last executing test programs:

13.39899215s ago: executing program 4 (id=929):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, 0x0, 0x0, 0x8, 0x0)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xffffffed]}, 0x0, 0x8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xa6}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_emit_vhci(&(0x7f0000000300)=ANY=[@ANYBLOB="04ff06aaaaaaaaaa10428a460391b9b6ea6881be6f01d7b69ce472957627f1aa0759d2573563fff74bed738cd2c57613ff8ec5efe05ad53effcfc4dc5b4a386be5a7523d8a068bb5b6ded6b6b97b39e93b733734c216019864d48d64321674140163e25e9dfa2e4c154d5f8ba97278000000000000000000"], 0x9)
syz_emit_vhci(0x0, 0x0)
r3 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xffffffed]}, 0x0, 0x8)
getpid()
kexec_load(0xf5, 0x1, &(0x7f0000000b80)=[{0x0, 0x0, 0x0, 0x1000}], 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000740)={r3, 0xe0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000200)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x26e, &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000004c0)=[0x0, 0x0], <r4=>0x0, 0xd9, &(0x7f0000000500)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000540), &(0x7f0000000580), 0x8, 0x2b, 0x8, 0x8, &(0x7f0000000600)}}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x70, '\x00', 0x0, @fallback=0x34, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb}, 0x94)
write$qrtrtun(r1, &(0x7f0000000380)="63cf8676097c91c58be03f4e99138d5844db2f6d4c610900178406f90e72da3fc5f38c9e7907d84c5773b96f33b84f39cd888682c4cd00"/70, 0x46)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r5, 0x0, 0x30, 0x0, @val=@uprobe_multi={0x0, 0x0, &(0x7f0000000240)=[0x2]}}, 0x40)
mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x2000003, 0x97052, 0xffffffffffffffff, 0x0)
r6 = openat$cgroup_freezer_state(r0, &(0x7f0000000140), 0x2, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f0000000400)=ANY=[@ANYBLOB="12010000c8549b407c2c0e032881050203010902240001000000000904000002ff18d40009050602ff0300000009058202080600000002c1b8c3873406a5e5bc8dfbb837a3c1e1551235fb67ec12a773567f3d1cd2b37d9d00add23ba318a20f5eacf82d2ae3ce58fdf1d9e201e7788a5685ee8f6c0e19fbedd8df77414892e4378f119578d42399b3f2687b96464165c73f591a3c6a1715a9e3c3d1d63cc962b074577becc0aebc10e1d170920508ab575151"], 0x0)
write$cgroup_freezer_state(r6, &(0x7f0000000040)='FROZEN\x00', 0x7)
mkdirat$cgroup(r0, &(0x7f00000000c0)='syz1\x00', 0x1ff)
sendfile(r6, r6, 0x0, 0x9)

10.247690929s ago: executing program 2 (id=946):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
chdir(0x0)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x4, 0x80000001}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f00000196c0)=""/102395, 0x18ffb)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="2800000010000108000000000000c300003c5b00", @ANYRES32=0x0, @ANYBLOB="000000009002010008001b0000010000"], 0x28}, 0x1, 0x0, 0x0, 0x11}, 0x4008040)
r2 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r2, 0x4601, &(0x7f0000000240)={0x400, 0x30, 0xf0, 0x0, 0x0, 0x1f, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x40, 0x0, 0x7, 0x0, 0x5, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x16, 0x0, 0x0, 0x5})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="341600001000030400000000fedbdf2500007400", @ANYRES32=0x0, @ANYBLOB="0008000007500500000010000f0000000000140069703665727370616e3000000000000000001980000005003b927ac1c9bec9ab17e3a6936b44342500001880000001800000060004000000000004002ec90e291d620bcb5a45b2aa7612e07300000100050000000000018000000200287d2a237b2c5d000000050029056e583ca2da1179df633462bb458f00000500181b37fef26f1326d7d74984cf7945c800000500a3a55f62b38fd1a6e19ba08b593cb05800000500ab5e3599fe1b536446a6a13d484f49da0000018000000500702ff3a4435b449a1c85a5d8fefc8d3a000004008a4114234ad37d1b67ec482523b190e50000060006000000000002002f6465762f6370752f232f6d7372000000000500b89487879c1f70b247a0308ed81a56d20000018000000100fcffffff00000600030000000000040050d087d287e207c70a0c94f9fd402c72000002002f6465762f6370752f232f6d7372000000000600000000000000060002000000000006007f000000000002002f6465762f6370752f232f6d7372000000000600070000000000010004000000"], 0x1e}, 0x1, 0x0, 0x0, 0x900}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r5, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r5, &(0x7f0000000240)=':', 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x8, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000000)='veno\x00', 0x5)
writev(r5, 0x0, 0x0)
r6 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r6, &(0x7f0000000000), 0x10)
bind$can_raw(r6, &(0x7f0000000080), 0x10)
shutdown(r5, 0x1)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
write$6lowpan_enable(r4, &(0x7f00000000c0)='1', 0x1)
clock_gettime(0x6, &(0x7f0000000100))

