c70c4d5c60b58905089e38acc9f42c90e67d0f511430ad03a2037771f26aad15c2960fa27ea00231ed200cf0f13ae2287f0fb389ff952d4d783337a3d44949423eed7f45b3a02f66b1305d1178a8a43acd9c2d78503d688e9078df615db1fb39f56b5325060db3a2d3dfc95135b40f940dd0d4fdeb2f8bf3", 0xca}, {0x0}], 0x3, &(0x7f00000006c0)=ANY=[@ANYBLOB="10000000290000003e000000090000004c0000002900000036000000290600000000000007300000000102c5031d9400000000000002000000000000000700000000000000010000000000008002000000000000000400000000009a6674ed8b45200105b35067be8a0f06ba8f7f880f57779444cd6788bd2cd1f105e10adab0e8e9e23ea379d4cc5226f26d03e0aa15531b5a5034a21b4cdb5ca69e57f546c72b82955d37780f35d59c"], 0x5c}, 0x1)
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
r6 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r6, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0x22}}, 0x10, 0x0}, 0x300440f1)
setsockopt$sock_attach_bpf(r6, 0x1, 0x12, &(0x7f00000007c0), 0x29)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000580)=ANY=[@ANYBLOB="0180c200000050a245d5cde086dd65cb87b40008cc4c3fc0c6e319bd19d97a682b2bff00000000000000000000000000000000ff02000000000000b47bea1a0000000187000400f76b0400"], 0x0)
r7 = syz_open_dev$vbi(&(0x7f0000000080), 0x3, 0x2)
ioctl$VIDIOC_S_OUTPUT(r7, 0xc004562f, &(0x7f0000000000)=0x1)
ioctl$VIDIOC_S_DV_TIMINGS(r7, 0xc0845657, &(0x7f0000000380)={0x0, @bt={0x2d0, 0x190, 0x1, 0x0, 0xdd9f83, 0x1, 0x9, 0x1, 0x2, 0x5, 0x722, 0x13, 0x7, 0x7f, 0x3f, 0xb763599953cb091d, {0x0, 0x6fd8e84b}, 0x3, 0xed}})
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
fsopen(&(0x7f0000000040)='udf\x00', 0x0)

4.07329031s ago: executing program 2 (id=631):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
getsockopt$inet_tcp_buf(r0, 0x6, 0xd, 0x0, &(0x7f00000001c0))
syz_usb_connect(0x3, 0x36, &(0x7f0000000440)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f000010010905f636"], 0x0)

3.560189257s ago: executing program 0 (id=632):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x11, 0x5d032, 0xffffffffffffffff, 0x0)
munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000)
socket$key(0xf, 0x3, 0x2)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[@ANYBLOB="020300030f000000000700000000000005000900e000000001d78771b90bd8a3b4914783c58777003d5b9538a9d03e6e9bfdac5500000000030006000000000002000000000000000000000000000000020001000000007ffffffe1600000000030005000000000002"], 0x78}, 0x1, 0x7}, 0x0)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000040)={0x84, @dev={0xac, 0x14, 0x14, 0xb}, 0x15, 0x3, 'sh\x00', 0x1, 0x4, 0x72}, 0x2c)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(r5, 0x0, 0x487, &(0x7f0000000000)={{0x84, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e1f, 0x3, 'lc\x00', 0x4, 0x81, 0x5}, {@rand_addr=0x64010102, 0x4e26, 0x0, 0xcb, 0x12d60, 0x9}}, 0x44)
setsockopt$IP_VS_SO_SET_EDITDEST(r4, 0x0, 0x489, &(0x7f0000000380)={{0x84, @multicast1, 0x4e20, 0x3, 'sh\x00', 0x0, 0x60000000, 0xc}, {@rand_addr=0x64010102, 0x4e26, 0x12002, 0x3, 0x8001, 0x1}}, 0x44)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)={0x30, r7, 0x1, 0x70bd25, 0x25dfdbff, {{}, {}, {0x14, 0x18, {0x0, @bearer=@udp='udp:syz2\x00'}}}}, 0x30}, 0x1, 0x0, 0x0, 0x4880}, 0x40090)
setsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@mcast1, @in=@multicast2, 0x0, 0x0, 0x4e22, 0x0, 0xa, 0x0, 0x80, 0x0, 0x0, 0xee01}, {0x10000, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x34e, 0xfffffffffffffffd}, {0x0, 0x6, 0x0, 0x8}, 0x0, 0x0, 0x2, 0x0, 0x1}, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x2, 0x6c}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x5, 0x1, 0xb7, 0x0, 0x0, 0x1}}, 0xe8)
sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200003, 0x0, 0x0, 0x7})
setgroups(0x0, 0x0)
r8 = fsopen(&(0x7f00000000c0)='autofs\x00', 0x0)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
close_range(r8, 0xffffffffffffffff, 0x200000000000000)

2.731910337s ago: executing program 1 (id=633):
r0 = syz_open_dev$sndctrl(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0x6, 0xfa11, 0xffffffff}, 0x0)
r3 = memfd_create(&(0x7f0000000d00)='Y\xff\xff\x00\x00\x00\x00\x00K\xb2\x02\x80B\xe9\xe8\xcc\xde\x06\x00l\xa8\x1aJ\xaf\xb2M\xba\xb8_\x05U\xcd<|>\x9e\xec^\x0e\xbe\x18+-\x9b\x893\x02\x00\xa6\x1f+\xb3\xc5\x90z5\xe0\xdfi\xb7\x9f\xb4QW\xc9\xc9\x92\x03\t\x00\x00\x00\x00\x00\xb2\x0f\xee\xbe\f8\xcc\x7f\x00\x00\x00Z\x81\x00\x00\x00\x00\x18I\x13\xf1\xa2x\x04\x81R\xd45R\xae\x05\x00\x00\x00\x00\x00\x00\x00_M^dQ:\xbc\xafq\x88\x19nSF|;]\xe1A\x8c\x8a\x98\xd7|\xdcLF\r\xb1\xfd\xbf!\xc7u\xccP\xdd\x13~\x89\xcf\x85\xca\xa0%\xc6\xc7\x11\x00\x00\x00\x00\x00\x00\x00?M9\\\av~\'\xd9\xb0\xacdya]8\x9d\xb7\v\xf39\xc5{\x9c!\x0f/\xb8o8\xb9\x8d\x19\xe2\xca\x01y\x83\xe7\ng\x87\xd93<u\xbe\xeag\xd2\x04e\xf2s\xde}o#\x90\xda\x9cs,r\xfd:\xcb\xc7\vTmPZJ\xac\x8b\xd0\xc0\xbcRK\xcb\x1e8\xce\xbd[N\xb0\xb4<\xeb\x86[\xec\x8f\x14\n\x83\x9e&\\\xb7!\xed\xa0\xc3,\x90m\x0f\x00\x00\x00\x00\x00\x00\xff\xd0\xb3\x94\x00\x00\x00\x00\x00\x00\x00\x9dH\xf8\xffRo\xa3W\xe1\xed\x8eS\xaeX\x93\x7f\xd3\xb9\x84Q\x9c\"\xd9\xf5\xe4e\xf9\xcam\xe3\x03\xe4\xad\xd5&A\x02\xc8\xa9\xfe\xcb\x87\xd9\xd3\x8c\f\xc08T~\xc4\xbd\x90?\x1f\x9c\x9b0\x19 \x9f\xd1p`\xc0/\x00u\x19\x1d\xac\xe8%\xb7\t\x9f4\xbb\x89\xe9\xc1\x81\xb0\xd6\xf7\x90\x1f\x94\x01M.\x16\x05\x16\xb9\xe9\xdc~\xd3-s\xe6;\x94\x1c^\x06\xdav;\xccD\x95sj\xe0\xd5\xbeS\xac\xe5N\xea\x9eyl[[\xce5\xee\x05\x9c\x96\xabJ^c\xf7\x19\xb4\xd8\xe4\x87\x9dp\xea?/\xcb\x9a\xaa5\'Q\fuG\x81\x8a@\x97M=v\xfe\a\xabp\xf3\x93\x9d\x7f@9\xc0\xd2\xf1\x00\x10\x00\x00\x00\x00\x00\x00\x82\x13\xb2\xa9\xef\xa5\xf8\x8bk\xb3\x9ev\x92\x0e\xd1\x1f\x17Dx[\xad\xb0\x9d/\x96\xe42mO\x9fh\xea\xf3\x14\xcd\x96\x89_)\x1b\xe2\xd6\b\x94b\xaf;\x92T\xafz\x94\x9fG\xfb\xfd|$k\x03\xd7;\x9ay\xee\xf9W?\xb3\xf9\xf8I.E4\xc3eWq\xfa\":$\xd0\x17Q\x94\xf5\xe5mk\x8e&\xf1;#z\xef*\xce\x99\x04\xb9\x90\xbc\xc9#-\x8di\xae\xc5\xdf\x13\xd2K\x8b\xf5\f\xb2x\xdd\xd5\xb4\xa9^~O<\x12\xe3\xc3P|7\xc4\xc8\xb1r0Z\x98\x87^\xc8C\x1b\x96\xb4lsyF\xc5\xbc\xffOE\xe9\xd70\xe7\xfep\x83\xa7\xa1\xd9\xe4\xba\x92\x17\xbf\xe0\xe1\x01\xb7\x8b\x18j\x19n\xc8\xff\xe9\xf4\xf4\xcf a\xd7_w\x0f\x9dF\xae\xccA-/\x83\xabU\xd5\xbf8\xa4O\xb4\xef\xc8\xccH\xd1=\xbe\xbex\xb5-\x05\x01\x11\xfa\xcf\x1dm\xb5X\xe9\xb5O\x15\xc7;Lb\xce\x1a\xcc\x98\xe8\xe9e\xe0\xc2N\xe7\xd7\x1d\x92\x87F8\x9e\xf7\xdd\xdaW\xf5X\x80\xa0f\xceo\xd8\x7f\xc0\x96\bSB\xce&\x04$\xc3\xe31U\x84\x82\xf0{i\x1d\x02\x10\xc6C\x01^\xcf\x93?w\x01\x84\xa0\xd6\xa2\x10\xa4\xfcG\xabD\xd6dGZ\xb2Cx\x1b\xfdD9\x17\xe6\xcauM\xe3\x05)\xe2\x03\xe2j$F1n@\xde\n9t.[\xad\xb5\f<o\xdb\xa4\x90\xc4\xd0I\xa6\x96\xa1\x00\xbb\xdd\x94\x00t/1YekG\x7f\xbdrI\x1e\x8a4=\xa2\xe9\x82<\x9e|\xf5\xa4\x05#\x7f\xa8\x01\x00\x82ih\xf9?\x03Q\xf5\xc4\x95\x99 \xa7v~:$\x02O\xe3\xaa\x1f\x00\xebh\'\xd2q\x10\x1e\x94n\xd7w\xb1\xc8G\x89\xf4\x8ct\xf9R\x85\x1b8OE\x04\x9a\xd8\x80\x10x\xbf\n0\b,r\xc6r\xf7=\xfe\xc1\x16\xe6\xee\xbb:-h\xba\x8b\x14\x9a?\x8e\x03;\xe5\x04\xd8\xa9\x9a\xd3\x05(\x7f|\xadU\xafe\x87V.i4$6U,R\x9b\n{\'\xfe1\xc4\xb09\x96{\xc0e\xa1\xe7\xa9\xb4\x1a\n\xf5\xd7zuvz\x972\xd4\xfb\x13u2\xab\x18\x01~r\xbbcW!)\xf4\x9b\x1dI\x9ex;\xb2\xe3I\xbd\x16T\xb75\xa6\a\xb7\xa1\x8d\xc9\x12\xb1\xbd\xbc\xd9c\xe9\xe6k\xee\x06\x83\xf4\xab\x18\x038\x8f\xc9^\x0f\xab\xea&P\b\xef#\xf6\xc3\xfc\xd4\xa0\xfd\x15N\xd3\xa0\x80\x9f\bU\xa63\xf6\xc9\xecZ`\xa4\xa0(\xf9\x98B\xaf\xde*\x91\xddk\xa1`d\xf0\x97\xc9e\xc1\"EC\x9a?x\x89\x8d\xb3\xfaF}\x82D\xf8\f\xf1`\x90D\xd1|%(\xd8\t\xea\x00C\xce\x7fo+?v\xee\xc6bL\x1d\xbe\x84p\x8d\xa3\xec\xf7\xe0\xfe\x8c=<\xf2\x1f@\xe66E\xa7\x9c\xd3\xb6\xf5\xe0\x14\xb8\xd4`\x85\xe3;\x8c\xf8\xf2\xd9)\x0e\xd0\xff\xa5K\xf3\xf1\xc4\x18\xf4Z\xdci\x91\x84\xe8\xb7\x10\x90\xbc\xect\x14\xdfR\xe2\x80\xf8a\x92\xb2R\xdf0\xcaQ\xdf\x87\xbdjp\x1ch3h\xcf<\x82\x97\xa5s/m\xb2\x1dd\xf7\xfc\xf5\xa9\x1d\xd34{\xcc\x1f\t,i\x16\x82\xad\x8e\xb6\x17\x0f\xaa\x85^/w\xbb~\xff\xce\x92\x90\x83\n\xe5\x14\x95\x92|\xfe-S%\x91i\xafh\x97z\x00@K\xbb\xc2\fcD\xff\xdcl\xa1\xfaR\xbc\xd0k\\\x92\x19a6Sv\x05%{\xe2\xe9\xf1\xddRB$8\xb0q9\xa1g&\x17\xe5P\xef\xb1<\xb6\xe2\xb2\xc06^\x0f4\xba\x10\xba\x00\x00\x00\x00\x00\x00\x00\x00\xef\xba\"\xb7\xc7~T\xc4Ei\xfdk\xa9\"F\xa9C\xa0\xd3\xa0\x1b\xbf\x13\xfb\x14S<\xa6\n5\x86\x9e\xb2=8\'g`\x8f\xa8\x027\xbd\xb5s\xe9dti\xc0\xbd\\H\xe5v\xdd\x0fP\x8b+-\x02i\x8eZU\xa8YB\xfc\xc2R7\xe9\x11\x06\x1aRd\xa93\xa1\\\xf4_s\xf7\xe8+\xbdg\x13\xaea\x04\xd8\x82\xf6\x90\xaf1\x86b\x81J\xb7E\xb0\xe2\xd6\x93S\xb3\x98\xcb\xf9\xde=\xd6T\x8d\xea\xab\xa9Z!\xd3-\xa6_\xc4\xa4\xb6+\x89\xdc]O<g\x06~\x12W\x86\x06\xba\x15#\xa7Q\xffa\x926>\xf0y\xd6\xb0\xf2\x9f\xa7\xcf\xad\x86\\\xec\xec\xd6\x9d\bT\xcd\xa2\xea', 0xe)
fcntl$addseals(r3, 0x409, 0x3f)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
memfd_create(0x0, 0x3)
r4 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$SNDCTL_DSP_SUBDIVIDE(r4, 0xc0045009, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x40080, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85513, &(0x7f0000000540)={{0x0, 0x0, 0x0, 0xc, 'syz0\x00'}, 0x0, [0xfffffffffffffffe, 0xfffffffffffffffd, 0x3, 0x6c4ba42, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0xcd, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xffffffffffffffff, 0x0, 0xfffffffffffffffc, 0x3, 0x7fffffffffffffff, 0x2, 0x0, 0x0, 0x0, 0x1, 0x3, 0x87f, 0x0, 0x0, 0x4, 0x0, 0x0, 0x3, 0x4, 0x3, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0xfffffffffffffffd, 0x9, 0x0, 0xfffffffffffffffb, 0xfffffffffffffffd, 0x2, 0x2, 0x4, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80003, 0x0, 0x0, 0x400000, 0x200, 0x0, 0xfff, 0x801, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000, 0x0, 0x0, 0x0, 0x0, 0x400000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000, 0x6, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x2, 0x0, 0x2, 0x0, 0x3, 0x10, 0x4000100000001]})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340))
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})

2.599448173s ago: executing program 2 (id=634):
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYRES16, @ANYBLOB="05000000", @ANYBLOB="3d000e0080000000ffffffffffff080211000000ffffffffffff0000feffffffffffffff070001000406f0027f0006a7000c"], 0x70}, 0x1, 0x0, 0x0, 0x20004090}, 0x0)
r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9d77f10", 0x8, 0xfffffffffffffffe)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="ebffffffffff"], 0x48}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

2.329543545s ago: executing program 2 (id=635):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
add_key(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
setfsgid(0xee01)
socket$nl_generic(0x10, 0x3, 0x10)
socket$alg(0x26, 0x5, 0x0)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'dummy0\x00', 0x800})
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000200)=[{{&(0x7f0000000000)={0xa, 0x4e24, 0x1, @empty, 0x2a}, 0x1c, 0x0}}], 0x1, 0x20084040)
socket$inet6_sctp(0xa, 0x1, 0x84)
unshare(0x6000800)
r2 = socket$inet6(0xa, 0x3, 0x26)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r3 = shmget(0x3, 0x2000, 0x44, &(0x7f0000ffd000/0x2000)=nil)
shmctl$IPC_INFO(r3, 0x3, &(0x7f0000000000)=""/44)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000340)={{{@in=@dev={0xac, 0x14, 0x14, 0x15}, @in6=@private1={0xfc, 0x1, '\x00', 0x3}, 0x4e20, 0x0, 0x4e20, 0x2, 0xa}, {0x9, 0x0, 0x0, 0x800000, 0x101, 0x5853, 0x0, 0x24}, {0x0, 0x4}, 0x0, 0x0, 0x1, 0x0, 0x5, 0x3}, {{@in=@loopback, 0x7ff, 0x33}, 0xa, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x4, 0xfffffffc, 0x4, 0x401}}, 0xe8)
sendmmsg(r2, &(0x7f0000000480), 0x2e9, 0x0)
r4 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r4, 0x84, 0xa, &(0x7f0000000040)={0xfff, 0x2, 0x6, 0x7, 0x7, 0xfffffffd, 0xa, 0x8}, &(0x7f0000000080)=0x20)
r5 = socket$rxrpc(0x21, 0x2, 0x2)
connect$rxrpc(r5, &(0x7f0000003780)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}}, 0x24)
socket$nl_generic(0x10, 0x3, 0x10)

2.167112139s ago: executing program 0 (id=636):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x40085}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x190, 0x5230}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_AD_SELECT={0x5, 0x16, 0x1}]}}}]}, 0x3c}}, 0x814)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
pipe(&(0x7f00000002c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
splice(r1, 0x0, r0, 0x0, 0x6, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
pipe2$9p(0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x3, 0x0)
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300)=<r3=>0x0)
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r3, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000001040)={0xc, {"a2e3ad214fc752f91b3e090987f70e06d038e7ff7fc6e5539b3264078b089b0e083871090890e0878f0e1ac6e7049b334c959b669a240d9b67f3988f7ef319520100ffe8d178708c523c921b1b5b31360d3b5d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d780231c9c99a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f068bb87af8b90fd8f08876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b281769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e51074b41bc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x7c4}}, 0x1006)
preadv2(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000240)=""/77, 0x4d}, {0x0}, {&(0x7f0000000340)=""/102, 0x66}], 0x3, 0x5ecf, 0x401c3, 0x1)
capget(&(0x7f0000000180)={0x19980330}, &(0x7f0000000400)={0x2, 0x7, 0x3a88b4bb, 0xffffff80, 0x5, 0xf})
io_uring_register$IORING_UNREGISTER_EVENTFD(r2, 0x5, 0x0, 0x0)

2.068625917s ago: executing program 4 (id=637):
r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$tipc(0x1e, 0x4, 0x0, &(0x7f0000000180))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x7, 0x4, 0x8, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r4}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='xs_stream_read_request\x00', r0}, 0x18)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
keyctl$instantiate(0xc, 0x0, 0x0, 0x1a, 0x0)
r5 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x54d})
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000200)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
mremap(&(0x7f00003cd000/0x4000)=nil, 0x4000, 0x2000, 0x3, &(0x7f0000c9a000/0x2000)=nil)
close_range(r5, 0xffffffffffffffff, 0x0)
fanotify_init(0x200, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r6=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './control\x00'}, 0x6e)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$vim2m(&(0x7f00000000c0), 0x253, 0x2)

1.028816608s ago: executing program 4 (id=638):
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000040))
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb45, 0x100000000009, 0xa, 0x0, 0x3}, 0x0)
openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x22000, 0x0)
ioctl$VIDIOC_TRY_DECODER_CMD(0xffffffffffffffff, 0xc038563b, &(0x7f0000000080)={0x0, 0x3, @start={0x0, 0x1}})
unshare(0x28040680)
timerfd_create(0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f00000000c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0d000000ac864070a0fe7c1285cc494189c0e302", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\b\x00'/28], 0x50)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, 0x0, 0xfffffffffffffdad)
ioctl$VIDIOC_S_SELECTION(0xffffffffffffffff, 0xc040565f, &(0x7f0000000140)={0x2, 0x3, 0x6, {0x4, 0x4, 0x0, 0x6}})
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r2, &(0x7f0000000040), 0x8)
listen(r2, 0x6)
mount(&(0x7f0000000080)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000100)='adfs\x00', 0x200013, 0x0)
connect$bt_sco(r2, 0x0, 0x0)
setsockopt$MRT6_ADD_MIF(0xffffffffffffffff, 0x29, 0xca, &(0x7f0000000040)={0x0, 0x1}, 0xc)
setsockopt$MRT6_ADD_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd2, &(0x7f00000001c0)={{0xa, 0x0, 0x0, @mcast2}, {0xa, 0x0, 0x1, @empty, 0xffbffffe}, 0x0, {[0x9, 0x0, 0x1, 0xfffffffd, 0x0, 0x0, 0x0, 0x7]}}, 0x5c)

938.62145ms ago: executing program 3 (id=639):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000580)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0})
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000500)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffeda}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000400)={0x1b, 0x0, 0x0, 0xfffffffa, 0x0, 0x1, 0x7d3c, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x5, 0x4}, 0x50)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00')
read$FUSE(r5, &(0x7f0000004180)={0x2020}, 0x2020)

