last executing test programs:

13.588811913s ago: executing program 4 (id=1021):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x3, 0x4, &(0x7f0000001240)=ANY=[@ANYBLOB="85000000610000003500000000000020850000000500000095000000000000000001000000000000200ffa95b2c8c037c5a142c9a8d76287066c51adde96fcc309926fa3b4b87b3e0cc7444a2391511c97fabd5f9810e81ae0b737136ea6f7be39cd34d5ae35de38dde54704d25c79949c00a7c09cc28d7673294f42a5f0a8761b30d64b741a226de7bad76402320e13822c45c0f8612c10b1f3c075ff1ebb755a2dd5760903000000000000006c6386d7ec7209d031f40f3012e9576e51a7f578602f5807785b92e544fc46c744aeeee4418d6af3e4195cc03710212436a4ff3274cac948d85cec074c6949e1298901ebb39522f6649dd76d067a82f5fe47fe5f17f99ab1e394ab800f4104dbffff0000000000005c6d1d224b64be6c4d7f47ef21eb7e46f9aa4a9779f8555eaea768c1f2c221c410ef4b253d110ee282ab94de93d928cf95846be6277c04b4c5324812696aa89e393c941d9541c86238d0703394a90231ccca9c3499c9a4cd3cd8a4f8070000000b0800000000000000087b5efabf84960ba0e3c4c00322de328c10752a42dca52fb98c1452b6518a6ef7297f7b2744419a2f238f173d0cd46daf2fcb5500f53e7309ec91d83cf4fbf975d9c07d8d3c76e65760ff000000b78863e629b3b200000000000000000000000000008b0000000a449c810d3174c87ee545867a3126af7a8b20744ea9875b9cba735b9594aa904e5a4bb2c3dfa8ea63e3e7000860000000004a2147c1128c697d9966b3c9f0e9e203911a3fac929a4fc6e625247510bc24e20ad88d4fe6a3ae2f7967546c4aae83352106057ab9cd4b3442a5d10451b95e22f30a85f5681ca3000000000000000000000396e7b6e1aa007018f6d93e79fce95d405b809238cca421c82c96f10dfa978bee51f581d124216e8bd9b1855f77138e438bdc037865f07f98c068be4c6155ec27365410866059475714844a3ea4cbe37e0000000000ef6dc4dd63bb928ff58b3bd2a600089d172a884dcdb8b9f9050297815a371deec596838e38068b5e438cbcd585a8cf37c496a8d2dab79d4242a353917ebdf2dc7926d80260898d4e1ca5e3a833f8f65429845bc3c3092af2bc4ee7263d3cbd9cab24eafd961a2d0c7bbfca952475c7e6158bfbb32f187d18f977117101076bad4167d5559ac12ff1473fa0ac0c0e71925a25933bfe309a040034b0cc8f69074670efc8101b89477d23823605dfa8e5945c31a0225b50d18a010ecf3c349cbac4d5191c3d78726b9ab4bff5e05027ca5b338a62e955e514da8ca2846919b7b56c192bb43f7032e485cc664921b7f9133bdbc2ba3cd845997b0dd103c784a53ad0243624566e0dacfe4029ffbe59e7e7751b3a9e619107bde39bfa81791ff0e4577055528aef46891c3c49afda8137d03cf6893db7b0f1fe95f8a096159869db71853b6bb5c08ce5fc61353f1e659d7ac53f54a7e2c94cba21994930a423ac7f84ed873a76b0dda0a4b4c5f87eef3164a0c03bc2a7f08290ddf300b298de3fd9167fb8b9c2f26e27f97cf5e90586ea50b85eb5b420eebe171893782b8326148ef5f5408e4dbfdb2fbfec699e4a241291c2f43e9edbf44c0ffb8ee32a18b6e8f0b61836146e2eab9a767800c2c91190c96cf88466adf775b4cf517dc5e39be99c4ab471f381c3915203cd2f27466c8943a80ba03150699c787696de272affa4e4940e59d8b7c69f804d6d3fa7543176a4df033532e5053d72521d097dda0c7a70bd1278c61513c1b87b01d9a9ec4d5ef793096dab53d3224f245fd5d87984d58dc09d11ba0094ba8c39942be41f362e29bba1cdcf8068a4d8d67d2d6d79aa2d089bc4d475097d7523860ec41dab4fa4b0cfe674c163ad419753bd73882336d42036a179bb33162b31f2a58436ea88fba598fad987a60b1847cc63a77c2bb30477ecbeaaa590cde56be4102d0365987eed64bdf01bbd9aaeb77dde491845e612557f"], &(0x7f0000000140)='GPL\x00', 0x0, 0xe0, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffc1a, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x15)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={r0, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000000)="b9ff03076044238c9e9e15f088a8", 0x0, 0x5b5, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) (fail_nth: 4)

13.230592519s ago: executing program 4 (id=1023):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x3)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mincore(&(0x7f00005b2000/0x3000)=nil, 0x3000, 0x0)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
syz_open_dev$sndctrl(0x0, 0x1, 0x6c40)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r2, &(0x7f0000000080), 0x10)
sendmsg$can_bcm(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)={0x5, 0x0, 0x0, {}, {}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "f8ca44dfaa00"}}, 0x48}, 0x1, 0x0, 0x0, 0x48850}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r3=>0x0})
sendmsg$can_bcm(r2, &(0x7f00000001c0)={&(0x7f0000000040)={0x1d, r3}, 0x10, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB='\a'], 0x48}}, 0x0)
sendmsg$can_raw(r1, &(0x7f0000000340)={&(0x7f0000000100)={0x1d, r3}, 0x10, &(0x7f0000000280)={&(0x7f0000000200)=@canfd={{0x1, 0x1}, 0x28, 0x3, 0x0, 0x0, "a88d8132bbdef90fb16e64c4aec7b06eb531fa63ff5da2defa6c5fd9592fdd0f22d1891ab0ffe815cb6347bc8a1cfa3a91f06df8f985c6eebd8b65349f8b1de0"}, 0x48}, 0x1, 0x0, 0x0, 0x4000080}, 0x8801)
syz_open_dev$sndpcmp(0x0, 0x0, 0xa2c65)
futex(0x0, 0x80, 0x0, 0x0, 0x0, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000080)={0x54, 0x0, &(0x7f0000000500)=[@release={0x40046306, 0x3}, @transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40}], 0x0, 0x0, 0x0})
r6 = openat$cuse(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
read$FUSE(r6, &(0x7f0000004bc0)={0x2020, 0x0, <r7=>0x0, <r8=>0x0, <r9=>0x0}, 0x2020)
r10 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r10, 0x1, r6, 0x0)
write$FUSE_ATTR(r6, &(0x7f0000000080)={0x78, 0x0, r7, {0x18, 0xc099, 0x0, {0x3, 0x100, 0x91d, 0x7f, 0x8, 0x9, 0xd, 0x4, 0x0, 0x8000, 0x3, r8, r9, 0x5, 0x2}}}, 0x78)

12.701792232s ago: executing program 4 (id=1025):
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r1, 0x0, r0, 0x0, 0x6, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000100)=0x3ff)
fcntl$setstatus(r0, 0x4, 0x7c00)

11.609199174s ago: executing program 0 (id=1033):
r0 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet_sctp(r0, &(0x7f00000024c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000100)='a', 0x1}], 0x1}], 0x1, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x4, &(0x7f0000000080)=[{&(0x7f0000000200)="2e0400001d008104e00c80ecdb4cb9f207c804a00d00000088080efb0a0002000a0ada1b40d80800c500c50083b8", 0xfec9}], 0x1, 0x0, 0x0, 0x5865}, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00', <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000005c0)=@newlink={0x48, 0x10, 0x503, 0x0, 0x4, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r3}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)
setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000000000)=0x7ff, 0x4)
setsockopt$inet_sctp_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000180)={0x0, 0x20, 0x8f, 0x2, 0x0, 0x0, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x4}, 0xe)
r5 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x8801, 0x0)
ioctl$TCSETAF(r5, 0x5408, &(0x7f0000000400)={0x100, 0x0, 0x0, 0x7b, 0x3, "f6a6946c9832508c"})
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000100000000000000000000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r6}, 0x10)
writev(r5, &(0x7f0000000340)=[{&(0x7f0000000100)="1876d433", 0x4}], 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r7, &(0x7f0000019680)=""/102392, 0x18ff8)
timerfd_create(0x2, 0x0)
r8 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x48400, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r8, 0xc0045006, &(0x7f0000000080)=0x7f)
ioctl$SNDCTL_DSP_SPEED(r8, 0xc0045002, &(0x7f00000000c0))
read$dsp(r8, &(0x7f00000011c0)=""/4117, 0x200021d5)
creat(&(0x7f0000000000)='./file0\x00', 0xc2)
mount(&(0x7f00000003c0)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000240)='./file0\x00', &(0x7f0000000380)='vxfs\x00', 0x1000000, 0x0)

10.149946321s ago: executing program 0 (id=1037):
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f00000000c0)=@name={0x1e, 0x2, 0x3, {{0x42, 0x1}, 0x2}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x0, 0x3}, 0x10)
r1 = syz_io_uring_setup(0x109, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000240)='/sys/power/wakeup_count', 0x302, 0x0)
r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r5, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_KICK(r5, 0x4008af20, &(0x7f0000000cc0)={0x1, r4})
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x2, 0x19, &(0x7f0000000380)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x6a, 0x0, 0x0, 0x0, 0x7}, {}, {}, [@exit, @generic={0x3, 0x0, 0x3, 0x4, 0x2}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000040)='GPL\x00', 0xfff, 0x0, 0x0, 0x41100, 0x25, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x8, &(0x7f0000000100)={0x0, 0x4}, 0x8, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x5, &(0x7f00000001c0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, r1, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0x1, 0xffffffffffffffff], &(0x7f0000000200)=[{0x5, 0x1, 0x4, 0x5}, {0x0, 0x4, 0x7, 0x3}, {0x4, 0x5, 0xe, 0x8}, {0x3, 0x2, 0x5, 0xb}, {0x3, 0x5, 0x10, 0x6}], 0x10, 0xff, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000780)={r6, 0x0, 0xbd, 0x4d, &(0x7f0000000540)="e95211a77ffb8aa6babcbc715d3705afff839af7bb314577079179767a2a2766a54e061cf85782be69d31607e7921cad49351fee52dc950ca43715cde559c38d879c9c5e288b97e780185868242eca7d46eb2ade86781472faee65b144501cdbc6d5fe37b1990edd2c7fcbe8df9d59f19bf394ad38c5bd56d80067d9dae4c6239a753aac9cd38922ac7225f6b613db4a50aa0f3e402c5f540a424321620797e3992f28b48d2ca921129eb164a256b8030e766a73f7334b3caa5d7ebb46", &(0x7f0000000600)=""/77, 0x0, 0x0, 0x68, 0x71, &(0x7f0000000680)="9edb2a7a238d0ed0f32928fcc9084292f1e758e839d5fcc92911ffa5c152c8122e1e12b71bed217e2ace769151dc8bf195e1757649133cf1811b4882411a791b26c693372902911cb1b12ca72d0c8c6abf9bb45c4c3873ce55219e1fc734188ef50343cbb9703b0f", &(0x7f0000000700)="b6acdbfca59d2871d1267efae3d0855e4683f2dc4d48bf2bebaf798ebbd7c6116f401eee8fb4ae4dc933396a89146526e72018ceddd860cd3fecf123ba5f2ddd657f0fb2cc18dcbcd54ae8016ca11d54106cf6669dd3e2ebb9fd5cc282fc4ff7552a8aa19c3f235c64647b4e4c514e3cbb", 0x2, 0x0, 0x3}, 0x50)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
syz_usb_connect(0x0, 0x34, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100002c464708c2153b003e66010203010902220001000000000904000001e3fe11000905000000000000000705936b90"], 0x0)

9.273921465s ago: executing program 2 (id=1038):
r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000040)=0xe4)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000340)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 'syz1\x00', 0x0, 0x8}) (async)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85513, &(0x7f0000000540)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x801, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2e69, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x100000001]})

9.255077887s ago: executing program 4 (id=1039):
socket(0xa, 0x6, 0x0)
r0 = syz_usb_connect(0x0, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000ad183840f30c02102c4f0000000109022400fe000000000904fa"], 0x0)
syz_usb_disconnect(r0)
r1 = socket$alg(0x26, 0x5, 0x0)
accept4(0xffffffffffffffff, &(0x7f0000000000)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast1}}}, 0x0, 0x800)
accept4(r1, 0x0, 0x0, 0x0)
sendmsg$TCPDIAG_GETSOCK(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x52, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="000000000000000000d50d000000006203000601e1dd661b58df28331e"], 0x54}, 0x1, 0x0, 0x0, 0x880}, 0x0)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x20605)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue1\x00'})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
r5 = socket(0x10, 0x2, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000300)={0x4}, 0x10)
write(r5, &(0x7f0000000040)="1c0000001a009b8a14e5f40704000000000000000001000300000000", 0x1c)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a40)={0x38, r7, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_SPEED={0x8}, @ETHTOOL_A_LINKMODES_OURS={0x4}]}, 0x38}, 0x1, 0x0, 0x0, 0x20040004}, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x200007fd, 0x0, 0x0)
getsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000340)=""/106, &(0x7f0000000040)=0x6a)
writev(r2, 0x0, 0x0)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @private=0xa010101}, 0x10)
r8 = landlock_create_ruleset(&(0x7f0000006f80)={0x0, 0x3}, 0x10, 0x0)
landlock_add_rule$LANDLOCK_RULE_NET_PORT(r8, 0x2, &(0x7f0000000100)={0x1}, 0x0)

9.224067577s ago: executing program 2 (id=1040):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000040)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_VFIO_IOAS$SET(r0, 0x3b88, &(0x7f00000000c0)={0xc, r1})
socket$inet6_sctp(0xa, 0x1, 0x84)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000140)={0xc})
r3 = openat$ptmx(0xffffffffffffff9c, 0x0, 0xfc4db2a4f972f9a2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
fcntl$setown(r3, 0x8, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_dev$sndpcmp(0x0, 0x0, 0x230484)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r5 = io_uring_setup(0x4c03, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x200})
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r7, 0x5, &(0x7f00000005c0)='fd', 0x0, r6)
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)

8.7972367s ago: executing program 2 (id=1041):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000040)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_VFIO_IOAS$SET(r0, 0x3b88, &(0x7f00000000c0)={0xc, r1})
socket$inet6_sctp(0xa, 0x1, 0x84)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000140)={0xc})
r3 = openat$ptmx(0xffffffffffffff9c, 0x0, 0xfc4db2a4f972f9a2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, 0x0)
fcntl$setown(r3, 0x8, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_dev$sndpcmp(0x0, 0x0, 0x230484)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r5 = io_uring_setup(0x4c03, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x200})
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r7, 0x5, &(0x7f00000005c0)='fd', 0x0, r6)
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)

8.294692172s ago: executing program 1 (id=1042):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7, @void, @value}, 0x94)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x2)
epoll_create(0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000180)={'wlan0\x00'})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x2, 0x4})
r4 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
pwrite64(r4, &(0x7f0000000080)='3', 0x1, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f0000000240)={'ip6tnl0\x00', &(0x7f00000000c0)={'ip6gre0\x00', 0x0, 0x4, 0x9, 0x5b, 0x8, 0x50, @local, @private1, 0x7800, 0x80, 0x5, 0x1}})
clock_gettime(0x0, &(0x7f00000001c0)={<r5=>0x0, <r6=>0x0})
ioctl$vim2m_VIDIOC_DQBUF(r4, 0xc0585611, &(0x7f0000000240)=@mmap={0x1, 0x2, 0x4, 0x10000, 0xc, {r5, r6/1000+60000}, {0x1, 0x1, 0xff, 0x0, 0xff, 0x77, "f2da2199"}, 0x9})
r7 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r7, 0xc04064a0, &(0x7f0000000700)={0x0, &(0x7f0000000140)=[<r8=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r3, 0xc01c64a3, &(0x7f0000000100)={0x3, r8, 0x0, 0x7ffffe02, 0xb, 0x1fd, 0x1})
syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={<r9=>0xffffffffffffffff})
ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r9, 0x541b, &(0x7f0000000000)={<r10=>0xffffffffffffffff, 0x3})
close_range(r10, 0xffffffffffffffff, 0x0)

7.419785653s ago: executing program 0 (id=1044):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
socket$igmp(0x2, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
sched_setscheduler(r0, 0x1, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
socket$vsock_stream(0x28, 0x1, 0x0)
accept4$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
close_range(r5, 0xffffffffffffffff, 0x0)
open(&(0x7f00009e1000)='./file0\x00', 0x8060, 0x0)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB, @ANYRESHEX=r6, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
write$FUSE_INIT(r6, &(0x7f00000000c0)={0x50, 0x0, 0x0, {0x7, 0x1f, 0x0, 0x7ab78c4493c52f9b, 0x0, 0x0, 0x0, 0x5}}, 0x50)
r7 = socket$inet6(0xa, 0x2, 0x3a)
bind$inet6(r7, &(0x7f0000000000)={0xa, 0x4e23, 0xfffffffc, @local, 0x4}, 0x1c)

7.26188195s ago: executing program 2 (id=1045):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, 0x0, 0x0)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
prctl$PR_SET_IO_FLUSHER(0x43, 0x1)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
prctl$PR_SET_IO_FLUSHER(0x43, 0x0)
execveat$binfmt(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x19, 0x4, 0x8, 0x7fff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

5.731564147s ago: executing program 0 (id=1046):
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_PATH_EMPTY(0xffffffffffffffff, 0x4, &(0x7f0000000400)='HMARK\x00', &(0x7f00000004c0)='./file0\x00', 0xffffffffffffffff)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x5, 0xc800)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='rpc_request\x00', r0, 0x0, 0x7}, 0x18)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = syz_open_dev$video4linux(&(0x7f0000001200), 0x1000, 0x80000)
ioctl$VIDIOC_SUBDEV_DV_TIMINGS_CAP(r2, 0xc0905664, &(0x7f0000000000)={0x0, 0x0, '\x00', @bt={0x4, 0x0, 0x8, 0x5, 0x100000000, 0x1, 0x1b, 0x8}})
r3 = gettid()
timer_create(0x8, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0xde02})
sched_setscheduler(r3, 0x3, 0x0)
preadv(r1, &(0x7f00000002c0)=[{&(0x7f0000000300)=""/133, 0x85}], 0x1, 0x0, 0x0)
syz_usb_connect(0x0, 0x4b, &(0x7f00000004c0)=ANY=[@ANYBLOB="120100003f9aab106d04f0080d5001020301090239000100"], 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
getsockopt$bt_BT_FLUSHABLE(r4, 0x112, 0x8, &(0x7f0000000080)=0x4ee, &(0x7f0000000140)=0x4)
socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r5 = syz_open_dev$dri(&(0x7f00000000c0), 0x1800001ff, 0xa000)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f00000003c0)={0x0, &(0x7f0000000300), &(0x7f0000000340)=[<r6=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r5, 0xc05064a7, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x59, 0x0, 0x0, <r7=>0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000})
ioctl$DRM_IOCTL_MODE_GETENCODER(0xffffffffffffffff, 0xc01464a6, &(0x7f0000000180)={r7})
socket$nl_route(0x10, 0x3, 0x0)
socket$inet(0x2, 0x2000080001, 0x84)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, 0x0, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x6})