9.702040244s ago: executing program 4 (id=947):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000005300)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000240)="1400000016000b63d25a80648c25940121", 0x11}, {&(0x7f0000000280)="e26248", 0x3}], 0x2}, 0x40050)
syz_emit_ethernet(0x6a, &(0x7f00000002c0)={@broadcast, @random="17043a73dbde", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x5c, 0x64, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @redirect={0x5, 0x2, 0x0, @multicast1, {0x10, 0x4, 0x1, 0x8, 0x3, 0x65, 0x8, 0x9, 0x32, 0x403c, @broadcast, @empty, {[@timestamp_addr={0x44, 0x2c, 0x40, 0x1, 0x1, [{@rand_addr=0x64010100, 0x7fff}, {@loopback, 0x3f}, {@private=0xa010102, 0x2}, {@multicast2, 0xab}, {@local, 0x7}]}]}}}}}}}, 0x0)

9.589572305s ago: executing program 4 (id=949):
syz_open_dev$cec(0x0, 0xffffffffffffffff, 0xd2ec0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
creat(0x0, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x8000000003c)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
connect$inet6(r1, 0x0, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x35, &(0x7f0000000000)=0x8000, 0x4)
bind$inet6(r3, 0x0, 0x0)
recvmmsg(r3, 0x0, 0x0, 0x0, 0x0)
sendto$inet6(r3, 0x0, 0x0, 0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp}, 0x94)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x6, 0x5d031, 0xffffffffffffffff, 0x0)

9.5360814s ago: executing program 3 (id=950):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$kvm(0x0, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
mmap$KVM_VCPU(&(0x7f0000fff000/0x1000)=nil, 0x930, 0x3000003, 0x2012, r3, 0x4000)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000380)=@getneightbl={0x14, 0x2e, 0x201}, 0x14}}, 0x0)
r5 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x2701, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r5, 0xc0285700, &(0x7f0000000000)={0xfffffffe, "94c465203d36be01d7000000000000e1100ad985544d00"})
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89f0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0xa, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r7 = open(&(0x7f0000000000)='./file0\x00', 0x80140, 0x0)
fcntl$setsig(r7, 0xa, 0x21)
fcntl$setlease(r1, 0x400, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b50a0000000000007910480000000000610410000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
creat(&(0x7f0000000100)='./file0\x00', 0x0)
r8 = socket(0x10, 0x3, 0x0)
close_range(r7, 0xffffffffffffffff, 0x0)
write$binfmt_aout(r6, &(0x7f00000000c0)=ANY=[@ANYRES16=r8, @ANYRES8, @ANYRESDEC=r3], 0xff2e)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000040)=0xfc)
mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)=ANY=[])
splice(r0, &(0x7f0000000040)=0x1, r0, &(0x7f0000000140)=0x6, 0x3, 0x1)
sendmsg$nl_generic(r0, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000640)=ANY=[@ANYBLOB="1c0000001000010700000000000000000a0000000600010011"], 0x1c}}, 0x800)