374.579345ms ago: executing program 0 (id=640):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000180)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r1, 0x0, 0x0, 0x0, <r2=>0x0})
ioctl$IOMMU_GET_HW_INFO(r0, 0x3b8a, &(0x7f0000000380)={0x28, 0x0, r2, 0x0, 0x0})
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, 0xffffffffffffffff, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000240)={0x0, 0xffffffffffffff01, &(0x7f0000000200)={&(0x7f0000003900)=ANY=[@ANYBLOB="240000001600010a00000000000000000a000003"], 0x24}, 0x1, 0x0, 0x0, 0x48000}, 0x20004010)
ioctl$VHOST_VSOCK_SET_GUEST_CID(0xffffffffffffffff, 0x4008af60, &(0x7f0000000040)={@hyper})

123.244984ms ago: executing program 0 (id=641):
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x24)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000066000000004b64ffec850000006d000000c50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = dup(0xffffffffffffffff)
r3 = socket$nl_sock_diag(0x10, 0x3, 0x4)
write$binfmt_aout(r2, &(0x7f0000000580)=ANY=[@ANYRES8=r1, @ANYRESHEX, @ANYRES8=r1, @ANYRESDEC=0x0, @ANYRES8=r3, @ANYRES16=r1, @ANYRES32=r2], 0xfffffeb7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000380)=0x5)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
ioctl$COMEDI_BUFCONFIG(r0, 0x8020640d, 0x0)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
futex(0x0, 0xc, 0x1, 0x0, &(0x7f0000048000)=0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='quota'])
socket$inet6(0xa, 0x1, 0x1)
r7 = socket$kcm(0x2d, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r7, 0x89e2, &(0x7f0000000340)={<r8=>r7})
ioctl$sock_kcm_SIOCKCMCLONE(r7, 0x89e2, &(0x7f0000000040)={r8})
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000200), 0xaad82, 0x0)
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000080)=ANY=[@ANYRESHEX, @ANYBLOB=',wfdno', @ANYBLOB=',\x00'])
r9 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r9, &(0x7f0000000300)={0x0, 0x30, &(0x7f0000001200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="38000000031401002dbd7000000000000900020033797a30000000000800410073697700140033006c6f0000000000001f00000000000000"], 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0)

0s ago: executing program 1 (id=642):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
add_key(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
setfsgid(0xee01)
socket$nl_generic(0x10, 0x3, 0x10)
socket$alg(0x26, 0x5, 0x0)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'dummy0\x00', 0x800})
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000200)=[{{&(0x7f0000000000)={0xa, 0x4e24, 0x1, @empty, 0x2a}, 0x1c, 0x0}}], 0x1, 0x20084040)
socket$inet6_sctp(0xa, 0x1, 0x84)
unshare(0x6000800)
r2 = socket$inet6(0xa, 0x3, 0x26)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r3 = shmget(0x3, 0x2000, 0x44, &(0x7f0000ffd000/0x2000)=nil)
shmctl$IPC_INFO(r3, 0x3, &(0x7f0000000000)=""/44)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000340)={{{@in=@dev={0xac, 0x14, 0x14, 0x15}, @in6=@private1={0xfc, 0x1, '\x00', 0x3}, 0x4e20, 0x0, 0x4e20, 0x2, 0xa}, {0x9, 0x0, 0x0, 0x800000, 0x101, 0x5853, 0x0, 0x24}, {0x0, 0x4}, 0x0, 0x0, 0x1, 0x0, 0x5, 0x3}, {{@in=@loopback, 0x7ff, 0x33}, 0xa, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x4, 0xfffffffc, 0x4, 0x401}}, 0xe8)
sendmmsg(r2, &(0x7f0000000480), 0x2e9, 0x0)
r4 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r4, 0x84, 0xa, &(0x7f0000000040)={0xfff, 0x2, 0x6, 0x7, 0x7, 0xfffffffd, 0xa, 0x8}, &(0x7f0000000080)=0x20)
r5 = socket$rxrpc(0x21, 0x2, 0x2)
connect$rxrpc(r5, &(0x7f0000003780)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}}, 0x24)
socket$nl_generic(0x10, 0x3, 0x10)

kernel console output (not intermixed with test programs):

val 1, probability 0, space 0, times 0
[  163.349693][  T878] cp210x 2-1:0.0: device disconnected
[  163.379867][ T5928] usb 5-1: config 0 descriptor??
[  163.404055][ T7187] CPU: 0 UID: 0 PID: 7187 Comm: syz.2.292 Not tainted syzkaller #0 PREEMPT(full) 
[  163.404080][ T7187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  163.404090][ T7187] Call Trace:
[  163.404096][ T7187]  <TASK>
[  163.404103][ T7187]  dump_stack_lvl+0x16c/0x1f0
[  163.404126][ T7187]  should_fail_ex+0x512/0x640
[  163.404151][ T7187]  _copy_from_user+0x2e/0xd0
[  163.404173][ T7187]  copy_msghdr_from_user+0x98/0x160
[  163.404193][ T7187]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  163.404216][ T7187]  ? __lock_acquire+0x62e/0x1ce0
[  163.404245][ T7187]  ___sys_recvmsg+0xdb/0x1a0
[  163.404264][ T7187]  ? __pfx____sys_recvmsg+0x10/0x10
[  163.404284][ T7187]  ? find_held_lock+0x2b/0x80
[  163.404319][ T7187]  do_recvmmsg+0x2fe/0x750
[  163.404340][ T7187]  ? __pfx_do_recvmmsg+0x10/0x10
[  163.404363][ T7187]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  163.404391][ T7187]  ? __fget_files+0x20e/0x3c0
[  163.404417][ T7187]  __x64_sys_recvmmsg+0x22a/0x280
[  163.404438][ T7187]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  163.404464][ T7187]  do_syscall_64+0xcd/0x4c0
[  163.404485][ T7187]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.404503][ T7187] RIP: 0033:0x7f970718ebe9
[  163.404517][ T7187] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.404534][ T7187] RSP: 002b:00007f9707ff6038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  163.404551][ T7187] RAX: ffffffffffffffda RBX: 00007f97073b5fa0 RCX: 00007f970718ebe9
[  163.404562][ T7187] RDX: 0000000000000600 RSI: 0000200000003700 RDI: 0000000000000004
[  163.404573][ T7187] RBP: 00007f9707ff6090 R08: 0000000000000000 R09: 0000000000000000
[  163.404583][ T7187] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  163.404593][ T7187] R13: 00007f97073b6038 R14: 00007f97073b5fa0 R15: 00007ffc1fdc9298
[  163.404614][ T7187]  </TASK>
[  163.858094][ T7195] 9pnet_fd: Insufficient options for proto=fd
[  163.865360][ T7195] nbd: nbd2 already in use
[  164.200241][ T1205] usb 5-1: USB disconnect, device number 9
[  165.016560][   T30] audit: type=1400 audit(1756249415.202:365): avc:  denied  { append } for  pid=7212 comm="syz.3.299" name="ubi_ctrl" dev="devtmpfs" ino=706 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  165.210393][ T5908] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  165.283875][   T30] audit: type=1400 audit(1756249415.472:366): avc:  denied  { create } for  pid=7221 comm="syz.1.302" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  165.437508][ T5908] usb 3-1: device descriptor read/64, error -71
[  165.449024][   T30] audit: type=1400 audit(1756249415.472:367): avc:  denied  { write } for  pid=7221 comm="syz.1.302" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  165.611867][ T7230] FAULT_INJECTION: forcing a failure.
[  165.611867][ T7230] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  165.703876][ T5908] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  165.746993][   T30] audit: type=1400 audit(1756249415.472:368): avc:  denied  { nlmsg_write } for  pid=7221 comm="syz.1.302" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  165.770477][   T30] audit: type=1400 audit(1756249415.662:369): avc:  denied  { mount } for  pid=7221 comm="syz.1.302" name="/" dev="afs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  165.796162][ T7230] CPU: 0 UID: 0 PID: 7230 Comm: syz.4.303 Not tainted syzkaller #0 PREEMPT(full) 
[  165.796185][ T7230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  165.796194][ T7230] Call Trace:
[  165.796200][ T7230]  <TASK>
[  165.796206][ T7230]  dump_stack_lvl+0x16c/0x1f0
[  165.796230][ T7230]  should_fail_ex+0x512/0x640
[  165.796252][ T7230]  _copy_from_user+0x2e/0xd0
[  165.796276][ T7230]  copy_msghdr_from_user+0x98/0x160
[  165.796296][ T7230]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  165.796324][ T7230]  ___sys_sendmsg+0xfe/0x1d0
[  165.796344][ T7230]  ? __pfx____sys_sendmsg+0x10/0x10
[  165.796390][ T7230]  __sys_sendmsg+0x16d/0x220
[  165.796408][ T7230]  ? __pfx___sys_sendmsg+0x10/0x10
[  165.796442][ T7230]  do_syscall_64+0xcd/0x4c0
[  165.796463][ T7230]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  165.796481][ T7230] RIP: 0033:0x7ffa47f8ebe9
[  165.796496][ T7230] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  165.796512][ T7230] RSP: 002b:00007ffa461f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  165.796530][ T7230] RAX: ffffffffffffffda RBX: 00007ffa481b5fa0 RCX: 00007ffa47f8ebe9
[  165.796541][ T7230] RDX: 0000000000000010 RSI: 0000200000000240 RDI: 0000000000000003
[  165.796552][ T7230] RBP: 00007ffa461f6090 R08: 0000000000000000 R09: 0000000000000000
[  165.796562][ T7230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  165.796572][ T7230] R13: 00007ffa481b6038 R14: 00007ffa481b5fa0 R15: 00007fffb0b39318
[  165.796594][ T7230]  </TASK>
[  166.042744][ T5908] usb 3-1: device descriptor read/64, error -71
[  166.150702][ T5908] usb usb3-port1: attempt power cycle
[  166.191858][ T7238] netlink: 'syz.4.305': attribute type 4 has an invalid length.
[  166.256164][ T7238] netlink: 'syz.4.305': attribute type 4 has an invalid length.
[  166.285660][   T30] audit: type=1400 audit(1756249416.462:370): avc:  denied  { unmount } for  pid=5850 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  166.359234][ T7240] netlink: 'syz.3.306': attribute type 4 has an invalid length.
[  166.367033][ T5928] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  166.417743][ T7243] netlink: 'syz.3.306': attribute type 13 has an invalid length.
[  166.487611][ T7240] netlink: 17 bytes leftover after parsing attributes in process `syz.3.306'.
[  166.508661][ T5908] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  166.545224][ T7243] netlink: 152 bytes leftover after parsing attributes in process `syz.3.306'.
[  166.562830][   T30] audit: type=1400 audit(1756249416.752:371): avc:  denied  { read } for  pid=7245 comm="syz.4.308" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  166.628455][ T5908] usb 3-1: device descriptor read/8, error -71
[  166.682570][ T7243] erspan0: refused to change device tx_queue_len
[  166.709989][ T7243] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  166.754301][ T7250] block nbd1: Attempted send on invalid socket
[  166.760768][ T7250] I/O error, dev nbd1, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 3
[  166.776666][ T7250] ADFS-fs (nbd1): error: unable to read block 3, try 0
[  166.793902][ T5928] usb 1-1: config 0 has no interfaces?
[  166.806065][ T5928] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  166.816335][ T5928] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  166.838115][ T5928] usb 1-1: Product: syz
[  166.846051][ T5928] usb 1-1: Manufacturer: syz
[  166.857812][ T5928] usb 1-1: SerialNumber: syz
[  166.886963][ T5928] usb 1-1: config 0 descriptor??
[  166.920598][ T5908] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  167.004876][ T5908] usb 3-1: device descriptor read/8, error -71
[  167.158302][ T5908] usb usb3-port1: unable to enumerate USB device
[  167.780430][   T78] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  167.905793][ T7260] overlayfs: missing 'lowerdir'
[  167.937066][   T78] usb 4-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  167.967871][   T78] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  167.977522][   T78] usb 4-1: Product: syz
[  167.984035][   T78] usb 4-1: Manufacturer: syz
[  167.988823][   T78] usb 4-1: SerialNumber: syz
[  168.053831][ T7265] 9pnet_fd: Insufficient options for proto=fd
[  168.118634][ T7265] netlink: 'syz.2.312': attribute type 39 has an invalid length.
[  168.270361][ T5908] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  168.400112][ T7269] overlayfs: missing 'lowerdir'
[  168.421837][ T5908] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  168.437562][ T5908] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  168.447813][ T5908] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  168.460916][ T5908] usb 2-1: Product: syz
[  168.465141][ T5908] usb 2-1: Manufacturer: syz
[  168.538662][ T5908] usb 2-1: SerialNumber: syz
[  168.547025][ T5908] usb 2-1: config 0 descriptor??
[  168.712359][ T1205] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  168.877642][ T5908] usb 1-1: USB disconnect, device number 14
[  168.902765][ T1205] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  168.917443][ T1205] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  168.949049][ T1205] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  168.977512][ T1205] usb 5-1: Product: syz
[  168.988214][ T1205] usb 5-1: Manufacturer: syz
[  169.092502][ T1205] usb 5-1: SerialNumber: syz
[  169.261355][ T1205] usb 5-1: config 0 descriptor??
[  169.402385][ T5901] usb 2-1: USB disconnect, device number 9
[  169.450528][ T5908] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  169.610561][ T5908] usb 1-1: Using ep0 maxpacket: 16
[  169.617325][ T5908] usb 1-1: config 2 has an invalid interface number: 196 but max is 1
[  169.644802][ T5908] usb 1-1: config 2 has 1 interface, different from the descriptor's value: 2
[  169.658857][ T5908] usb 1-1: config 2 has no interface number 0
[  169.660799][   T78] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPIPE
[  169.678361][ T5908] usb 1-1: config 2 interface 196 has no altsetting 0
[  169.688751][ T5908] usb 1-1: New USB device found, idVendor=04b4, idProduct=6831, bcdDevice=88.56
[  169.698211][ T5908] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  169.713494][ T5908] usb 1-1: Product: syz
[  169.717792][ T5908] usb 1-1: Manufacturer: syz
[  169.726200][ T5908] usb 1-1: SerialNumber: syz
[  170.309608][   T78] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001008. ret = -EPROTO
[  170.343695][    T9] usb 5-1: USB disconnect, device number 10
[  170.430193][   T78] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x0000011c. ret = -EPROTO
[  170.466990][   T78] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  170.520372][   T78] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  170.539952][   T78] lan78xx 4-1:1.0: probe with driver lan78xx failed with error -71
[  170.591260][   T78] usb 4-1: USB disconnect, device number 8
[  170.675846][ T5908] ums-cypress 1-1:2.196: USB Mass Storage device detected
[  170.706130][   T30] audit: type=1400 audit(1756249420.892:372): avc:  denied  { bind } for  pid=7286 comm="syz.2.318" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  170.754691][   T30] audit: type=1400 audit(1756249420.892:373): avc:  denied  { setopt } for  pid=7286 comm="syz.2.318" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  170.781012][ T5908] usb 1-1: USB disconnect, device number 15
[  170.916762][ T7285] netlink: 'syz.1.317': attribute type 10 has an invalid length.
[  170.924582][ T7285] netlink: 40 bytes leftover after parsing attributes in process `syz.1.317'.
[  170.933564][ T7285] dummy0: entered promiscuous mode
[  170.939878][ T7285] bridge0: port 3(dummy0) entered blocking state
[  170.946379][ T7285] bridge0: port 3(dummy0) entered disabled state
[  170.953013][ T7285] dummy0: entered allmulticast mode
[  170.961610][ T7285] bridge0: port 3(dummy0) entered blocking state
[  170.968027][ T7285] bridge0: port 3(dummy0) entered forwarding state
[  171.020951][   T30] audit: type=1400 audit(1756249420.922:374): avc:  denied  { watch } for  pid=7286 comm="syz.2.318" path="/57" dev="tmpfs" ino=329 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  171.492930][    T9] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  171.539700][ T7296] netlink: 'syz.4.320': attribute type 2 has an invalid length.
[  171.716686][    T9] usb 3-1: Using ep0 maxpacket: 8
[  171.778227][    T9] usb 3-1: config 0 has an invalid interface number: 31 but max is 0
[  171.808707][    T9] usb 3-1: config 0 has no interface number 0
[  171.858836][    T9] usb 3-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[  171.876903][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  171.992299][    T9] usb 3-1: Product: syz
[  171.996550][    T9] usb 3-1: Manufacturer: syz
[  172.001181][    T9] usb 3-1: SerialNumber: syz
[  172.015950][   T30] audit: type=1400 audit(1756249422.202:375): avc:  denied  { set_context_mgr } for  pid=7306 comm="syz.1.323" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  172.059735][    T9] usb 3-1: config 0 descriptor??