5.65610776s ago: executing program 1 (id=1047):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030100000000008500000085512b4b2a90c3947965cd80009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r0 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000900)=@newqdisc={0x1c4, 0x24, 0x800, 0x4, 0x0, {0x0, 0x0, 0x0, r1, {0xc, 0xf}, {0xffff, 0xffff}, {0xc}}, [@TCA_STAB={0x1a0, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xb1, 0x0, 0x8, 0xe, 0x2, 0x7, 0x24e6, 0x4}}, {0xc, 0x2, [0x6f, 0x200, 0x101, 0x9]}}, {{0x1c, 0x1, {0x6, 0x7, 0x6, 0x3, 0x0, 0x8, 0xa, 0x4}}, {0xc, 0x2, [0x9, 0x8, 0x0, 0xd942]}}, {{0x1c, 0x1, {0x80, 0x1, 0x6562, 0x40, 0x1, 0xc6db, 0x0, 0x4}}, {0xc, 0x2, [0x2, 0xce4, 0x400, 0x0]}}, {{0x1c, 0x1, {0xc, 0xfe, 0xe, 0x20004000, 0x1, 0x1, 0x7, 0x2}}, {0x8, 0x2, [0x3, 0x5]}}, {{0x1c, 0x1, {0x3, 0x9, 0x1ff, 0x315, 0x0, 0x6, 0x3, 0x5}}, {0xe, 0x2, [0xf7c, 0x5, 0x7, 0x8, 0x20]}}, {{0x1c, 0x1, {0xf, 0x5, 0x2, 0xb0, 0x2, 0x8, 0x5, 0x2}}, {0x8, 0x2, [0x0, 0xfff7]}}, {{0x1c, 0x1, {0x40, 0x0, 0x1, 0x7, 0x2, 0x7, 0x39, 0x3}}, {0xa, 0x2, [0xb6, 0x2, 0x5]}}, {{0x1c, 0x1, {0x8, 0x1, 0x7, 0x100, 0x1, 0x2, 0x6, 0x5}}, {0xe, 0x2, [0xb, 0x3ff, 0xa4, 0x101, 0x1]}}, {{0x1c, 0x1, {0x8, 0x81, 0x7, 0x200, 0x2, 0x4d6, 0xffffff32, 0xa}}, {0x18, 0x2, [0xb71e, 0x2, 0x7, 0xf4cb, 0xa, 0x4, 0x2, 0x9, 0x80, 0x2]}}, {{0x5e, 0x1, {0x7, 0xe9, 0x1, 0x101, 0x1, 0x7b, 0xbf0f, 0x4}}, {0xc, 0x2, [0xfffe, 0x14f5, 0x3, 0x4]}}]}]}, 0xffffffffffffffbb}}, 0x20000000)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000002a80)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0xfff3}, {}, {0xc, 0xc}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ENC_UDP_SRC_PORT={0x6}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40010}, 0x44050)
io_setup(0x409, &(0x7f0000000600))
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x101002)
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x109842, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r2, 0xc0045005, &(0x7f0000000000)=0x400)
pwrite64(0xffffffffffffffff, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000001380)=""/140, 0x8c}], 0x1)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
shmget(0x3, 0x1000, 0x0, &(0x7f0000ffc000/0x1000)=nil)
io_submit(0x0, 0x11, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
r4 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x16, 0x13, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000003b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000001100000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7020000020000008500000086000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r6, 0xfca804a0, 0x8, 0x8, &(0x7f00000002c0)="b8000005000000a9", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
preadv(r4, &(0x7f0000000340)=[{&(0x7f0000000080)=""/82, 0x52}], 0x1, 0x0, 0x0)
close(0xffffffffffffffff)
write(0xffffffffffffffff, 0x0, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f00000014c0)={0x0, 0xffffffff, 0x0, 0x0, 0x0, "076a1400"})
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, "000080f100df000000a7d9de16c708db7200"})

5.368185454s ago: executing program 3 (id=1048):
socket$igmp(0x2, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r3, 0x28, 0x1, &(0x7f0000000380)=0xffffffff00000041, 0x8)
bind$vsock_stream(r3, &(0x7f0000000440), 0x10)
listen(r3, 0x0)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r4, &(0x7f00000002c0)=[{0x0}], 0x1)

3.96274091s ago: executing program 3 (id=1049):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="340000003b0007015005068a00000000047c0000040000000c00018006000600080600"], 0x34}}, 0xc000)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = syz_open_dev$midi(&(0x7f00000001c0), 0x2, 0x40c01)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=@newlink={0x40, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @gre={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_IFLAGS={0x6, 0x2, 0x7ed}, @IFLA_GRE_OFLAGS={0x6, 0x3, 0x100}]}}}]}, 0x40}, 0x1, 0xba01}, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_STATUS64(r2, 0xc0385720, &(0x7f0000000100))
writev(r2, &(0x7f00000000c0)=[{&(0x7f0000000000)="2d3a99f744d32053ce9125c13311c2af132d2f47f8258f3bb14b7ed98741a506ad9b0446dc1a1427a1314dc05336a44e73a1fc9e15cad569794dcd18e82b4e60bb4d5152a34fc667af80c18b1a8cde80f590271c4258d973a0a5421236a9c54e1f5310aee809929fd8b031db4e280166281db6d243116758c6c3602f42668cb8e4df719f97398e7b0530854b1507b8bfb0764029a4bd6ccc54add3ae8b3bce27ff051705a94a78ae6c6c46c64e6029fc2fb6", 0x2}], 0x10000000000001be)
r4 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$nl_route(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)=ANY=[@ANYRESOCT=r1, @ANYRES16=r1, @ANYRES8], 0x3c}}, 0x4040000)

3.889696895s ago: executing program 4 (id=1050):
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r1, 0x0, r0, 0x0, 0x6, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000100)=0x3ff)
fcntl$setstatus(r0, 0x4, 0x7c00)
dup3(r1, r0, 0x0)

3.715512098s ago: executing program 3 (id=1051):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7, @void, @value}, 0x94)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x2)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000180)={'wlan0\x00'})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x2, 0x4})
r5 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
pwrite64(r5, &(0x7f0000000080)='3', 0x1, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r5, 0x89f1, &(0x7f0000000240)={'ip6tnl0\x00', &(0x7f00000000c0)={'ip6gre0\x00', 0x0, 0x4, 0x9, 0x5b, 0x8, 0x50, @local, @private1, 0x7800, 0x80, 0x5, 0x1}})
clock_gettime(0x0, &(0x7f00000001c0)={<r6=>0x0, <r7=>0x0})
ioctl$vim2m_VIDIOC_DQBUF(r5, 0xc0585611, &(0x7f0000000240)=@mmap={0x1, 0x2, 0x4, 0x10000, 0xc, {r6, r7/1000+60000}, {0x1, 0x1, 0xff, 0x0, 0xff, 0x77, "f2da2199"}, 0x9})
r8 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r8, 0xc04064a0, &(0x7f0000000700)={0x0, &(0x7f0000000140)=[<r9=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r4, 0xc01c64a3, &(0x7f0000000100)={0x3, r9, 0x0, 0x7ffffe02, 0xb, 0x1fd, 0x1})
syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={<r10=>0xffffffffffffffff})
ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r10, 0x541b, &(0x7f0000000000)={<r11=>0xffffffffffffffff, 0x3})
close_range(r11, 0xffffffffffffffff, 0x0)

3.040583591s ago: executing program 3 (id=1052):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = syz_init_net_socket$ax25(0x3, 0x5, 0xc4)
ioctl$SIOCAX25CTLCON(r1, 0x89e9, &(0x7f0000000000)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bcast, @bcast, 0x0, 0x0, 0x0, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}]})
r2 = syz_init_net_socket$ax25(0x3, 0x2, 0x3a)
ioctl$SIOCAX25ADDUID(r2, 0x89e7, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
getpeername$ax25(r2, 0xfffffffffffffffd, &(0x7f0000000080))
r3 = syz_open_dev$amidi(&(0x7f0000000000), 0x2, 0x2c02)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r3, 0xc0305710, &(0x7f0000000040)={0xdcb6cb7f03703c88, 0x0, 0x3, 0x0, 0xeb})
setresgid(0xee00, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
connect$packet(r4, &(0x7f0000000200)={0x1f, 0xf8, 0x0, 0x1, 0x2}, 0x14)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r5)
sendmsg$NLBL_MGMT_C_ADDDEF(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)={0x3c, r6, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_DOMAIN={0x5, 0x1, '\x00'}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @multicast2}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_MGMT_A_FAMILY={0x6}]}, 0x3c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
shutdown(r4, 0x1)
syz_emit_ethernet(0x6a, &(0x7f0000000000)={@broadcast, @random="1704b45adbde", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x5c, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xe0, 0x0, 0xe000, {0x10, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty=0xac1414aa, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@timestamp_prespec={0x44, 0x2c, 0x0, 0x3, 0x0, [{@rand_addr=0x64010100}, {@remote}, {@multicast1}, {@dev}, {@empty}]}]}}}}}}}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000480)={&(0x7f0000000840)=ANY=[@ANYBLOB], 0x0, 0x2d, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)

2.557819218s ago: executing program 3 (id=1053):
socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x7c8)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x8845)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFULNL_MSG_CONFIG(r4, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
sendmsg$netlink(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)={0xa4, 0x25, 0x1, 0x0, 0x0, "", [@nested={0x94, 0x0, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@dev}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a"]}]}, 0xa4}], 0x1}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'veth1_to_team\x00'})
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000ab4000000060a01040000000000000000020000280900010073797a30000000000900020073797a320000000088000480100001800c000100636f756e7465720014000180090001006d6173710000000004000280600001800a0001006c696d6974000000500002800c000140000000000000000808000440000000010c00014000000000000080010c00024000000000000000090800034000000fba0c00024000000000000000000c000140000000000000000714000000110001"], 0xdc}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0xff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x3, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$NFT_MSG_GETRULE(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000190a01020000"], 0x14}}, 0x0)

2.472806194s ago: executing program 1 (id=1054):
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r0 = syz_io_uring_setup(0x10e, &(0x7f0000000140), &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000000)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_SHUTDOWN={0x22, 0x13})
io_uring_enter(r0, 0x47f9, 0x0, 0x0, 0x0, 0x0)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c)

2.309968849s ago: executing program 2 (id=1055):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000002000)={0x180, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x74, 0xe, {{{}, {0x7fff}, @device_a, @device_b}, 0x0, @default, 0x130, @val={0x0, 0x6, @default_ibss_ssid}, @val, @void, @void, @void, @val={0x5, 0x3}, @val={0x25, 0x3, {0x0, 0xb5, 0x33}}, @val={0x2a, 0x1}, @void, @val={0x2d, 0x1a}, @val={0x72, 0x6}, @val={0x71, 0x7}, @val={0x76, 0x6}}}, @NL80211_ATTR_PROBE_RESP={0x37, 0x91, "b2edba9e12112dc1d8790a347a876113631dcf8ed9e83c88fea135dbceccf1ced4aa94577c1d1104705dea5a446adaabd6f724"}, @NL80211_ATTR_FTM_RESPONDER={0xa8, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_CIVICLOC={0x9e, 0x3, "648d8595f53ade838d0ca006a7367e7ede66b8704f33a03f1a86aeb1389eeb904dbdbd5309fadbd14e4a4a59d1293f48b552b62731fb459542cc7908b2b1d2665900e84e9a60ec2e5d9f58f99b06ed538b920ffaeebd2d72be2d1d662f6fad3bf810c7bbfe695f3ae5efaf7c73ed126663af6584dddd17a01be30243ab0ae5e3f55cedc4fcad5884646dd0543e9ce783a193e8a8be273c29ed40"}, @NL80211_FTM_RESP_ATTR_ENABLED={0x4}]}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}]}, 0x180}}, 0x0) (fail_nth: 4)

2.217412491s ago: executing program 1 (id=1056):
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = open(&(0x7f0000000180)='./file0\x00', 0x103042, 0x10)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x2000002, 0x4052, r0, 0x0)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000200)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mmap(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r2 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
ioctl$F2FS_IOC_COMPRESS_FILE(r2, 0xf518, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x103042, 0x0)
openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
r6 = syz_io_uring_setup(0x46bb, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000040)=<r7=>0x0, &(0x7f0000000140)=<r8=>0x0)
r9 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r9, 0x0, &(0x7f0000000680)={&(0x7f0000002280)=@sco, 0x80, 0x0}})
io_uring_enter(r6, 0x291c, 0x0, 0x0, 0x0, 0x0)

2.180962168s ago: executing program 0 (id=1057):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x3)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mincore(&(0x7f00005b2000/0x3000)=nil, 0x3000, 0x0)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
syz_open_dev$sndctrl(0x0, 0x1, 0x6c40)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r2, &(0x7f0000000080), 0x10)
sendmsg$can_bcm(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0}, 0x1, 0x0, 0x0, 0x48850}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r3=>0x0})
sendmsg$can_bcm(r2, &(0x7f00000001c0)={&(0x7f0000000040)={0x1d, r3}, 0x10, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB='\a'], 0x48}}, 0x0)
sendmsg$can_raw(r1, &(0x7f0000000340)={&(0x7f0000000100)={0x1d, r3}, 0x10, &(0x7f0000000280)={&(0x7f0000000200)=@canfd={{0x1, 0x1}, 0x28, 0x3, 0x0, 0x0, "a88d8132bbdef90fb16e64c4aec7b06eb531fa63ff5da2defa6c5fd9592fdd0f22d1891ab0ffe815cb6347bc8a1cfa3a91f06df8f985c6eebd8b65349f8b1de0"}, 0x48}, 0x1, 0x0, 0x0, 0x4000080}, 0x8801)
syz_open_dev$sndpcmp(0x0, 0x0, 0xa2c65)
futex(0x0, 0x80, 0x0, 0x0, 0x0, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, 0x0)
r6 = openat$cuse(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
read$FUSE(r6, &(0x7f0000004bc0)={0x2020}, 0x2020)
r7 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r6, &(0x7f0000000040))

1.474621546s ago: executing program 2 (id=1058):
r0 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet_sctp(r0, &(0x7f00000024c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000100)='a', 0x1}], 0x1}], 0x1, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x4, &(0x7f0000000080)=[{&(0x7f0000000200)="2e0400001d008104e00c80ecdb4cb9f207c804a00d00000088080efb0a0002000a0ada1b40d80800c500c50083b8", 0xfec9}], 0x1, 0x0, 0x0, 0x5865}, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00', <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000005c0)=@newlink={0x48, 0x10, 0x503, 0x0, 0x4, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r3}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)
setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000000000)=0x7ff, 0x4)
setsockopt$inet_sctp_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000180)={0x0, 0x20, 0x8f, 0x2, 0x0, 0x0, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x4}, 0xe)
r5 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x8801, 0x0)
ioctl$TCSETAF(r5, 0x5408, &(0x7f0000000400)={0x100, 0x0, 0x0, 0x7b, 0x3, "f6a6946c9832508c"})
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000100000000000000000000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r6}, 0x10)
writev(r5, &(0x7f0000000340)=[{&(0x7f0000000100)="1876d433", 0x4}], 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r7, &(0x7f0000019680)=""/102392, 0x18ff8)
timerfd_create(0x2, 0x0)
r8 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x48400, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r8, 0xc0045006, &(0x7f0000000080)=0x7f)
ioctl$SNDCTL_DSP_SPEED(r8, 0xc0045002, &(0x7f00000000c0))
read$dsp(r8, &(0x7f00000011c0)=""/4117, 0x200021d5)
creat(&(0x7f0000000000)='./file0\x00', 0xc2)
mount(&(0x7f00000003c0)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000240)='./file0\x00', &(0x7f0000000380)='vxfs\x00', 0x1000000, 0x0)

838.278438ms ago: executing program 1 (id=1059):
socket$inet(0x2, 0xa, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
ptrace$peekuser(0x3, r0, 0xbf)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r2, 0x0, 0x18)
write$binfmt_script(r2, &(0x7f0000000000), 0x4)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0)
clock_nanosleep(0xfffffffa, 0x0, &(0x7f0000000080)={0x77359400}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
ioctl$BINDER_GET_FROZEN_INFO(r1, 0xc00c620f, &(0x7f0000000040)={r0})
ioctl$EVIOCSFF(r6, 0x40304580, &(0x7f0000000b40)={0x55, 0xa32d, 0x1, {0x402, 0x1}, {0x46, 0x4}, @ramp={0x4, 0xfff7, {0x3, 0x9, 0x6, 0x7}}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10)
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), r7)
r8 = socket(0x1e, 0x1, 0x0)
connect$tipc(r8, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r8, &(0x7f0000000080), 0x2000011a)

835.915037ms ago: executing program 3 (id=1060):
creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x4010, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}], [], 0x6b}})
chmod(&(0x7f0000000140)='./file0\x00', 0x0)
r3 = open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0)
write$binfmt_misc(r3, &(0x7f0000000300), 0x4) (fail_nth: 4)

784.147892ms ago: executing program 4 (id=1061):
socket(0xa, 0x6, 0x0)
r0 = syz_usb_connect(0x0, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000ad183840f30c02102c4f0000000109022400fe000000000904fa"], 0x0)
syz_usb_disconnect(r0)
r1 = socket$alg(0x26, 0x5, 0x0)
accept4(0xffffffffffffffff, &(0x7f0000000000)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast1}}}, 0x0, 0x800)
accept4(r1, 0x0, 0x0, 0x0)
sendmsg$TCPDIAG_GETSOCK(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x52, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="000000000000000000d50d000000006203000601e1dd661b58df28331e"], 0x54}, 0x1, 0x0, 0x0, 0x880}, 0x0)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x20605)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue1\x00'})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
r5 = socket(0x10, 0x2, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000300)={0x4}, 0x10)
write(r5, &(0x7f0000000040)="1c0000001a009b8a14e5f40704000000000000000001000300000000", 0x1c)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a40)={0x38, r7, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_SPEED={0x8}, @ETHTOOL_A_LINKMODES_OURS={0x4}]}, 0x38}, 0x1, 0x0, 0x0, 0x20040004}, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x200007fd, 0x0, 0x0)
getsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000340)=""/106, &(0x7f0000000040)=0x6a)
writev(r2, 0x0, 0x0)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @private=0xa010101}, 0x10)
r8 = landlock_create_ruleset(&(0x7f0000006f80)={0x0, 0x3}, 0x10, 0x0)
landlock_add_rule$LANDLOCK_RULE_NET_PORT(r8, 0x2, &(0x7f0000000100)={0x1}, 0x0)

712.635319ms ago: executing program 1 (id=1062):
fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00'})
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x1f, @ipv4={'\x00', '\xff\xff', @dev}, 0x8001}, 0x1c)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000140)={0x2, 0x3, 0x0, 0x0, 0x10, 0x0, 0x0, 0xfffffffd, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @loopback}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0xc, 0x60000002}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x4e22, 0x0, @loopback}}, @sadb_x_sa2={0x2, 0x13, 0xf7, 0x0, 0x0, 0x70bd28, 0x23e}]}, 0x80}, 0x1, 0x7}, 0x0)

0s ago: executing program 0 (id=1063):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x298})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
r1 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x83)
ioctl$EVIOCREVOKE(r1, 0x40044591, &(0x7f0000000080)=0x1)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB='P\x00\x00'], 0x50}, 0x1, 0x0, 0x0, 0x10004000}, 0x40000)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
pipe(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_io_uring_setup(0x110, &(0x7f0000000140)={0x0, 0x0, 0x1, 0x0, 0x1}, &(0x7f0000000480)=<r5=>0x0, &(0x7f0000000500)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000580), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_GET_ADDR(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000c00)={0x14, r8, 0x680822d7e3b5f37d}, 0x14}}, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x2, 0x0, 0x5, 0x0, 0x0})
io_uring_enter(r4, 0x47f6, 0x0, 0x0, 0x0, 0x0)
connect$tipc(0xffffffffffffffff, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)

kernel console output (not intermixed with test programs):