9.010890605s ago: executing program 4 (id=951):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000040)={<r1=>0x0, 0x2}, &(0x7f0000000100)=0x8)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000300)={r1, 0x5}, 0x8)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000700)=ANY=[@ANYRESHEX=r2, @ANYBLOB="281fad5f857eee248af570918bb233d04aad0c5898e5b3de2b9c0d40c3edea9e1d32ed48557afba8fad8288193c3b0aa9778d1c5de480f0838515524347e7b50fd4573935589578e86b6926f57f4d65ae5a0c8e7c590645f9ca37da230d590e00e9d6c8fcbd34492fffb82758a6631076954275befdd60409d9bd9529e40e43bbe0ea0e07ed5d8abd0f7aa21439339afa015d81afbd45143452c0d18fc071cd687a37f0739fe931da4bfa6a79bd1067c7c66c05dc8b005374d0eb9d5807ab502199a7cc9fc4919c79f72ca1e0affec1e74f85c198021a8a1e0ef22b1a0ef1fe3d8f57049a607347cbdd47c517c7294b4fef1fb9ad9eed1d36e9351ec", @ANYBLOB="056d08007bbf1edf24060000000000300012800b400100627231d5676500d8f8b48ae05c70c72edfc823319015d155f61406"], 0x6c}}, 0x0)
r3 = add_key$keyring(&(0x7f0000000200), &(0x7f0000000240)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000321000/0x2000)=nil, 0x2000, 0xb635773f03ebbee2, 0x80010, r2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x0, 0x4080)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_wakeup_irq', 0x0, 0xb)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002280)={{'fd', 0x3d, r7}, 0x2c, {'rootmode', 0x3d, 0x8000}})
r8 = landlock_create_ruleset(&(0x7f0000000000)={0x6084}, 0x10, 0x0)
landlock_restrict_self(r8, 0x0)
truncate(&(0x7f0000000680)='./file0\x00', 0x40003e)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_GET(r9, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="b800000001090103"], 0xb8}, 0x1, 0x0, 0x0, 0x4810}, 0x4)
r10 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/profiling', 0xa0442, 0x10)
ppoll(&(0x7f0000000080)=[{r10, 0x1201}], 0x1, 0x0, 0x0, 0x0)
write$FUSE_NOTIFY_DELETE(r10, &(0x7f0000000380)={0x2c, 0x6, 0x0, {0x6, 0x2, 0x3, 0x0, 'syz'}}, 0x2c)
r11 = add_key$keyring(&(0x7f00000000c0), &(0x7f00000002c0)={'syz', 0x0}, 0x0, 0x0, r3)
add_key$fscrypt_v1(&(0x7f0000000080), &(0x7f0000000280)={'fscrypt:', @auto=[0x0, 0x0, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x32]}, &(0x7f0000000180)={0x0, "de8d0d27ca969fa15f8b3b7bae39c1b3327d4332f8c149d2d65a347d67f6db7eb90dfdad3cdebaaf421412f812305c9da91699b5a02c1295596f0fd9ec78f2fd"}, 0x48, r11)

8.855410273s ago: executing program 3 (id=952):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(0xffffffffffffffff, 0x13, 0x0, 0x2)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x20940, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = eventfd2(0x0, 0x80000)
syz_usb_connect(0x0, 0x1cb, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
socket$inet_mptcp(0x2, 0x1, 0x106)
r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
r6 = eventfd(0x0)
r7 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r7, &(0x7f0000000140), 0x10)
r8 = syz_io_uring_setup(0x835, &(0x7f00000000c0)={0x0, 0x679a, 0x400, 0x2000006, 0x3ce}, &(0x7f0000000040)=<r9=>0x0, &(0x7f0000000140)=<r10=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r9, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r9, r10, &(0x7f00000002c0)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r7, 0x0, &(0x7f0000000240)="144024aeae8b2b5d63f7449a372e1406d4defe495b5744eed6801d1d51e1d3fcdcf25bdf4a5f2ef4b45d6898757795c858f0c3d4b26bd644", 0x38, 0x2400c0c7, 0x1})
io_uring_enter(r8, 0x3516, 0x0, 0x0, 0x0, 0x0)
ioctl$VHOST_SET_LOG_FD(r5, 0x4004af07, &(0x7f0000000240)=r6)
ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000000000)={0x7c, 0x3000, 0x4, r4})
r11 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r11, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r12=>0x0})
r13 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000080)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r13, @ANYBLOB="010000000000000000000200000008000300", @ANYRES32=r12, @ANYBLOB="0800a0009e09000008009f000400000008002600800900000800a1000519"], 0x3c}}, 0x0)
r14 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
close(r14)
socket$phonet_pipe(0x23, 0x5, 0x2)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e21, 0xfffff655, @mcast2, 0x7}, 0x1c)
write$cgroup_pid(r14, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