[  172.118578][   T30] audit: type=1400 audit(1756249422.202:376): avc:  denied  { map } for  pid=7306 comm="syz.1.323" path="/dev/binderfs/binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  172.240342][   T30] audit: type=1400 audit(1756249422.202:377): avc:  denied  { call } for  pid=7306 comm="syz.1.323" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  172.303286][    T9] usb 3-1: Found UVC 0.04 device syz (046d:08c3)
[  172.362625][    T9] usb 3-1: Failed to initialize entity for entity 6
[  172.530385][ T1205] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  172.600510][   T78] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  172.603483][    T9] usb 3-1: Failed to register entities (-22).
[  172.729227][    T9] usb 3-1: USB disconnect, device number 16
[  172.795287][   T78] usb 1-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  172.806152][   T78] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  172.869338][   T78] usb 1-1: Product: syz
[  172.870364][ T1205] usb 2-1: Using ep0 maxpacket: 32
[  172.878675][   T78] usb 1-1: Manufacturer: syz
[  172.888779][   T78] usb 1-1: SerialNumber: syz
[  172.902386][ T1205] usb 2-1: unable to get BOS descriptor or descriptor too short
[  172.911458][ T1205] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  172.920142][ T1205] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  172.951161][ T1205] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  172.972963][ T1205] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  172.982279][ T1205] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  173.002368][ T1205] usb 2-1: Product: syz
[  173.010347][ T1205] usb 2-1: Manufacturer: syz
[  173.015069][ T1205] usb 2-1: SerialNumber: syz
[  173.390526][  T878] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  173.551891][  T878] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  173.561144][  T878] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  173.570401][    T9] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  173.571153][  T878] usb 5-1: config 0 descriptor??
[  173.594025][  T878] cp210x 5-1:0.0: cp210x converter detected
[  173.753389][    T9] usb 3-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  173.764203][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  173.779097][    T9] usb 3-1: Product: syz
[  173.789556][    T9] usb 3-1: Manufacturer: syz
[  173.801524][    T9] usb 3-1: SerialNumber: syz
[  174.264103][  T878] cp210x 5-1:0.0: failed to get vendor val 0x000e size 678: -32
[  174.272512][  T878] cp210x 5-1:0.0: GPIO initialisation failed: -32
[  174.286920][  T878] usb 5-1: cp210x converter now attached to ttyUSB0
[  174.347382][   T78] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPIPE
[  174.365016][ T5908] usb 5-1: USB disconnect, device number 11
[  174.375198][ T5908] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  174.383678][ T5908] cp210x 5-1:0.0: device disconnected
[  174.700434][   T10] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  174.774624][   T78] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001008. ret = -EPROTO
[  174.787777][   T78] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x0000011c. ret = -EPROTO
[  174.801184][   T78] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  174.814988][   T78] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  174.830500][   T78] lan78xx 1-1:1.0: probe with driver lan78xx failed with error -71
[  174.847549][   T78] usb 1-1: USB disconnect, device number 16
[  174.869013][   T10] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  174.890544][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  174.898584][   T10] usb 4-1: Product: syz
[  174.925886][   T10] usb 4-1: Manufacturer: syz
[  174.937030][   T10] usb 4-1: SerialNumber: syz
[  174.956959][   T10] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  174.962597][ T7335] overlayfs: missing 'lowerdir'
[  174.974970][   T30] audit: type=1400 audit(1756249425.162:378): avc:  denied  { firmware_load } for  pid=5908 comm="kworker/0:5" path="/lib/firmware/ath9k_htc/htc_9271-1.4.0.fw" dev="sda1" ino=313 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[  174.985797][ T5908] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  175.146428][ T1205] usb 2-1: 0:2 : does not exist
[  175.174886][ T1205] usb 2-1: USB disconnect, device number 10
[  175.225230][ T7337] 9pnet_fd: Insufficient options for proto=fd
[  175.235813][ T7337] netlink: 'syz.1.333': attribute type 39 has an invalid length.
[  175.251309][    T9] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPIPE
[  175.284087][ T5852] udevd[5852]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  175.300529][   T10] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  175.474808][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  175.502488][   T10] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  175.511688][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  175.519721][   T10] usb 5-1: Product: syz
[  175.524453][   T10] usb 5-1: Manufacturer: syz
[  175.529093][   T10] usb 5-1: SerialNumber: syz
[  175.535729][   T10] usb 5-1: config 0 descriptor??
[  175.720546][ T5928] usb 4-1: USB disconnect, device number 9
[  175.793918][    T9] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001008. ret = -EPROTO
[  175.806830][    T9] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x0000011c. ret = -EPROTO
[  175.855048][    T9] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  176.327624][    T9] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  176.336403][ T5908] usb 4-1: Service connection timeout for: 256
[  176.345774][ T5908] ath9k_htc 4-1:1.0: ath9k_htc: Unable to initialize HTC services
[  176.358386][ T5908] ath9k_htc: Failed to initialize the device
[  176.365971][ T5928] usb 4-1: ath9k_htc: USB layer deinitialized
[  176.384082][    T9] lan78xx 3-1:1.0: probe with driver lan78xx failed with error -71
[  176.825104][    T9] usb 3-1: USB disconnect, device number 17
[  176.878227][ T5928] usb 5-1: USB disconnect, device number 12
[  176.993003][ T7359] netlink: 56 bytes leftover after parsing attributes in process `syz.0.338'.
[  177.270467][    T9] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  177.280420][  T878] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  177.312102][   T30] audit: type=1400 audit(1756249427.492:379): avc:  denied  { write } for  pid=7360 comm="syz.3.340" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  177.349164][ T7357] netlink: 'syz.1.336': attribute type 10 has an invalid length.
[  177.370727][ T7357] netlink: 40 bytes leftover after parsing attributes in process `syz.1.336'.
[  177.461550][ T7361] syzkaller1: entered promiscuous mode
[  177.471368][ T7361] syzkaller1: entered allmulticast mode
[  177.510858][    T9] usb 3-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  177.520040][   T30] audit: type=1400 audit(1756249427.702:380): avc:  denied  { getopt } for  pid=7360 comm="syz.3.340" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  177.572923][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  177.581300][  T878] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.9e
[  177.596458][  T878] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  177.644695][    T9] usb 3-1: Product: syz
[  177.645759][  T878] usb 1-1: config 0 descriptor??
[  177.648879][    T9] usb 3-1: Manufacturer: syz
[  177.671000][    T9] usb 3-1: SerialNumber: syz
[  178.187394][ T7372] netlink: 'syz.4.342': attribute type 4 has an invalid length.
[  178.268283][ T7374] overlayfs: missing 'lowerdir'
[  178.317917][ T7375] netlink: 'syz.4.342': attribute type 4 has an invalid length.
[  178.478051][   T30] audit: type=1400 audit(1756249428.652:381): avc:  denied  { create } for  pid=7354 comm="syz.0.338" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  178.670634][   T78] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  178.834236][   T78] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  178.849049][   T78] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  178.860132][   T78] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  178.868880][   T78] usb 2-1: Product: syz
[  178.873749][   T78] usb 2-1: Manufacturer: syz
[  178.878356][   T78] usb 2-1: SerialNumber: syz
[  178.891644][   T78] usb 2-1: config 0 descriptor??
[  179.523432][    T9] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPIPE
[  179.803807][    T9] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001004. ret = -EPROTO
[  179.862049][    T9] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x0000011c. ret = -EPROTO
[  180.147362][  T878] ath6kl: Failed to read usb control message: -71
[  180.192894][    T9] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  180.196476][  T878] ath6kl: Unable to read the bmi data from the device: -71
[  180.226544][    T9] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  180.235469][  T878] ath6kl: unable to read target info byte count: -71
[  180.260375][  T878] ath6kl: Failed to init ath6kl core: -71
[  180.262589][ T7392] netlink: 1752 bytes leftover after parsing attributes in process `syz.0.347'.
[  180.275171][  T878] ath6kl_usb 1-1:0.0: probe with driver ath6kl_usb failed with error -71
[  180.315985][   T30] audit: type=1400 audit(1756249430.502:382): avc:  denied  { ioctl } for  pid=7387 comm="syz.3.346" path="/dev/dri/card1" dev="devtmpfs" ino=628 ioctlcmd=0x64a0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  180.357457][  T878] usb 1-1: USB disconnect, device number 17
[  180.369869][ T5908] usb 2-1: USB disconnect, device number 11
[  180.381375][    T9] lan78xx 3-1:1.0: probe with driver lan78xx failed with error -71
[  180.436844][    T9] usb 3-1: USB disconnect, device number 18
[  180.511599][   T30] audit: type=1400 audit(1756249430.502:383): avc:  denied  { write } for  pid=7387 comm="syz.3.346" name="event2" dev="devtmpfs" ino=922 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  180.544823][   T30] audit: type=1400 audit(1756249430.502:384): avc:  denied  { open } for  pid=7387 comm="syz.3.346" path="/dev/input/event2" dev="devtmpfs" ino=922 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  180.571962][   T30] audit: type=1400 audit(1756249430.502:385): avc:  denied  { ioctl } for  pid=7387 comm="syz.3.346" path="/dev/input/event2" dev="devtmpfs" ino=922 ioctlcmd=0x4580 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  180.668368][ T7389] netlink: 'syz.4.345': attribute type 10 has an invalid length.
[  180.684049][ T7389] netlink: 40 bytes leftover after parsing attributes in process `syz.4.345'.
[  180.701987][ T7389] bridge0: port 3(dummy0) entered blocking state
[  180.708468][ T7389] bridge0: port 3(dummy0) entered forwarding state
[  180.810345][  T878] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  180.965553][ T7402] lo speed is unknown, defaulting to 1000
[  180.972356][   T30] audit: type=1400 audit(1756249431.152:386): avc:  denied  { write } for  pid=7401 comm="syz.3.351" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  180.975610][ T7402] lo speed is unknown, defaulting to 1000
[  180.992413][    T9] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  181.030357][  T878] usb 1-1: Using ep0 maxpacket: 16
[  181.031938][ T7402] lo speed is unknown, defaulting to 1000
[  181.037053][  T878] usb 1-1: config 2 has an invalid interface number: 196 but max is 1
[  181.060523][  T878] usb 1-1: config 2 has 1 interface, different from the descriptor's value: 2
[  181.069436][  T878] usb 1-1: config 2 has no interface number 0
[  181.077972][  T878] usb 1-1: config 2 interface 196 has no altsetting 0
[  181.089572][ T7402] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  181.109703][  T878] usb 1-1: New USB device found, idVendor=04b4, idProduct=6831, bcdDevice=88.56
[  181.123672][  T878] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  181.129208][ T7406] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  181.146262][ T7402] infiniband 3yz0: RDMA CMA: cma_listen_on_dev, error -98
[  181.162185][    T9] usb 3-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  181.172187][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  181.180228][  T878] usb 1-1: Product: syz
[  181.181978][ T7407] misc userio: Invalid payload size
[  181.192241][    T9] usb 3-1: Product: syz
[  181.193416][  T878] usb 1-1: Manufacturer: syz
[  181.196404][    T9] usb 3-1: Manufacturer: syz
[  181.196420][    T9] usb 3-1: SerialNumber: syz
[  181.231878][  T878] usb 1-1: SerialNumber: syz
[  181.245674][ T7402] lo speed is unknown, defaulting to 1000
[  181.254507][ T7402] lo speed is unknown, defaulting to 1000
[  181.261765][ T7402] lo speed is unknown, defaulting to 1000
[  181.272957][ T7402] lo speed is unknown, defaulting to 1000
[  181.282834][ T7402] lo speed is unknown, defaulting to 1000
[  182.395122][  T878] ums-cypress 1-1:2.196: USB Mass Storage device detected
[  182.806370][    T9] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPIPE
[  182.854473][  T878] usb 1-1: USB disconnect, device number 18
[  182.939226][ T7425] overlayfs: missing 'lowerdir'
[  183.101782][ T7423] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  183.199358][ T5908] lo speed is unknown, defaulting to 1000
[  183.206009][ T5908] 3yz0: Port: 1 Link ACTIVE
[  183.220400][    T9] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001008. ret = -EPROTO
[  183.250624][    T9] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x0000011c. ret = -EPROTO
[  183.300562][    T9] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  183.326453][ T5966] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  183.345379][    T9] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  183.409071][   T30] audit: type=1400 audit(1756249433.592:387): avc:  denied  { read } for  pid=7428 comm="syz.1.357" name="fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  183.505389][   T30] audit: type=1400 audit(1756249433.592:388): avc:  denied  { open } for  pid=7428 comm="syz.1.357" path="/dev/fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  183.531187][    T9] lan78xx 3-1:1.0: probe with driver lan78xx failed with error -71
[  183.722659][   T30] audit: type=1400 audit(1756249433.592:389): avc:  denied  { ioctl } for  pid=7428 comm="syz.1.357" path="/dev/fb0" dev="devtmpfs" ino=629 ioctlcmd=0x4601 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  183.979506][   T30] audit: type=1400 audit(1756249433.802:390): avc:  denied  { create } for  pid=7428 comm="syz.1.357" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  183.982469][    T9] usb 3-1: USB disconnect, device number 19
[  184.006365][ T5966] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  184.018562][ T5966] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  184.030645][  T878] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  184.050793][ T5966] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  184.066560][ T5966] usb 5-1: Product: syz
[  184.071272][ T5966] usb 5-1: Manufacturer: syz
[  184.088397][ T5966] usb 5-1: SerialNumber: syz
[  184.099087][ T5966] usb 5-1: config 0 descriptor??
[  184.190353][  T878] usb 1-1: Using ep0 maxpacket: 32
[  184.197265][  T878] usb 1-1: unable to get BOS descriptor or descriptor too short
[  184.205782][  T878] usb 1-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  184.214575][  T878] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  184.226176][  T878] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  184.239461][  T878] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  184.248668][   T78] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  184.258105][  T878] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  184.266410][  T878] usb 1-1: Product: syz
[  184.271401][  T878] usb 1-1: Manufacturer: syz
[  184.276018][  T878] usb 1-1: SerialNumber: syz
[  184.333071][ T7437] overlayfs: missing 'lowerdir'
[  184.422406][   T78] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  184.431705][   T78] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  184.440491][    T9] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  184.441867][   T78] usb 4-1: config 0 descriptor??
[  184.456887][   T78] cp210x 4-1:0.0: cp210x converter detected
[  184.509100][  T878] usb 1-1: 0:2 : does not exist
[  184.534620][  T878] usb 1-1: USB disconnect, device number 19
[  184.640492][ T5908] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  184.824258][    T9] usb 3-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  184.849118][ T5852] udevd[5852]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card4/controlC4/../uevent} for writing: No such file or directory
[  184.849248][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  184.930790][ T5908] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  184.949738][ T5908] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  184.963532][    T9] usb 3-1: Product: syz
[  184.967713][    T9] usb 3-1: Manufacturer: syz
[  184.972441][ T5908] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  184.980645][    T9] usb 3-1: SerialNumber: syz
[  184.985378][ T5908] usb 2-1: Product: syz
[  184.989534][ T5908] usb 2-1: Manufacturer: syz
[  184.998628][ T5908] usb 2-1: SerialNumber: syz
[  185.006611][ T5908] usb 2-1: config 0 descriptor??
[  185.053205][ T5966] usb 5-1: USB disconnect, device number 13
[  185.324454][   T78] cp210x 4-1:0.0: failed to get vendor val 0x000e size 678: -32
[  185.334495][   T78] cp210x 4-1:0.0: GPIO initialisation failed: -32
[  185.344947][   T78] usb 4-1: cp210x converter now attached to ttyUSB0
[  185.365658][   T78] usb 4-1: USB disconnect, device number 10
[  185.386561][   T78] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  185.405332][   T78] cp210x 4-1:0.0: device disconnected
[  185.432259][   T30] audit: type=1400 audit(1756249435.622:391): avc:  denied  { create } for  pid=7439 comm="syz.0.361" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=appletalk_socket permissive=1
[  185.451989][    C1] vkms_vblank_simulate: vblank timer overrun
[  185.523252][ T5966] usb 2-1: USB disconnect, device number 12
[  186.672243][    T9] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPIPE
[  186.708204][ T7455] bridge0: port 3(dummy0) entered disabled state
[  186.911684][    T9] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001004. ret = -EPROTO
[  187.011405][    T9] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x0000011c. ret = -EPROTO
[  187.031311][    T9] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  187.043290][    T9] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  187.043818][ T7458] overlayfs: missing 'lowerdir'
[  187.059046][    T9] lan78xx 3-1:1.0: probe with driver lan78xx failed with error -71
[  187.070716][    T9] usb 3-1: USB disconnect, device number 20
[  187.429772][   T30] audit: type=1400 audit(1756249437.612:392): avc:  denied  { create } for  pid=7463 comm="syz.4.368" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  187.452740][   T30] audit: type=1400 audit(1756249437.612:393): avc:  denied  { write } for  pid=7463 comm="syz.4.368" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  187.485975][   T30] audit: type=1400 audit(1756249437.612:394): avc:  denied  { read } for  pid=7463 comm="syz.4.368" name="uinput" dev="devtmpfs" ino=920 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  187.580644][ T5966] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  187.735851][ T7477] overlayfs: missing 'lowerdir'
[  187.742682][ T5966] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  187.763625][ T5966] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  187.773005][ T5966] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  187.788910][ T5966] usb 1-1: Product: syz
[  187.795054][ T5966] usb 1-1: Manufacturer: syz
[  187.813684][ T5966] usb 1-1: SerialNumber: syz
[  187.829735][ T7479] block nbd2: Attempted send on invalid socket
[  187.836988][ T7479] I/O error, dev nbd2, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 3
[  187.846246][ T7479] ADFS-fs (nbd2): error: unable to read block 3, try 0
[  187.947859][ T5966] usb 1-1: config 0 descriptor??
[  188.060576][   T78] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  188.247575][   T78] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  188.265607][   T78] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  188.274912][   T78] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  188.314566][   T78] usb 4-1: Product: syz
[  188.338815][   T78] usb 4-1: Manufacturer: syz
[  188.358522][   T78] usb 4-1: SerialNumber: syz
[  188.697763][   T78] usb 4-1: config 0 descriptor??
[  188.732962][ T5966] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  188.813677][ T5928] usb 1-1: USB disconnect, device number 20
[  188.884915][ T7489] overlayfs: missing 'lowerdir'
[  188.919458][ T5966] usb 5-1: config 0 has no interfaces?
[  188.938272][ T5966] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  188.968454][ T5966] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  188.977531][ T5966] usb 5-1: Product: syz
[  189.015430][ T5966] usb 5-1: Manufacturer: syz
[  189.020608][ T5966] usb 5-1: SerialNumber: syz
[  189.041808][ T5966] usb 5-1: config 0 descriptor??
[  189.170545][   T24] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  189.560526][ T5928] usb 4-1: USB disconnect, device number 11
[  189.606232][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  189.637622][   T24] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  189.667469][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  189.694324][   T24] usb 2-1: Product: syz
[  189.698877][   T24] usb 2-1: Manufacturer: syz
[  189.703851][   T24] usb 2-1: SerialNumber: syz
[  189.721594][   T24] usb 2-1: config 0 descriptor??
[  190.242383][ T7498] netlink: 'syz.0.376': attribute type 10 has an invalid length.
[  190.250413][ T7498] netlink: 40 bytes leftover after parsing attributes in process `syz.0.376'.