87.007037][   T48] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  287.014972][   T48] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[  287.028242][ T5836] usb 4-1: USB disconnect, device number 27
[  288.119158][    T8] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  288.219801][   T29] audit: type=1400 audit(1731953609.888:2218): avc:  denied  { write } for  pid=8869 comm="syz.2.795" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  288.240112][   T29] audit: type=1400 audit(1731953609.988:2219): avc:  denied  { setopt } for  pid=8865 comm="syz.4.793" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  288.281465][    T8] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  288.299360][    T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  288.329451][   T29] audit: type=1400 audit(1731953609.988:2220): avc:  denied  { write } for  pid=8865 comm="syz.4.793" path="socket:[23042]" dev="sockfs" ino=23042 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  288.668613][    T8] usb 1-1: config 0 descriptor??
[  288.912047][    T8] [drm] vendor descriptor length:e0 data:00 00 00 00 00 00 00 00 00 00 00
[  288.931891][    T8] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[  289.929160][    T8] [drm] Initialized udl 0.0.1 for 1-1:0.0 on minor 2
[  289.938902][    T8] [drm] Initialized udl on minor 2
[  289.944503][    T8] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  289.952881][    T8] udl 1-1:0.0: [drm] Cannot find any crtc or sizes
[  289.963142][    T8] usb 1-1: USB disconnect, device number 33
[  290.344139][ T5876] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  290.352167][ T5876] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffed
[  290.360059][ T5876] udl 1-1:0.0: [drm] Cannot find any crtc or sizes
[  290.395630][ T8888] netlink: 56 bytes leftover after parsing attributes in process `syz.2.800'.
[  290.771618][   T29] kauditd_printk_skb: 3 callbacks suppressed
[  290.817139][   T29] audit: type=1400 audit(1731953613.638:2224): avc:  denied  { write } for  pid=8894 comm="syz.2.802" path="socket:[22313]" dev="sockfs" ino=22313 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  291.287781][ T8904] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  292.192562][ T8910] xt_CT: No such helper "netbios-ns"
[  292.451106][   T48] usb 1-1: new full-speed USB device number 34 using dummy_hcd
[  292.458926][ T5836] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  292.634449][ T5836] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  292.684421][   T48] usb 1-1: config 0 has an invalid interface number: 229 but max is 0
[  292.727001][ T5836] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  292.789425][   T48] usb 1-1: config 0 has no interface number 0
[  292.823849][   T48] usb 1-1: config 0 interface 229 altsetting 0 endpoint 0x85 has invalid maxpacket 1023, setting to 64
[  292.843828][ T5836] usb 4-1: config 0 descriptor??
[  292.852623][   T29] audit: type=1400 audit(1731953615.728:2225): avc:  denied  { append } for  pid=5183 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=9 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  292.863902][   T48] usb 1-1: config 0 interface 229 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  292.903858][   T48] usb 1-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=1f.38
[  292.910152][   T29] audit: type=1400 audit(1731953615.728:2226): avc:  denied  { ioctl } for  pid=8908 comm="syz.3.806" path="/dev/raw-gadget" dev="devtmpfs" ino=820 ioctlcmd=0x550a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  292.917343][   T48] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  292.938227][   T29] audit: type=1400 audit(1731953615.768:2227): avc:  denied  { create } for  pid=8924 comm="syz.1.809" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  292.974784][   T48] usb 1-1: Product: syz
[  292.982163][   T48] usb 1-1: Manufacturer: syz
[  292.989155][   T48] usb 1-1: SerialNumber: syz
[  292.998178][   T29] audit: type=1400 audit(1731953615.778:2228): avc:  denied  { read write } for  pid=8924 comm="syz.1.809" name="raw-gadget" dev="devtmpfs" ino=820 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  293.023765][   T29] audit: type=1400 audit(1731953615.778:2229): avc:  denied  { open } for  pid=8924 comm="syz.1.809" path="/dev/raw-gadget" dev="devtmpfs" ino=820 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  293.090611][   T48] usb 1-1: config 0 descriptor??
[  293.096200][ T8912] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  293.099700][   T29] audit: type=1400 audit(1731953615.968:2230): avc:  denied  { read write } for  pid=5830 comm="syz-executor" name="loop2" dev="devtmpfs" ino=649 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  293.128838][ T5836] [drm] vendor descriptor length:e0 data:00 00 00 00 00 00 00 00 00 00 00
[  293.149132][ T5836] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[  293.149363][    T8] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  293.159373][ T5836] [drm:udl_init] *ERROR* Selecting channel failed
[  293.177348][ T8927] netlink: 4096 bytes leftover after parsing attributes in process `syz.2.810'.
[  293.192920][   T29] audit: type=1400 audit(1731953615.968:2231): avc:  denied  { open } for  pid=5830 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=649 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  293.193848][ T5836] [drm] Initialized udl 0.0.1 for 4-1:0.0 on minor 2
[  293.223927][ T5836] [drm] Initialized udl on minor 2
[  293.231657][   T29] audit: type=1400 audit(1731953615.968:2232): avc:  denied  { ioctl } for  pid=5830 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=649 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  293.231696][   T29] audit: type=1400 audit(1731953616.008:2233): avc:  denied  { read } for  pid=5183 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[  293.231882][ T5836] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  293.232244][ T5836] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[  293.233099][ T5874] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  293.257846][    C1] vkms_vblank_simulate: vblank timer overrun
[  293.313399][ T5836] usb 4-1: USB disconnect, device number 28
[  293.335588][    T8] usb 2-1: config 0 has too many interfaces: 254, using maximum allowed: 32
[  293.336803][ T5874] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[  293.356437][    T8] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  293.359541][   T48] usb 1-1: USB disconnect, device number 34
[  293.390123][    T8] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 254
[  293.403906][    T8] usb 2-1: New USB device found, idVendor=0cf3, idProduct=1002, bcdDevice=4f.2c
[  293.413521][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  293.429809][    T8] usb 2-1: config 0 descriptor??
[  293.635817][ T5915] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  293.653132][    T8] usb 2-1: USB disconnect, device number 35
[  293.759401][ T8932] netlink: 20 bytes leftover after parsing attributes in process `syz.4.811'.
[  293.793363][ T5915] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  293.871197][ T5915] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  294.258064][ T5915] usb 3-1: config 0 descriptor??
[  294.659228][    T8] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  294.718472][ T5915] [drm] vendor descriptor length:e0 data:00 00 00 00 00 00 00 00 00 00 00
[  294.727168][ T5915] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[  295.355465][ T5915] [drm] Initialized udl 0.0.1 for 3-1:0.0 on minor 2
[  295.362373][ T5915] [drm] Initialized udl on minor 2
[  295.370396][ T5915] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  295.378376][ T5915] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[  295.389669][ T5836] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  295.398587][ T5836] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  295.406615][ T5836] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[  295.414251][ T5915] usb 3-1: USB disconnect, device number 27
[  295.509356][    T8] usb 4-1: Using ep0 maxpacket: 8
[  295.515952][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  295.527570][ T8943] netlink: 24 bytes leftover after parsing attributes in process `syz.4.815'.
[  295.536935][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  295.547936][    T8] usb 4-1: New USB device found, idVendor=046d, idProduct=c24f, bcdDevice= 0.00
[  295.564229][    T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  295.574724][    T8] usb 4-1: config 0 descriptor??
[  295.602145][ T8945] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  295.659329][ T5876] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  295.786758][ T8949] netlink: 8 bytes leftover after parsing attributes in process `syz.2.818'.
[  295.799266][   T29] kauditd_printk_skb: 27 callbacks suppressed
[  295.799279][   T29] audit: type=1400 audit(1731953618.678:2261): avc:  denied  { create } for  pid=8948 comm="syz.2.818" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  295.809617][ T5876] usb 1-1: Using ep0 maxpacket: 8
[  295.824790][    C1] vkms_vblank_simulate: vblank timer overrun
[  295.836543][   T29] audit: type=1400 audit(1731953618.708:2262): avc:  denied  { write } for  pid=8948 comm="syz.2.818" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  295.841321][ T5876] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  295.856790][    C1] vkms_vblank_simulate: vblank timer overrun
[  295.859881][   T29] audit: type=1400 audit(1731953618.718:2263): avc:  denied  { write } for  pid=8948 comm="syz.2.818" path="/dev/vhci" dev="devtmpfs" ino=1268 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  295.882925][ T5876] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  295.916425][ T5876] usb 1-1: New USB device found, idVendor=046d, idProduct=c24f, bcdDevice= 0.00
[  295.944877][ T5876] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  295.958986][ T5876] usb 1-1: config 0 descriptor??
[  296.054157][   T29] audit: type=1400 audit(1731953618.818:2264): avc:  denied  { write } for  pid=8950 comm="syz.1.820" name="ip6_tables_targets" dev="proc" ino=4026533331 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  296.058137][  T965] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  296.078621][    C1] vkms_vblank_simulate: vblank timer overrun
[  296.078821][   T29] audit: type=1400 audit(1731953618.848:2265): avc:  denied  { create } for  pid=8952 comm="syz.2.819" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  296.746112][   T29] audit: type=1400 audit(1731953619.068:2266): avc:  denied  { listen } for  pid=8950 comm="syz.1.820" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  296.770954][ T8957] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  296.783645][ T8957] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  296.796853][   T29] audit: type=1400 audit(1731953619.078:2267): avc:  denied  { create } for  pid=8950 comm="syz.1.820" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  296.822013][    T8] logitech 0003:046D:C24F.000F: hidraw0: USB HID v0.00 Device [HID 046d:c24f] on usb-dummy_hcd.3-1/input0
[  296.854305][ T8935] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  296.899652][   T29] audit: type=1400 audit(1731953619.078:2268): avc:  denied  { connect } for  pid=8950 comm="syz.1.820" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  296.919898][   T29] audit: type=1400 audit(1731953619.078:2269): avc:  denied  { accept } for  pid=8950 comm="syz.1.820" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  296.920067][    T8] logitech 0003:046D:C24F.000F: no inputs found
[  296.939709][    C1] vkms_vblank_simulate: vblank timer overrun
[  297.251520][ T8961] netlink: 12 bytes leftover after parsing attributes in process `syz.2.819'.
[  297.513265][ T8935] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  297.532577][  T965] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  297.542369][  T965] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  297.557096][ T5876] logitech 0003:046D:C24F.0010: hidraw0: USB HID v0.00 Device [HID 046d:c24f] on usb-dummy_hcd.0-1/input0
[  297.568978][ T8959] netlink: 4 bytes leftover after parsing attributes in process `syz.1.821'.
[  297.580320][ T8935] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  297.588836][ T8935] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  297.594998][  T965] usb 5-1: config 0 descriptor??
[  297.612848][ T5876] logitech 0003:046D:C24F.0010: no inputs found
[  297.622085][   T29] audit: type=1400 audit(1731953620.498:2270): avc:  denied  { ioctl } for  pid=8964 comm="syz.2.822" path="socket:[23346]" dev="sockfs" ino=23346 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  297.646847][    C1] vkms_vblank_simulate: vblank timer overrun
[  297.835377][  T965] [drm] vendor descriptor length:e0 data:00 00 00 00 00 00 00 00 00 00 00
[  297.852819][  T965] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[  297.854957][ T8941] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  297.865647][  T965] [drm:udl_init] *ERROR* Selecting channel failed
[  297.873139][ T8941] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  297.939318][   T48] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[  297.945268][ T8969] binder: 8967:8969 ioctl 4018620d 0 returned -22
[  298.129293][   T48] usb 2-1: Using ep0 maxpacket: 16
[  298.133992][  T965] [drm] Initialized udl 0.0.1 for 5-1:0.0 on minor 2
[  298.148368][   T48] usb 2-1: config 0 has an invalid interface number: 8 but max is 0
[  298.150029][  T965] [drm] Initialized udl on minor 2
[  298.189283][  T965] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  298.201375][  T965] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[  298.208424][   T48] usb 2-1: config 0 has no interface number 0
[  298.277178][   T48] usb 2-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 240, changing to 11
[  298.305423][  T965] usb 5-1: USB disconnect, device number 21
[  298.329673][ T8941] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  298.339749][ T8941] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  298.348218][   T48] usb 2-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid maxpacket 9790, setting to 1024
[  298.372488][   T48] usb 2-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  298.377904][ T8941] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  298.389552][   T48] usb 2-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  298.398089][   T48] usb 2-1: Product: syz
[  298.405931][ T8941] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  298.420481][   T48] usb 2-1: SerialNumber: syz
[  298.434029][   T48] usb 2-1: config 0 descriptor??
[  298.439916][ T8959] raw-gadget.6 gadget.1: fail, usb_ep_enable returned -22
[  298.943031][   T48] cm109 2-1:0.8: invalid payload size 1024, expected 4
[  298.950668][   T48] input: CM109 USB driver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.8/input/input19
[  299.022542][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  299.031949][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  299.039081][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  299.046231][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  299.053363][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  299.060752][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  299.067920][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  299.075437][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  299.082606][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  299.089731][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  299.103087][ T5915] usb 4-1: USB disconnect, device number 29
[  299.119805][   T48] usb 2-1: USB disconnect, device number 36
[  299.125747][    C1] cm109 2-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  299.159831][   T48] cm109 2-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  300.197304][ T5904] usb 1-1: USB disconnect, device number 35
[  300.919288][   T29] kauditd_printk_skb: 22 callbacks suppressed
[  301.022874][   T29] audit: type=1400 audit(1731953623.688:2293): avc:  denied  { create } for  pid=8999 comm="syz.0.831" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  301.049580][   T29] audit: type=1400 audit(1731953623.688:2294): avc:  denied  { getopt } for  pid=8999 comm="syz.0.831" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  301.108438][   T29] audit: type=1400 audit(1731953623.688:2295): avc:  denied  { create } for  pid=8999 comm="syz.0.831" anonclass=[userfaultfd] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  301.139243][   T29] audit: type=1400 audit(1731953624.008:2296): avc:  denied  { block_suspend } for  pid=8996 comm="syz.3.829" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  301.232290][ T9010] uprobe: syz.1.833:9010 failed to unregister, leaking uprobe
[  301.232514][   T29] audit: type=1400 audit(1731953624.108:2297): avc:  denied  { execute } for  pid=9010 comm="syz.1.833" path="/157/file0" dev="tmpfs" ino=845 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  301.466302][   T29] audit: type=1400 audit(1731953624.338:2298): avc:  denied  { create } for  pid=9014 comm="syz.1.834" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  301.529497][   T29] audit: type=1400 audit(1731953624.338:2299): avc:  denied  { read write } for  pid=9012 comm="syz.0.835" name="sg0" dev="devtmpfs" ino=710 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  302.643098][   T29] audit: type=1400 audit(1731953624.338:2300): avc:  denied  { open } for  pid=9012 comm="syz.0.835" path="/dev/sg0" dev="devtmpfs" ino=710 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  302.680363][ T9022] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  302.689204][   T29] audit: type=1400 audit(1731953624.368:2301): avc:  denied  { append } for  pid=9014 comm="syz.1.834" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  302.718657][   T29] audit: type=1400 audit(1731953624.688:2302): avc:  denied  { setopt } for  pid=9002 comm="syz.4.832" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  304.168852][ T9044] team0: No ports can be present during mode change
[  304.929682][ T9049] FAULT_INJECTION: forcing a failure.
[  304.929682][ T9049] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  304.979203][ T9049] CPU: 0 UID: 0 PID: 9049 Comm: syz.3.842 Not tainted 6.12.0-syzkaller #0
[  304.987729][ T9049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  304.997788][ T9049] Call Trace:
[  305.001060][ T9049]  <TASK>
[  305.003989][ T9049]  dump_stack_lvl+0x16c/0x1f0
[  305.008644][ T9049]  should_fail_ex+0x497/0x5b0
[  305.013309][ T9049]  _copy_to_user+0x32/0xd0
[  305.017734][ T9049]  simple_read_from_buffer+0xd0/0x160
[  305.023115][ T9049]  proc_fail_nth_read+0x198/0x270
[  305.028143][ T9049]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  305.033703][ T9049]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  305.039256][ T9049]  vfs_read+0x1df/0xbe0
[  305.043424][ T9049]  ? __fget_files+0x23a/0x3f0
[  305.048112][ T9049]  ? fdget_pos+0x24c/0x360
[  305.052523][ T9049]  ? __pfx_lock_release+0x10/0x10
[  305.057546][ T9049]  ? trace_lock_acquire+0x14a/0x1d0
[  305.062746][ T9049]  ? __pfx_vfs_read+0x10/0x10
[  305.067430][ T9049]  ? __pfx___mutex_lock+0x10/0x10
[  305.072476][ T9049]  ? __fget_files+0x244/0x3f0
[  305.077170][ T9049]  ksys_read+0x12f/0x260
[  305.081421][ T9049]  ? __pfx_ksys_read+0x10/0x10
[  305.086202][ T9049]  do_syscall_64+0xcd/0x250
[  305.090710][ T9049]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  305.096608][ T9049] RIP: 0033:0x7f34bb97d19c
[  305.101021][ T9049] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  305.120629][ T9049] RSP: 002b:00007f34bc835030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  305.129042][ T9049] RAX: ffffffffffffffda RBX: 00007f34bbb36058 RCX: 00007f34bb97d19c
[  305.137015][ T9049] RDX: 000000000000000f RSI: 00007f34bc8350a0 RDI: 0000000000000006
[  305.144978][ T9049] RBP: 00007f34bc835090 R08: 0000000000000000 R09: 0000000000000000
[  305.152934][ T9049] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  305.160888][ T9049] R13: 0000000000000000 R14: 00007f34bbb36058 R15: 00007ffe6d4aea88
[  305.168851][ T9049]  </TASK>
[  306.172329][   T29] kauditd_printk_skb: 22 callbacks suppressed