8.682782573s ago: executing program 2 (id=955):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$kcm(0x29, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001cc0)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123f51c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef23d430f6296b32a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed4048d3b3e3962dcddef6af1a11972a6b4975022278d00031e5388ee5c867ddd58211d6ece1ccb0cd2b6d3cffd962867a3a2f624f992daa94a0c556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff020000000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd0971d379380bf63432872cfed453870000b219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d3f153b3d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a74e04bde740750fa4d9aaa705989b8e673e3296e52d3112874ec51d6fe048ba6866adebab53168770a71ad901ace383e7927de217d6bf74daf41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafce5c1b3f97a297c9e490f241999085afabdd529f62ca0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637f99f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7a36b26a4e70f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf37704ec737555392a0b06491cba71f897144910fe050038ec9e475e89298b7bf4d769ccc18eede0068ca1457870eb30d211e23ccc8e06dddeb6179d257ab5000013c86ba9affb12ec757c7234c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f8b2ad1e1f4933545fc3c741374211663f6b63b1dd044dd0117c9b737b9b59418006c1bc1aafa2768e82597251e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff75067d2a214f8c9d9b2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b101000f49e298727340e87cdefb40e56e9cfad973347d0de7ba4754ff231a1b933d8f931b8c552b2c7c503f3d0e7ab0e958adb862822e40009995ae166deb9856291a43a6f7eb2e32cefbf444b032dad13007b82e6044f643fc8cd07a97e2bbe636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c5e13d52c83ac3fa7c3ae6c08384865b66d2b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935f602325984386b21b96492ae662082b56cf666e63a757c0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e71338a40c7669522e8dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87995b51cb6febd5f24a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724be3733c26f12538376e177ffef6fd2603bfab96831957a08e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be42827dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d01af43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2ddf4c4d26f1cdd8c3c9736cf5e5082de3b484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b0033f8dfe0fd9bb2a70801f763524e1d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cfcb9066668627ebe92d48aa5fc0a7bf1b5108b34d22ad004de8274c22c8ba823d964969c9f02bb78c598fa8701b000884de710b54e5ab2e8ff0c7ae23e0b601ac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67736ba7e960bd8b1e4105b65007c8ff1f00a8ce7e31f7c9c3e3fa61aab967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e942e35c4baa1904122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700ba363ca3182105960bef3378a980000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450cfe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c32e4f1f22af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b5b1dfa9fd31df213c88b404797056fd3baa8b2d6cb134437cba0193ba4360bdcc98aad2560aa58291c4eb9d4e08ad7a9c5f04be1ab59719a8200007bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b7f76c78ba0b44ec0bdfa0d32d7030000003a073b12eb579032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e02b7cd25385f3b9628471b4364987b0b2c82a8b0f976387ebb62ead0e1b761e6ec9b824fe006ea52c0c469e3bd8fed05a486bd5511144ebb63d56d61da5fcb58e196a8923edaf228b0cb96b856b15c90b154494fb0cff768b3417fcc89acb9b9b4f8581c82ff3121b5920f4e71508eea4341ec618f4d9110928ea8dd17e36f3beb0c07d911c00eb4054ad48cab563c5ad97d732c3653635df7600091973d44ff94ac6d670ecc085501bd91b586adf858b41d918fd58f8577adb541857dbbf33be97c4809c6595ebfff19b34cec7fd877e8f2aad6a1a6a4ec6dbb3de42bb2e75b4768d139d7b7ff5d51e6863b6704901b59fd92495608395fce98c267a3846b67e7a5b57d995e07dca8db555aea5a0f6f1cd85d791f22d06ff37fcbb22b2d9296b36faee22e513b276fc8494ce31699343278aa8f531ee549d2ba495059c80d5748d8a0cb19df27338aaafbf0849c31572d17a786383b3f619212651a076e5148fa6421f5405e65ee31e6fbd510d92c17fe12a7f203066848e2a9adef66ad7ae8edea20fb8c7233de3736949e15b88699c2f8576060cf95d2593828abde6e2eed2a717655782ae9e589f5de9792c810ec07a842bca96e594f13211eae7ee1919b7af1e33ff726792cbb1366fb8a3684370e35122b0ad40f55846ca7d39cf6f9a1cfa5460f537e89e1c5f3cd10a3d8ae3ecec0c7e4114aec30742d88f313d74447723808da0889e34b31c13a79b8bb105cdcb234d56246bbf003c0ad03ff20f573df9604720d652b0a0cc5d90a284b5c7824bfdc4e3f18eaf9820ffbd8c4f32c8de631c181ab76505dac753fec759b0414cb3c5dfa02b6a3b93ff79bcf8c613b4a9124923e7e6ce74266fd78564000000000ce0d3ac2350502cf4a410152ee893d57622bee2b52df83cd30b4ae17d507fba05e7055db7e6d4cfc085773b900ca50bee4d49529f24bab389fb87fbb481340e8ce1810727212dc5e96d99de07611cb588a5d8b5c510c1f5b3fb568971646821b50dc2542003eb60a4ee9398ae4b6681c29cd921fb35b12ca111f12c59ac39dde4bf4f7524362304610979f5199ef9d271af60a421e29c6483423157ed4c2721123ddf33313a97ec1a55115b6df23157ad17b5e544db26c46d31b2e7375c37ace025955c9482e1ef841554c202c356842233c57c258f8f2043b4b6de433e8a2fb9365b65496c5777c1a1a223763d51190a24fb4047ad7ff6258f1b000000000000000000000000e0ef07726228fb150d09f697ee3db6cc096676225780d422fe917a5c57bedabb42399727b386e979dde3b7243dad1f78e8592937866cfc017f3a8ad31c53115fb7f3452bd3318c4a17cc80bcab32d9ed35273c3c930719ddb5b757f9d85cc86ddd"], &(0x7f0000000140)='GPL\x00'}, 0x48)
r5 = socket$kcm(0x2, 0x1, 0x0)
setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f00000001c0)=r4, 0x4)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000140)=@newtaction={0xa0, 0x30, 0x9, 0x0, 0x0, {}, [{0x8c, 0x1, [@m_bpf={0x88, 0x1, 0x0, 0x0, {{0x8}, {0x60, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x7}, @TCA_ACT_BPF_OPS={0x3c, 0x4, [{}, {0x0, 0x0, 0x0, 0xffffffff}, {0x3, 0x4, 0x20, 0x1000000}, {0x0, 0x2}, {0x0, 0x0, 0x0, 0x2}, {}, {0x3}]}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x0, 0x7}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa0}}, 0x0)
sendmsg$inet(r5, &(0x7f0000000300)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0}, 0x20000015)
ioctl$sock_kcm_SIOCKCMATTACH(r3, 0x89e0, &(0x7f0000000040)={r5, r4})
ioctl$sock_kcm_SIOCKCMUNATTACH(r3, 0x89e1, &(0x7f0000000100)={r5})