[  190.259491][ T7498] dummy0: entered promiscuous mode
[  190.272034][ T7498] bridge0: port 3(dummy0) entered blocking state
[  190.303870][ T7498] bridge0: port 3(dummy0) entered disabled state
[  190.310549][ T7498] dummy0: entered allmulticast mode
[  190.317867][ T7498] bridge0: port 3(dummy0) entered blocking state
[  190.324331][ T7498] bridge0: port 3(dummy0) entered forwarding state
[  190.472064][ T7501] bridge0: port 3(dummy0) entered disabled state
[  190.713437][ T5928] usb 2-1: USB disconnect, device number 13
[  191.089113][    T9] usb 5-1: USB disconnect, device number 14
[  191.131612][ T7509] overlayfs: missing 'lowerdir'
[  191.249645][ T7513] 9pnet_fd: Insufficient options for proto=fd
[  191.260539][ T7513] nbd: nbd4 already in use
[  191.270433][ T5908] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  191.431414][ T5908] usb 3-1: Using ep0 maxpacket: 16
[  191.438502][ T5908] usb 3-1: config 2 has an invalid interface number: 196 but max is 1
[  191.447085][ T5908] usb 3-1: config 2 has 1 interface, different from the descriptor's value: 2
[  191.456020][ T5901] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  191.479903][ T5908] usb 3-1: config 2 has no interface number 0
[  191.593442][ T7519] 9pnet_fd: Insufficient options for proto=fd
[  191.599635][ T5908] usb 3-1: config 2 interface 196 has no altsetting 0
[  191.609561][ T7519] netlink: 'syz.4.383': attribute type 39 has an invalid length.
[  191.617661][ T5908] usb 3-1: New USB device found, idVendor=04b4, idProduct=6831, bcdDevice=88.56
[  191.626831][ T5908] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  191.637108][ T5908] usb 3-1: Product: syz
[  191.645027][ T5908] usb 3-1: Manufacturer: syz
[  191.649709][ T5908] usb 3-1: SerialNumber: syz
[  191.692254][ T5901] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  191.724115][ T5901] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  191.764637][ T5901] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  191.783347][ T5901] usb 1-1: Product: syz
[  191.790850][ T5901] usb 1-1: Manufacturer: syz
[  191.822928][ T5901] usb 1-1: SerialNumber: syz
[  191.859585][ T5901] usb 1-1: config 0 descriptor??
[  192.935222][ T5901] usb 1-1: USB disconnect, device number 21
[  193.011858][ T7534] FAULT_INJECTION: forcing a failure.
[  193.011858][ T7534] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  193.053740][ T7534] CPU: 1 UID: 0 PID: 7534 Comm: syz.3.386 Not tainted syzkaller #0 PREEMPT(full) 
[  193.053766][ T7534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  193.053776][ T7534] Call Trace:
[  193.053781][ T7534]  <TASK>
[  193.053787][ T7534]  dump_stack_lvl+0x16c/0x1f0
[  193.053812][ T7534]  should_fail_ex+0x512/0x640
[  193.053835][ T7534]  _copy_from_user+0x2e/0xd0
[  193.053857][ T7534]  copy_msghdr_from_user+0x98/0x160
[  193.053877][ T7534]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  193.053907][ T7534]  ___sys_sendmsg+0xfe/0x1d0
[  193.053926][ T7534]  ? __pfx____sys_sendmsg+0x10/0x10
[  193.053977][ T7534]  __sys_sendmsg+0x16d/0x220
[  193.053994][ T7534]  ? __pfx___sys_sendmsg+0x10/0x10
[  193.054030][ T7534]  do_syscall_64+0xcd/0x4c0
[  193.054050][ T7534]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.054067][ T7534] RIP: 0033:0x7f5a2598ebe9
[  193.054081][ T7534] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  193.054097][ T7534] RSP: 002b:00007f5a267e3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  193.054113][ T7534] RAX: ffffffffffffffda RBX: 00007f5a25bb5fa0 RCX: 00007f5a2598ebe9
[  193.054124][ T7534] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003
[  193.054133][ T7534] RBP: 00007f5a267e3090 R08: 0000000000000000 R09: 0000000000000000
[  193.054143][ T7534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  193.054153][ T7534] R13: 00007f5a25bb6038 R14: 00007f5a25bb5fa0 R15: 00007ffd412baa18
[  193.054175][ T7534]  </TASK>
[  193.376605][ T5908] ums-cypress 3-1:2.196: USB Mass Storage device detected
[  193.661505][ T5908] usb 3-1: USB disconnect, device number 21
[  193.701564][   T30] audit: type=1400 audit(1756249443.812:395): avc:  denied  { append } for  pid=7535 comm="syz.4.387" name="001" dev="devtmpfs" ino=742 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  193.848184][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  193.879812][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  194.130588][   T30] audit: type=1400 audit(1756249444.302:396): avc:  denied  { create } for  pid=7545 comm="syz.1.389" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  194.160038][ T7548] overlayfs: missing 'lowerdir'
[  194.478252][ T5908] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  194.783905][ T5908] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  194.806436][ T5908] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  194.885433][ T5908] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  194.918889][ T5908] usb 2-1: Product: syz
[  194.941999][ T5908] usb 2-1: Manufacturer: syz
[  194.961202][ T5908] usb 2-1: SerialNumber: syz
[  194.981396][ T5908] usb 2-1: config 0 descriptor??
[  195.020610][    T9] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  195.180502][    T9] usb 5-1: Using ep0 maxpacket: 16
[  195.187047][    T9] usb 5-1: config 2 has an invalid interface number: 196 but max is 1
[  195.231061][ T7574] block nbd0: Attempted send on invalid socket
[  195.237350][ T7574] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 3
[  195.248867][ T7574] ADFS-fs (nbd0): error: unable to read block 3, try 0
[  195.259197][    T9] usb 5-1: config 2 has 1 interface, different from the descriptor's value: 2
[  195.276085][    T9] usb 5-1: config 2 has no interface number 0
[  195.284316][    T9] usb 5-1: config 2 interface 196 has no altsetting 0
[  195.332797][    T9] usb 5-1: New USB device found, idVendor=04b4, idProduct=6831, bcdDevice=88.56
[  195.342023][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  195.369969][    T9] usb 5-1: Product: syz
[  195.505178][    T9] usb 5-1: Manufacturer: syz
[  195.800676][    T9] usb 5-1: SerialNumber: syz
[  195.960714][ T1205] usb 2-1: USB disconnect, device number 14
[  196.380408][ T5908] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  196.440527][    T9] ums-cypress 5-1:2.196: USB Mass Storage device detected
[  196.530766][    T9] usb 5-1: USB disconnect, device number 15
[  196.560811][ T5908] usb 4-1: Using ep0 maxpacket: 16
[  196.568000][ T5908] usb 4-1: config 2 has an invalid interface number: 196 but max is 1
[  196.580312][ T5908] usb 4-1: config 2 has 1 interface, different from the descriptor's value: 2
[  196.610677][ T5908] usb 4-1: config 2 has no interface number 0
[  196.616791][ T5908] usb 4-1: config 2 interface 196 has no altsetting 0
[  196.645035][ T5908] usb 4-1: New USB device found, idVendor=04b4, idProduct=6831, bcdDevice=88.56
[  196.658100][ T5908] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  196.678312][ T5908] usb 4-1: Product: syz
[  196.691158][ T5908] usb 4-1: Manufacturer: syz
[  196.695759][ T5908] usb 4-1: SerialNumber: syz
[  197.523326][ T7593] block nbd1: Attempted send on invalid socket
[  197.529597][ T7593] I/O error, dev nbd1, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 3
[  197.568595][ T7593] ADFS-fs (nbd1): error: unable to read block 3, try 0
[  197.602770][ T7600] overlayfs: missing 'lowerdir'
[  197.606732][ T5908] ums-cypress 4-1:2.196: USB Mass Storage device detected
[  197.812867][ T5908] usb 4-1: USB disconnect, device number 12
[  197.900430][   T78] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  197.997492][ T7609] bridge0: port 3(dummy0) entered disabled state
[  198.383176][   T78] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  198.394626][   T78] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  198.405154][   T78] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  198.413426][   T78] usb 3-1: Product: syz
[  198.422126][   T78] usb 3-1: Manufacturer: syz
[  198.426724][   T78] usb 3-1: SerialNumber: syz
[  198.434136][   T78] usb 3-1: config 0 descriptor??
[  198.447414][ T7611] overlayfs: missing 'lowerdir'
[  198.636771][ T7617] FAULT_INJECTION: forcing a failure.
[  198.636771][ T7617] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  198.658236][ T7617] CPU: 1 UID: 0 PID: 7617 Comm: syz.4.411 Not tainted syzkaller #0 PREEMPT(full) 
[  198.658261][ T7617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  198.658271][ T7617] Call Trace:
[  198.658277][ T7617]  <TASK>
[  198.658284][ T7617]  dump_stack_lvl+0x16c/0x1f0
[  198.658312][ T7617]  should_fail_ex+0x512/0x640
[  198.658335][ T7617]  _copy_from_user+0x2e/0xd0
[  198.658359][ T7617]  copy_msghdr_from_user+0x98/0x160
[  198.658379][ T7617]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  198.658403][ T7617]  ? __pfx__kstrtoull+0x10/0x10
[  198.658424][ T7617]  ___sys_sendmsg+0xfe/0x1d0
[  198.658443][ T7617]  ? __pfx____sys_sendmsg+0x10/0x10
[  198.658474][ T7617]  ? find_held_lock+0x2b/0x80
[  198.658510][ T7617]  __sys_sendmmsg+0x200/0x420
[  198.658531][ T7617]  ? __pfx___sys_sendmmsg+0x10/0x10
[  198.658558][ T7617]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  198.658588][ T7617]  ? fput+0x9b/0xd0
[  198.658611][ T7617]  ? ksys_write+0x1ac/0x250
[  198.658629][ T7617]  ? __pfx_ksys_write+0x10/0x10
[  198.658656][ T7617]  __x64_sys_sendmmsg+0x9c/0x100
[  198.658675][ T7617]  ? lockdep_hardirqs_on+0x7c/0x110
[  198.658694][ T7617]  do_syscall_64+0xcd/0x4c0
[  198.658715][ T7617]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.658733][ T7617] RIP: 0033:0x7ffa47f8ebe9
[  198.658747][ T7617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  198.658763][ T7617] RSP: 002b:00007ffa461f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  198.658780][ T7617] RAX: ffffffffffffffda RBX: 00007ffa481b5fa0 RCX: 00007ffa47f8ebe9
[  198.658792][ T7617] RDX: 0000000000000003 RSI: 0000200000001140 RDI: 0000000000000003
[  198.658802][ T7617] RBP: 00007ffa461f6090 R08: 0000000000000000 R09: 0000000000000000
[  198.658813][ T7617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  198.658823][ T7617] R13: 00007ffa481b6038 R14: 00007ffa481b5fa0 R15: 00007fffb0b39318
[  198.658846][ T7617]  </TASK>
[  198.980124][ T7624] netlink: 12 bytes leftover after parsing attributes in process `syz.1.412'.
[  198.990388][ T5928] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  199.039241][   T30] audit: type=1400 audit(1756249449.222:397): avc:  denied  { create } for  pid=7623 comm="syz.1.412" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  199.063678][   T30] audit: type=1400 audit(1756249449.222:398): avc:  denied  { getopt } for  pid=7623 comm="syz.1.412" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  199.133839][ T7628] block nbd4: Attempted send on invalid socket
[  199.142210][ T7628] I/O error, dev nbd4, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 3
[  199.153060][ T7628] ADFS-fs (nbd4): error: unable to read block 3, try 0
[  199.227002][ T5928] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  199.257625][ T5908] usb 3-1: USB disconnect, device number 22
[  199.264745][ T5928] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  199.277754][ T5928] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  199.294698][ T5928] usb 4-1: Product: syz
[  199.307022][ T5928] usb 4-1: Manufacturer: syz
[  199.317389][ T5928] usb 4-1: SerialNumber: syz
[  199.399078][ T5928] usb 4-1: config 0 descriptor??
[  200.779001][ T5908] usb 4-1: USB disconnect, device number 13
[  200.834240][ T7639] 9pnet_fd: Insufficient options for proto=fd
[  200.842773][ T7639] nbd: nbd0 already in use
[  201.213188][   T78] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  201.225637][   T30] audit: type=1400 audit(1756249451.412:399): avc:  denied  { read write } for  pid=7648 comm="syz.4.419" name="sg0" dev="devtmpfs" ino=744 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  201.254157][   T30] audit: type=1400 audit(1756249451.412:400): avc:  denied  { open } for  pid=7648 comm="syz.4.419" path="/dev/sg0" dev="devtmpfs" ino=744 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  201.275425][ T7649] FAULT_INJECTION: forcing a failure.
[  201.275425][ T7649] name failslab, interval 1, probability 0, space 0, times 0
[  201.294585][ T7649] CPU: 1 UID: 0 PID: 7649 Comm: syz.4.419 Not tainted syzkaller #0 PREEMPT(full) 
[  201.294611][ T7649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  201.294621][ T7649] Call Trace:
[  201.294627][ T7649]  <TASK>
[  201.294635][ T7649]  dump_stack_lvl+0x16c/0x1f0
[  201.294661][ T7649]  should_fail_ex+0x512/0x640
[  201.294680][ T7649]  ? fs_reclaim_acquire+0xae/0x150
[  201.294706][ T7649]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  201.294732][ T7649]  should_failslab+0xc2/0x120
[  201.294754][ T7649]  __kmalloc_noprof+0xd2/0x510
[  201.294778][ T7649]  tomoyo_realpath_from_path+0xc2/0x6e0
[  201.294807][ T7649]  ? tomoyo_profile+0x47/0x60
[  201.294827][ T7649]  tomoyo_path_number_perm+0x245/0x580
[  201.294848][ T7649]  ? tomoyo_path_number_perm+0x237/0x580
[  201.294879][ T7649]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  201.294903][ T7649]  ? find_held_lock+0x2b/0x80
[  201.294948][ T7649]  ? find_held_lock+0x2b/0x80
[  201.294970][ T7649]  ? hook_file_ioctl_common+0x145/0x410
[  201.294995][ T7649]  ? __fget_files+0x20e/0x3c0
[  201.295019][ T7649]  security_file_ioctl+0x9b/0x240
[  201.295046][ T7649]  __x64_sys_ioctl+0xb7/0x210
[  201.295076][ T7649]  do_syscall_64+0xcd/0x4c0
[  201.295098][ T7649]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  201.295116][ T7649] RIP: 0033:0x7ffa47f8ebe9
[  201.295131][ T7649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  201.295148][ T7649] RSP: 002b:00007ffa461f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  201.295167][ T7649] RAX: ffffffffffffffda RBX: 00007ffa481b5fa0 RCX: 00007ffa47f8ebe9
[  201.295179][ T7649] RDX: 0000200000000000 RSI: 0000000000005393 RDI: 0000000000000003
[  201.295190][ T7649] RBP: 00007ffa461f6090 R08: 0000000000000000 R09: 0000000000000000
[  201.295200][ T7649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  201.295211][ T7649] R13: 00007ffa481b6038 R14: 00007ffa481b5fa0 R15: 00007fffb0b39318
[  201.295236][ T7649]  </TASK>
[  201.295243][ T7649] ERROR: Out of memory at tomoyo_realpath_from_path.
[  201.392825][    T9] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  201.508203][   T30] audit: type=1400 audit(1756249451.692:401): avc:  denied  { ioctl } for  pid=7648 comm="syz.4.419" path="/dev/sg0" dev="devtmpfs" ino=744 ioctlcmd=0x5393 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  201.570527][   T78] usb 3-1: Using ep0 maxpacket: 16
[  201.600987][   T78] usb 3-1: config 2 has an invalid interface number: 196 but max is 1
[  201.632341][   T78] usb 3-1: config 2 has 1 interface, different from the descriptor's value: 2
[  201.653100][   T78] usb 3-1: config 2 has no interface number 0
[  201.659208][   T78] usb 3-1: config 2 interface 196 has no altsetting 0
[  201.678050][   T78] usb 3-1: New USB device found, idVendor=04b4, idProduct=6831, bcdDevice=88.56
[  201.687565][   T78] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  201.695867][   T78] usb 3-1: Product: syz
[  201.723371][   T78] usb 3-1: Manufacturer: syz
[  201.730725][    T9] usb 1-1: config 0 has no interfaces?
[  201.770454][    T9] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  201.781763][   T78] usb 3-1: SerialNumber: syz
[  201.791871][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  201.799885][    T9] usb 1-1: Product: syz
[  201.858805][    T9] usb 1-1: Manufacturer: syz
[  201.866707][    T9] usb 1-1: SerialNumber: syz
[  202.179435][    T9] usb 1-1: config 0 descriptor??
[  202.183657][   T78] ums-cypress 3-1:2.196: USB Mass Storage device detected
[  202.491583][   T78] usb 3-1: USB disconnect, device number 23
[  203.810753][   T78] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  203.870863][   T30] audit: type=1400 audit(1756249454.062:402): avc:  denied  { create } for  pid=7675 comm="syz.4.427" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  203.920807][   T30] audit: type=1400 audit(1756249454.112:403): avc:  denied  { create } for  pid=7675 comm="syz.4.427" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmpvc_socket permissive=1
[  203.953279][ T7678] FAULT_INJECTION: forcing a failure.
[  203.953279][ T7678] name failslab, interval 1, probability 0, space 0, times 0
[  203.966070][ T7678] CPU: 1 UID: 0 PID: 7678 Comm: syz.1.428 Not tainted syzkaller #0 PREEMPT(full) 
[  203.966086][ T7678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  203.966092][ T7678] Call Trace:
[  203.966096][ T7678]  <TASK>
[  203.966100][ T7678]  dump_stack_lvl+0x16c/0x1f0
[  203.966117][ T7678]  should_fail_ex+0x512/0x640
[  203.966130][ T7678]  ? fs_reclaim_acquire+0xae/0x150
[  203.966146][ T7678]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  203.966164][ T7678]  should_failslab+0xc2/0x120
[  203.966177][ T7678]  __kmalloc_noprof+0xd2/0x510
[  203.966192][ T7678]  tomoyo_realpath_from_path+0xc2/0x6e0
[  203.966210][ T7678]  ? tomoyo_profile+0x47/0x60
[  203.966222][ T7678]  tomoyo_path_number_perm+0x245/0x580
[  203.966236][ T7678]  ? tomoyo_path_number_perm+0x237/0x580
[  203.966251][ T7678]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  203.966266][ T7678]  ? find_held_lock+0x2b/0x80
[  203.966292][ T7678]  ? find_held_lock+0x2b/0x80
[  203.966305][ T7678]  ? hook_file_ioctl_common+0x145/0x410
[  203.966320][ T7678]  ? __fget_files+0x20e/0x3c0
[  203.966335][ T7678]  security_file_ioctl+0x9b/0x240
[  203.966352][ T7678]  __x64_sys_ioctl+0xb7/0x210
[  203.966370][ T7678]  do_syscall_64+0xcd/0x4c0
[  203.966384][ T7678]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.966396][ T7678] RIP: 0033:0x7fad9258ebe9
[  203.966405][ T7678] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  203.966416][ T7678] RSP: 002b:00007fad93392038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  203.966427][ T7678] RAX: ffffffffffffffda RBX: 00007fad927b5fa0 RCX: 00007fad9258ebe9
[  203.966435][ T7678] RDX: 0000200000000200 RSI: 00000000c058565d RDI: 0000000000000003
[  203.966441][ T7678] RBP: 00007fad93392090 R08: 0000000000000000 R09: 0000000000000000
[  203.966448][ T7678] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  203.966454][ T7678] R13: 00007fad927b6038 R14: 00007fad927b5fa0 R15: 00007ffd2249f7c8
[  203.966468][ T7678]  </TASK>
[  203.966472][ T7678] ERROR: Out of memory at tomoyo_realpath_from_path.