[  306.172347][   T29] audit: type=1400 audit(1731953628.268:2325): avc:  denied  { create } for  pid=9053 comm="syz.0.843" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  306.198023][   T29] audit: type=1400 audit(1731953628.268:2326): avc:  denied  { setopt } for  pid=9053 comm="syz.0.843" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  306.250755][   T29] audit: type=1400 audit(1731953628.268:2327): avc:  denied  { bind } for  pid=9053 comm="syz.0.843" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  306.277922][   T29] audit: type=1400 audit(1731953628.268:2328): avc:  denied  { listen } for  pid=9053 comm="syz.0.843" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  307.248298][   T29] audit: type=1400 audit(1731953628.268:2329): avc:  denied  { connect } for  pid=9053 comm="syz.0.843" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  307.267979][   T29] audit: type=1400 audit(1731953628.428:2330): avc:  denied  { create } for  pid=9056 comm="syz.2.844" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  307.288080][   T29] audit: type=1400 audit(1731953628.428:2331): avc:  denied  { write } for  pid=9056 comm="syz.2.844" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  307.308067][   T29] audit: type=1400 audit(1731953628.428:2332): avc:  denied  { nlmsg_write } for  pid=9056 comm="syz.2.844" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  307.328595][   T29] audit: type=1400 audit(1731953629.628:2333): avc:  denied  { create } for  pid=9055 comm="syz.4.845" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  307.347895][   T29] audit: type=1400 audit(1731953629.628:2334): avc:  denied  { bind } for  pid=9055 comm="syz.4.845" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  308.042766][ T9080] FAULT_INJECTION: forcing a failure.
[  308.042766][ T9080] name failslab, interval 1, probability 0, space 0, times 0
[  308.083298][ T9080] CPU: 0 UID: 0 PID: 9080 Comm: syz.1.850 Not tainted 6.12.0-syzkaller #0
[  308.091824][ T9080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  308.101873][ T9080] Call Trace:
[  308.105127][ T9080]  <TASK>
[  308.108036][ T9080]  dump_stack_lvl+0x16c/0x1f0
[  308.112692][ T9080]  should_fail_ex+0x497/0x5b0
[  308.117345][ T9080]  ? fs_reclaim_acquire+0xae/0x150
[  308.122431][ T9080]  should_failslab+0xc2/0x120
[  308.127098][ T9080]  __kmalloc_noprof+0xcb/0x400
[  308.131851][ T9080]  tomoyo_encode2+0x100/0x3e0
[  308.136506][ T9080]  tomoyo_encode+0x29/0x50
[  308.140897][ T9080]  tomoyo_realpath_from_path+0x19d/0x720
[  308.146505][ T9080]  ? tomoyo_path_number_perm+0x232/0x590
[  308.152122][ T9080]  tomoyo_path_number_perm+0x245/0x590
[  308.157554][ T9080]  ? tomoyo_path_number_perm+0x232/0x590
[  308.163162][ T9080]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  308.169133][ T9080]  ? trace_lock_acquire+0x14a/0x1d0
[  308.174314][ T9080]  ? lock_acquire+0x2f/0xb0
[  308.178802][ T9080]  ? __fget_files+0x40/0x3f0
[  308.183387][ T9080]  ? __fget_files+0x244/0x3f0
[  308.188057][ T9080]  security_file_ioctl+0x9b/0x240
[  308.193069][ T9080]  __x64_sys_ioctl+0xbb/0x220
[  308.197748][ T9080]  do_syscall_64+0xcd/0x250
[  308.202233][ T9080]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  308.208106][ T9080] RIP: 0033:0x7f78ab37e759
[  308.212496][ T9080] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  308.232080][ T9080] RSP: 002b:00007f78ac0e2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  308.240469][ T9080] RAX: ffffffffffffffda RBX: 00007f78ab535f80 RCX: 00007f78ab37e759
[  308.248414][ T9080] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  308.256370][ T9080] RBP: 00007f78ac0e2090 R08: 0000000000000000 R09: 0000000000000000
[  308.264315][ T9080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  308.272264][ T9080] R13: 0000000000000000 R14: 00007f78ab535f80 R15: 00007fff522240d8
[  308.280228][ T9080]  </TASK>
[  308.305649][ T9080] ERROR: Out of memory at tomoyo_realpath_from_path.
[  308.432314][ T9080] kvm: kvm [9078]: vcpu0, guest rIP: 0x3b1 Unhandled WRMSR(0xc2) = 0x1
[  308.563157][ T9080] kvm: kvm [9078]: vcpu0, guest rIP: 0x3b1 Unhandled WRMSR(0xc2) = 0x1
[  308.638790][ T9097] netlink: 1 bytes leftover after parsing attributes in process `syz.4.847'.
[  308.669226][ T9098] netlink: 4 bytes leftover after parsing attributes in process `syz.2.853'.
[  308.906470][ T9105] team0: No ports can be present during mode change
[  309.564889][   T48] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[  309.763689][   T48] usb 2-1: device descriptor read/64, error -71
[  309.819482][ T5876] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  310.059425][   T48] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[  310.210773][ T5876] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  310.221942][ T5876] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  310.249584][   T48] usb 2-1: device descriptor read/64, error -71
[  310.259187][ T5876] usb 3-1: New USB device found, idVendor=045e, idProduct=009d, bcdDevice= 0.00
[  310.268237][ T5876] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  310.297225][ T5876] usb 3-1: config 0 descriptor??
[  310.360568][   T48] usb usb2-port1: attempt power cycle
[  310.839364][ T5874] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[  310.888887][   T48] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  311.001332][   T48] usb 2-1: device descriptor read/8, error -71
[  311.022987][ T5874] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  311.054692][ T5874] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  311.118577][ T5876] microsoft 0003:045E:009D.0011: unbalanced delimiter at end of report description
[  311.128414][ T5876] microsoft 0003:045E:009D.0011: parse failed
[  311.134166][ T5874] usb 4-1: config 0 descriptor??
[  311.134538][ T5876] microsoft 0003:045E:009D.0011: probe with driver microsoft failed with error -22
[  311.163026][ T5876] usb 3-1: USB disconnect, device number 28
[  311.267221][ T9130] netlink: 28 bytes leftover after parsing attributes in process `syz.4.860'.
[  311.276440][ T9130] netlink: 28 bytes leftover after parsing attributes in process `syz.4.860'.
[  311.339225][   T48] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[  311.355687][   T29] kauditd_printk_skb: 79 callbacks suppressed
[  311.355697][   T29] audit: type=1400 audit(1731953634.228:2414): avc:  denied  { bind } for  pid=9129 comm="syz.4.860" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  311.381235][   T29] audit: type=1400 audit(1731953634.228:2415): avc:  denied  { read } for  pid=9129 comm="syz.4.860" name="event0" dev="devtmpfs" ino=918 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  311.404481][   T29] audit: type=1400 audit(1731953634.228:2416): avc:  denied  { open } for  pid=9129 comm="syz.4.860" path="/dev/input/event0" dev="devtmpfs" ino=918 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  311.428455][    C1] vkms_vblank_simulate: vblank timer overrun
[  311.435001][   T48] usb 2-1: device descriptor read/8, error -71
[  311.443783][ T5874] [drm] vendor descriptor length:e0 data:00 00 00 00 00 00 00 00 00 00 00
[  311.452376][ T5874] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[  311.463349][ T5874] [drm:udl_init] *ERROR* Selecting channel failed
[  311.476040][ T5874] [drm] Initialized udl 0.0.1 for 4-1:0.0 on minor 2
[  311.491740][ T5874] [drm] Initialized udl on minor 2
[  311.497510][ T5874] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  311.505619][ T5874] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[  311.521854][ T5915] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  311.530919][ T5915] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[  311.537659][ T5874] usb 4-1: USB disconnect, device number 30
[  311.549502][   T48] usb usb2-port1: unable to enumerate USB device
[  311.708933][   T29] audit: type=1400 audit(1731953634.578:2417): avc:  denied  { create } for  pid=9138 comm="syz.4.862" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  311.729286][    C1] vkms_vblank_simulate: vblank timer overrun
[  311.745087][ T9141] binder: 9136:9141 ioctl c0306201 0 returned -14
[  311.772613][   T29] audit: type=1400 audit(1731953634.608:2418): avc:  denied  { read } for  pid=9136 comm="syz.2.861" name="binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  311.795132][    C1] vkms_vblank_simulate: vblank timer overrun
[  312.636797][   T29] audit: type=1400 audit(1731953634.608:2419): avc:  denied  { open } for  pid=9136 comm="syz.2.861" path="/dev/binderfs/binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  312.667005][   T29] audit: type=1400 audit(1731953634.618:2420): avc:  denied  { ioctl } for  pid=9136 comm="syz.2.861" path="/dev/binderfs/binder0" dev="binder" ino=4 ioctlcmd=0x6201 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  312.836270][   T29] audit: type=1400 audit(1731953634.968:2421): avc:  denied  { setopt } for  pid=9138 comm="syz.4.862" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  313.151268][ T9152] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  313.160318][ T9152] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  313.169285][ T9152] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  313.178174][ T9152] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  313.999850][   T29] audit: type=1400 audit(1731953634.968:2422): avc:  denied  { write } for  pid=9138 comm="syz.4.862" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  314.019643][   T29] audit: type=1400 audit(1731953635.538:2423): avc:  denied  { create } for  pid=9145 comm="syz.1.863" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  314.808502][ T9165] team0: No ports can be present during mode change
[  315.476358][  T965] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[  315.631373][  T965] usb 2-1: config 0 has too many interfaces: 254, using maximum allowed: 32
[  315.649136][  T965] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  315.796648][  T965] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 254
[  316.028280][  T965] usb 2-1: New USB device found, idVendor=0cf3, idProduct=1002, bcdDevice=4f.2c
[  316.037639][  T965] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  316.080180][  T965] usb 2-1: config 0 descriptor??
[  316.291000][ T5876] usb 2-1: USB disconnect, device number 41
[  316.409250][  T965] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  316.430110][   T29] kauditd_printk_skb: 39 callbacks suppressed
[  316.430124][   T29] audit: type=1400 audit(1731953639.308:2463): avc:  denied  { read } for  pid=9180 comm="syz.2.873" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  316.490455][   T29] audit: type=1400 audit(1731953639.308:2464): avc:  denied  { open } for  pid=9180 comm="syz.2.873" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  316.544314][   T29] audit: type=1400 audit(1731953639.398:2465): avc:  denied  { create } for  pid=9166 comm="syz.1.871" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  316.580959][  T965] usb 4-1: config 0 has too many interfaces: 254, using maximum allowed: 32
[  316.589924][  T965] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  316.609125][   T29] audit: type=1400 audit(1731953639.398:2466): avc:  denied  { accept } for  pid=9166 comm="syz.1.871" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  316.630771][  T965] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 254
[  316.650302][  T965] usb 4-1: New USB device found, idVendor=0cf3, idProduct=1002, bcdDevice=4f.2c
[  316.671670][  T965] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  316.692323][  T965] usb 4-1: config 0 descriptor??
[  316.755385][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  316.761849][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  317.013008][ T5876] usb 4-1: USB disconnect, device number 31
[  317.418924][   T29] audit: type=1400 audit(1731953640.288:2467): avc:  denied  { ioctl } for  pid=9187 comm="syz.0.874" path="socket:[24091]" dev="sockfs" ino=24091 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  317.446002][   T29] audit: type=1400 audit(1731953640.288:2468): avc:  denied  { ioctl } for  pid=9187 comm="syz.0.874" path="socket:[24093]" dev="sockfs" ino=24093 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  317.561565][ T9193] bridge0: port 1(bridge_slave_0) entered blocking state
[  317.569556][ T9193] bridge0: port 1(bridge_slave_0) entered forwarding state
[  318.411340][   T29] audit: type=1400 audit(1731953640.348:2469): avc:  denied  { create } for  pid=9190 comm="syz.2.875" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  318.440289][   T29] audit: type=1400 audit(1731953640.398:2470): avc:  denied  { create } for  pid=9190 comm="syz.2.875" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  318.460922][   T29] audit: type=1400 audit(1731953640.408:2471): avc:  denied  { perfmon } for  pid=9190 comm="syz.2.875" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  318.482218][   T29] audit: type=1400 audit(1731953640.418:2472): avc:  denied  { read } for  pid=9189 comm="syz.4.876" dev="nsfs" ino=4026533264 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  319.346850][ T9210] input: syz0 as /devices/virtual/input/input20
[  319.839702][ T9203] FAULT_INJECTION: forcing a failure.
[  319.839702][ T9203] name failslab, interval 1, probability 0, space 0, times 0
[  319.852756][ T9203] CPU: 1 UID: 0 PID: 9203 Comm: syz.1.878 Not tainted 6.12.0-syzkaller #0
[  319.861262][ T9203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  319.871303][ T9203] Call Trace:
[  319.874564][ T9203]  <TASK>
[  319.877478][ T9203]  dump_stack_lvl+0x16c/0x1f0
[  319.882146][ T9203]  should_fail_ex+0x497/0x5b0
[  319.886811][ T9203]  should_failslab+0xc2/0x120
[  319.891475][ T9203]  __kmalloc_noprof+0xcb/0x400
[  319.896229][ T9203]  io_cqring_event_overflow+0xcb/0x6f0
[  319.901680][ T9203]  io_req_cqe_overflow+0x101/0x1e0
[  319.906781][ T9203]  __io_submit_flush_completions+0x8fc/0x1cc0
[  319.912854][ T9203]  io_submit_sqes+0xa76/0x2530
[  319.917621][ T9203]  __do_sys_io_uring_enter+0xc0f/0x1170
[  319.923158][ T9203]  ? __fget_files+0x244/0x3f0
[  319.927826][ T9203]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[  319.933798][ T9203]  ? fput+0x30/0x390
[  319.937687][ T9203]  ? ksys_write+0x1ad/0x260
[  319.942187][ T9203]  ? __pfx_ksys_write+0x10/0x10
[  319.947032][ T9203]  do_syscall_64+0xcd/0x250
[  319.951524][ T9203]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  319.957406][ T9203] RIP: 0033:0x7f78ab37e759
[  319.961807][ T9203] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  319.981401][ T9203] RSP: 002b:00007f78ac0e2038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  319.989798][ T9203] RAX: ffffffffffffffda RBX: 00007f78ab535f80 RCX: 00007f78ab37e759
[  319.997765][ T9203] RDX: 0000000000000000 RSI: 0000000000002d3e RDI: 0000000000000014
[  320.005733][ T9203] RBP: 00007f78ac0e2090 R08: 0000000000000000 R09: 0000000000000000
[  320.013697][ T9203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  320.021667][ T9203] R13: 0000000000000000 R14: 00007f78ab535f80 R15: 00007fff522240d8
[  320.029640][ T9203]  </TASK>
[  321.369766][ T9228] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  321.509300][ T5915] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[  321.539184][ T5876] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  321.609172][ T5874] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  321.660954][ T5915] usb 2-1: config 0 has too many interfaces: 254, using maximum allowed: 32
[  321.669845][ T5915] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  321.680448][ T5915] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 254
[  321.689194][ T5876] usb 4-1: Using ep0 maxpacket: 8
[  321.689725][ T5915] usb 2-1: New USB device found, idVendor=0cf3, idProduct=1002, bcdDevice=4f.2c
[  321.698705][ T5876] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  321.703791][ T5915] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  321.717638][ T5876] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  321.723997][ T5915] usb 2-1: config 0 descriptor??
[  321.735293][ T5876] usb 4-1: New USB device found, idVendor=046d, idProduct=c24f, bcdDevice= 0.00
[  321.746688][ T5876] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  321.758181][ T5876] usb 4-1: config 0 descriptor??
[  321.773176][ T5874] usb 3-1: config 0 has too many interfaces: 254, using maximum allowed: 32
[  321.782090][ T5874] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  321.792802][ T5874] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 254
[  321.801981][ T5874] usb 3-1: New USB device found, idVendor=0cf3, idProduct=1002, bcdDevice=4f.2c
[  321.811320][ T5874] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  321.833551][ T5874] usb 3-1: config 0 descriptor??
[  321.971368][ T5874] usb 3-1: reset high-speed USB device number 29 using dummy_hcd
[  321.980183][   T48] usb 2-1: USB disconnect, device number 42
[  322.175205][ T5876] logitech 0003:046D:C24F.0012: hidraw0: USB HID v0.00 Device [HID 046d:c24f] on usb-dummy_hcd.3-1/input0
[  322.186050][   T29] kauditd_printk_skb: 58 callbacks suppressed
[  322.186062][   T29] audit: type=1400 audit(1731953645.048:2531): avc:  denied  { setopt } for  pid=9234 comm="syz.0.890" lport=135 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  322.194098][ T5876] logitech 0003:046D:C24F.0012: no inputs found
[  322.226432][   T29] audit: type=1400 audit(1731953645.098:2532): avc:  denied  { getopt } for  pid=9234 comm="syz.0.890" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  322.426764][ T9237] FAULT_INJECTION: forcing a failure.
[  322.426764][ T9237] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  322.439965][ T9237] CPU: 1 UID: 0 PID: 9237 Comm: syz.0.890 Not tainted 6.12.0-syzkaller #0
[  322.448464][ T9237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  322.458512][ T9237] Call Trace:
[  322.461786][ T9237]  <TASK>
[  322.464714][ T9237]  dump_stack_lvl+0x16c/0x1f0
[  322.469394][ T9237]  should_fail_ex+0x497/0x5b0
[  322.474073][ T9237]  _copy_from_user+0x2e/0xd0
[  322.478664][ T9237]  memdup_user+0x71/0xd0
[  322.482905][ T9237]  strndup_user+0x78/0xe0
[  322.487238][ T9237]  __x64_sys_fsopen+0x9c/0x240
[  322.492003][ T9237]  do_syscall_64+0xcd/0x250
[  322.496505][ T9237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  322.502409][ T9237] RIP: 0033:0x7fb441b7e759
[  322.506819][ T9237] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  322.526424][ T9237] RSP: 002b:00007fb4428d9038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae
[  322.534832][ T9237] RAX: ffffffffffffffda RBX: 00007fb441d36130 RCX: 00007fb441b7e759
[  322.542799][ T9237] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000200002c0
[  322.550766][ T9237] RBP: 00007fb4428d9090 R08: 0000000000000000 R09: 0000000000000000
[  322.558732][ T9237] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  322.566697][ T9237] R13: 0000000000000000 R14: 00007fb441d36130 R15: 00007fffbbedd1b8
[  322.574676][ T9237]  </TASK>
[  322.813218][ T9239] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  322.840454][ T9239] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  323.060377][ T9224] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  323.068983][ T9224] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  323.086202][ T9224] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  323.094832][ T9224] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  323.359314][   T29] audit: type=1400 audit(1731953645.738:2533): avc:  denied  { unmount } for  pid=5834 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  323.470616][   T29] audit: type=1400 audit(1731953646.308:2534): avc:  denied  { create } for  pid=9243 comm="syz.4.891" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  323.522143][ T5874] usb 3-1: USB disconnect, device number 29
[  323.613137][   T29] audit: type=1400 audit(1731953646.308:2535): avc:  denied  { connect } for  pid=9243 comm="syz.4.891" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  323.713208][   T29] audit: type=1400 audit(1731953646.578:2536): avc:  denied  { write } for  pid=9243 comm="syz.4.891" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  323.805966][   T29] audit: type=1400 audit(1731953646.678:2537): avc:  denied  { connect } for  pid=9249 comm="syz.4.893" lport=60 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  323.831862][   T29] audit: type=1400 audit(1731953646.698:2538): avc:  denied  { write } for  pid=9249 comm="syz.4.893" lport=60 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  324.561255][   T29] audit: type=1400 audit(1731953646.908:2539): avc:  denied  { read } for  pid=9249 comm="syz.4.893" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  324.599674][   T29] audit: type=1400 audit(1731953646.918:2540): avc:  denied  { open } for  pid=9249 comm="syz.4.893" path="/dev/kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  324.996324][ T9258] binder: 9255:9258 ioctl 4018620d 0 returned -22
[  325.262559][ T9263] netlink: 8 bytes leftover after parsing attributes in process `syz.2.896'.
[  325.299244][ T5874] usb 4-1: USB disconnect, device number 32
[  326.072162][ T9270] SELinux:  policydb version 2094917270 does not match my version range 15-33
[  326.081543][ T9270] SELinux: failed to load policy
[  326.107371][ T9270] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  326.114633][ T9270] overlayfs: failed to set xattr on upper
[  326.120396][ T9270] overlayfs: ...falling back to redirect_dir=nofollow.
[  326.127264][ T9270] overlayfs: ...falling back to index=off.
[  326.133118][ T9270] overlayfs: ...falling back to uuid=null.
[  326.149895][ T9270] FAULT_INJECTION: forcing a failure.
[  326.149895][ T9270] name failslab, interval 1, probability 0, space 0, times 0
[  326.162559][ T9270] CPU: 1 UID: 0 PID: 9270 Comm: syz.3.897 Not tainted 6.12.0-syzkaller #0
[  326.171060][ T9270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  326.181120][ T9270] Call Trace:
[  326.184395][ T9270]  <TASK>