7.923332253s ago: executing program 4 (id=957):
socket$can_j1939(0x1d, 0x2, 0x7)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x23, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xa, &(0x7f00000001c0)={0x8, 0x88}, 0x0)
openat$dsp(0xffffffffffffff9c, &(0x7f00000003c0), 0x2682, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
ioctl$SNDRV_PCM_IOCTL_RESET(0xffffffffffffffff, 0x4141, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000002c0), 0x80, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r4, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r5})
ioctl$IOMMU_IOAS_MAP$PAGES(r4, 0x3b85, &(0x7f0000000180)={0x28, 0x2, r5, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x100000000})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='io.stat\x00', 0x26e1, 0x0)
close(r6)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x8901, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$can_j1939(0x1d, 0x2, 0x7)
r7 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0x2556, 0x1000, 0x2, 0x24d}, &(0x7f00000006c0)=<r8=>0x0, &(0x7f0000000280)=<r9=>0x0)
syz_io_uring_submit(r8, r9, 0x0)
io_uring_enter(r7, 0x100847c0, 0x0, 0x10, 0x0, 0x0)

7.706040575s ago: executing program 2 (id=960):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r2, &(0x7f0000000480)={0x18}, 0x18)
write$FUSE_INIT(r2, &(0x7f0000000600)={0x50, 0x0, 0x0, {0x7, 0x29, 0x3, 0x0, 0x4, 0x772, 0x7, 0x0, 0x0, 0x0, 0xa0, 0x200}}, 0x50)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}})
r3 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
unshare(0x2c020400)
write$FUSE_INIT(r3, &(0x7f0000000200)={0x50, 0x0, 0x0, {0x7, 0x29, 0x1282, 0x400c6001, 0x5, 0x8, 0x10, 0xc40b, 0x0, 0x0, 0x40, 0x6}}, 0x50)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)