[  204.183105][   T78] usb 3-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  204.196123][   T78] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  204.229509][   T78] usb 3-1: Product: syz
[  204.440628][   T30] audit: type=1400 audit(1756249454.492:404): avc:  denied  { create } for  pid=7675 comm="syz.4.427" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  204.460480][   T78] usb 3-1: Manufacturer: syz
[  204.465082][   T78] usb 3-1: SerialNumber: syz
[  204.485942][    T9] usb 1-1: USB disconnect, device number 22
[  204.620424][ T7686] FAULT_INJECTION: forcing a failure.
[  204.620424][ T7686] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  204.639761][ T7686] CPU: 0 UID: 0 PID: 7686 Comm: syz.3.432 Not tainted syzkaller #0 PREEMPT(full) 
[  204.639786][ T7686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  204.639796][ T7686] Call Trace:
[  204.639802][ T7686]  <TASK>
[  204.639809][ T7686]  dump_stack_lvl+0x16c/0x1f0
[  204.639834][ T7686]  should_fail_ex+0x512/0x640
[  204.639863][ T7686]  _copy_to_user+0x32/0xd0
[  204.639889][ T7686]  simple_read_from_buffer+0xcb/0x170
[  204.639910][ T7686]  proc_fail_nth_read+0x197/0x240
[  204.639931][ T7686]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  204.639954][ T7686]  ? rw_verify_area+0xcf/0x6c0
[  204.639981][ T7686]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  204.640002][ T7686]  vfs_read+0x1e4/0xcf0
[  204.640022][ T7686]  ? __pfx___mutex_lock+0x10/0x10
[  204.640043][ T7686]  ? __pfx_vfs_read+0x10/0x10
[  204.640066][ T7686]  ? __fget_files+0x20e/0x3c0
[  204.640094][ T7686]  ksys_read+0x12a/0x250
[  204.640111][ T7686]  ? __pfx_ksys_read+0x10/0x10
[  204.640137][ T7686]  do_syscall_64+0xcd/0x4c0
[  204.640159][ T7686]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  204.640178][ T7686] RIP: 0033:0x7f5a2598d5fc
[  204.640192][ T7686] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  204.640209][ T7686] RSP: 002b:00007f5a267e3030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  204.640226][ T7686] RAX: ffffffffffffffda RBX: 00007f5a25bb5fa0 RCX: 00007f5a2598d5fc
[  204.640237][ T7686] RDX: 000000000000000f RSI: 00007f5a267e30a0 RDI: 0000000000000004
[  204.640248][ T7686] RBP: 00007f5a267e3090 R08: 0000000000000000 R09: 0000000000000000
[  204.640262][ T7686] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  204.640271][ T7686] R13: 00007f5a25bb6038 R14: 00007f5a25bb5fa0 R15: 00007ffd412baa18
[  204.640295][ T7686]  </TASK>
[  205.080093][   T30] audit: type=1400 audit(1756249455.262:405): avc:  denied  { bind } for  pid=7700 comm="syz.4.435" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  205.700440][   T24] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  206.110425][   T24] usb 2-1: Using ep0 maxpacket: 16
[  206.127440][   T24] usb 2-1: config 2 has an invalid interface number: 196 but max is 1
[  206.137456][   T24] usb 2-1: config 2 has 1 interface, different from the descriptor's value: 2
[  206.150445][   T24] usb 2-1: config 2 has no interface number 0
[  206.156568][   T24] usb 2-1: config 2 interface 196 has no altsetting 0
[  206.166610][   T24] usb 2-1: New USB device found, idVendor=04b4, idProduct=6831, bcdDevice=88.56
[  206.176009][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  206.184372][   T24] usb 2-1: Product: syz
[  206.188669][   T24] usb 2-1: Manufacturer: syz
[  206.199154][   T24] usb 2-1: SerialNumber: syz
[  206.402150][ T7695] netlink: 'syz.0.430': attribute type 10 has an invalid length.
[  206.410236][ T7695] netlink: 40 bytes leftover after parsing attributes in process `syz.0.430'.
[  206.422334][ T7695] bridge0: port 3(dummy0) entered blocking state
[  206.429497][ T7695] bridge0: port 3(dummy0) entered forwarding state
[  206.470929][   T78] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000040. ret = -EPIPE
[  206.483548][   T78] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00001000. ret = -EPIPE
[  206.561286][   T78] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x0000011c. ret = -EPROTO
[  206.713879][   T78] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  207.014679][   T24] ums-cypress 2-1:2.196: USB Mass Storage device detected
[  207.031634][   T78] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  207.080793][   T78] lan78xx 3-1:1.0: probe with driver lan78xx failed with error -71
[  207.135590][   T24] usb 2-1: USB disconnect, device number 15
[  207.212907][   T78] usb 3-1: USB disconnect, device number 24
[  207.607365][   T78] IPVS: starting estimator thread 0...
[  207.682692][ T1205] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  207.701443][ T7737] FAULT_INJECTION: forcing a failure.
[  207.701443][ T7737] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  207.760480][ T7737] CPU: 1 UID: 0 PID: 7737 Comm: syz.1.442 Not tainted syzkaller #0 PREEMPT(full) 
[  207.760506][ T7737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  207.760516][ T7737] Call Trace:
[  207.760515][ T7735] IPVS: using max 72 ests per chain, 172800 per kthread
[  207.760522][ T7737]  <TASK>
[  207.760529][ T7737]  dump_stack_lvl+0x16c/0x1f0
[  207.760551][ T7737]  should_fail_ex+0x512/0x640
[  207.760571][ T7737]  _copy_from_user+0x2e/0xd0
[  207.760591][ T7737]  copy_msghdr_from_user+0x98/0x160
[  207.760609][ T7737]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  207.760635][ T7737]  ___sys_sendmsg+0xfe/0x1d0
[  207.760653][ T7737]  ? __pfx____sys_sendmsg+0x10/0x10
[  207.760702][ T7737]  __sys_sendmsg+0x16d/0x220
[  207.760719][ T7737]  ? __pfx___sys_sendmsg+0x10/0x10
[  207.760752][ T7737]  do_syscall_64+0xcd/0x4c0
[  207.760772][ T7737]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.760788][ T7737] RIP: 0033:0x7fad9258ebe9
[  207.760801][ T7737] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  207.760816][ T7737] RSP: 002b:00007fad93392038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  207.760831][ T7737] RAX: ffffffffffffffda RBX: 00007fad927b5fa0 RCX: 00007fad9258ebe9
[  207.760847][ T7737] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003
[  207.760856][ T7737] RBP: 00007fad93392090 R08: 0000000000000000 R09: 0000000000000000
[  207.760866][ T7737] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  207.760875][ T7737] R13: 00007fad927b6038 R14: 00007fad927b5fa0 R15: 00007ffd2249f7c8
[  207.760898][ T7737]  </TASK>
[  207.840449][ T5966] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  208.040497][ T1205] usb 5-1: config 0 has no interfaces?
[  208.105561][ T5966] usb 3-1: config 0 has no interfaces?
[  208.113529][ T5966] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  208.122814][ T5966] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  208.132341][ T5966] usb 3-1: Product: syz
[  208.136811][ T5966] usb 3-1: Manufacturer: syz
[  208.141509][ T5966] usb 3-1: SerialNumber: syz
[  208.161176][ T5966] usb 3-1: config 0 descriptor??
[  208.182367][ T7740] overlayfs: missing 'lowerdir'
[  208.205749][ T1205] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  208.599523][ T1205] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  208.655561][ T1205] usb 5-1: Product: syz
[  208.705133][ T1205] usb 5-1: Manufacturer: syz
[  208.709741][ T1205] usb 5-1: SerialNumber: syz
[  208.766822][ T1205] usb 5-1: config 0 descriptor??
[  208.820490][ T5966] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  209.022530][ T5966] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  209.034074][ T5966] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  209.045864][ T5966] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  209.054166][ T5966] usb 2-1: Product: syz
[  209.058352][ T5966] usb 2-1: Manufacturer: syz
[  209.067254][ T5966] usb 2-1: SerialNumber: syz
[  209.125226][ T5966] usb 2-1: config 0 descriptor??
[  209.320326][ T1205] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  209.501870][ T1205] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  209.517738][ T1205] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  209.528861][ T1205] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  209.540201][ T1205] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  209.555930][ T1205] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  209.584040][ T1205] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  209.965772][ T1205] usb 4-1: config 0 descriptor??
[  210.023254][ T5908] usb 2-1: USB disconnect, device number 16
[  210.133756][ T7756] netlink: 16 bytes leftover after parsing attributes in process `syz.0.446'.
[  210.153858][ T7756] netlink: 16 bytes leftover after parsing attributes in process `syz.0.446'.
[  210.345716][ T5908] usb 3-1: USB disconnect, device number 25
[  210.433120][ T1205] plantronics 0003:047F:FFFF.0002: ignoring exceeding usage max
[  210.518295][ T1205] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  210.530637][ T5966] usb 5-1: USB disconnect, device number 16
[  210.953643][ T5908] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  211.223402][ T5908] usb 3-1: device descriptor read/64, error -71
[  211.367456][ T7773] 9pnet_fd: Insufficient options for proto=fd
[  211.376038][ T7773] netlink: 'syz.0.450': attribute type 39 has an invalid length.
[  211.470382][ T5908] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  211.744778][ T5908] usb 3-1: device descriptor read/64, error -71
[  211.751422][ T7775] FAULT_INJECTION: forcing a failure.
[  211.751422][ T7775] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  211.788789][ T7775] CPU: 0 UID: 0 PID: 7775 Comm: syz.4.451 Not tainted syzkaller #0 PREEMPT(full) 
[  211.788814][ T7775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  211.788824][ T7775] Call Trace:
[  211.788829][ T7775]  <TASK>
[  211.788836][ T7775]  dump_stack_lvl+0x16c/0x1f0
[  211.788861][ T7775]  should_fail_ex+0x512/0x640
[  211.788885][ T7775]  _copy_from_user+0x2e/0xd0
[  211.788908][ T7775]  get_bitmap+0xdf/0x1a0
[  211.788927][ T7775]  get_nodes+0x1df/0x210
[  211.788945][ T7775]  ? __pfx_get_nodes+0x10/0x10
[  211.788962][ T7775]  ? __fget_files+0x20e/0x3c0
[  211.788985][ T7775]  kernel_migrate_pages+0xeb/0x700
[  211.789006][ T7775]  ? __pfx_kernel_migrate_pages+0x10/0x10
[  211.789025][ T7775]  ? ksys_write+0x1ac/0x250
[  211.789042][ T7775]  ? __pfx_ksys_write+0x10/0x10
[  211.789059][ T7775]  __x64_sys_migrate_pages+0x96/0x100
[  211.789073][ T7775]  ? lockdep_hardirqs_on+0x7c/0x110
[  211.789084][ T7775]  do_syscall_64+0xcd/0x4c0
[  211.789098][ T7775]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.789110][ T7775] RIP: 0033:0x7ffa47f8ebe9
[  211.789119][ T7775] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  211.789130][ T7775] RSP: 002b:00007ffa461f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000100
[  211.789141][ T7775] RAX: ffffffffffffffda RBX: 00007ffa481b5fa0 RCX: 00007ffa47f8ebe9
[  211.789148][ T7775] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000000
[  211.789155][ T7775] RBP: 00007ffa461f6090 R08: 0000000000000000 R09: 0000000000000000
[  211.789161][ T7775] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000001
[  211.789168][ T7775] R13: 00007ffa481b6038 R14: 00007ffa481b5fa0 R15: 00007fffb0b39318
[  211.789181][ T7775]  </TASK>
[  211.972461][ T5908] usb usb3-port1: attempt power cycle
[  212.105415][ T7781] block nbd0: Attempted send on invalid socket
[  212.111856][ T7781] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 3
[  212.216002][ T7781] ADFS-fs (nbd0): error: unable to read block 3, try 0
[  212.892170][ T5908] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  212.910164][ T7790] siw: device registration error -23
[  212.911231][ T5908] usb 3-1: device descriptor read/8, error -71
[  212.926912][   T30] audit: type=1400 audit(1756249462.532:406): avc:  denied  { ioctl } for  pid=7780 comm="syz.1.454" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=18559 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  212.955497][   T30] audit: type=1400 audit(1756249463.092:407): avc:  denied  { create } for  pid=7783 comm="syz.4.453" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  213.002763][   T30] audit: type=1400 audit(1756249463.092:408): avc:  denied  { ioctl } for  pid=7783 comm="syz.4.453" path="socket:[18561]" dev="sockfs" ino=18561 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  213.034114][   T30] audit: type=1400 audit(1756249463.092:409): avc:  denied  { append } for  pid=7783 comm="syz.4.453" name="ptp0" dev="devtmpfs" ino=1265 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  213.103699][ T5966] usb 4-1: USB disconnect, device number 14
[  213.240369][ T5908] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  213.274828][ T5908] usb 3-1: device descriptor read/8, error -71
[  213.345412][ T7800] netlink: 20 bytes leftover after parsing attributes in process `syz.3.456'.
[  213.395406][ T5908] usb usb3-port1: unable to enumerate USB device
[  214.098205][   T30] audit: type=1400 audit(1756249464.122:410): avc:  denied  { ioctl } for  pid=7809 comm="syz.0.459" path="socket:[18606]" dev="sockfs" ino=18606 ioctlcmd=0x52d2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  214.246251][ T7816] overlayfs: missing 'lowerdir'
[  214.781213][ T7819] netlink: 'syz.2.460': attribute type 10 has an invalid length.
[  214.788990][ T7819] netlink: 40 bytes leftover after parsing attributes in process `syz.2.460'.
[  214.798076][ T7819] dummy0: entered promiscuous mode
[  214.806018][ T7819] bridge0: port 3(dummy0) entered blocking state
[  214.812513][ T7819] bridge0: port 3(dummy0) entered disabled state
[  214.819037][ T7819] dummy0: entered allmulticast mode
[  214.826489][ T7819] bridge0: port 3(dummy0) entered blocking state
[  214.832917][ T7819] bridge0: port 3(dummy0) entered forwarding state
[  215.010559][   T24] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  215.224429][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  215.236814][   T24] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  215.246063][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  215.256184][   T24] usb 1-1: Product: syz
[  215.300581][   T24] usb 1-1: Manufacturer: syz
[  215.305205][   T24] usb 1-1: SerialNumber: syz
[  215.326468][ T7821] 9pnet_fd: Insufficient options for proto=fd
[  215.341284][   T24] usb 1-1: config 0 descriptor??
[  215.370688][ T7821] netlink: 'syz.4.462': attribute type 39 has an invalid length.
[  215.411493][ T7823] random: crng reseeded on system resumption
[  215.422070][   T30] audit: type=1400 audit(1756249465.602:411): avc:  denied  { write } for  pid=7822 comm="syz.1.463" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  215.487797][   T30] audit: type=1400 audit(1756249465.602:412): avc:  denied  { open } for  pid=7822 comm="syz.1.463" path="/dev/snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  215.691623][ T7823] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  215.786337][ T7832] 9pnet_fd: Insufficient options for proto=fd
[  215.854039][ T7832] nbd: nbd2 already in use
[  216.020983][    T9] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  216.130541][   T30] audit: type=1400 audit(1756249466.272:413): avc:  denied  { mount } for  pid=7835 comm="syz.3.467" name="/" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  216.235764][ T7842] FAULT_INJECTION: forcing a failure.
[  216.235764][ T7842] name failslab, interval 1, probability 0, space 0, times 0
[  216.246949][   T24] usb 1-1: USB disconnect, device number 23
[  216.254389][   T30] audit: type=1400 audit(1756249466.292:414): avc:  denied  { mounton } for  pid=7835 comm="syz.3.467" path="/88/file0" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  216.254433][   T30] audit: type=1400 audit(1756249466.322:415): avc:  denied  { mount } for  pid=7835 comm="syz.3.467" name="/" dev="overlay" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  216.300563][ T7842] CPU: 1 UID: 0 PID: 7842 Comm: syz.2.468 Not tainted syzkaller #0 PREEMPT(full) 
[  216.300589][ T7842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  216.300599][ T7842] Call Trace:
[  216.300604][ T7842]  <TASK>
[  216.300611][ T7842]  dump_stack_lvl+0x16c/0x1f0
[  216.300635][ T7842]  should_fail_ex+0x512/0x640
[  216.300652][ T7842]  ? fs_reclaim_acquire+0xae/0x150
[  216.300676][ T7842]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  216.300701][ T7842]  should_failslab+0xc2/0x120
[  216.300721][ T7842]  __kmalloc_noprof+0xd2/0x510
[  216.300742][ T7842]  tomoyo_realpath_from_path+0xc2/0x6e0
[  216.300769][ T7842]  ? tomoyo_profile+0x47/0x60
[  216.300786][ T7842]  tomoyo_path_number_perm+0x245/0x580
[  216.300806][ T7842]  ? tomoyo_path_number_perm+0x237/0x580
[  216.300829][ T7842]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  216.300852][ T7842]  ? find_held_lock+0x2b/0x80
[  216.300894][ T7842]  ? find_held_lock+0x2b/0x80
[  216.300914][ T7842]  ? hook_file_ioctl_common+0x145/0x410
[  216.300938][ T7842]  ? __fget_files+0x20e/0x3c0
[  216.300962][ T7842]  security_file_ioctl+0x9b/0x240
[  216.300989][ T7842]  __x64_sys_ioctl+0xb7/0x210
[  216.301015][ T7842]  do_syscall_64+0xcd/0x4c0
[  216.301037][ T7842]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.301054][ T7842] RIP: 0033:0x7f970718ebe9
[  216.301068][ T7842] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  216.301085][ T7842] RSP: 002b:00007f9707ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  216.301103][ T7842] RAX: ffffffffffffffda RBX: 00007f97073b5fa0 RCX: 00007f970718ebe9
[  216.301114][ T7842] RDX: 0000200000000000 RSI: 00000000c0405602 RDI: 0000000000000003
[  216.301125][ T7842] RBP: 00007f9707ff6090 R08: 0000000000000000 R09: 0000000000000000
[  216.301135][ T7842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  216.301145][ T7842] R13: 00007f97073b6038 R14: 00007f97073b5fa0 R15: 00007ffc1fdc9298
[  216.301168][ T7842]  </TASK>
[  216.301175][ T7842] ERROR: Out of memory at tomoyo_realpath_from_path.