[  326.187321][ T9270]  dump_stack_lvl+0x16c/0x1f0
[  326.192004][ T9270]  should_fail_ex+0x497/0x5b0
[  326.196686][ T9270]  ? fs_reclaim_acquire+0xae/0x150
[  326.201802][ T9270]  should_failslab+0xc2/0x120
[  326.206490][ T9270]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  326.211866][ T9270]  ? prepare_creds+0x2e/0x750
[  326.216556][ T9270]  prepare_creds+0x2e/0x750
[  326.221063][ T9270]  ? __pfx_get_random_u64+0x10/0x10
[  326.226268][ T9270]  copy_creds+0xa7/0xa50
[  326.230519][ T9270]  copy_process+0x10b9/0x8cb0
[  326.235201][ T9270]  ? __pfx_mark_lock+0x10/0x10
[  326.239971][ T9270]  ? __pfx_copy_process+0x10/0x10
[  326.245001][ T9270]  ? irqentry_exit+0x3b/0x90
[  326.249587][ T9270]  ? lockdep_hardirqs_on+0x7c/0x110
[  326.254797][ T9270]  ? kernel_clone+0xda/0x960
[  326.259389][ T9270]  kernel_clone+0xfd/0x960
[  326.263808][ T9270]  ? __pfx_kernel_clone+0x10/0x10
[  326.268842][ T9270]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  326.274824][ T9270]  __do_sys_clone+0xba/0x100
[  326.279418][ T9270]  ? __pfx___do_sys_clone+0x10/0x10
[  326.284632][ T9270]  do_syscall_64+0xcd/0x250
[  326.289135][ T9270]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.295032][ T9270] RIP: 0033:0x7f34bb97e759
[  326.299445][ T9270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  326.319050][ T9270] RSP: 002b:00007f34bc813fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  326.327456][ T9270] RAX: ffffffffffffffda RBX: 00007f34bbb36130 RCX: 00007f34bb97e759
[  326.335414][ T9270] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000200030e4
[  326.343361][ T9270] RBP: 00007f34bc814090 R08: 0000000000000000 R09: 0000000000000000
[  326.351304][ T9270] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[  326.359251][ T9270] R13: 0000000000000000 R14: 00007f34bbb36130 R15: 00007ffe6d4aea88
[  326.367203][ T9270]  </TASK>
[  326.468108][ T9263] binder_alloc: binder_alloc_mmap_handler: 9262 20ffd000-21000000 already mapped failed -16
[  326.492011][ T9267] binder_alloc: 9262: binder_alloc_buf, no vma
[  326.930742][ T9277] netlink: 'syz.0.898': attribute type 10 has an invalid length.
[  326.938649][ T9277] netlink: 55 bytes leftover after parsing attributes in process `syz.0.898'.
[  327.042154][ T9286] evm: overlay not supported
[  327.254943][ T5876] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[  327.367212][ T9295] rdma_rxe: rxe_newlink: failed to add team_slave_1
[  327.993545][ T5904] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  328.001548][   T29] kauditd_printk_skb: 32 callbacks suppressed
[  328.001560][   T29] audit: type=1400 audit(1731953650.158:2573): avc:  denied  { create } for  pid=9290 comm="syz.0.904" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  328.041602][ T9296] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  328.193482][   T29] audit: type=1400 audit(1731953650.178:2574): avc:  denied  { read write } for  pid=9290 comm="syz.0.904" name="video3" dev="devtmpfs" ino=934 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  328.272700][   T29] audit: type=1400 audit(1731953650.188:2575): avc:  denied  { open } for  pid=9290 comm="syz.0.904" path="/dev/video3" dev="devtmpfs" ino=934 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  328.296093][   T29] audit: type=1400 audit(1731953650.238:2576): avc:  denied  { create } for  pid=9290 comm="syz.0.904" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  328.316268][   T29] audit: type=1400 audit(1731953650.238:2577): avc:  denied  { write } for  pid=9290 comm="syz.0.904" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  328.336440][   T29] audit: type=1400 audit(1731953650.848:2578): avc:  denied  { create } for  pid=9287 comm="syz.1.903" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  328.356027][   T29] audit: type=1400 audit(1731953650.848:2579): avc:  denied  { connect } for  pid=9287 comm="syz.1.903" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  328.375730][   T29] audit: type=1400 audit(1731953650.848:2580): avc:  denied  { write } for  pid=9287 comm="syz.1.903" path="socket:[24363]" dev="sockfs" ino=24363 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  328.399321][   T29] audit: type=1400 audit(1731953650.988:2581): avc:  denied  { setopt } for  pid=9287 comm="syz.1.903" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  328.418762][   T29] audit: type=1400 audit(1731953651.098:2582): avc:  denied  { write } for  pid=9287 comm="syz.1.903" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  328.436462][ T5904] usb 3-1: Using ep0 maxpacket: 32
[  328.448053][ T5904] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  328.470386][ T5904] usb 3-1: New USB device found, idVendor=0402, idProduct=5602, bcdDevice=66.4d
[  328.485463][ T5904] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  328.493595][ T5904] usb 3-1: Product: syz
[  328.498106][ T5904] usb 3-1: Manufacturer: syz
[  328.504800][ T5904] usb 3-1: SerialNumber: syz
[  328.529994][ T5904] usb 3-1: config 0 descriptor??
[  328.546633][ T5904] gspca_main: ALi m5602-2.14.0 probing 0402:5602
[  328.566968][ T5876] usb 4-1: Using ep0 maxpacket: 8
[  328.574772][ T5876] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  328.591069][ T5876] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  328.604725][ T5876] usb 4-1: New USB device found, idVendor=046d, idProduct=c24f, bcdDevice= 0.00
[  328.615198][ T5876] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  328.644604][ T5876] usb 4-1: config 0 descriptor??
[  328.889281][ T9307] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  328.965918][   T48] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[  329.144848][   T48] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  329.180735][   T48] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  329.288281][    T8] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[  329.291515][   T48] usb 2-1: config 0 descriptor??
[  329.301436][ T5904] gspca_m5602: Failed to find a sensor
[  329.309254][ T5904] ALi m5602 3-1:0.0: ALi m5602 webcam failed
[  329.319173][ T5876] logitech 0003:046D:C24F.0013: hidraw0: USB HID v0.00 Device [HID 046d:c24f] on usb-dummy_hcd.3-1/input0
[  329.330693][ T5904] usb 3-1: USB disconnect, device number 30
[  329.337321][ T5876] logitech 0003:046D:C24F.0013: no inputs found
[  329.451216][    T8] usb 1-1: config 0 has too many interfaces: 254, using maximum allowed: 32
[  329.464303][    T8] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  329.476297][    T8] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 254
[  329.485681][    T8] usb 1-1: New USB device found, idVendor=0cf3, idProduct=1002, bcdDevice=4f.2c
[  329.496689][    T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  329.604530][   T48] [drm] vendor descriptor length:e0 data:00 00 00 00 00 00 00 00 00 00 00
[  329.606159][    T8] usb 1-1: config 0 descriptor??
[  329.696478][   T48] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[  329.772101][   T48] [drm:udl_init] *ERROR* Selecting channel failed
[  329.872233][   T48] [drm] Initialized udl 0.0.1 for 2-1:0.0 on minor 2
[  329.883483][ T9283] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  329.892078][   T48] [drm] Initialized udl on minor 2
[  329.901942][   T48] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  329.911051][   T48] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[  329.985868][    T8] usb 1-1: reset high-speed USB device number 36 using dummy_hcd
[  330.009264][ T9283] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  330.021724][ T5874] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  330.029790][ T5874] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[  330.031245][ T9283] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  330.043768][   T48] usb 2-1: USB disconnect, device number 43
[  330.046720][ T9283] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  330.108978][ T9316] team0: No ports can be present during mode change
[  330.224523][ T9283] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  330.247065][ T9283] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  330.876103][ T9323] FAULT_INJECTION: forcing a failure.
[  330.876103][ T9323] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  330.892894][ T9323] CPU: 0 UID: 0 PID: 9323 Comm: syz.2.911 Not tainted 6.12.0-syzkaller #0
[  330.901407][ T9323] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  330.911461][ T9323] Call Trace:
[  330.914737][ T9323]  <TASK>
[  330.917665][ T9323]  dump_stack_lvl+0x16c/0x1f0
[  330.922348][ T9323]  should_fail_ex+0x497/0x5b0
[  330.927030][ T9323]  copy_fpstate_to_sigframe+0x858/0xaf0
[  330.932595][ T9323]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[  330.938668][ T9323]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  330.944304][ T9323]  ? do_raw_spin_lock+0x12d/0x2c0
[  330.949335][ T9323]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  330.954706][ T9323]  ? find_held_lock+0x2d/0x110
[  330.959480][ T9323]  get_sigframe+0x4aa/0x9c0
[  330.963993][ T9323]  ? __pfx_get_sigframe+0x10/0x10
[  330.969031][ T9323]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  330.974393][ T9323]  ? _raw_spin_unlock_irq+0x23/0x50
[  330.979568][ T9323]  ? siginfo_layout+0x177/0x290
[  330.984404][ T9323]  x64_setup_rt_frame+0x129/0xcf0
[  330.989412][ T9323]  ? __pfx_x64_setup_rt_frame+0x10/0x10
[  330.994938][ T9323]  arch_do_signal_or_restart+0x5e6/0x7e0
[  331.000548][ T9323]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  331.006698][ T9323]  ? __pfx_do_readv+0x10/0x10
[  331.011360][ T9323]  syscall_exit_to_user_mode+0x150/0x2a0
[  331.016972][ T9323]  do_syscall_64+0xda/0x250
[  331.021454][ T9323]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  331.027327][ T9323] RIP: 0033:0x7f396817e757
[  331.031717][ T9323] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[  331.051297][ T9323] RSP: 002b:00007f3968fba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[  331.059697][ T9323] RAX: 0000000000000013 RBX: 00007f3968335f80 RCX: 00007f396817e759
[  331.067641][ T9323] RDX: 000000000000004d RSI: 0000000020002980 RDI: 0000000000000003
[  331.075588][ T9323] RBP: 00007f3968fba090 R08: 0000000000000000 R09: 0000000000000000
[  331.083533][ T9323] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  331.091476][ T9323] R13: 0000000000000000 R14: 00007f3968335f80 R15: 00007ffcbd60abd8
[  331.099440][ T9323]  </TASK>
[  331.129498][    T8] usb 1-1: USB disconnect, device number 36
[  331.136440][ T9324] kvm: emulating exchange as write
[  331.213876][ T9329] SELinux:  policydb version 2094917270 does not match my version range 15-33
[  331.223043][ T9329] SELinux: failed to load policy
[  331.253749][ T9329] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  331.260873][ T9329] overlayfs: failed to set xattr on upper
[  331.266620][ T9329] overlayfs: ...falling back to redirect_dir=nofollow.
[  331.273527][ T9329] overlayfs: ...falling back to index=off.
[  331.279378][ T9329] overlayfs: ...falling back to uuid=null.
[  331.442092][ T5904] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  331.739426][ T5876] usb 4-1: USB disconnect, device number 33
[  331.770746][ T5904] usb 3-1: Using ep0 maxpacket: 16
[  331.796607][ T5904] usb 3-1: config 0 has no interfaces?
[  331.804817][ T5904] usb 3-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  331.815343][ T5904] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  331.834798][ T5904] usb 3-1: Product: syz
[  331.857882][ T5904] usb 3-1: Manufacturer: syz
[  331.862975][ T5904] usb 3-1: SerialNumber: syz
[  331.868798][ T9334] team0: No ports can be present during mode change
[  331.877170][ T5904] usb 3-1: config 0 descriptor??
[  332.073672][ T9337] netlink: 4 bytes leftover after parsing attributes in process `syz.0.915'.
[  332.311967][ T9337] bridge_slave_1: left allmulticast mode
[  332.317690][ T9337] bridge_slave_1: left promiscuous mode
[  333.011399][ T9337] bridge0: port 2(bridge_slave_1) entered disabled state
[  333.040234][ T5876] usb 3-1: USB disconnect, device number 31
[  333.062848][ T9349] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  333.099642][ T9337] bridge_slave_0: left allmulticast mode
[  333.105444][ T9337] bridge_slave_0: left promiscuous mode
[  333.112041][ T9337] bridge0: port 1(bridge_slave_0) entered disabled state
[  333.572872][   T29] kauditd_printk_skb: 14 callbacks suppressed
[  333.572889][   T29] audit: type=1400 audit(1731953656.448:2597): avc:  denied  { create } for  pid=9350 comm="syz.4.919" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  333.603394][   T29] audit: type=1400 audit(1731953656.448:2598): avc:  denied  { write } for  pid=9350 comm="syz.4.919" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  333.900286][   T29] audit: type=1400 audit(1731953656.778:2599): avc:  denied  { wake_alarm } for  pid=9358 comm="syz.3.921" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  334.061198][   T29] audit: type=1400 audit(1731953656.938:2600): avc:  denied  { create } for  pid=9363 comm="syz.2.923" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  334.080490][ T9366] FAULT_INJECTION: forcing a failure.
[  334.080490][ T9366] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  334.081089][    C0] vkms_vblank_simulate: vblank timer overrun
[  334.094148][ T9366] CPU: 1 UID: 0 PID: 9366 Comm: syz.4.924 Not tainted 6.12.0-syzkaller #0
[  334.108510][ T9366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  334.118550][ T9366] Call Trace:
[  334.121812][ T9366]  <TASK>
[  334.124727][ T9366]  dump_stack_lvl+0x16c/0x1f0
[  334.129406][ T9366]  should_fail_ex+0x497/0x5b0
[  334.134070][ T9366]  _copy_from_iter+0x2a1/0x1560
[  334.138913][ T9366]  ? __pfx__copy_from_iter+0x10/0x10
[  334.144198][ T9366]  ? __virt_addr_valid+0x1a4/0x590
[  334.149296][ T9366]  ? __virt_addr_valid+0x5e/0x590
[  334.154304][ T9366]  ? const_folio_flags.constprop.0+0x56/0x150
[  334.160355][ T9366]  ? __phys_addr_symbol+0x30/0x80
[  334.165365][ T9366]  ? __check_object_size+0x488/0x710
[  334.170636][ T9366]  netlink_sendmsg+0x813/0xd70
[  334.175388][ T9366]  ? __pfx_netlink_sendmsg+0x10/0x10
[  334.180663][ T9366]  ____sys_sendmsg+0xaaf/0xc90
[  334.185432][ T9366]  ? copy_msghdr_from_user+0x10b/0x160
[  334.190876][ T9366]  ? __pfx_____sys_sendmsg+0x10/0x10
[  334.196154][ T9366]  ? __pfx___lock_acquire+0x10/0x10
[  334.201338][ T9366]  ___sys_sendmsg+0x135/0x1e0
[  334.206002][ T9366]  ? __pfx____sys_sendmsg+0x10/0x10
[  334.211193][ T9366]  ? lock_acquire+0x2f/0xb0
[  334.215677][ T9366]  ? __fget_files+0x40/0x3f0
[  334.220262][ T9366]  ? fdget+0x176/0x210
[  334.224321][ T9366]  __sys_sendmsg+0x117/0x1f0
[  334.228899][ T9366]  ? __pfx___sys_sendmsg+0x10/0x10
[  334.233997][ T9366]  ? __fget_files+0x244/0x3f0
[  334.238674][ T9366]  do_syscall_64+0xcd/0x250
[  334.243179][ T9366]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  334.249071][ T9366] RIP: 0033:0x7f13c5b7e759
[  334.253484][ T9366] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  334.273087][ T9366] RSP: 002b:00007f13c68fe038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  334.281487][ T9366] RAX: ffffffffffffffda RBX: 00007f13c5d35f80 RCX: 00007f13c5b7e759
[  334.289443][ T9366] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[  334.297398][ T9366] RBP: 00007f13c68fe090 R08: 0000000000000000 R09: 0000000000000000
[  334.305352][ T9366] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  334.313305][ T9366] R13: 0000000000000000 R14: 00007f13c5d35f80 R15: 00007fff7da72538
[  334.321270][ T9366]  </TASK>
[  334.389141][ T5876] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[  334.521158][ T9372] team0: No ports can be present during mode change
[  334.569182][ T5876] usb 4-1: Using ep0 maxpacket: 16
[  334.702589][ T9376] binder: 9373:9376 ioctl 4018620d 0 returned -22
[  335.014724][ T9381] binder: 9377:9381 ioctl 4018620d 0 returned -22
[  335.161500][ T5876] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  335.253663][ T5876] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  335.380996][ T5876] usb 4-1: New USB device found, idVendor=046d, idProduct=08f0, bcdDevice=50.0d
[  335.390115][ T5876] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  335.398144][ T5876] usb 4-1: Product: syz
[  335.402473][ T5876] usb 4-1: Manufacturer: syz
[  335.407076][ T5876] usb 4-1: SerialNumber: syz
[  335.414322][ T5876] usb 4-1: config 0 descriptor??
[  335.492058][ T9387] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  335.569242][   T29] audit: type=1400 audit(1731953658.438:2601): avc:  denied  { mounton } for  pid=9363 comm="syz.2.923" path="/202/file0" dev="tmpfs" ino=1098 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  335.684212][ T9388] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  335.725776][ T9364] ieee802154 phy0 wpan0: encryption failed: -22
[  335.757259][ T9390] team0: No ports can be present during mode change
[  335.789422][   T29] audit: type=1400 audit(1731953658.478:2602): avc:  denied  { mount } for  pid=9363 comm="syz.2.923" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  335.950066][   T29] audit: type=1400 audit(1731953658.548:2603): avc:  denied  { read write } for  pid=9363 comm="syz.2.923" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  336.013496][   T29] audit: type=1400 audit(1731953658.548:2604): avc:  denied  { open } for  pid=9363 comm="syz.2.923" path="/202/file0" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  336.605445][   T29] audit: type=1400 audit(1731953658.588:2605): avc:  denied  { setattr } for  pid=9363 comm="syz.2.923" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  336.759289][   T29] audit: type=1400 audit(1731953658.598:2606): avc:  denied  { write } for  pid=9363 comm="syz.2.923" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  336.779094][    C0] vkms_vblank_simulate: vblank timer overrun
[  337.028481][ T5915] usb 4-1: USB disconnect, device number 34
[  337.279325][   T48] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[  337.287377][ T5874] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  337.449191][   T48] usb 1-1: Using ep0 maxpacket: 16
[  337.455988][ T9412] team0: No ports can be present during mode change
[  337.456453][   T48] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  337.478776][   T48] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  337.489995][   T48] usb 1-1: New USB device found, idVendor=046d, idProduct=08f0, bcdDevice=50.0d
[  337.503244][ T5874] usb 5-1: Using ep0 maxpacket: 8
[  337.512302][   T48] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  337.528544][   T48] usb 1-1: Product: syz
[  337.529044][ T5874] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  337.548025][   T48] usb 1-1: Manufacturer: syz
[  337.552691][ T5874] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  337.560710][   T48] usb 1-1: SerialNumber: syz
[  337.603340][   T48] usb 1-1: config 0 descriptor??
[  337.608377][ T5874] usb 5-1: Product: syz
[  337.612734][ T5874] usb 5-1: Manufacturer: syz
[  337.617468][ T5874] usb 5-1: SerialNumber: syz
[  337.639998][ T5874] usb 5-1: config 0 descriptor??
[  337.739201][    T8] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  337.860803][ T5874] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  337.903451][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  337.922029][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  337.938183][    T8] usb 3-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  337.952490][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  337.971555][    T8] usb 3-1: config 0 descriptor??
[  338.147254][ T5876] usb 1-1: USB disconnect, device number 37
[  338.386840][    T8] hid-steam 0003:28DE:1142.0014: unknown main item tag 0x0
[  338.423835][    T8] hid-steam 0003:28DE:1142.0014: unknown main item tag 0x0
[  338.439976][    T8] hid-steam 0003:28DE:1142.0014: unknown main item tag 0x0
[  338.451249][    T8] hid-steam 0003:28DE:1142.0014: unknown main item tag 0x0
[  338.458517][    T8] hid-steam 0003:28DE:1142.0014: unknown main item tag 0x0
[  338.483551][    T8] hid-steam 0003:28DE:1142.0014: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.2-1/input0
[  338.635351][   T29] kauditd_printk_skb: 13 callbacks suppressed
[  338.635366][   T29] audit: type=1326 audit(1731953661.508:2620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9427 comm="syz.3.944" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f34bb97e759 code=0x0
[  338.684760][ T9415] bridge0: port 2(bridge_slave_1) entered disabled state
[  338.734454][ T9415] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  338.749823][   T29] audit: type=1400 audit(1731953661.618:2621): avc:  denied  { write } for  pid=9427 comm="syz.3.944" name="ns" dev="proc" ino=25569 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  338.779383][ T9415] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  338.810563][ T5915] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[  338.818243][   T29] audit: type=1400 audit(1731953661.628:2622): avc:  denied  { add_name } for  pid=9427 comm="syz.3.944" name="cpuacct.usage_sys" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  338.853187][   T48] usb 3-1: USB disconnect, device number 32
[  338.885095][   T29] audit: type=1400 audit(1731953661.628:2623): avc:  denied  { create } for  pid=9427 comm="syz.3.944" name="cpuacct.usage_sys" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=file permissive=1
[  338.911348][   T29] audit: type=1400 audit(1731953661.628:2624): avc:  denied  { associate } for  pid=9427 comm="syz.3.944" name="cpuacct.usage_sys" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  338.934923][   T29] audit: type=1326 audit(1731953661.648:2625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9427 comm="syz.3.944" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f34bb97e759 code=0x0
[  339.149192][ T5915] usb 2-1: Using ep0 maxpacket: 16
[  339.160699][ T5915] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  339.171339][ T5915] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  339.291497][ T5915] usb 2-1: New USB device found, idVendor=046d, idProduct=08f0, bcdDevice=50.0d
[  339.578235][ T5874] dvb_usb_rtl28xxu 5-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  339.599194][ T5915] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  339.621232][ T5874] usb 5-1: USB disconnect, device number 22
[  339.628462][ T5915] usb 2-1: Product: syz
[  339.633662][ T5915] usb 2-1: Manufacturer: syz
[  339.638265][ T5915] usb 2-1: SerialNumber: syz
[  339.652764][ T5915] usb 2-1: config 0 descriptor??
[  339.962931][ T9443] FAULT_INJECTION: forcing a failure.
[  339.962931][ T9443] name fail_futex, interval 1, probability 0, space 0, times 0
[  339.975776][ T9443] CPU: 1 UID: 0 PID: 9443 Comm: syz.2.946 Not tainted 6.12.0-syzkaller #0
[  339.984274][ T9443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  339.994321][ T9443] Call Trace:
[  339.997595][ T9443]  <TASK>
[  340.000523][ T9443]  dump_stack_lvl+0x16c/0x1f0
[  340.005203][ T9443]  should_fail_ex+0x497/0x5b0
[  340.009888][ T9443]  get_futex_key+0x48d/0x10a0
[  340.014565][ T9443]  ? hlock_class+0x4e/0x130
[  340.019070][ T9443]  ? __lock_acquire+0x163e/0x3ce0
[  340.024087][ T9443]  ? __pfx_get_futex_key+0x10/0x10
[  340.029204][ T9443]  futex_wake+0xe8/0x4e0
[  340.033452][ T9443]  ? exit_mm_release+0x19/0x30
[  340.038218][ T9443]  ? __pfx_futex_wake+0x10/0x10
[  340.043075][ T9443]  ? find_held_lock+0x2d/0x110
[  340.047846][ T9443]  do_futex+0x1e5/0x350
[  340.052004][ T9443]  ? __pfx_do_futex+0x10/0x10
[  340.056681][ T9443]  ? __might_fault+0xe3/0x190
[  340.061361][ T9443]  ? __might_fault+0xe3/0x190
[  340.066044][ T9443]  mm_release+0x24e/0x300
[  340.070372][ T9443]  do_exit+0x88b/0x2d70
[  340.074531][ T9443]  ? get_signal+0x8f2/0x2770
[  340.079119][ T9443]  ? __pfx_do_exit+0x10/0x10
[  340.083708][ T9443]  ? do_raw_spin_lock+0x12d/0x2c0
[  340.088731][ T9443]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  340.094104][ T9443]  do_group_exit+0xd3/0x2a0
[  340.098610][ T9443]  get_signal+0x25fb/0x2770
[  340.103115][ T9443]  ? __schedule+0xe5d/0x5740
[  340.107713][ T9443]  ? __pfx_get_signal+0x10/0x10
[  340.112573][ T9443]  arch_do_signal_or_restart+0x90/0x7e0
[  340.118139][ T9443]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  340.124320][ T9443]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  340.129874][ T9443]  syscall_exit_to_user_mode+0x150/0x2a0
[  340.135517][ T9443]  do_syscall_64+0xda/0x250
[  340.140034][ T9443]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  340.145944][ T9443] RIP: 0033:0x7f396817e759
[  340.150357][ T9443] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  340.169954][ T9443] RSP: 002b:00007f3968f78038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  340.178365][ T9443] RAX: fffffffffffffe00 RBX: 00007f3968336130 RCX: 00007f396817e759
[  340.186319][ T9443] RDX: 0000000000000001 RSI: 00000000200002c0 RDI: 0000000000000007
[  340.194286][ T9443] RBP: 00007f3968f78090 R08: 0000000000000000 R09: 0000000000000000
[  340.202246][ T9443] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  340.210204][ T9443] R13: 0000000000000000 R14: 00007f3968336130 R15: 00007ffcbd60abd8
[  340.218178][ T9443]  </TASK>
[  340.532431][ T9451] syz.0.948[9451] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  340.532507][ T9451] syz.0.948[9451] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  340.543910][ T9451] syz.0.948[9451] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  340.659170][    T8] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  340.899252][    T8] usb 3-1: Using ep0 maxpacket: 16
[  340.909174][    T8] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  341.561787][    T8] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  341.573319][    T8] usb 3-1: New USB device found, idVendor=046d, idProduct=08f0, bcdDevice=50.0d
[  341.605283][   T29] audit: type=1400 audit(1731953664.478:2626): avc:  denied  { bind } for  pid=9424 comm="syz.1.943" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  341.619324][ T5876] usb 2-1: USB disconnect, device number 44
[  341.624598][   T29] audit: type=1400 audit(1731953664.478:2627): avc:  denied  { setopt } for  pid=9424 comm="syz.1.943" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  341.659332][    T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  341.667357][    T8] usb 3-1: Product: syz
[  341.671698][    T8] usb 3-1: Manufacturer: syz
[  341.676282][    T8] usb 3-1: SerialNumber: syz
[  341.706003][    T8] usb 3-1: config 0 descriptor??
[  341.868764][ T9461] team0: No ports can be present during mode change
[  342.279234][ T5915] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[  342.597742][ T9470] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  342.768128][ T9473] netlink: 830 bytes leftover after parsing attributes in process `syz.3.954'.
[  342.789197][ T5915] usb 1-1: Using ep0 maxpacket: 8
[  342.795595][ T5915] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  342.804632][   T29] audit: type=1400 audit(1731953665.678:2628): avc:  denied  { sys_module } for  pid=9472 comm="syz.3.954" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  342.830548][ T5915] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  342.841572][ T5915] usb 1-1: New USB device found, idVendor=046d, idProduct=c24f, bcdDevice= 0.00
[  342.853098][ T5915] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  342.878250][ T5915] usb 1-1: config 0 descriptor??
[  343.129167][   T29] audit: type=1400 audit(1731953665.728:2629): avc:  denied  { write } for  pid=5183 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  344.668496][   T29] audit: type=1400 audit(1731953665.728:2630): avc:  denied  { remove_name } for  pid=5183 comm="syslogd" name="messages" dev="tmpfs" ino=9 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  344.694657][   T29] audit: type=1400 audit(1731953665.728:2631): avc:  denied  { rename } for  pid=5183 comm="syslogd" name="messages" dev="tmpfs" ino=9 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  344.717125][   T29] audit: type=1400 audit(1731953665.728:2632): avc:  denied  { add_name } for  pid=5183 comm="syslogd" name="messages.0" dev="tmpfs" ino=8 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  344.739829][   T29] audit: type=1400 audit(1731953665.728:2633): avc:  denied  { unlink } for  pid=5183 comm="syslogd" name="messages.0" dev="tmpfs" ino=8 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  344.762487][   T29] audit: type=1400 audit(1731953665.728:2634): avc:  denied  { create } for  pid=5183 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  344.783539][   T29] audit: type=1400 audit(1731953666.148:2635): avc:  denied  { create } for  pid=9477 comm="syz.4.955" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  344.803190][   T29] audit: type=1400 audit(1731953666.148:2636): avc:  denied  { setopt } for  pid=9477 comm="syz.4.955" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  344.811547][ T5876] usb 3-1: USB disconnect, device number 33
[  344.822887][   T29] audit: type=1400 audit(1731953666.148:2637): avc:  denied  { bind } for  pid=9477 comm="syz.4.955" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  344.848334][   T29] audit: type=1400 audit(1731953666.148:2638): avc:  denied  { listen } for  pid=9477 comm="syz.4.955" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  344.868144][   T29] audit: type=1400 audit(1731953666.158:2639): avc:  denied  { connect } for  pid=9477 comm="syz.4.955" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  344.881037][ T9466] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  344.891170][ T5915] logitech 0003:046D:C24F.0015: hidraw0: USB HID v0.00 Device [HID 046d:c24f] on usb-dummy_hcd.0-1/input0
[  344.907510][ T5915] logitech 0003:046D:C24F.0015: no inputs found
[  345.057976][ T9466] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  345.071028][ T9487] FAULT_INJECTION: forcing a failure.
[  345.071028][ T9487] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  345.099238][ T9487] CPU: 1 UID: 0 PID: 9487 Comm: syz.4.957 Not tainted 6.12.0-syzkaller #0
[  345.107757][ T9487] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  345.117811][ T9487] Call Trace:
[  345.121094][ T9487]  <TASK>
[  345.124026][ T9487]  dump_stack_lvl+0x16c/0x1f0
[  345.128715][ T9487]  should_fail_ex+0x497/0x5b0
[  345.133405][ T9487]  _copy_from_iter+0x2a1/0x1560
[  345.138267][ T9487]  ? __pfx__copy_from_iter+0x10/0x10
[  345.143560][ T9487]  ? __virt_addr_valid+0x1a4/0x590
[  345.148683][ T9487]  ? __virt_addr_valid+0x5e/0x590
[  345.153716][ T9487]  ? __phys_addr_symbol+0x30/0x80
[  345.158748][ T9487]  ? __check_object_size+0x488/0x710
[  345.164042][ T9487]  netlink_sendmsg+0x813/0xd70
[  345.168818][ T9487]  ? __pfx_netlink_sendmsg+0x10/0x10
[  345.174121][ T9487]  ____sys_sendmsg+0xaaf/0xc90
[  345.178885][ T9487]  ? copy_msghdr_from_user+0x10b/0x160
[  345.184324][ T9487]  ? __pfx_____sys_sendmsg+0x10/0x10
[  345.189604][ T9487]  ? __pfx___lock_acquire+0x10/0x10
[  345.194786][ T9487]  ___sys_sendmsg+0x135/0x1e0
[  345.199454][ T9487]  ? __pfx____sys_sendmsg+0x10/0x10
[  345.204669][ T9487]  ? lock_acquire+0x2f/0xb0
[  345.209157][ T9487]  ? __fget_files+0x40/0x3f0
[  345.213748][ T9487]  ? fdget+0x176/0x210
[  345.217800][ T9487]  __sys_sendmsg+0x117/0x1f0
[  345.222377][ T9487]  ? __pfx___sys_sendmsg+0x10/0x10
[  345.227469][ T9487]  ? __fget_files+0x244/0x3f0
[  345.232134][ T9487]  do_syscall_64+0xcd/0x250
[  345.236614][ T9487]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  345.242498][ T9487] RIP: 0033:0x7f13c5b7e759
[  345.246912][ T9487] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  345.266496][ T9487] RSP: 002b:00007f13c68fe038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  345.274894][ T9487] RAX: ffffffffffffffda RBX: 00007f13c5d35f80 RCX: 00007f13c5b7e759
[  345.282843][ T9487] RDX: 0000000000000000 RSI: 0000000020000600 RDI: 0000000000000007
[  345.290892][ T9487] RBP: 00007f13c68fe090 R08: 0000000000000000 R09: 0000000000000000
[  345.298843][ T9487] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  345.306804][ T9487] R13: 0000000000000000 R14: 00007f13c5d35f80 R15: 00007fff7da72538
[  345.314758][ T9487]  </TASK>
[  345.328851][ T9472] [U] vÔ3
[  345.341107][ T9486] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  345.370626][ T9466] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  345.394358][ T9466] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  345.930469][ T9466] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  345.940958][ T9466] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  346.797086][ T9512] SELinux:  Context } is not valid (left unmapped).
[  347.319102][   T48] usb 1-1: USB disconnect, device number 38
[  347.707453][ T9517] team0: No ports can be present during mode change
[  347.722240][ T9509] netlink: 'syz.3.962': attribute type 10 has an invalid length.
[  347.736121][ T9509] bond0: (slave wlan1): Opening slave failed
[  348.699537][ T9520] fuse: Bad value for 'fd'
[  348.725163][ T9531] FAULT_INJECTION: forcing a failure.
[  348.725163][ T9531] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  348.811078][ T9531] CPU: 0 UID: 0 PID: 9531 Comm: syz.0.966 Not tainted 6.12.0-syzkaller #0
[  348.819610][ T9531] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  348.829667][ T9531] Call Trace:
[  348.832943][ T9531]  <TASK>
[  348.835873][ T9531]  dump_stack_lvl+0x16c/0x1f0
[  348.840554][ T9531]  should_fail_ex+0x497/0x5b0
[  348.845238][ T9531]  _copy_from_iter+0x2a1/0x1560
[  348.850098][ T9531]  ? __pfx__copy_from_iter+0x10/0x10
[  348.855398][ T9531]  ? __virt_addr_valid+0x1a4/0x590
[  348.860517][ T9531]  ? __virt_addr_valid+0x5e/0x590
[  348.865542][ T9531]  ? const_folio_flags.constprop.0+0x56/0x150
[  348.871611][ T9531]  ? __phys_addr_symbol+0x30/0x80
[  348.876638][ T9531]  ? __check_object_size+0x488/0x710
[  348.881931][ T9531]  sk_msg_memcopy_from_iter+0x3f1/0x560
[  348.887491][ T9531]  tcp_bpf_sendmsg+0x6eb/0x1ba0
[  348.892351][ T9531]  ? hlock_class+0x4e/0x130
[  348.896868][ T9531]  ? __pfx_tcp_bpf_sendmsg+0x10/0x10
[  348.902156][ T9531]  ? hlock_class+0x4e/0x130
[  348.906721][ T9531]  ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10
[  348.913487][ T9531]  ? import_ubuf+0x1b6/0x220
[  348.918090][ T9531]  ? __pfx_tcp_bpf_sendmsg+0x10/0x10
[  348.923385][ T9531]  inet6_sendmsg+0x119/0x140
[  348.927980][ T9531]  ____sys_sendmsg+0x68c/0xc90
[  348.932758][ T9531]  ? copy_msghdr_from_user+0x10b/0x160
[  348.938222][ T9531]  ? __pfx_____sys_sendmsg+0x10/0x10
[  348.943503][ T9531]  ? __pfx___lock_acquire+0x10/0x10
[  348.948688][ T9531]  ___sys_sendmsg+0x135/0x1e0
[  348.953351][ T9531]  ? __pfx____sys_sendmsg+0x10/0x10
[  348.958542][ T9531]  ? lock_acquire+0x2f/0xb0
[  348.963025][ T9531]  ? __fget_files+0x40/0x3f0
[  348.967611][ T9531]  ? fdget+0x176/0x210
[  348.971670][ T9531]  __sys_sendmsg+0x117/0x1f0
[  348.976246][ T9531]  ? __pfx___sys_sendmsg+0x10/0x10
[  348.981341][ T9531]  ? __fget_files+0x244/0x3f0
[  348.986019][ T9531]  do_syscall_64+0xcd/0x250
[  348.990507][ T9531]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  348.996390][ T9531] RIP: 0033:0x7fb441b7e759
[  349.000789][ T9531] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  349.020380][ T9531] RSP: 002b:00007fb44291b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  349.028785][ T9531] RAX: ffffffffffffffda RBX: 00007fb441d35f80 RCX: 00007fb441b7e759
[  349.036753][ T9531] RDX: 0000000000000000 RSI: 0000000020001100 RDI: 0000000000000003
[  349.044709][ T9531] RBP: 00007fb44291b090 R08: 0000000000000000 R09: 0000000000000000
[  349.052660][ T9531] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  349.060613][ T9531] R13: 0000000000000000 R14: 00007fb441d35f80 R15: 00007fffbbedd1b8
[  349.068577][ T9531]  </TASK>
[  349.077981][ T9508] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  349.859142][ T5915] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  349.939218][   T48] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[  349.959225][ T5874] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[  350.029251][ T5915] usb 3-1: Using ep0 maxpacket: 32
[  350.039395][ T5915] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  350.054462][ T5915] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  350.064732][ T5915] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  350.078881][ T5915] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  350.094606][   T48] usb 1-1: config 0 has too many interfaces: 254, using maximum allowed: 32
[  350.112899][   T48] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  350.129227][ T5874] usb 2-1: Using ep0 maxpacket: 16
[  350.145015][ T5874] usb 2-1: New USB device found, idVendor=0c70, idProduct=f0b6, bcdDevice= 0.00
[  350.158369][ T5915] usb 3-1: config 0 descriptor??
[  350.163554][   T48] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 254
[  350.187849][ T5874] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  350.198556][ T5915] hub 3-1:0.0: USB hub found
[  350.203566][   T48] usb 1-1: config 0 has no interface number 0
[  350.215667][   T48] usb 1-1: New USB device found, idVendor=0cf3, idProduct=1002, bcdDevice=4f.2c
[  350.225299][   T48] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  350.234162][ T5874] usb 2-1: config 0 descriptor??
[  350.252406][   T48] usb 1-1: config 0 descriptor??
[  350.266860][   T29] kauditd_printk_skb: 16 callbacks suppressed
[  350.266873][   T29] audit: type=1400 audit(1731953673.138:2654): avc:  denied  { bind } for  pid=9549 comm="syz.3.973" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  350.296435][   T29] audit: type=1400 audit(1731953673.168:2655): avc:  denied  { listen } for  pid=9549 comm="syz.3.973" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  350.389202][   T48] usb 1-1: reset high-speed USB device number 39 using dummy_hcd
[  350.414267][   T29] audit: type=1400 audit(1731953673.288:2656): avc:  denied  { map } for  pid=9541 comm="syz.2.970" path="/dev/dri/card1" dev="devtmpfs" ino=628 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  350.492864][ T5915] hub 3-1:0.0: 1 port detected
[  350.656009][ T5874] aquacomputer_d5next 0003:0C70:F0B6.0016: hidraw0: USB HID v0.00 Device [HID 0c70:f0b6] on usb-dummy_hcd.1-1/input0
[  351.272263][   T48] usb 1-1: USB disconnect, device number 39
[  351.291214][    T8] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  351.437458][ T9552] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  351.448356][ T9552] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  351.468898][   T29] audit: type=1400 audit(1731953674.338:2657): avc:  denied  { bind } for  pid=9541 comm="syz.2.970" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  351.496451][    T8] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  351.522065][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  351.534479][    T8] usb 5-1: config 0 descriptor??
[  352.081487][ T5876] usb 2-1: USB disconnect, device number 45
[  352.115976][    T8] [drm] vendor descriptor length:e0 data:00 00 00 00 00 00 00 00 00 00 00
[  352.138873][    T8] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[  352.149020][    T8] [drm:udl_init] *ERROR* Selecting channel failed
[  352.164293][    T8] [drm] Initialized udl 0.0.1 for 5-1:0.0 on minor 2
[  352.175090][    T8] [drm] Initialized udl on minor 2
[  352.183675][    T8] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  352.203509][    T8] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[  352.282993][   T29] audit: type=1400 audit(1731953675.158:2658): avc:  denied  { remount } for  pid=9564 comm="syz.3.977" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  352.312735][  T965] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  352.323946][  T965] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[  352.338157][    T8] usb 5-1: USB disconnect, device number 23
[  352.406241][ T9568] netlink: 8 bytes leftover after parsing attributes in process `syz.0.978'.
[  352.419269][ T9568] netlink: 4 bytes leftover after parsing attributes in process `syz.0.978'.
[  352.454813][   T29] audit: type=1400 audit(1731953675.318:2659): avc:  denied  { read } for  pid=9561 comm="syz.1.976" name="ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  352.477836][   T29] audit: type=1400 audit(1731953675.318:2660): avc:  denied  { open } for  pid=9561 comm="syz.1.976" path="/dev/ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  352.530535][ T9570] netlink: 8 bytes leftover after parsing attributes in process `syz.3.979'.
[  352.556617][ T9570] netlink: 'syz.3.979': attribute type 11 has an invalid length.
[  352.560193][ T5915] hub 3-1:0.0: hub_ext_port_status failed (err = -32)
[  352.691249][   T29] audit: type=1326 audit(1731953675.568:2661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9577 comm="syz.2.982" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f396817e759 code=0x0
[  352.714028][    C1] vkms_vblank_simulate: vblank timer overrun
[  352.737464][   T48] usb 3-1: USB disconnect, device number 34
[  352.850680][   T29] audit: type=1400 audit(1731953675.728:2662): avc:  denied  { read } for  pid=9581 comm="syz.4.983" path="socket:[26305]" dev="sockfs" ino=26305 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  352.947313][   T29] audit: type=1400 audit(1731953675.818:2663): avc:  denied  { append } for  pid=9588 comm="syz.0.985" name="binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  353.829176][    T8] usb 1-1: new low-speed USB device number 40 using dummy_hcd
[  353.990739][    T8] usb 1-1: No LPM exit latency info found, disabling LPM.
[  353.998936][    T8] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  354.022421][    T8] usb 1-1: string descriptor 0 read error: -22
[  354.028780][    T8] usb 1-1: New USB device found, idVendor=6666, idProduct=8801, bcdDevice= 0.40
[  354.042350][    T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  354.064733][    T8] usbhid 1-1:1.0: couldn't find an input interrupt endpoint
[  354.123462][ T9609] usb usb8: usbfs: process 9609 (syz.2.991) did not claim interface 31 before use
[  354.299056][ T5915] usb 1-1: USB disconnect, device number 40
[  354.438168][ T9617] FAULT_INJECTION: forcing a failure.
[  354.438168][ T9617] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  354.452072][ T9617] CPU: 1 UID: 0 PID: 9617 Comm: syz.2.993 Not tainted 6.12.0-syzkaller #0