[  216.320493][    T9] usb 5-1: Using ep0 maxpacket: 8
[  216.334885][    T9] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  216.530167][    T9] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  216.541711][    T9] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  216.553116][    T9] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  216.591714][    T9] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  216.657117][    T9] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  216.673378][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  216.930689][   T10] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  216.961189][ T1205] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  217.150631][   T10] usb 4-1: device descriptor read/64, error -71
[  217.413822][ T1205] usb 3-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00
[  217.440175][ T1205] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  217.448396][ T1205] usb 3-1: Product: syz
[  217.452851][ T1205] usb 3-1: Manufacturer: syz
[  217.457432][ T1205] usb 3-1: SerialNumber: syz
[  217.510369][   T10] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  217.651441][   T10] usb 4-1: device descriptor read/64, error -71
[  217.771006][   T10] usb usb4-port1: attempt power cycle
[  217.843712][ T1205] rtl8150 3-1:1.0: couldn't reset the device
[  217.852399][ T1205] rtl8150 3-1:1.0: probe with driver rtl8150 failed with error -5
[  217.866762][ T1205] usb 3-1: USB disconnect, device number 30
[  218.120447][   T10] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  218.500985][   T10] usb 4-1: device descriptor read/8, error -71
[  218.596505][ T7867] overlayfs: missing 'lowerdir'
[  218.661426][    T9] usb 5-1: USB disconnect, device number 17
[  218.742392][   T10] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  218.800859][   T10] usb 4-1: device descriptor read/8, error -71
[  218.818180][ T7871] overlayfs: missing 'lowerdir'
[  218.876628][ T7874] 9pnet_fd: Insufficient options for proto=fd
[  218.884073][ T7874] nbd: nbd2 already in use
[  218.890470][   T24] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  218.930804][   T10] usb usb4-port1: unable to enumerate USB device
[  219.061837][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  219.074161][   T24] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  219.084772][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  219.094066][   T24] usb 2-1: Product: syz
[  219.098353][   T24] usb 2-1: Manufacturer: syz
[  219.106391][   T24] usb 2-1: SerialNumber: syz
[  219.135176][    T9] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  219.209742][   T24] usb 2-1: config 0 descriptor??
[  219.382679][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  219.507582][    T9] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  219.517055][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  219.693050][ T7886] siw: device registration error -23
[  220.001059][    T9] usb 1-1: Product: syz
[  220.016913][    T9] usb 1-1: Manufacturer: syz
[  220.021748][    T9] usb 1-1: SerialNumber: syz
[  220.030035][    T9] usb 1-1: config 0 descriptor??
[  220.794326][ T5966] usb 2-1: USB disconnect, device number 17
[  220.794830][    T9] usb 1-1: USB disconnect, device number 24
[  221.088719][ T7892] netlink: 'syz.2.482': attribute type 10 has an invalid length.
[  221.096587][ T7892] netlink: 40 bytes leftover after parsing attributes in process `syz.2.482'.
[  221.391404][ T7899] FAULT_INJECTION: forcing a failure.
[  221.391404][ T7899] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  221.422296][ T7899] CPU: 1 UID: 0 PID: 7899 Comm: syz.3.485 Not tainted syzkaller #0 PREEMPT(full) 
[  221.422322][ T7899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  221.422332][ T7899] Call Trace:
[  221.422338][ T7899]  <TASK>
[  221.422345][ T7899]  dump_stack_lvl+0x16c/0x1f0
[  221.422370][ T7899]  should_fail_ex+0x512/0x640
[  221.422394][ T7899]  _copy_from_user+0x2e/0xd0
[  221.422417][ T7899]  copy_msghdr_from_user+0x98/0x160
[  221.422437][ T7899]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  221.422468][ T7899]  ___sys_sendmsg+0xfe/0x1d0
[  221.422488][ T7899]  ? __pfx____sys_sendmsg+0x10/0x10
[  221.422535][ T7899]  __sys_sendmsg+0x16d/0x220
[  221.422554][ T7899]  ? __pfx___sys_sendmsg+0x10/0x10
[  221.422594][ T7899]  do_syscall_64+0xcd/0x4c0
[  221.422616][ T7899]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  221.422634][ T7899] RIP: 0033:0x7f5a2598ebe9
[  221.422648][ T7899] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  221.422665][ T7899] RSP: 002b:00007f5a267e3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  221.422683][ T7899] RAX: ffffffffffffffda RBX: 00007f5a25bb5fa0 RCX: 00007f5a2598ebe9
[  221.422694][ T7899] RDX: 0000000000000080 RSI: 0000200000000100 RDI: 0000000000000003
[  221.422705][ T7899] RBP: 00007f5a267e3090 R08: 0000000000000000 R09: 0000000000000000
[  221.422714][ T7899] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  221.422723][ T7899] R13: 00007f5a25bb6038 R14: 00007f5a25bb5fa0 R15: 00007ffd412baa18
[  221.422744][ T7899]  </TASK>
[  221.706019][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  221.706036][   T30] audit: type=1400 audit(1756249471.872:418): avc:  denied  { write } for  pid=7896 comm="syz.4.484" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  222.170460][ T5966] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  222.463672][ T5966] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  222.475687][ T5966] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  222.511961][ T5966] usb 3-1: config 0 descriptor??
[  222.547473][ T5966] cp210x 3-1:0.0: cp210x converter detected
[  222.770540][   T24] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  222.790964][ T7917] 9pnet_fd: Insufficient options for proto=fd
[  222.914101][ T7917] nbd: nbd3 already in use
[  222.922932][   T24] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  222.933887][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  222.995140][ T5966] cp210x 3-1:0.0: failed to get vendor val 0x0010 size 3: -32
[  223.016458][ T5966] cp210x 3-1:0.0: failed to get vendor val 0x000e size 678: -71
[  223.036584][   T24] usb 2-1: config 0 descriptor??
[  223.041653][ T5966] cp210x 3-1:0.0: GPIO initialisation failed: -71
[  223.061788][   T24] cp210x 2-1:0.0: cp210x converter detected
[  223.091091][ T5966] usb 3-1: cp210x converter now attached to ttyUSB0
[  223.111517][ T5966] usb 3-1: USB disconnect, device number 31
[  223.120311][ T5966] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  223.128569][ T5966] cp210x 3-1:0.0: device disconnected
[  223.293121][ T7923] overlayfs: missing 'lowerdir'
[  223.555363][   T24] cp210x 2-1:0.0: failed to get vendor val 0x0010 size 3: -32
[  223.563672][   T24] cp210x 2-1:0.0: failed to get vendor val 0x000e size 678: -71
[  223.572654][   T24] cp210x 2-1:0.0: GPIO initialisation failed: -71
[  223.581214][   T24] usb 2-1: cp210x converter now attached to ttyUSB0
[  223.589131][   T24] usb 2-1: USB disconnect, device number 18
[  223.596887][   T24] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  223.605349][   T24] cp210x 2-1:0.0: device disconnected
[  224.071987][ T1205] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  224.150816][ T7928] block nbd3: Attempted send on invalid socket
[  224.158223][ T7928] I/O error, dev nbd3, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 3
[  224.176948][ T7928] ADFS-fs (nbd3): error: unable to read block 3, try 0
[  224.242911][ T1205] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  224.254528][ T1205] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  224.263709][ T1205] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  224.272660][ T1205] usb 5-1: Product: syz
[  224.277534][ T1205] usb 5-1: Manufacturer: syz
[  224.282795][ T1205] usb 5-1: SerialNumber: syz
[  224.897983][ T7943] siw: device registration error -23
[  225.187259][ T1205] usb 5-1: config 0 descriptor??
[  225.608998][ T7951] netlink: 'syz.2.495': attribute type 10 has an invalid length.
[  225.667447][ T7951] netlink: 40 bytes leftover after parsing attributes in process `syz.2.495'.
[  226.153964][ T7954] overlayfs: missing 'lowerdir'
[  226.206295][   T10] usb 5-1: USB disconnect, device number 18
[  226.560378][ T1205] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  226.916561][ T1205] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  226.933812][ T1205] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  226.942928][ T1205] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  226.950954][ T1205] usb 4-1: Product: syz
[  226.961444][ T1205] usb 4-1: Manufacturer: syz
[  226.973812][ T1205] usb 4-1: SerialNumber: syz
[  227.038681][ T1205] usb 4-1: config 0 descriptor??
[  227.090767][   T10] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  227.153071][ T7966] overlayfs: missing 'lowerdir'
[  227.274395][   T10] usb 3-1: config 0 has no interfaces?
[  227.302753][   T10] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  227.314198][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  227.357424][   T10] usb 3-1: Product: syz
[  227.380714][   T10] usb 3-1: Manufacturer: syz
[  227.395608][   T10] usb 3-1: SerialNumber: syz
[  227.416046][   T10] usb 3-1: config 0 descriptor??
[  227.460733][   T24] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  227.621239][ T7973] overlayfs: missing 'lowerdir'
[  227.759732][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  227.854305][   T24] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  227.863559][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  227.871632][   T24] usb 5-1: Product: syz
[  227.875862][   T24] usb 5-1: Manufacturer: syz
[  227.880556][   T24] usb 5-1: SerialNumber: syz
[  227.912517][ T5966] usb 4-1: USB disconnect, device number 19
[  227.943859][   T24] usb 5-1: config 0 descriptor??
[  228.090466][   T78] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  228.254874][   T78] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  228.267315][   T78] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  228.319937][   T78] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  228.328342][   T78] usb 1-1: Product: syz
[  228.333059][   T78] usb 1-1: Manufacturer: syz
[  228.338600][   T78] usb 1-1: SerialNumber: syz
[  228.347484][   T78] usb 1-1: config 0 descriptor??
[  228.891374][  T878] usb 5-1: USB disconnect, device number 19
[  229.064001][   T10] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  229.299838][ T1205] usb 1-1: USB disconnect, device number 25
[  229.476361][   T10] usb 2-1: config 0 has no interfaces?
[  229.486161][   T10] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  229.942318][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  229.950687][   T10] usb 2-1: Product: syz
[  229.954860][   T10] usb 2-1: Manufacturer: syz
[  229.959450][   T10] usb 2-1: SerialNumber: syz
[  229.984364][   T30] audit: type=1400 audit(1756249479.762:419): avc:  denied  { watch watch_reads } for  pid=7988 comm="syz.3.507" path="/96/file0" dev="tmpfs" ino=521 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  229.985578][   T10] usb 2-1: config 0 descriptor??
[  230.008333][   T30] audit: type=1400 audit(1756249479.772:420): avc:  denied  { execute } for  pid=7988 comm="syz.3.507" name="file0" dev="tmpfs" ino=521 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  230.036882][   T30] audit: type=1400 audit(1756249479.772:421): avc:  denied  { execute_no_trans } for  pid=7988 comm="syz.3.507" path="/96/file0" dev="tmpfs" ino=521 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  230.206175][   T78] usb 3-1: USB disconnect, device number 32
[  230.214830][   T30] audit: type=1400 audit(1756249480.392:422): avc:  denied  { setopt } for  pid=7992 comm="syz.3.509" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  230.270587][   T30] audit: type=1400 audit(1756249480.392:423): avc:  denied  { read } for  pid=7992 comm="syz.3.509" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  230.989435][ T8008] siw: device registration error -23
[  231.737966][ T8017] overlayfs: missing 'lowerdir'
[  231.747338][   T30] audit: type=1400 audit(1756249481.922:424): avc:  denied  { bind } for  pid=8014 comm="syz.0.514" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  231.806821][   T30] audit: type=1400 audit(1756249481.922:425): avc:  denied  { connect } for  pid=8014 comm="syz.0.514" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  232.039473][   T10] usb 2-1: USB disconnect, device number 19
[  232.130423][   T78] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  232.401008][   T78] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  232.432854][   T78] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  232.460227][   T78] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  232.480488][   T78] usb 3-1: Product: syz
[  232.575609][   T78] usb 3-1: Manufacturer: syz
[  232.587995][   T78] usb 3-1: SerialNumber: syz
[  232.604088][   T78] usb 3-1: config 0 descriptor??
[  232.810880][ T8035] overlayfs: missing 'lowerdir'
[  232.986258][ T8025] netlink: 'syz.3.515': attribute type 10 has an invalid length.
[  233.549842][ T8025] netlink: 40 bytes leftover after parsing attributes in process `syz.3.515'.
[  233.560470][ T8025] dummy0: entered promiscuous mode
[  233.567356][ T8025] bridge0: port 3(dummy0) entered blocking state
[  233.574532][ T8025] bridge0: port 3(dummy0) entered disabled state
[  233.581142][ T8025] dummy0: entered allmulticast mode
[  233.596743][ T8025] bridge0: port 3(dummy0) entered blocking state
[  233.603134][ T8025] bridge0: port 3(dummy0) entered forwarding state
[  233.640395][   T10] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  233.775273][    T9] usb 3-1: USB disconnect, device number 33
[  233.913082][   T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  233.943277][   T10] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  233.994248][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  234.025820][   T10] usb 2-1: Product: syz
[  234.046104][   T10] usb 2-1: Manufacturer: syz
[  234.060386][ T5908] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  234.081395][   T10] usb 2-1: SerialNumber: syz
[  234.101678][   T10] usb 2-1: config 0 descriptor??
[  234.242647][ T5908] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  234.260314][ T5908] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  234.294467][ T5908] usb 5-1: config 0 descriptor??
[  234.327625][ T5908] cp210x 5-1:0.0: cp210x converter detected
[  234.356969][   T30] audit: type=1400 audit(1756249484.542:426): avc:  denied  { read write } for  pid=8040 comm="syz.3.521" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  234.466491][   T30] audit: type=1400 audit(1756249484.542:427): avc:  denied  { open } for  pid=8040 comm="syz.3.521" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  234.506732][ T8042] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[  234.515466][ T8042] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[  234.583435][ T8042] netdevsim netdevsim3: Falling back to sysfs fallback for: .
[  234.764445][ T5908] cp210x 5-1:0.0: failed to get vendor val 0x0010 size 3: -32
[  235.114875][ T5908] cp210x 5-1:0.0: failed to get vendor val 0x000e size 678: -71
[  235.131019][   T30] audit: type=1400 audit(1756249484.772:428): avc:  denied  { firmware_load } for  pid=8040 comm="syz.3.521" scontext=system_u:system_r:kernel_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  235.142939][ T5908] cp210x 5-1:0.0: GPIO initialisation failed: -71
[  235.160936][   T78] usb 2-1: USB disconnect, device number 20
[  235.182668][   T30] audit: type=1400 audit(1756249484.772:429): avc:  denied  { getopt } for  pid=8040 comm="syz.3.521" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  235.265008][ T5908] usb 5-1: cp210x converter now attached to ttyUSB0
[  235.335284][ T5908] usb 5-1: USB disconnect, device number 20
[  235.361946][ T5908] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  235.386942][ T5908] cp210x 5-1:0.0: device disconnected
[  235.401602][ T8048] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  235.465938][ T8048] CIFS mount error: No usable UNC path provided in device string!
[  235.465938][ T8048] 
[  235.504815][ T8048] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  236.323865][ T8060] overlayfs: missing 'lowerdir'
[  237.205449][   T30] audit: type=1400 audit(1756249487.372:430): avc:  denied  { read write } for  pid=8067 comm="syz.3.530" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  237.228595][   T30] audit: type=1400 audit(1756249487.372:431): avc:  denied  { open } for  pid=8067 comm="syz.3.530" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  237.235673][   T10] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  237.372356][   T30] audit: type=1400 audit(1756249487.382:432): avc:  denied  { map } for  pid=8067 comm="syz.3.530" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  237.396846][   T30] audit: type=1400 audit(1756249487.382:433): avc:  denied  { execute } for  pid=8067 comm="syz.3.530" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  237.764087][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  237.775363][   T10] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  237.786234][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  237.971157][ T8078] siw: device registration error -23
[  238.250080][   T10] usb 1-1: Product: syz
[  238.254545][   T10] usb 1-1: Manufacturer: syz
[  238.259145][   T10] usb 1-1: SerialNumber: syz
[  238.279701][   T10] usb 1-1: config 0 descriptor??
[  238.382562][ T8081] netlink: 28 bytes leftover after parsing attributes in process `syz.2.532'.
[  239.401019][ T8096] netlink: 20 bytes leftover after parsing attributes in process `syz.1.536'.
[  239.701454][  T878] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  239.875737][  T878] usb 5-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00
[  239.907711][  T878] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  239.931496][  T878] usb 5-1: Product: syz
[  239.935744][  T878] usb 5-1: Manufacturer: syz
[  239.957176][  T878] usb 5-1: SerialNumber: syz
[  240.103994][   T24] usb 1-1: USB disconnect, device number 26
[  240.275629][  T878] rtl8150 5-1:1.0: couldn't reset the device
[  240.330075][  T878] rtl8150 5-1:1.0: probe with driver rtl8150 failed with error -5
[  240.373721][  T878] usb 5-1: USB disconnect, device number 21
[  240.702763][ T8098] could not allocate digest TFM handle crc32-pclmul
[  241.330894][ T8117] tmpfs: Unknown parameter 'quotÜa•ÝTÉ'
[  241.504158][   T30] audit: type=1400 audit(1756249491.692:434): avc:  denied  { append } for  pid=8118 comm="syz.0.542" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  241.630855][ T8116] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  241.639574][ T8116] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  242.135232][ T8137] siw: device registration error -23
[  242.459954][ T8131] netlink: 28 bytes leftover after parsing attributes in process `syz.4.544'.
[  243.555335][ T8156] netlink: 28 bytes leftover after parsing attributes in process `syz.3.549'.
[  244.677619][ T8157] netlink: 'syz.2.547': attribute type 10 has an invalid length.
[  244.685502][ T8157] netlink: 40 bytes leftover after parsing attributes in process `syz.2.547'.
[  244.844918][ T8174] FAULT_INJECTION: forcing a failure.
[  244.844918][ T8174] name failslab, interval 1, probability 0, space 0, times 0
[  244.881917][ T8174] CPU: 1 UID: 0 PID: 8174 Comm: syz.3.555 Not tainted syzkaller #0 PREEMPT(full) 
[  244.881938][ T8174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  244.881945][ T8174] Call Trace:
[  244.881948][ T8174]  <TASK>
[  244.881953][ T8174]  dump_stack_lvl+0x16c/0x1f0
[  244.881969][ T8174]  should_fail_ex+0x512/0x640
[  244.881983][ T8174]  ? fs_reclaim_acquire+0xae/0x150
[  244.881999][ T8174]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  244.882016][ T8174]  should_failslab+0xc2/0x120
[  244.882030][ T8174]  __kmalloc_noprof+0xd2/0x510
[  244.882045][ T8174]  tomoyo_realpath_from_path+0xc2/0x6e0
[  244.882063][ T8174]  ? tomoyo_profile+0x47/0x60
[  244.882075][ T8174]  tomoyo_path_number_perm+0x245/0x580
[  244.882089][ T8174]  ? tomoyo_path_number_perm+0x237/0x580
[  244.882104][ T8174]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  244.882120][ T8174]  ? find_held_lock+0x2b/0x80
[  244.882145][ T8174]  ? find_held_lock+0x2b/0x80
[  244.882158][ T8174]  ? hook_file_ioctl_common+0x145/0x410
[  244.882172][ T8174]  ? __fget_files+0x20e/0x3c0
[  244.882187][ T8174]  security_file_ioctl+0x9b/0x240
[  244.882204][ T8174]  __x64_sys_ioctl+0xb7/0x210
[  244.882222][ T8174]  do_syscall_64+0xcd/0x4c0
[  244.882235][ T8174]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.882247][ T8174] RIP: 0033:0x7f5a2598ebe9
[  244.882257][ T8174] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  244.882268][ T8174] RSP: 002b:00007f5a267e3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  244.882280][ T8174] RAX: ffffffffffffffda RBX: 00007f5a25bb5fa0 RCX: 00007f5a2598ebe9
[  244.882287][ T8174] RDX: 00002000000002c0 RSI: 00000000c058560f RDI: 0000000000000003
[  244.882293][ T8174] RBP: 00007f5a267e3090 R08: 0000000000000000 R09: 0000000000000000
[  244.882299][ T8174] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  244.882306][ T8174] R13: 00007f5a25bb6038 R14: 00007f5a25bb5fa0 R15: 00007ffd412baa18
[  244.882319][ T8174]  </TASK>
[  244.882354][ T8174] ERROR: Out of memory at tomoyo_realpath_from_path.