[  354.460576][ T9617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  354.470617][ T9617] Call Trace:
[  354.473882][ T9617]  <TASK>
[  354.476792][ T9617]  dump_stack_lvl+0x16c/0x1f0
[  354.481467][ T9617]  should_fail_ex+0x497/0x5b0
[  354.486132][ T9617]  _copy_from_iter+0x2a1/0x1560
[  354.490977][ T9617]  ? __pfx__copy_from_iter+0x10/0x10
[  354.496259][ T9617]  ? __virt_addr_valid+0x1a4/0x590
[  354.501349][ T9617]  ? __virt_addr_valid+0x5e/0x590
[  354.506349][ T9617]  ? __phys_addr_symbol+0x30/0x80
[  354.511357][ T9617]  ? __check_object_size+0x488/0x710
[  354.516638][ T9617]  netlink_sendmsg+0x813/0xd70
[  354.521380][ T9617]  ? __pfx_netlink_sendmsg+0x10/0x10
[  354.526644][ T9617]  ____sys_sendmsg+0xaaf/0xc90
[  354.531395][ T9617]  ? copy_msghdr_from_user+0x10b/0x160
[  354.536849][ T9617]  ? __pfx_____sys_sendmsg+0x10/0x10
[  354.542118][ T9617]  ? __pfx___lock_acquire+0x10/0x10
[  354.547292][ T9617]  ___sys_sendmsg+0x135/0x1e0
[  354.551956][ T9617]  ? __pfx____sys_sendmsg+0x10/0x10
[  354.557154][ T9617]  ? lock_acquire+0x2f/0xb0
[  354.561633][ T9617]  ? __fget_files+0x40/0x3f0
[  354.566212][ T9617]  ? fdget+0x176/0x210
[  354.570271][ T9617]  __sys_sendmsg+0x117/0x1f0
[  354.574855][ T9617]  ? __pfx___sys_sendmsg+0x10/0x10
[  354.579954][ T9617]  ? __fget_files+0x244/0x3f0
[  354.584616][ T9617]  do_syscall_64+0xcd/0x250
[  354.589104][ T9617]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  354.595007][ T9617] RIP: 0033:0x7f396817e759
[  354.599414][ T9617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  354.619015][ T9617] RSP: 002b:00007f3968fba038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  354.627405][ T9617] RAX: ffffffffffffffda RBX: 00007f3968335f80 RCX: 00007f396817e759
[  354.635352][ T9617] RDX: 000000000000c8c0 RSI: 0000000020000100 RDI: 0000000000000003
[  354.643302][ T9617] RBP: 00007f3968fba090 R08: 0000000000000000 R09: 0000000000000000
[  354.651257][ T9617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  354.659218][ T9617] R13: 0000000000000000 R14: 00007f3968335f80 R15: 00007ffcbd60abd8
[  354.667183][ T9617]  </TASK>
[  354.670277][    C1] vkms_vblank_simulate: vblank timer overrun
[  354.699920][ T9619] netlink: 4096 bytes leftover after parsing attributes in process `syz.2.994'.
[  355.034791][    T8] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[  356.929014][    T8] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  356.938387][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  358.065077][ T9641] binder: 9638:9641 ioctl 4018620d 0 returned -22
[  358.158799][    T8] usb 3-1: config 0 descriptor??
[  358.359002][    T8] usb 3-1: can't set config #0, error -71
[  358.370166][    T8] usb 3-1: USB disconnect, device number 35
[  358.380437][ T9629] binder: 9625:9629 ioctl 4018620d 0 returned -22
[  358.424024][ T5915] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[  358.538084][ T9643] team0: No ports can be present during mode change
[  358.580473][ T5915] usb 2-1: config 0 has too many interfaces: 254, using maximum allowed: 32
[  358.591363][ T5915] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  358.626888][ T5915] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 254
[  358.635983][ T5915] usb 2-1: config 0 has no interface number 0
[  358.642086][ T5915] usb 2-1: New USB device found, idVendor=0cf3, idProduct=1002, bcdDevice=4f.2c
[  358.651145][ T5915] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  358.820611][ T5915] usb 2-1: config 0 descriptor??
[  359.820819][ T9654] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  359.833944][ T9654] team0: No ports can be present during mode change
[  359.864302][ T9658] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  359.919887][    T8] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  359.948837][ T5915] usb 2-1: reset high-speed USB device number 46 using dummy_hcd
[  360.240203][   T29] kauditd_printk_skb: 3 callbacks suppressed
[  360.240217][   T29] audit: type=1400 audit(1731953683.108:2667): avc:  denied  { mount } for  pid=9663 comm="syz.3.1007" name="/" dev="hugetlbfs" ino=26496 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  361.062350][    T8] usb 3-1: config 0 has too many interfaces: 254, using maximum allowed: 32
[  361.079353][    T8] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  361.236577][ T9673] binder: 9671:9673 ioctl 4018620d 0 returned -22
[  361.287478][ T5915] usb 2-1: USB disconnect, device number 46
[  361.482626][    T8] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 254
[  361.519177][    T8] usb 3-1: config 0 has no interface number 0
[  361.529339][    T8] usb 3-1: New USB device found, idVendor=0cf3, idProduct=1002, bcdDevice=4f.2c
[  361.538348][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  361.557685][    T8] usb 3-1: config 0 descriptor??
[  361.564410][    T8] usb 3-1: can't set config #0, error -71
[  361.574376][   T29] audit: type=1400 audit(1731953684.448:2668): avc:  denied  { unmount } for  pid=5824 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  361.599687][    T8] usb 3-1: USB disconnect, device number 36
[  363.055535][ T9684] SELinux:  policydb version 64170390 does not match my version range 15-33
[  363.064323][ T9684] SELinux: failed to load policy
[  363.410438][ T9684] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  363.417405][ T9684] overlayfs: failed to set xattr on upper
[  363.423218][ T9684] overlayfs: ...falling back to redirect_dir=nofollow.
[  363.430105][ T9684] overlayfs: ...falling back to index=off.
[  363.435900][ T9684] overlayfs: ...falling back to uuid=null.
[  364.679136][ T5876] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  364.752204][    T8] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[  364.891254][ T5876] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  364.901734][ T5876] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  364.911286][ T5876] usb 5-1: config 0 descriptor??
[  364.966794][    T8] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  365.058337][ T9705] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9705 comm=syz.3.1017
[  365.142288][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  365.168833][ T5876] [drm] vendor descriptor length:e0 data:00 00 00 00 00 00 00 00 00 00 00
[  365.270624][ T5876] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[  365.324433][    T8] usb 3-1: config 0 descriptor??
[  365.440038][ T5876] [drm:udl_init] *ERROR* Selecting channel failed
[  365.495647][ T5876] [drm] Initialized udl 0.0.1 for 5-1:0.0 on minor 2
[  365.502621][ T5876] [drm] Initialized udl on minor 2
[  365.510345][ T5876] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  365.520367][ T5876] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[  365.528840][  T965] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  365.536853][  T965] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[  365.549170][ T5876] usb 5-1: USB disconnect, device number 24
[  365.618982][    T8] [drm] vendor descriptor length:e0 data:00 00 00 00 00 00 00 00 00 00 00
[  365.676507][    T8] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[  365.706326][    T8] [drm:udl_init] *ERROR* Selecting channel failed
[  365.760516][    T8] [drm] Initialized udl 0.0.1 for 3-1:0.0 on minor 3
[  365.767220][    T8] [drm] Initialized udl on minor 3
[  365.789838][    T8] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  365.798974][    T8] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[  365.813726][ T5876] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  365.826282][    T8] usb 3-1: USB disconnect, device number 37
[  365.835061][ T5876] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[  367.354525][ T9722] FAULT_INJECTION: forcing a failure.
[  367.354525][ T9722] name failslab, interval 1, probability 0, space 0, times 0
[  367.383333][ T9722] CPU: 0 UID: 0 PID: 9722 Comm: syz.4.1021 Not tainted 6.12.0-syzkaller #0
[  367.391939][ T9722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  367.401969][ T9722] Call Trace:
[  367.405223][ T9722]  <TASK>
[  367.408128][ T9722]  dump_stack_lvl+0x16c/0x1f0
[  367.412784][ T9722]  should_fail_ex+0x497/0x5b0
[  367.417435][ T9722]  ? fs_reclaim_acquire+0xae/0x150
[  367.422533][ T9722]  should_failslab+0xc2/0x120
[  367.427185][ T9722]  __kmalloc_noprof+0xcb/0x400
[  367.431923][ T9722]  ? __might_fault+0xe3/0x190
[  367.436589][ T9722]  sk_prot_alloc+0x1a8/0x2a0
[  367.441158][ T9722]  sk_alloc+0x36/0xb90
[  367.445211][ T9722]  bpf_prog_test_run_skb+0x32b/0x20f0
[  367.450561][ T9722]  ? lock_acquire+0x2f/0xb0
[  367.455045][ T9722]  ? __fget_files+0x40/0x3f0
[  367.459616][ T9722]  ? __fget_files+0x244/0x3f0
[  367.464269][ T9722]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  367.470064][ T9722]  ? fput+0x30/0x390
[  367.473935][ T9722]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  367.479731][ T9722]  __sys_bpf+0xfc6/0x49a0
[  367.484063][ T9722]  ? ksys_write+0x21e/0x260
[  367.488568][ T9722]  ? reacquire_held_locks+0x470/0x4c0
[  367.493943][ T9722]  ? __pfx___sys_bpf+0x10/0x10
[  367.498711][ T9722]  ? vfs_write+0x306/0x1150
[  367.503260][ T9722]  ? __mutex_unlock_slowpath+0x164/0x650
[  367.508910][ T9722]  ? fput+0x30/0x390
[  367.512810][ T9722]  ? ksys_write+0x1ad/0x260
[  367.517312][ T9722]  ? __pfx_ksys_write+0x10/0x10
[  367.522167][ T9722]  __x64_sys_bpf+0x78/0xc0
[  367.526588][ T9722]  ? lockdep_hardirqs_on+0x7c/0x110
[  367.531795][ T9722]  do_syscall_64+0xcd/0x250
[  367.536301][ T9722]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.542203][ T9722] RIP: 0033:0x7f13c5b7e759
[  367.546620][ T9722] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  367.566228][ T9722] RSP: 002b:00007f13c68fe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  367.574645][ T9722] RAX: ffffffffffffffda RBX: 00007f13c5d35f80 RCX: 00007f13c5b7e759
[  367.582618][ T9722] RDX: 0000000000000050 RSI: 0000000020000380 RDI: 000000000000000a
[  367.590593][ T9722] RBP: 00007f13c68fe090 R08: 0000000000000000 R09: 0000000000000000
[  367.598568][ T9722] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  367.606549][ T9722] R13: 0000000000000000 R14: 00007f13c5d35f80 R15: 00007fff7da72538
[  367.614559][ T9722]  </TASK>
[  368.013274][ T9730] binder: 9725:9730 ioctl 4018620d 0 returned -22
[  368.305338][   T29] audit: type=1400 audit(1731953691.178:2669): avc:  denied  { bind } for  pid=9735 comm="syz.3.1026" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  368.359165][   T29] audit: type=1400 audit(1731953691.208:2670): avc:  denied  { setopt } for  pid=9735 comm="syz.3.1026" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  368.401846][   T29] audit: type=1400 audit(1731953691.278:2671): avc:  denied  { write } for  pid=9735 comm="syz.3.1026" path="socket:[27410]" dev="sockfs" ino=27410 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  368.675038][ T9747] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.1029'.
[  368.751116][ T9751] FAULT_INJECTION: forcing a failure.
[  368.751116][ T9751] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  368.765776][ T9751] CPU: 0 UID: 0 PID: 9751 Comm: syz.0.1030 Not tainted 6.12.0-syzkaller #0
[  368.774368][ T9751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  368.784426][ T9751] Call Trace:
[  368.787707][ T9751]  <TASK>
[  368.790642][ T9751]  dump_stack_lvl+0x16c/0x1f0
[  368.795318][ T9751]  should_fail_ex+0x497/0x5b0
[  368.799976][ T9751]  _copy_to_user+0x32/0xd0
[  368.804380][ T9751]  simple_read_from_buffer+0xd0/0x160
[  368.809731][ T9751]  proc_fail_nth_read+0x198/0x270
[  368.814732][ T9751]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  368.820261][ T9751]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  368.825796][ T9751]  vfs_read+0x1df/0xbe0
[  368.829946][ T9751]  ? __fget_files+0x23a/0x3f0
[  368.834611][ T9751]  ? fdget_pos+0x24c/0x360
[  368.839007][ T9751]  ? __pfx_lock_release+0x10/0x10
[  368.844013][ T9751]  ? trace_lock_acquire+0x14a/0x1d0
[  368.849197][ T9751]  ? __pfx_vfs_read+0x10/0x10
[  368.853860][ T9751]  ? __pfx___mutex_lock+0x10/0x10
[  368.858871][ T9751]  ? __fget_files+0x244/0x3f0
[  368.863542][ T9751]  ksys_read+0x12f/0x260
[  368.867785][ T9751]  ? __pfx_ksys_read+0x10/0x10
[  368.872550][ T9751]  do_syscall_64+0xcd/0x250
[  368.877054][ T9751]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  368.882936][ T9751] RIP: 0033:0x7fb441b7d19c
[  368.887336][ T9751] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  368.906927][ T9751] RSP: 002b:00007fb44291b030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  368.915323][ T9751] RAX: ffffffffffffffda RBX: 00007fb441d35f80 RCX: 00007fb441b7d19c
[  368.923279][ T9751] RDX: 000000000000000f RSI: 00007fb44291b0a0 RDI: 0000000000000004
[  368.931238][ T9751] RBP: 00007fb44291b090 R08: 0000000000000000 R09: 0000000000000000
[  368.939193][ T9751] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  368.947148][ T9751] R13: 0000000000000000 R14: 00007fb441d35f80 R15: 00007fffbbedd1b8
[  368.955110][ T9751]  </TASK>
[  368.958235][ T5915] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[  369.127697][ T9753] team0: No ports can be present during mode change
[  369.179404][   T48] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[  369.199119][ T5915] usb 2-1: Using ep0 maxpacket: 8
[  369.205480][ T5915] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  369.220803][ T5915] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  369.233608][ T5915] usb 2-1: New USB device found, idVendor=046d, idProduct=c24f, bcdDevice= 0.00
[  369.317193][ T9758] netlink: 830 bytes leftover after parsing attributes in process `syz.0.1033'.
[  369.364275][ T5915] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  369.373650][ T5915] usb 2-1: config 0 descriptor??
[  370.039261][   T48] usb 4-1: config 0 has an invalid descriptor of length 110, skipping remainder of the config
[  370.050268][   T48] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  370.162652][ T9762] syz.0.1033: attempt to access beyond end of device
[  370.162652][ T9762] nbd0: rw=0, sector=2, nr_sectors = 2 limit=0
[  370.195219][ T9762] vxfs: unable to read disk superblock at 1
[  370.222939][ T9762] syz.0.1033: attempt to access beyond end of device
[  370.222939][ T9762] nbd0: rw=0, sector=16, nr_sectors = 2 limit=0
[  370.244307][ T9762] vxfs: unable to read disk superblock at 8
[  370.244906][   T48] usb 4-1: New USB device found, idVendor=3b12, idProduct=01f5, bcdDevice=ef.7b
[  370.265308][ T9762] vxfs: can't find superblock.
[  370.268623][ T5915] logitech 0003:046D:C24F.0017: hidraw0: USB HID v0.00 Device [HID 046d:c24f] on usb-dummy_hcd.1-1/input0
[  370.281616][   T29] audit: type=1400 audit(1731953693.148:2672): avc:  denied  { read write } for  pid=9763 comm="syz.2.1034" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  370.307662][   T48] usb 4-1: New USB device strings: Mfr=39, Product=17, SerialNumber=0
[  370.316039][   T29] audit: type=1400 audit(1731953693.148:2673): avc:  denied  { open } for  pid=9763 comm="syz.2.1034" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  370.340647][ T5915] logitech 0003:046D:C24F.0017: no inputs found
[  370.346986][   T48] usb 4-1: Product: syz
[  370.353877][   T48] usb 4-1: Manufacturer: syz
[  370.363013][   T29] audit: type=1400 audit(1731953693.158:2674): avc:  denied  { mount } for  pid=9763 comm="syz.2.1034" name="/" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  370.531404][ T9757] [U] vÔ3
[  370.537462][ T9745] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  370.542799][   T48] usb 4-1: config 0 descriptor??
[  370.596696][ T9745] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  370.613592][ T9745] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  370.624394][ T9745] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  370.640778][ T9745] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  370.652142][ T9745] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  371.292024][ T9770] binder: 9767:9770 ioctl 4018620d 0 returned -22
[  371.779449][   T48] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[  371.969297][   T48] usb 1-1: Using ep0 maxpacket: 8
[  372.012199][   T48] usb 1-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  372.023735][   T48] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x93, changing to 0x83
[  372.040991][   T48] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  372.053895][   T48] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  372.105115][   T48] usb 1-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice=66.3e
[  372.114781][   T48] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  372.123125][   T48] usb 1-1: Product: syz
[  372.127693][   T48] usb 1-1: Manufacturer: syz
[  372.136131][   T48] usb 1-1: SerialNumber: syz
[  372.179279][ T5874] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  372.197133][   T48] usb 1-1: config 0 descriptor??
[  372.285677][   T48] input: iMON Panel, Knob and Mouse(15c2:003b) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input21
[  372.319148][   T29] audit: type=1400 audit(1731953695.188:2675): avc:  denied  { read } for  pid=5186 comm="acpid" name="mouse1" dev="devtmpfs" ino=3229 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  372.404820][ T5874] usb 5-1: config 0 has too many interfaces: 254, using maximum allowed: 32
[  372.414379][   T29] audit: type=1400 audit(1731953695.188:2676): avc:  denied  { open } for  pid=5186 comm="acpid" path="/dev/input/mouse1" dev="devtmpfs" ino=3229 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  372.414486][ T5874] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  372.453073][   T48] imon:send_packet: packet tx failed (-71)
[  372.489353][   T48] imon 1-1:0.0: panel buttons/knobs setup failed
[  372.512022][   T29] audit: type=1400 audit(1731953695.198:2677): avc:  denied  { ioctl } for  pid=5186 comm="acpid" path="/dev/input/mouse1" dev="devtmpfs" ino=3229 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  372.529087][ T5874] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 254
[  372.593870][  T965] usb 2-1: USB disconnect, device number 47
[  372.801556][ T5874] usb 5-1: config 0 has no interface number 0
[  372.832160][    T8] usb 4-1: USB disconnect, device number 35
[  372.939448][   T48] rc_core: IR keymap rc-imon-pad not found
[  372.945656][   T48] Registered IR keymap rc-empty
[  372.950683][   T48] imon 1-1:0.0: Looks like you're trying to use an IR protocol this device does not support
[  372.960853][ T5874] usb 5-1: New USB device found, idVendor=0cf3, idProduct=1002, bcdDevice=4f.2c
[  372.975667][   T48] imon 1-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  372.999174][ T5874] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  373.008732][   T48] imon:send_packet: packet tx failed (-71)
[  373.039195][   T48] imon 1-1:0.0: remote input dev register failed
[  373.046612][   T48] imon 1-1:0.0: imon_init_intf0: rc device setup failed
[  373.105177][ T5874] usb 5-1: config 0 descriptor??
[  373.309573][ T5874] usb 5-1: reset high-speed USB device number 25 using dummy_hcd
[  373.516433][   T29] audit: type=1400 audit(1731953696.388:2678): avc:  denied  { read } for  pid=9791 comm="syz.3.1043" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  373.599386][   T29] audit: type=1400 audit(1731953696.388:2679): avc:  denied  { open } for  pid=9791 comm="syz.3.1043" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  373.690192][ T9792] SELinux: selinux_ima_measure_state_locked: failed to read policy -12.
[  373.849805][   T29] audit: type=1400 audit(1731953696.388:2680): avc:  denied  { read write } for  pid=5830 comm="syz-executor" name="loop2" dev="devtmpfs" ino=649 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  373.971367][ T9800] fuse: Unknown parameter '0x0000000000000009'
[  375.129376][   T48] imon 1-1:0.0: unable to initialize intf0, err 0
[  375.135801][   T48] imon:imon_probe: failed to initialize context!
[  375.149343][   T48] imon 1-1:0.0: unable to register, err -19
[  375.449472][   T29] audit: type=1400 audit(1731953696.388:2681): avc:  denied  { open } for  pid=5830 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=649 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  375.482850][   T48] usb 1-1: USB disconnect, device number 41
[  375.492313][   T29] audit: type=1400 audit(1731953696.388:2682): avc:  denied  { ioctl } for  pid=5830 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=649 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  375.517836][    C0] vkms_vblank_simulate: vblank timer overrun
[  375.549369][ T5874] usb 5-1: USB disconnect, device number 25
[  375.689697][   T29] audit: type=1400 audit(1731953696.468:2683): avc:  denied  { create } for  pid=9791 comm="syz.3.1043" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  375.736964][   T29] audit: type=1400 audit(1731953696.468:2684): avc:  denied  { mount } for  pid=9791 comm="syz.3.1043" name="/" dev="autofs" ino=28015 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  376.952893][   T29] audit: type=1400 audit(1731953696.508:2685): avc:  denied  { map_create } for  pid=9795 comm="syz.0.1044" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  376.994644][ T9815] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1049'.
[  377.051397][ T9815] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  377.060542][   T29] audit: type=1400 audit(1731953696.528:2686): avc:  denied  { create } for  pid=9795 comm="syz.0.1044" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  377.080066][    C0] vkms_vblank_simulate: vblank timer overrun
[  377.098366][   T29] audit: type=1400 audit(1731953696.568:2687): avc:  denied  { append } for  pid=5183 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=10 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  377.399262][   T48] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[  378.069417][   T48] usb 1-1: Using ep0 maxpacket: 16
[  378.207273][   T48] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  378.211029][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  378.218683][   T48] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  378.224180][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  378.234832][   T48] usb 1-1: New USB device found, idVendor=046d, idProduct=08f0, bcdDevice=50.0d
[  378.289459][   T48] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  378.324684][   T48] usb 1-1: Product: syz
[  378.349128][   T48] usb 1-1: Manufacturer: syz
[  378.384913][   T48] usb 1-1: SerialNumber: syz
[  378.443158][   T48] usb 1-1: config 0 descriptor??
[  378.485351][   T48] usb 1-1: USB disconnect, device number 42
[  378.519472][   T29] kauditd_printk_skb: 71 callbacks suppressed
[  378.519486][   T29] audit: type=1400 audit(1731953701.398:2759): avc:  denied  { create } for  pid=9835 comm="syz.3.1053" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  378.664488][   T29] audit: type=1400 audit(1731953701.428:2760): avc:  denied  { execmem } for  pid=9835 comm="syz.3.1053" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  378.992328][   T29] audit: type=1400 audit(1731953701.588:2761): avc:  denied  { write } for  pid=9843 comm="syz.1.1056" name="vmci" dev="devtmpfs" ino=697 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  379.369334][   T29] audit: type=1400 audit(1731953701.798:2762): avc:  denied  { write } for  pid=9835 comm="syz.3.1053" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  379.670467][   T29] audit: type=1400 audit(1731953702.048:2763): avc:  denied  { create } for  pid=9843 comm="syz.1.1056" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  379.764303][ T9855] binder: 9847:9855 ioctl 4018620d 0 returned -22
[  379.871327][   T29] audit: type=1400 audit(1731953702.048:2764): avc:  denied  { write } for  pid=9843 comm="syz.1.1056" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  379.897865][ T9856] netlink: 830 bytes leftover after parsing attributes in process `syz.2.1058'.
[  380.034378][   T29] audit: type=1400 audit(1731953702.578:2765): avc:  denied  { create } for  pid=9847 comm="syz.0.1057" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  380.072997][ T9855] binder: 9847:9855 ioctl c0306201 0 returned -14
[  380.100799][   T29] audit: type=1400 audit(1731953702.588:2766): avc:  denied  { connect } for  pid=9847 comm="syz.0.1057" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  380.326823][ T9867] syz.2.1058: attempt to access beyond end of device
[  380.326823][ T9867] nbd2: rw=0, sector=2, nr_sectors = 2 limit=0
[  380.340081][ T9867] vxfs: unable to read disk superblock at 1
[  380.346537][ T9867] syz.2.1058: attempt to access beyond end of device
[  380.346537][ T9867] nbd2: rw=0, sector=16, nr_sectors = 2 limit=0
[  380.360802][ T9867] vxfs: unable to read disk superblock at 8
[  380.366819][ T9867] vxfs: can't find superblock.
[  380.390651][   T29] audit: type=1400 audit(1731953702.588:2767): avc:  denied  { write } for  pid=9847 comm="syz.0.1057" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  380.505013][ T9862] FAULT_INJECTION: forcing a failure.
[  380.505013][ T9862] name failslab, interval 1, probability 0, space 0, times 0
[  380.530410][   T29] audit: type=1400 audit(1731953702.588:2768): avc:  denied  { ioctl } for  pid=9847 comm="syz.0.1057" path="socket:[27561]" dev="sockfs" ino=27561 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  380.559541][ T9862] CPU: 0 UID: 0 PID: 9862 Comm: syz.3.1060 Not tainted 6.12.0-syzkaller #0
[  380.568141][ T9862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  380.578171][ T9862] Call Trace:
[  380.581427][ T9862]  <TASK>
[  380.584332][ T9862]  dump_stack_lvl+0x16c/0x1f0
[  380.588987][ T9862]  should_fail_ex+0x497/0x5b0
[  380.593637][ T9862]  ? fs_reclaim_acquire+0xae/0x150
[  380.598733][ T9862]  should_failslab+0xc2/0x120
[  380.603396][ T9862]  __kmalloc_cache_noprof+0x6b/0x300
[  380.608652][ T9862]  ? do_raw_spin_lock+0x12d/0x2c0
[  380.613661][ T9862]  ? netfs_buffer_make_space+0x432/0x6b0
[  380.619283][ T9862]  netfs_buffer_make_space+0x432/0x6b0
[  380.624745][ T9862]  netfs_buffer_append_folio+0x298/0x360
[  380.630389][ T9862]  netfs_write_folio+0x540/0x1930
[  380.635530][ T9862]  netfs_writepages+0x29a/0x9d0
[  380.640383][ T9862]  ? __pfx_netfs_writepages+0x10/0x10
[  380.645746][ T9862]  ? __pfx___lock_acquire+0x10/0x10
[  380.650933][ T9862]  ? hlock_class+0x4e/0x130
[  380.655423][ T9862]  ? mark_lock+0xb5/0xc60
[  380.659732][ T9862]  ? __pfx_netfs_writepages+0x10/0x10
[  380.665092][ T9862]  do_writepages+0x1a3/0x7f0
[  380.669669][ T9862]  ? __pfx_do_writepages+0x10/0x10
[  380.674762][ T9862]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  380.680380][ T9862]  ? do_raw_spin_lock+0x12d/0x2c0
[  380.685390][ T9862]  ? do_raw_spin_unlock+0x172/0x230
[  380.690572][ T9862]  ? _raw_spin_unlock+0x28/0x50
[  380.695411][ T9862]  ? wbc_attach_and_unlock_inode+0x597/0x940
[  380.701375][ T9862]  filemap_fdatawrite_wbc+0x148/0x1c0
[  380.706730][ T9862]  __filemap_fdatawrite_range+0xb3/0xf0
[  380.712260][ T9862]  ? __pfx___filemap_fdatawrite_range+0x10/0x10
[  380.718484][ T9862]  ? filemap_dirty_folio+0xe3/0x130
[  380.723686][ T9862]  ? __pfx_lock_release+0x10/0x10
[  380.728699][ T9862]  file_write_and_wait_range+0xca/0x140
[  380.734234][ T9862]  v9fs_file_fsync+0xdb/0x1c0
[  380.738980][ T9862]  ? __pfx_v9fs_file_fsync+0x10/0x10
[  380.744254][ T9862]  ? __up_read+0x1fb/0x760
[  380.748656][ T9862]  ? __pfx_v9fs_file_fsync+0x10/0x10
[  380.753935][ T9862]  vfs_fsync_range+0x136/0x220
[  380.758691][ T9862]  netfs_file_write_iter+0x3dd/0x4f0
[  380.763975][ T9862]  v9fs_file_write_iter+0x9b/0x100
[  380.769080][ T9862]  vfs_write+0x5ae/0x1150
[  380.773402][ T9862]  ? __pfx_v9fs_file_write_iter+0x10/0x10
[  380.779104][ T9862]  ? trace_lock_acquire+0x14a/0x1d0
[  380.784288][ T9862]  ? __pfx_vfs_write+0x10/0x10
[  380.789038][ T9862]  ? __pfx___mutex_lock+0x10/0x10
[  380.794072][ T9862]  ksys_write+0x12f/0x260
[  380.798382][ T9862]  ? __pfx_ksys_write+0x10/0x10
[  380.803221][ T9862]  do_syscall_64+0xcd/0x250
[  380.807710][ T9862]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  380.813592][ T9862] RIP: 0033:0x7f34bb97e759
[  380.817990][ T9862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  380.837580][ T9862] RSP: 002b:00007f34bc856038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  380.845978][ T9862] RAX: ffffffffffffffda RBX: 00007f34bbb35f80 RCX: 00007f34bb97e759
[  380.853931][ T9862] RDX: 0000000000000004 RSI: 0000000020000300 RDI: 0000000000000007
[  380.861886][ T9862] RBP: 00007f34bc856090 R08: 0000000000000000 R09: 0000000000000000
[  380.869847][ T9862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  380.877798][ T9862] R13: 0000000000000000 R14: 00007f34bbb35f80 R15: 00007ffe6d4aea88
[  380.885761][ T9862]  </TASK>
[  380.890440][    C0] vkms_vblank_simulate: vblank timer overrun
[  380.890467][   T48] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  380.914041][ T9862] ------------[ cut here ]------------
[  380.919554][ T9862] WARNING: CPU: 0 PID: 9862 at lib/iov_iter.c:255 _copy_from_iter+0x3a0/0x1560
[  380.928595][ T9862] Modules linked in:
[  380.932526][ T9862] CPU: 0 UID: 0 PID: 9862 Comm: syz.3.1060 Not tainted 6.12.0-syzkaller #0
[  380.941205][ T9862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  380.951521][ T9862] RIP: 0010:_copy_from_iter+0x3a0/0x1560
[  380.957164][ T9862] Code: 60 fd 0f 01 cb 48 89 d9 4c 89 f7 48 89 ee e8 37 be 88 06 48 89 cd 0f 01 ca 49 89 df 49 29 cf e9 1e ff ff ff e8 61 e1 fe fc 90 <0f> 0b 90 e9 ae fd ff ff e8 53 e1 fe fc 89 ee bf 01 00 00 00 e8 27
[  380.976859][ T9862] RSP: 0018:ffffc90002d2ef28 EFLAGS: 00010293
[  380.983079][ T9862] RAX: 0000000000000000 RBX: 0000000000000004 RCX: ffffffff848e9718
[  380.991087][ T9862] RDX: ffff888037654880 RSI: ffffffff848e99ff RDI: 0000000000000001
[  380.999111][ T9862] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[  381.007095][ T9862] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888077d00060
[  381.015131][ T9862] R13: ffffc90002d2f318 R14: ffff888077d00060 R15: dffffc0000000000
[  381.023301][ T9862] FS:  00007f34bc8566c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  381.032480][ T9862] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  381.039099][ T9862] CR2: 0000001b2fa1fffc CR3: 00000000335ca000 CR4: 00000000003526f0
[  381.047099][ T9862] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  381.055086][ T9862] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  381.063091][ T9862] Call Trace:
[  381.066357][ T9862]  <TASK>
[  381.069372][ T9862]  ? __warn+0xea/0x3d0
[  381.073454][ T9862]  ? _copy_from_iter+0x3a0/0x1560
[  381.078522][ T9862]  ? report_bug+0x3c0/0x580
[  381.083060][ T9862]  ? handle_bug+0x54/0xa0
[  381.087395][ T9862]  ? exc_invalid_op+0x17/0x50
[  381.092156][ T9862]  ? asm_exc_invalid_op+0x1a/0x20
[  381.092263][ T9854] [U] vÔ3
[  381.097197][ T9862]  ? _copy_from_iter+0xb8/0x1560
[  381.105168][ T9862]  ? _copy_from_iter+0x39f/0x1560
[  381.110272][ T9862]  ? _copy_from_iter+0x3a0/0x1560
[  381.115297][ T9862]  ? _copy_from_iter+0x39f/0x1560
[  381.120545][ T9862]  ? __pfx_lock_release+0x10/0x10
[  381.125766][ T9862]  ? __pfx__copy_from_iter+0x10/0x10
[  381.131190][ T9862]  ? __virt_addr_valid+0x1a4/0x590
[  381.136332][ T9862]  ? __virt_addr_valid+0x5e/0x590
[  381.141375][ T9862]  ? __phys_addr_symbol+0x30/0x80
[  381.146418][ T9862]  ? __check_object_size+0x488/0x710
[  381.151749][ T9862]  p9pdu_vwritef+0x2d0/0x1cf0
[  381.156459][ T9862]  ? p9pdu_writef+0xc4/0x100
[  381.161160][ T9862]  ? __pfx_p9pdu_vwritef+0x10/0x10
[  381.166327][ T9862]  ? __pfx_p9_tag_alloc+0x10/0x10
[  381.171549][ T9862]  p9_client_prepare_req+0x244/0x4d0
[  381.176912][ T9862]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  381.182797][ T9862]  ? hlock_class+0x4e/0x130
[  381.187354][ T9862]  ? mark_lock+0xb5/0xc60
[  381.191859][ T9862]  p9_client_rpc+0x1c3/0xc10
[  381.196525][ T9862]  ? __pfx___lock_acquire+0x10/0x10
[  381.201820][ T9862]  ? __pfx_p9_client_rpc+0x10/0x10
[  381.207047][ T9862]  ? __pfx_register_lock_class+0x10/0x10
[  381.212811][ T9862]  ? hlock_class+0x4e/0x130
[  381.217375][ T9862]  ? __lock_acquire+0x163e/0x3ce0
[  381.222502][ T9862]  p9_client_write+0x31f/0x680
[  381.227394][ T9862]  ? __pfx_p9_client_write+0x10/0x10
[  381.232854][ T9862]  ? lock_acquire.part.0+0x11b/0x380
[  381.238256][ T9862]  ? find_held_lock+0x2d/0x110
[  381.243228][ T9862]  v9fs_issue_write+0xe2/0x180
[  381.248085][ T9862]  ? __pfx_v9fs_issue_write+0x10/0x10
[  381.253686][ T9862]  ? rcu_is_watching+0x12/0xc0
[  381.258551][ T9862]  ? trace_netfs_sreq+0x193/0x220
[  381.260969][   T48] usb 5-1: config 0 has too many interfaces: 254, using maximum allowed: 32
[  381.263730][ T9862]  netfs_do_issue_write+0x92/0x110
[  381.277568][ T9862]  netfs_advance_write+0x384/0xc80
[  381.282911][ T9862]  netfs_write_folio+0xc19/0x1930
[  381.284940][   T48] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  381.287988][ T9862]  netfs_writepages+0x29a/0x9d0
[  381.288023][ T9862]  ? __pfx_netfs_writepages+0x10/0x10
[  381.308518][ T9862]  ? __pfx___lock_acquire+0x10/0x10
[  381.313993][ T9862]  ? hlock_class+0x4e/0x130
[  381.318546][ T9862]  ? mark_lock+0xb5/0xc60
[  381.323032][ T9862]  ? __pfx_netfs_writepages+0x10/0x10
[  381.326618][   T48] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 254
[  381.328466][ T9862]  do_writepages+0x1a3/0x7f0
[  381.342566][ T9862]  ? __pfx_do_writepages+0x10/0x10
[  381.347768][ T9862]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  381.353603][ T9862]  ? do_raw_spin_lock+0x12d/0x2c0
[  381.358015][   T48] usb 5-1: config 0 has no interface number 0
[  381.358654][ T9862]  ? do_raw_spin_unlock+0x172/0x230
[  381.370165][ T9862]  ? _raw_spin_unlock+0x28/0x50
[  381.374959][   T48] usb 5-1: New USB device found, idVendor=0cf3, idProduct=1002, bcdDevice=4f.2c
[  381.375041][ T9862]  ? wbc_attach_and_unlock_inode+0x597/0x940
[  381.390297][ T9862]  filemap_fdatawrite_wbc+0x148/0x1c0
[  381.395752][ T9862]  __filemap_fdatawrite_range+0xb3/0xf0
[  381.398423][   T48] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  381.401364][ T9862]  ? __pfx___filemap_fdatawrite_range+0x10/0x10
[  381.415759][ T9862]  ? filemap_dirty_folio+0xe3/0x130
[  381.421415][ T9862]  ? __pfx_lock_release+0x10/0x10
[  381.426519][ T9862]  file_write_and_wait_range+0xca/0x140
[  381.432341][ T9862]  v9fs_file_fsync+0xdb/0x1c0
[  381.437087][ T9862]  ? __pfx_v9fs_file_fsync+0x10/0x10
[  381.442546][ T9862]  ? __up_read+0x1fb/0x760
[  381.447082][ T9862]  ? __pfx_v9fs_file_fsync+0x10/0x10
[  381.452585][ T9862]  vfs_fsync_range+0x136/0x220
[  381.457399][ T9862]  netfs_file_write_iter+0x3dd/0x4f0
[  381.459673][   T48] usb 5-1: config 0 descriptor??
[  381.462812][ T9862]  v9fs_file_write_iter+0x9b/0x100
[  381.473007][ T9862]  vfs_write+0x5ae/0x1150
[  381.477426][ T9862]  ? __pfx_v9fs_file_write_iter+0x10/0x10
[  381.483265][ T9862]  ? trace_lock_acquire+0x14a/0x1d0
[  381.488575][ T9862]  ? __pfx_vfs_write+0x10/0x10
[  381.493516][ T9862]  ? __pfx___mutex_lock+0x10/0x10
[  381.498667][ T9862]  ksys_write+0x12f/0x260
[  381.503097][ T9862]  ? __pfx_ksys_write+0x10/0x10
[  381.508043][ T9862]  do_syscall_64+0xcd/0x250
[  381.512762][ T9862]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  381.518718][ T9862] RIP: 0033:0x7f34bb97e759
[  381.523187][ T9862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  381.546309][ T9862] RSP: 002b:00007f34bc856038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  381.559137][ T9862] RAX: ffffffffffffffda RBX: 00007f34bbb35f80 RCX: 00007f34bb97e759
[  381.572398][ T9862] RDX: 0000000000000004 RSI: 0000000020000300 RDI: 0000000000000007
[  381.581914][ T9862] RBP: 00007f34bc856090 R08: 0000000000000000 R09: 0000000000000000
[  381.589946][ T9862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  381.598386][ T9862] R13: 0000000000000000 R14: 00007f34bbb35f80 R15: 00007ffe6d4aea88
[  381.610236][ T9862]  </TASK>
[  381.615785][ T9862] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  381.623065][ T9862] CPU: 0 UID: 0 PID: 9862 Comm: syz.3.1060 Not tainted 6.12.0-syzkaller #0
[  381.631658][ T9862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  381.641712][ T9862] Call Trace:
[  381.644988][ T9862]  <TASK>
[  381.647919][ T9862]  dump_stack_lvl+0x3d/0x1f0
[  381.652517][ T9862]  panic+0x71d/0x800
[  381.656422][ T9862]  ? __pfx_panic+0x10/0x10
[  381.660848][ T9862]  ? show_trace_log_lvl+0x29d/0x3d0
[  381.666057][ T9862]  ? check_panic_on_warn+0x1f/0xb0
[  381.671182][ T9862]  ? _copy_from_iter+0x3a0/0x1560
[  381.676187][ T9862]  check_panic_on_warn+0xab/0xb0
[  381.681118][ T9862]  __warn+0xf6/0x3d0
[  381.685003][ T9862]  ? _copy_from_iter+0x3a0/0x1560
[  381.690046][ T9862]  report_bug+0x3c0/0x580
[  381.694352][ T9862]  handle_bug+0x54/0xa0
[  381.698495][ T9862]  exc_invalid_op+0x17/0x50
[  381.702970][ T9862]  asm_exc_invalid_op+0x1a/0x20
[  381.707798][ T9862] RIP: 0010:_copy_from_iter+0x3a0/0x1560
[  381.713405][ T9862] Code: 60 fd 0f 01 cb 48 89 d9 4c 89 f7 48 89 ee e8 37 be 88 06 48 89 cd 0f 01 ca 49 89 df 49 29 cf e9 1e ff ff ff e8 61 e1 fe fc 90 <0f> 0b 90 e9 ae fd ff ff e8 53 e1 fe fc 89 ee bf 01 00 00 00 e8 27
[  381.732985][ T9862] RSP: 0018:ffffc90002d2ef28 EFLAGS: 00010293
[  381.739026][ T9862] RAX: 0000000000000000 RBX: 0000000000000004 RCX: ffffffff848e9718
[  381.746971][ T9862] RDX: ffff888037654880 RSI: ffffffff848e99ff RDI: 0000000000000001
[  381.754915][ T9862] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[  381.762859][ T9862] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888077d00060
[  381.770807][ T9862] R13: ffffc90002d2f318 R14: ffff888077d00060 R15: dffffc0000000000
[  381.778766][ T9862]  ? _copy_from_iter+0xb8/0x1560
[  381.783765][ T9862]  ? _copy_from_iter+0x39f/0x1560
[  381.788765][ T9862]  ? _copy_from_iter+0x39f/0x1560
[  381.793763][ T9862]  ? __pfx_lock_release+0x10/0x10
[  381.798772][ T9862]  ? __pfx__copy_from_iter+0x10/0x10
[  381.804032][ T9862]  ? __virt_addr_valid+0x1a4/0x590
[  381.809122][ T9862]  ? __virt_addr_valid+0x5e/0x590
[  381.814121][ T9862]  ? __phys_addr_symbol+0x30/0x80
[  381.819128][ T9862]  ? __check_object_size+0x488/0x710
[  381.824388][ T9862]  p9pdu_vwritef+0x2d0/0x1cf0
[  381.829042][ T9862]  ? p9pdu_writef+0xc4/0x100
[  381.833617][ T9862]  ? __pfx_p9pdu_vwritef+0x10/0x10
[  381.838702][ T9862]  ? __pfx_p9_tag_alloc+0x10/0x10
[  381.843703][ T9862]  p9_client_prepare_req+0x244/0x4d0
[  381.848962][ T9862]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  381.854742][ T9862]  ? hlock_class+0x4e/0x130
[  381.859223][ T9862]  ? mark_lock+0xb5/0xc60
[  381.863524][ T9862]  p9_client_rpc+0x1c3/0xc10
[  381.868089][ T9862]  ? __pfx___lock_acquire+0x10/0x10
[  381.873262][ T9862]  ? __pfx_p9_client_rpc+0x10/0x10
[  381.878344][ T9862]  ? __pfx_register_lock_class+0x10/0x10
[  381.883951][ T9862]  ? hlock_class+0x4e/0x130
[  381.888432][ T9862]  ? __lock_acquire+0x163e/0x3ce0
[  381.893431][ T9862]  p9_client_write+0x31f/0x680
[  381.898172][ T9862]  ? __pfx_p9_client_write+0x10/0x10
[  381.903441][ T9862]  ? lock_acquire.part.0+0x11b/0x380
[  381.908706][ T9862]  ? find_held_lock+0x2d/0x110
[  381.913445][ T9862]  v9fs_issue_write+0xe2/0x180
[  381.918193][ T9862]  ? __pfx_v9fs_issue_write+0x10/0x10
[  381.923550][ T9862]  ? rcu_is_watching+0x12/0xc0
[  381.928287][ T9862]  ? trace_netfs_sreq+0x193/0x220
[  381.933306][ T9862]  netfs_do_issue_write+0x92/0x110
[  381.938412][ T9862]  netfs_advance_write+0x384/0xc80
[  381.943517][ T9862]  netfs_write_folio+0xc19/0x1930
[  381.948544][ T9862]  netfs_writepages+0x29a/0x9d0
[  381.953384][ T9862]  ? __pfx_netfs_writepages+0x10/0x10
[  381.958731][ T9862]  ? __pfx___lock_acquire+0x10/0x10
[  381.963902][ T9862]  ? hlock_class+0x4e/0x130
[  381.968381][ T9862]  ? mark_lock+0xb5/0xc60
[  381.972683][ T9862]  ? __pfx_netfs_writepages+0x10/0x10
[  381.978045][ T9862]  do_writepages+0x1a3/0x7f0
[  381.982609][ T9862]  ? __pfx_do_writepages+0x10/0x10
[  381.987690][ T9862]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  381.993301][ T9862]  ? do_raw_spin_lock+0x12d/0x2c0
[  381.998310][ T9862]  ? do_raw_spin_unlock+0x172/0x230
[  382.003484][ T9862]  ? _raw_spin_unlock+0x28/0x50
[  382.008310][ T9862]  ? wbc_attach_and_unlock_inode+0x597/0x940
[  382.014262][ T9862]  filemap_fdatawrite_wbc+0x148/0x1c0
[  382.019622][ T9862]  __filemap_fdatawrite_range+0xb3/0xf0
[  382.025141][ T9862]  ? __pfx___filemap_fdatawrite_range+0x10/0x10
[  382.031370][ T9862]  ? filemap_dirty_folio+0xe3/0x130
[  382.036564][ T9862]  ? __pfx_lock_release+0x10/0x10
[  382.041564][ T9862]  file_write_and_wait_range+0xca/0x140
[  382.047096][ T9862]  v9fs_file_fsync+0xdb/0x1c0
[  382.051747][ T9862]  ? __pfx_v9fs_file_fsync+0x10/0x10
[  382.057008][ T9862]  ? __up_read+0x1fb/0x760
[  382.061409][ T9862]  ? __pfx_v9fs_file_fsync+0x10/0x10
[  382.066680][ T9862]  vfs_fsync_range+0x136/0x220
[  382.071420][ T9862]  netfs_file_write_iter+0x3dd/0x4f0
[  382.076693][ T9862]  v9fs_file_write_iter+0x9b/0x100
[  382.081777][ T9862]  vfs_write+0x5ae/0x1150
[  382.086089][ T9862]  ? __pfx_v9fs_file_write_iter+0x10/0x10
[  382.091793][ T9862]  ? trace_lock_acquire+0x14a/0x1d0
[  382.096964][ T9862]  ? __pfx_vfs_write+0x10/0x10
[  382.101716][ T9862]  ? __pfx___mutex_lock+0x10/0x10
[  382.106720][ T9862]  ksys_write+0x12f/0x260
[  382.111023][ T9862]  ? __pfx_ksys_write+0x10/0x10
[  382.115863][ T9862]  do_syscall_64+0xcd/0x250
[  382.120362][ T9862]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  382.126325][ T9862] RIP: 0033:0x7f34bb97e759
[  382.130717][ T9862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  382.150393][ T9862] RSP: 002b:00007f34bc856038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  382.158780][ T9862] RAX: ffffffffffffffda RBX: 00007f34bbb35f80 RCX: 00007f34bb97e759
[  382.166724][ T9862] RDX: 0000000000000004 RSI: 0000000020000300 RDI: 0000000000000007
[  382.174669][ T9862] RBP: 00007f34bc856090 R08: 0000000000000000 R09: 0000000000000000
[  382.182632][ T9862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  382.190579][ T9862] R13: 0000000000000000 R14: 00007f34bbb35f80 R15: 00007ffe6d4aea88
[  382.198531][ T9862]  </TASK>
[  382.201723][ T9862] Kernel Offset: disabled
[  382.206102][ T9862] Rebooting in 86400 seconds..