[  245.130351][   T30] audit: type=1400 audit(1756249495.302:435): avc:  denied  { create } for  pid=8169 comm="syz.1.554" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  245.151659][ T8174] use of bytesused == 0 is deprecated and will be removed in the future,
[  245.175712][ T8172] lo speed is unknown, defaulting to 1000
[  245.183762][ T8174] use the actual size instead.
[  245.248085][ T8185] libceph: resolve '400' (ret=-3): failed
[  245.340373][   T24] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  246.019469][ T8194] overlayfs: missing 'lowerdir'
[  246.055450][   T24] usb 1-1: config 0 has no interfaces?
[  246.084401][   T24] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  246.110008][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  246.121805][   T24] usb 1-1: Product: syz
[  246.126022][   T24] usb 1-1: Manufacturer: syz
[  246.259981][   T24] usb 1-1: SerialNumber: syz
[  246.267390][   T24] usb 1-1: config 0 descriptor??
[  246.359336][   T30] audit: type=1400 audit(1756249496.542:436): avc:  denied  { watch_reads } for  pid=8199 comm="syz.3.563" path="/110" dev="tmpfs" ino=588 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  246.390811][   T10] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  246.410500][    T9] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  246.573363][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  246.591093][   T10] usb 2-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  247.037848][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  247.056846][    T9] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  247.067931][   T10] usb 2-1: Product: syz
[  247.073921][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  247.084656][   T10] usb 2-1: Manufacturer: syz
[  247.089263][   T10] usb 2-1: SerialNumber: syz
[  247.093906][    T9] usb 5-1: Product: syz
[  247.100228][    T9] usb 5-1: Manufacturer: syz
[  247.105025][    T9] usb 5-1: SerialNumber: syz
[  247.118389][    T9] usb 5-1: config 0 descriptor??
[  247.331284][ T5908] usb 1-1: USB disconnect, device number 27
[  247.976451][ T5908] usb 5-1: USB disconnect, device number 22
[  249.080387][   T30] audit: type=1400 audit(1756249499.142:437): avc:  denied  { create } for  pid=8231 comm="syz.4.568" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  249.183778][   T10] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000040. ret = -EPIPE
[  249.338537][   T30] audit: type=1400 audit(1756249499.422:438): avc:  denied  { ioctl } for  pid=8231 comm="syz.4.568" path="socket:[20471]" dev="sockfs" ino=20471 ioctlcmd=0x89ef scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  249.339084][   T10] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00001000. ret = -EPROTO
[  249.375262][   T30] audit: type=1400 audit(1756249499.422:439): avc:  denied  { create } for  pid=8231 comm="syz.4.568" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_dnrt_socket permissive=1
[  249.517016][   T10] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x0000011c. ret = -EPROTO
[  249.563573][   T10] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  249.598157][   T10] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  249.637341][   T10] lan78xx 2-1:1.0: probe with driver lan78xx failed with error -71
[  249.742171][   T10] usb 2-1: USB disconnect, device number 21
[  251.298716][ T8250] netlink: 'syz.0.570': attribute type 10 has an invalid length.
[  251.306639][ T8250] netlink: 40 bytes leftover after parsing attributes in process `syz.0.570'.
[  251.734300][ T8266] overlayfs: missing 'lowerdir'
[  251.873742][   T24] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  252.076003][   T24] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  252.085144][  T878] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  252.099662][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  252.122733][   T24] usb 2-1: config 0 descriptor??
[  252.134195][   T24] cp210x 2-1:0.0: cp210x converter detected
[  252.201983][   T78] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  252.251549][  T878] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  252.274029][  T878] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  252.293613][  T878] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  252.301993][  T878] usb 1-1: Product: syz
[  252.306271][  T878] usb 1-1: Manufacturer: syz
[  252.311087][  T878] usb 1-1: SerialNumber: syz
[  252.346663][   T24] cp210x 2-1:0.0: failed to get vendor val 0x370b size 1: -121
[  252.384154][   T78] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  252.571976][   T24] cp210x 2-1:0.0: querying part number failed
[  252.579037][  T878] usb 1-1: config 0 descriptor??
[  252.586034][   T78] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  252.630797][   T24] usb 2-1: cp210x converter now attached to ttyUSB0
[  252.660790][   T78] usb 5-1: config 0 descriptor??
[  252.671720][   T78] cp210x 5-1:0.0: cp210x converter detected
[  252.874163][   T78] cp210x 5-1:0.0: failed to get vendor val 0x370b size 1: -121
[  252.883184][   T78] cp210x 5-1:0.0: querying part number failed
[  252.893569][   T78] usb 5-1: cp210x converter now attached to ttyUSB1
[  253.149730][ T8277] overlayfs: missing 'lowerdir'
[  253.178896][   T78] usb 1-1: USB disconnect, device number 28
[  253.470343][  T878] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  253.621753][  T878] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  253.634222][  T878] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  253.643466][  T878] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  253.651524][  T878] usb 3-1: Product: syz
[  253.655773][  T878] usb 3-1: Manufacturer: syz
[  253.660422][  T878] usb 3-1: SerialNumber: syz
[  253.667270][  T878] usb 3-1: config 0 descriptor??
[  254.859755][  T878] usb 2-1: USB disconnect, device number 22
[  254.949239][  T878] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  254.979439][  T878] cp210x 2-1:0.0: device disconnected
[  254.982198][    T9] usb 5-1: USB disconnect, device number 23
[  255.253773][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  255.260122][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  255.320860][    T9] cp210x ttyUSB1: cp210x converter now disconnected from ttyUSB1
[  255.329050][    T9] cp210x 5-1:0.0: device disconnected
[  255.427314][   T78] usb 3-1: USB disconnect, device number 34
[  256.111282][   T30] audit: type=1400 audit(1756249506.272:440): avc:  denied  { listen } for  pid=8301 comm="syz.4.587" lport=20002 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  256.704990][ T8304] sctp: failed to load transform for md5: -2
[  256.737035][   T30] audit: type=1400 audit(1756249506.562:441): avc:  denied  { map } for  pid=8301 comm="syz.4.587" path="socket:[21101]" dev="sockfs" ino=21101 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  256.822146][   T30] audit: type=1400 audit(1756249506.562:442): avc:  denied  { read } for  pid=8301 comm="syz.4.587" path="socket:[21101]" dev="sockfs" ino=21101 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  256.887009][ T8322] overlayfs: missing 'lowerdir'
[  257.130520][   T78] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  257.171305][   T10] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  257.211114][  T878] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  257.310848][ T8327] tmpfs: Unknown parameter 'quotÜa•ÝTÉ'
[  257.321065][   T78] usb 5-1: Using ep0 maxpacket: 16
[  257.335432][   T78] usb 5-1: config 2 has an invalid interface number: 196 but max is 1
[  257.350649][   T78] usb 5-1: config 2 has 1 interface, different from the descriptor's value: 2
[  257.359853][   T78] usb 5-1: config 2 has no interface number 0
[  257.366875][   T78] usb 5-1: config 2 interface 196 has no altsetting 0
[  257.488047][  T878] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  257.506992][  T878] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  257.524265][   T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  257.537425][   T78] usb 5-1: New USB device found, idVendor=04b4, idProduct=6831, bcdDevice=88.56
[  257.567650][  T878] usb 1-1: config 0 descriptor??
[  257.567689][   T10] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  257.580408][   T78] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  257.601899][  T878] cp210x 1-1:0.0: cp210x converter detected
[  257.608559][   T78] usb 5-1: Product: syz
[  257.619229][   T78] usb 5-1: Manufacturer: syz
[  257.626510][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  257.640456][   T78] usb 5-1: SerialNumber: syz
[  257.644783][   T10] usb 2-1: Product: syz
[  257.655256][   T10] usb 2-1: Manufacturer: syz
[  257.682188][   T10] usb 2-1: SerialNumber: syz
[  257.699236][   T10] usb 2-1: config 0 descriptor??
[  257.935246][  T878] cp210x 1-1:0.0: failed to get vendor val 0x370b size 1: -121
[  257.963002][   T30] audit: type=1400 audit(1756249508.132:443): avc:  denied  { write } for  pid=8330 comm="syz.2.595" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  258.270152][  T878] cp210x 1-1:0.0: querying part number failed
[  258.290950][  T878] usb 1-1: cp210x converter now attached to ttyUSB0
[  258.313891][   T30] audit: type=1400 audit(1756249508.142:444): avc:  denied  { read } for  pid=8330 comm="syz.2.595" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  260.041408][   T10] usb 1-1: USB disconnect, device number 29
[  260.049668][   T10] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  260.085595][   T10] cp210x 1-1:0.0: device disconnected
[  260.530456][   T10] usb 1-1: new full-speed USB device number 30 using dummy_hcd
[  260.696227][   T10] usb 1-1: unable to read config index 0 descriptor/start: -61
[  260.719965][   T10] usb 1-1: can't read configurations, error -61
[  260.870310][   T10] usb 1-1: new full-speed USB device number 31 using dummy_hcd
[  260.951530][   T78] ums-cypress 5-1:2.196: USB Mass Storage device detected
[  261.067474][ T5966] usb 2-1: USB disconnect, device number 23
[  261.083927][   T78] usb 5-1: USB disconnect, device number 24
[  261.119476][   T10] usb 1-1: unable to read config index 0 descriptor/start: -61
[  261.130957][   T10] usb 1-1: can't read configurations, error -61
[  261.161627][   T10] usb usb1-port1: attempt power cycle
[  261.563898][   T10] usb 1-1: new full-speed USB device number 32 using dummy_hcd
[  261.657309][   T10] usb 1-1: unable to read config index 0 descriptor/start: -61
[  261.665151][   T10] usb 1-1: can't read configurations, error -61
[  261.849967][   T10] usb 1-1: new full-speed USB device number 33 using dummy_hcd
[  261.991297][ T8369] netlink: 'syz.1.602': attribute type 10 has an invalid length.
[  261.999060][ T8369] netlink: 40 bytes leftover after parsing attributes in process `syz.1.602'.
[  262.009757][ T8369] bridge0: port 3(dummy0) entered blocking state
[  262.016192][ T8369] bridge0: port 3(dummy0) entered forwarding state
[  262.043418][   T10] usb 1-1: unable to read config index 0 descriptor/start: -61
[  262.054019][   T10] usb 1-1: can't read configurations, error -61
[  262.062017][   T10] usb usb1-port1: unable to enumerate USB device
[  263.813480][ T8392] overlayfs: missing 'lowerdir'
[  264.081509][ T8394] block nbd0: Attempted send on invalid socket
[  264.087693][ T8394] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 3
[  264.100422][    T9] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  264.132226][ T8394] ADFS-fs (nbd0): error: unable to read block 3, try 0
[  264.302707][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  264.356806][    T9] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  264.366138][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  264.458587][    T9] usb 4-1: Product: syz
[  264.472955][    T9] usb 4-1: Manufacturer: syz
[  264.490325][ T5966] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[  264.497848][    T9] usb 4-1: SerialNumber: syz
[  264.674328][ T8408] siw: device registration error -23
[  264.784392][ T5966] usb 3-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00
[  264.961368][    T9] usb 4-1: config 0 descriptor??
[  264.995611][ T5966] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  265.025251][ T5966] usb 3-1: Product: syz
[  265.042977][ T5966] usb 3-1: Manufacturer: syz
[  265.156772][ T5966] usb 3-1: SerialNumber: syz
[  265.178924][   T30] audit: type=1400 audit(1756249515.342:445): avc:  denied  { ioctl } for  pid=8406 comm="syz.1.612" path="socket:[22054]" dev="sockfs" ino=22054 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  265.355015][ T8413] overlayfs: missing 'lowerdir'
[  265.453370][ T5966] rtl8150 3-1:1.0: couldn't reset the device
[  265.491968][ T5966] rtl8150 3-1:1.0: probe with driver rtl8150 failed with error -5
[  265.592066][ T5966] usb 3-1: USB disconnect, device number 35
[  265.710567][  T878] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  265.732688][ T8417] overlayfs: missing 'lowerdir'
[  265.931865][  T878] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  265.969128][  T878] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  265.985303][  T878] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  265.994236][  T878] usb 1-1: Product: syz
[  265.998536][  T878] usb 1-1: Manufacturer: syz
[  266.003474][  T878] usb 1-1: SerialNumber: syz
[  266.003752][    T9] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  266.030774][  T878] usb 1-1: config 0 descriptor??
[  266.242881][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  266.259958][    T9] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  266.272483][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  266.290085][    T9] usb 5-1: Product: syz
[  266.309819][    T9] usb 5-1: Manufacturer: syz
[  266.670342][    T9] usb 5-1: SerialNumber: syz
[  266.981184][   T10] usb 1-1: USB disconnect, device number 34
[  267.046481][  T878] usb 4-1: USB disconnect, device number 20
[  267.077213][ T6644] udevd[6644]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/sound/card4/controlC4/../uevent} for writing: No such file or directory
[  267.101817][    T9] usb 5-1: config 0 descriptor??
[  267.295632][ T8434] tmpfs: Unknown parameter 'quotÜa•ÝTÉ'
[  267.970359][    T9] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  268.006210][ T8442] overlayfs: missing 'lowerdir'
[  268.130939][    T9] usb 2-1: Using ep0 maxpacket: 16
[  268.137513][    T9] usb 2-1: config 2 has an invalid interface number: 196 but max is 1
[  268.166447][    T9] usb 2-1: config 2 has 1 interface, different from the descriptor's value: 2
[  268.175867][    T9] usb 2-1: config 2 has no interface number 0
[  268.183648][    T9] usb 2-1: config 2 interface 196 has no altsetting 0
[  268.197932][    T9] usb 2-1: New USB device found, idVendor=04b4, idProduct=6831, bcdDevice=88.56
[  268.223178][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  268.247902][    T9] usb 2-1: Product: syz
[  268.252173][    T9] usb 2-1: Manufacturer: syz
[  268.256858][    T9] usb 2-1: SerialNumber: syz
[  268.340334][ T5966] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  268.507853][ T5966] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  269.043736][ T5966] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  269.054499][ T5966] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  269.317327][ T5966] usb 1-1: Product: syz
[  269.326207][    T9] ums-cypress 2-1:2.196: USB Mass Storage device detected
[  269.330275][ T5966] usb 1-1: Manufacturer: syz
[  269.362606][ T5966] usb 1-1: SerialNumber: syz
[  269.397233][    T9] usb 2-1: USB disconnect, device number 24
[  269.400305][ T5966] usb 1-1: config 0 descriptor??
[  269.523185][   T78] usb 5-1: USB disconnect, device number 25
[  269.524819][ T8461] netlink: 'syz.3.626': attribute type 13 has an invalid length.
[  269.570112][   T30] audit: type=1400 audit(1756249519.752:446): avc:  denied  { bind } for  pid=8460 comm="syz.3.626" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  269.673612][   T30] audit: type=1400 audit(1756249519.862:447): avc:  denied  { create } for  pid=8462 comm="syz.4.627" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  269.677723][ T8463] FAULT_INJECTION: forcing a failure.
[  269.677723][ T8463] name failslab, interval 1, probability 0, space 0, times 0
[  269.712021][ T8463] CPU: 0 UID: 0 PID: 8463 Comm: syz.4.627 Not tainted syzkaller #0 PREEMPT(full) 
[  269.712046][ T8463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  269.712055][ T8463] Call Trace:
[  269.712061][ T8463]  <TASK>
[  269.712066][ T8463]  dump_stack_lvl+0x16c/0x1f0
[  269.712088][ T8463]  should_fail_ex+0x512/0x640
[  269.712106][ T8463]  ? fs_reclaim_acquire+0xae/0x150
[  269.712130][ T8463]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  269.712154][ T8463]  should_failslab+0xc2/0x120
[  269.712173][ T8463]  __kmalloc_noprof+0xd2/0x510
[  269.712194][ T8463]  tomoyo_realpath_from_path+0xc2/0x6e0
[  269.712219][ T8463]  ? tomoyo_profile+0x47/0x60
[  269.712239][ T8463]  tomoyo_path_number_perm+0x245/0x580
[  269.712259][ T8463]  ? tomoyo_path_number_perm+0x237/0x580
[  269.712282][ T8463]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  269.712304][ T8463]  ? find_held_lock+0x2b/0x80
[  269.712353][ T8463]  ? find_held_lock+0x2b/0x80
[  269.712371][ T8463]  ? hook_file_ioctl_common+0x145/0x410
[  269.712394][ T8463]  ? __fget_files+0x20e/0x3c0
[  269.712418][ T8463]  security_file_ioctl+0x9b/0x240
[  269.712443][ T8463]  __x64_sys_ioctl+0xb7/0x210
[  269.712470][ T8463]  do_syscall_64+0xcd/0x4c0
[  269.712490][ T8463]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.712507][ T8463] RIP: 0033:0x7ffa47f8ebe9
[  269.712521][ T8463] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  269.712537][ T8463] RSP: 002b:00007ffa461f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  269.712555][ T8463] RAX: ffffffffffffffda RBX: 00007ffa481b5fa0 RCX: 00007ffa47f8ebe9
[  269.712564][ T8463] RDX: 0000200000000080 RSI: 0000000080487436 RDI: 0000000000000003
[  269.712574][ T8463] RBP: 00007ffa461f6090 R08: 0000000000000000 R09: 0000000000000000
[  269.712584][ T8463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  269.712592][ T8463] R13: 00007ffa481b6038 R14: 00007ffa481b5fa0 R15: 00007fffb0b39318
[  269.712617][ T8463]  </TASK>
[  269.712849][ T8463] ERROR: Out of memory at tomoyo_realpath_from_path.
[  269.928745][   T30] audit: type=1400 audit(1756249519.862:448): avc:  denied  { connect } for  pid=8462 comm="syz.4.627" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  270.001752][   T30] audit: type=1400 audit(1756249520.112:449): avc:  denied  { ioctl } for  pid=8462 comm="syz.4.627" path="socket:[22290]" dev="sockfs" ino=22290 ioctlcmd=0x7436 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  270.052238][   T10] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  270.186326][ T5966] usb 1-1: USB disconnect, device number 35
[  270.242233][   T10] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  270.261692][   T10] usb 4-1: New USB device found, idVendor=1d34, idProduct=0004, bcdDevice= 0.00
[  270.299840][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  270.336121][   T10] usb 4-1: config 0 descriptor??
[  270.490344][   T78] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  270.580318][    T9] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  270.650458][   T78] usb 5-1: Using ep0 maxpacket: 16
[  270.664306][   T78] usb 5-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[  270.674691][   T78] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  270.684724][   T78] usb 5-1: Product: syz
[  270.691997][   T78] usb 5-1: Manufacturer: syz
[  270.698963][   T78] usb 5-1: SerialNumber: syz
[  270.710707][   T78] usb 5-1: config 0 descriptor??
[  270.719166][   T78] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected
[  270.733070][   T78] usb 5-1: Detected FT232H
[  270.743714][    T9] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  270.755149][    T9] usb 3-1: config 27 interface 0 altsetting 0 has an endpoint descriptor with address 0xF6, changing to 0x86
[  270.767813][    T9] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0
[  270.778484][    T9] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0x86 has invalid maxpacket 0
[  270.788789][    T9] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  270.840655][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  270.903726][    T9] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  270.912682][    T9] usb 3-1: invalid MIDI out EP 0
[  271.187390][ T8468] input: syz1 as /devices/virtual/input/input7
[  271.408709][   T78] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  271.417365][   T30] audit: type=1400 audit(1756249521.592:450): avc:  denied  { read } for  pid=5203 comm="acpid" name="event4" dev="devtmpfs" ino=3697 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  271.445764][   T78] ftdi_sio 5-1:0.0: GPIO initialisation failed: -71
[  271.457404][   T30] audit: type=1400 audit(1756249521.592:451): avc:  denied  { open } for  pid=5203 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=3697 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  271.458297][    T9] snd-usb-audio 3-1:27.0: probe with driver snd-usb-audio failed with error -22
[  271.481090][   T30] audit: type=1400 audit(1756249521.592:452): avc:  denied  { ioctl } for  pid=5203 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=3697 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  271.520891][   T78] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  271.536893][   T78] usb 5-1: USB disconnect, device number 26
[  271.572296][   T78] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  271.617258][    T9] usb 3-1: USB disconnect, device number 36
[  271.618153][   T78] ftdi_sio 5-1:0.0: device disconnected
[  272.118551][ T8495] bridge0: port 3(dummy0) entered disabled state
[  273.508832][ T1205] usb 4-1: USB disconnect, device number 21
[  273.872289][ T8511] block nbd4: Attempted send on invalid socket
[  273.971308][ T8511] I/O error, dev nbd4, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 3
[  274.064756][ T8511] ADFS-fs (nbd4): error: unable to read block 3, try 0
[  274.181647][ T8515] netlink: 16 bytes leftover after parsing attributes in process `syz.0.640'.
[  274.889825][ T8518] siw: device registration error -23
[  274.979845][ T8525] bridge0: port 3(dummy0) entered disabled state
[  275.015032][ T8525] ==================================================================
[  275.023112][ T8525] BUG: KASAN: slab-use-after-free in xfrm_state_find+0x7401/0x84c0
[  275.030996][ T8525] Read of size 1 at addr ffff88805417cff0 by task syz.1.642/8525
[  275.038706][ T8525] 
[  275.041012][ T8525] CPU: 0 UID: 0 PID: 8525 Comm: syz.1.642 Not tainted syzkaller #0 PREEMPT(full) 
[  275.041028][ T8525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  275.041035][ T8525] Call Trace:
[  275.041040][ T8525]  <TASK>
[  275.041045][ T8525]  dump_stack_lvl+0x116/0x1f0
[  275.041061][ T8525]  print_report+0xcd/0x630
[  275.041074][ T8525]  ? __virt_addr_valid+0x81/0x610
[  275.041091][ T8525]  ? __phys_addr+0xe8/0x180
[  275.041106][ T8525]  ? xfrm_state_find+0x7401/0x84c0
[  275.041118][ T8525]  kasan_report+0xe0/0x110
[  275.041130][ T8525]  ? xfrm_state_find+0x7401/0x84c0
[  275.041143][ T8525]  xfrm_state_find+0x7401/0x84c0
[  275.041158][ T8525]  ? __pfx_xfrm_state_find+0x10/0x10
[  275.041172][ T8525]  ? __rt6_find_exception_rcu+0x2cb/0x3c0
[  275.041190][ T8525]  ? rt6_find_cached_rt+0x1d6/0x280
[  275.041205][ T8525]  xfrm_resolve_and_create_bundle+0x4cd/0x3740
[  275.041231][ T8525]  ? __pfx_xfrm_resolve_and_create_bundle+0x10/0x10
[  275.041259][ T8525]  ? __sanitizer_cov_trace_switch+0xa/0x90
[  275.041291][ T8525]  ? find_held_lock+0x2b/0x80
[  275.041305][ T8525]  ? ip6_dst_lookup_tail.constprop.0+0x852/0x2140
[  275.041318][ T8525]  ? xfrm_expand_policies.constprop.0+0x252/0x6a0
[  275.041334][ T8525]  xfrm_lookup_with_ifid+0x2a0/0x1e40
[  275.041350][ T8525]  ? __pfx_xfrm_lookup_with_ifid+0x10/0x10
[  275.041365][ T8525]  ? __pfx_ip6_dst_lookup_tail.constprop.0+0x10/0x10
[  275.041379][ T8525]  ? trace_irq_enable.constprop.0+0x2f/0x120
[  275.041394][ T8525]  xfrm_lookup_route+0x3b/0x200
[  275.041409][ T8525]  ip6_dst_lookup_flow+0x15c/0x1d0
[  275.041420][ T8525]  ? __pfx_ip6_dst_lookup_flow+0x10/0x10
[  275.041432][ T8525]  ? rawv6_sendmsg+0xe39/0x4820
[  275.041448][ T8525]  rawv6_sendmsg+0xe85/0x4820
[  275.041466][ T8525]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  275.041481][ T8525]  ? avc_has_perm_noaudit+0x149/0x3b0
[  275.041494][ T8525]  ? avc_has_perm+0x144/0x1f0
[  275.041504][ T8525]  ? __pfx_avc_has_perm+0x10/0x10
[  275.041521][ T8525]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  275.041538][ T8525]  ? inet_sendmsg+0x11c/0x140
[  275.041553][ T8525]  inet_sendmsg+0x11c/0x140
[  275.041569][ T8525]  ____sys_sendmsg+0x973/0xc70
[  275.041584][ T8525]  ? copy_msghdr_from_user+0x10a/0x160
[  275.041595][ T8525]  ? __pfx_____sys_sendmsg+0x10/0x10
[  275.041610][ T8525]  ? find_held_lock+0x2b/0x80
[  275.041623][ T8525]  ? futex_unqueue+0x133/0x2c0
[  275.041639][ T8525]  ___sys_sendmsg+0x134/0x1d0
[  275.041651][ T8525]  ? __pfx____sys_sendmsg+0x10/0x10
[  275.041665][ T8525]  ? find_held_lock+0x2b/0x80
[  275.041681][ T8525]  __sys_sendmmsg+0x200/0x420
[  275.041694][ T8525]  ? __pfx___sys_sendmmsg+0x10/0x10
[  275.041708][ T8525]  ? __pfx_do_futex+0x10/0x10
[  275.041724][ T8525]  ? rcu_is_watching+0x12/0xc0
[  275.041741][ T8525]  ? xfd_validate_state+0x61/0x180
[  275.041757][ T8525]  ? __sys_setsockopt+0x1c0/0x230
[  275.041768][ T8525]  __x64_sys_sendmmsg+0x9c/0x100
[  275.041780][ T8525]  ? lockdep_hardirqs_on+0x7c/0x110
[  275.041791][ T8525]  do_syscall_64+0xcd/0x4c0
[  275.041804][ T8525]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  275.041815][ T8525] RIP: 0033:0x7fad9258ebe9
[  275.041825][ T8525] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  275.041836][ T8525] RSP: 002b:00007fad93371038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  275.041846][ T8525] RAX: ffffffffffffffda RBX: 00007fad927b6090 RCX: 00007fad9258ebe9
[  275.041853][ T8525] RDX: 00000000000002e9 RSI: 0000200000000480 RDI: 0000000000000008
[  275.041860][ T8525] RBP: 00007fad92611e19 R08: 0000000000000000 R09: 0000000000000000
[  275.041867][ T8525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  275.041873][ T8525] R13: 00007fad927b6128 R14: 00007fad927b6090 R15: 00007ffd2249f7c8
[  275.041883][ T8525]  </TASK>
[  275.041887][ T8525] 
[  275.406320][ T8525] Allocated by task 7222:
[  275.410617][ T8525]  kasan_save_stack+0x33/0x60
[  275.415286][ T8525]  kasan_save_track+0x14/0x30
[  275.419941][ T8525]  __kasan_slab_alloc+0x89/0x90
[  275.424760][ T8525]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  275.430189][ T8525]  xfrm_state_alloc+0x23/0x5c0
[  275.434928][ T8525]  __find_acq_core+0xb59/0x2900
[  275.439746][ T8525]  xfrm_find_acq+0x7b/0xa0
[  275.444130][ T8525]  xfrm_alloc_userspi+0x58e/0xbb0
[  275.449124][ T8525]  xfrm_user_rcv_msg+0x58e/0xc00
[  275.454028][ T8525]  netlink_rcv_skb+0x155/0x420
[  275.458763][ T8525]  xfrm_netlink_rcv+0x71/0x90
[  275.463413][ T8525]  netlink_unicast+0x5aa/0x870
[  275.468145][ T8525]  netlink_sendmsg+0x8d1/0xdd0
[  275.472877][ T8525]  ____sys_sendmsg+0xa98/0xc70
[  275.477612][ T8525]  ___sys_sendmsg+0x134/0x1d0
[  275.482267][ T8525]  __sys_sendmsg+0x16d/0x220
[  275.486830][ T8525]  do_syscall_64+0xcd/0x4c0
[  275.491315][ T8525]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  275.497177][ T8525] 
[  275.499469][ T8525] Freed by task 5908:
[  275.503416][ T8525]  kasan_save_stack+0x33/0x60
[  275.508061][ T8525]  kasan_save_track+0x14/0x30
[  275.512718][ T8525]  kasan_save_free_info+0x3b/0x60
[  275.517715][ T8525]  __kasan_slab_free+0x60/0x70
[  275.522534][ T8525]  kmem_cache_free+0x2d1/0x4d0
[  275.527265][ T8525]  xfrm_state_gc_task+0x50a/0x770
[  275.532262][ T8525]  process_one_work+0x9cf/0x1b70
[  275.537179][ T8525]  worker_thread+0x6c8/0xf10
[  275.541737][ T8525]  kthread+0x3c5/0x780
[  275.545775][ T8525]  ret_from_fork+0x5d7/0x6f0
[  275.550335][ T8525]  ret_from_fork_asm+0x1a/0x30
[  275.555072][ T8525] 
[  275.557366][ T8525] The buggy address belongs to the object at ffff88805417ccc0
[  275.557366][ T8525]  which belongs to the cache xfrm_state of size 928
[  275.571299][ T8525] The buggy address is located 816 bytes inside of
[  275.571299][ T8525]  freed 928-byte region [ffff88805417ccc0, ffff88805417d060)
[  275.585059][ T8525] 
[  275.587363][ T8525] The buggy address belongs to the physical page:
[  275.593741][ T8525] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88805417c000 pfn:0x5417c
[  275.603772][ T8525] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  275.612238][ T8525] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  275.619749][ T8525] page_type: f5(slab)
[  275.623700][ T8525] raw: 00fff00000000040 ffff8881452f5780 dead000000000122 0000000000000000
[  275.632253][ T8525] raw: ffff88805417c000 00000000800f000c 00000000f5000000 0000000000000000
[  275.640810][ T8525] head: 00fff00000000040 ffff8881452f5780 dead000000000122 0000000000000000
[  275.649459][ T8525] head: ffff88805417c000 00000000800f000c 00000000f5000000 0000000000000000
[  275.658097][ T8525] head: 00fff00000000002 ffffea0001505f01 00000000ffffffff 00000000ffffffff
[  275.666735][ T8525] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  275.675370][ T8525] page dumped because: kasan: bad access detected
[  275.681748][ T8525] page_owner tracks the page as allocated
[  275.687429][ T8525] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 6218, tgid 6214 (syz.4.62), ts 89022517545, free_ts 87472451532
[  275.706320][ T8525]  post_alloc_hook+0x1c0/0x230
[  275.711065][ T8525]  get_page_from_freelist+0x132b/0x38e0
[  275.716583][ T8525]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  275.722444][ T8525]  alloc_pages_mpol+0x1fb/0x550
[  275.727279][ T8525]  new_slab+0x247/0x330
[  275.731410][ T8525]  ___slab_alloc+0xcf2/0x1740
[  275.736323][ T8525]  __slab_alloc.constprop.0+0x56/0xb0
[  275.741671][ T8525]  kmem_cache_alloc_noprof+0xef/0x3b0
[  275.747011][ T8525]  xfrm_state_alloc+0x23/0x5c0
[  275.751766][ T8525]  xfrm_state_find+0x31e6/0x84c0
[  275.756673][ T8525]  xfrm_resolve_and_create_bundle+0x4cd/0x3740
[  275.762797][ T8525]  xfrm_lookup_with_ifid+0x2a0/0x1e40
[  275.768140][ T8525]  xfrm_lookup_route+0x3b/0x200
[  275.772962][ T8525]  ip6_dst_lookup_flow+0x15c/0x1d0
[  275.778042][ T8525]  rawv6_sendmsg+0xe85/0x4820
[  275.782704][ T8525]  inet_sendmsg+0x11c/0x140
[  275.787184][ T8525] page last free pid 5849 tgid 5849 stack trace:
[  275.793474][ T8525]  __free_frozen_pages+0x7d5/0x10f0
[  275.798661][ T8525]  __put_partials+0x165/0x1c0
[  275.803327][ T8525]  qlist_free_all+0x4d/0x120
[  275.807897][ T8525]  kasan_quarantine_reduce+0x195/0x1e0
[  275.813335][ T8525]  __kasan_slab_alloc+0x69/0x90
[  275.818160][ T8525]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  275.823594][ T8525]  getname_flags.part.0+0x4c/0x550
[  275.828681][ T8525]  getname_flags+0x93/0xf0
[  275.833066][ T8525]  vfs_fstatat+0xe1/0xf0
[  275.837284][ T8525]  __do_sys_newfstatat+0x97/0x120
[  275.842284][ T8525]  do_syscall_64+0xcd/0x4c0
[  275.846759][ T8525]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  275.852621][ T8525] 
[  275.854917][ T8525] Memory state around the buggy address:
[  275.860515][ T8525]  ffff88805417ce80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  275.868543][ T8525]  ffff88805417cf00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  275.876744][ T8525] >ffff88805417cf80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  275.884772][ T8525]                                                              ^
[  275.892454][ T8525]  ffff88805417d000: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[  275.900485][ T8525]  ffff88805417d080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  275.908511][ T8525] ==================================================================
[  275.996956][ T8525] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  276.004184][ T8525] CPU: 0 UID: 0 PID: 8525 Comm: syz.1.642 Not tainted syzkaller #0 PREEMPT(full) 
[  276.013369][ T8525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  276.023407][ T8525] Call Trace:
[  276.026684][ T8525]  <TASK>
[  276.029597][ T8525]  dump_stack_lvl+0x3d/0x1f0
[  276.034172][ T8525]  vpanic+0x6e8/0x7a0
[  276.038142][ T8525]  ? __pfx_vpanic+0x10/0x10
[  276.042641][ T8525]  ? __pfx_vprintk_emit+0x10/0x10
[  276.047666][ T8525]  ? xfrm_state_find+0x7401/0x84c0
[  276.052777][ T8525]  panic+0xca/0xd0
[  276.056513][ T8525]  ? __pfx_panic+0x10/0x10
[  276.060924][ T8525]  ? xfrm_state_find+0x7401/0x84c0
[  276.066035][ T8525]  ? preempt_schedule_common+0x44/0xc0
[  276.071479][ T8525]  ? preempt_schedule_thunk+0x16/0x30
[  276.076838][ T8525]  check_panic_on_warn+0xab/0xb0
[  276.081756][ T8525]  end_report+0x107/0x170
[  276.086066][ T8525]  kasan_report+0xee/0x110
[  276.090464][ T8525]  ? xfrm_state_find+0x7401/0x84c0
[  276.095556][ T8525]  xfrm_state_find+0x7401/0x84c0
[  276.100480][ T8525]  ? __pfx_xfrm_state_find+0x10/0x10
[  276.105750][ T8525]  ? __rt6_find_exception_rcu+0x2cb/0x3c0
[  276.111455][ T8525]  ? rt6_find_cached_rt+0x1d6/0x280
[  276.116638][ T8525]  xfrm_resolve_and_create_bundle+0x4cd/0x3740
[  276.122782][ T8525]  ? __pfx_xfrm_resolve_and_create_bundle+0x10/0x10
[  276.129361][ T8525]  ? __sanitizer_cov_trace_switch+0xa/0x90
[  276.135172][ T8525]  ? find_held_lock+0x2b/0x80
[  276.139834][ T8525]  ? ip6_dst_lookup_tail.constprop.0+0x852/0x2140
[  276.146228][ T8525]  ? xfrm_expand_policies.constprop.0+0x252/0x6a0
[  276.152628][ T8525]  xfrm_lookup_with_ifid+0x2a0/0x1e40
[  276.157988][ T8525]  ? __pfx_xfrm_lookup_with_ifid+0x10/0x10
[  276.163775][ T8525]  ? __pfx_ip6_dst_lookup_tail.constprop.0+0x10/0x10
[  276.170432][ T8525]  ? trace_irq_enable.constprop.0+0x2f/0x120
[  276.176396][ T8525]  xfrm_lookup_route+0x3b/0x200
[  276.181229][ T8525]  ip6_dst_lookup_flow+0x15c/0x1d0
[  276.186320][ T8525]  ? __pfx_ip6_dst_lookup_flow+0x10/0x10
[  276.191932][ T8525]  ? rawv6_sendmsg+0xe39/0x4820
[  276.196769][ T8525]  rawv6_sendmsg+0xe85/0x4820
[  276.201436][ T8525]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  276.206532][ T8525]  ? avc_has_perm_noaudit+0x149/0x3b0
[  276.211888][ T8525]  ? avc_has_perm+0x144/0x1f0
[  276.216545][ T8525]  ? __pfx_avc_has_perm+0x10/0x10
[  276.221559][ T8525]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  276.226656][ T8525]  ? inet_sendmsg+0x11c/0x140
[  276.231316][ T8525]  inet_sendmsg+0x11c/0x140
[  276.235806][ T8525]  ____sys_sendmsg+0x973/0xc70
[  276.240556][ T8525]  ? copy_msghdr_from_user+0x10a/0x160
[  276.245996][ T8525]  ? __pfx_____sys_sendmsg+0x10/0x10
[  276.251284][ T8525]  ? find_held_lock+0x2b/0x80
[  276.255956][ T8525]  ? futex_unqueue+0x133/0x2c0
[  276.260707][ T8525]  ___sys_sendmsg+0x134/0x1d0
[  276.265363][ T8525]  ? __pfx____sys_sendmsg+0x10/0x10
[  276.270545][ T8525]  ? find_held_lock+0x2b/0x80
[  276.275219][ T8525]  __sys_sendmmsg+0x200/0x420
[  276.279879][ T8525]  ? __pfx___sys_sendmmsg+0x10/0x10
[  276.285061][ T8525]  ? __pfx_do_futex+0x10/0x10
[  276.289723][ T8525]  ? rcu_is_watching+0x12/0xc0
[  276.294474][ T8525]  ? xfd_validate_state+0x61/0x180
[  276.299571][ T8525]  ? __sys_setsockopt+0x1c0/0x230
[  276.304574][ T8525]  __x64_sys_sendmmsg+0x9c/0x100
[  276.309490][ T8525]  ? lockdep_hardirqs_on+0x7c/0x110
[  276.314668][ T8525]  do_syscall_64+0xcd/0x4c0
[  276.319154][ T8525]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.325025][ T8525] RIP: 0033:0x7fad9258ebe9
[  276.329419][ T8525] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  276.349004][ T8525] RSP: 002b:00007fad93371038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  276.357396][ T8525] RAX: ffffffffffffffda RBX: 00007fad927b6090 RCX: 00007fad9258ebe9
[  276.365348][ T8525] RDX: 00000000000002e9 RSI: 0000200000000480 RDI: 0000000000000008
[  276.373299][ T8525] RBP: 00007fad92611e19 R08: 0000000000000000 R09: 0000000000000000
[  276.381250][ T8525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  276.389202][ T8525] R13: 00007fad927b6128 R14: 00007fad927b6090 R15: 00007ffd2249f7c8
[  276.397154][ T8525]  </TASK>
[  276.400349][ T8525] Kernel Offset: disabled
[  276.404646][ T8525] Rebooting in 86400 seconds..