7.641386144s ago: executing program 3 (id=961):
r0 = socket$kcm(0xa, 0x2, 0x73)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="3801000010000100feffffff0001000000000000000000000000ffffe0000002fc0100000000000000000000000000010001071c4e23000200000000ff000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff020000000000000000000000000001000004d66c0000000a01010100000000000000000000000000000000000000009201000000000000a39b000000000000ffff0000000000001c250000000000000300000000000000fcffffffffffffff0000000000000000ffffffffffffffff00000000000000001f00000000000000fefffffffffffffffafffffffcffffff000000008000000002350000020001002000000000000000480003006465666c61746500000000000000000000000000000000000000000000000000960f000000000000000000000000000000000c00"/240], 0x138}, 0x1, 0x0, 0x0, 0x800}, 0x0)
sendmsg$inet(r0, &(0x7f0000001180)={&(0x7f0000000000)={0xa, 0x0, @empty}, 0x10, &(0x7f0000001080)=[{&(0x7f0000000040)="a72d11a15c048c0a7d63aebc5cea1f81510ff6091475aeec600831aa9d3944e60bc2ad06a619c560aa0118b28f68f1eb14549d633b4b23f179fb680716faa43414787559be90843c35ab30acad8a6740140e00721abc2eb362f7bde53b3c992d3e28ccc20ec84fdc569947047f6c09a647ee8c0a747b951e66c068ccf1af93ee9e6f9528ff79e2f989383b05a690a6bec4634b867c9446c1c644b3010e8a3514c6328323b4bbdd602b8f0dace6aea70902c4ddd2a2f2810f1348b0d0df3c1e6a5938fcfdc87e7580c6be0c6a06eca62d6f787dd16add086a21391c4c707d8b61929d1252681b84c245e0efafe2e6e73ad86a3cf59235ab0eacbb414af92ec3cdac420a064a98e8cc18bdf63f8997f96436e0fe6f06fdbf47fff353b01a861babd4a38d126bfe3e29049e6cc883e6efae6e70ef9ed124b1b09887a58c991e223b6420dca5ae238027e91b17b1707dc5c0d5f59f0ca95614f1ea1d263c1ee54dfe31ae35eb3c8e3b931dff7920c57fbba89adf2e392c1ad719b90c7ade0d38ff9792934ef1fb12f51d8e2fad12486d5883d5b1a46696fad128c6805cfb25bc6487e1e407d6b266971b09d0d864a7a550284e24b6cdc9f4ae1081a638175dffef002c76ac5558d23e41edbe68f4b4950a13aa000326dae5a857603dc5a40d6c6618a98c7b6e1eebd325ea2c14601a25658965f40864fd015d9b2fff83ee5ed3212ebd9fa429f0140f633556ac07c0c08e67a1848c9942ecc47dd4ffede9a429e9e0472be7cdbcd117e621ddf745c00a814ffff0224634472577dc0b35a9c153409f1a2bddc193b20b4d244d9cbbd59816c46000c596865f58b4e640ed4a9ab6086cede697fb113560925498da83273e679e0e28b84961eb7b9c9b4fa916590965c76b48e5d453f27a821bd2bf0946ff2413ec30f7893d1f046e18f736c40ceda26dfc4a0a62f71a3606d3f72c0a858dfd7895e2572292e11af913c6b513a141d28e501ae7c49618d104aac9abb78466a636efb88120d0eef0a501558a5aa34784a9823f2802a0bcdf318f9b436b34b42a2a7cf513f80364ad9a699d2e23eb4f3a2bbce818bd20da61882b3dac699d05dc24f29b72471b712423ace6278c43df2be7a09e815517b86d8b3ce16af3d64a575958c5fd52aac53b391f3d2a67c24c6c13ec11428b61b80a6a58cbba1790a98d190a572070f63fc0b809669895ea9865c3066b06102f6f2c7171dc7f76e1931b3e4deb569ef9d07d5f86a848f50942e93c419c3a23489f14803b08182dfd48b8d4375be6b7f805a21209c05e5927693a8834c8d5a5acbd47ed8a30a8a741d1ad77639b56b3b90c0b2023fa334befd28b2e27cbcd94b0ce7437f88ce67a925cea6d6d7e5313de6d328b1124a8b9ef83fe39ca3da97d33c60b7fd4af67d3c8fccb595a27a5bffc71e5a5b2ec966828993b0c0f83cbc55f9a7fb66a4101d5c83b77885072b6e2b2ceebe32f635509698c05089b9ff1cb1959b211e114dadb224ef2d5e7a3c55b3ac00fcdc9018577603c6301e5d4341b3d7eeb2665349d448d28d5d108f576408cbe533a6adbba18ebb2d84bb9af81108506a2f50fb56d595579000747930449fdf4ed01715ec624a0cb73636a35b9136f10b79e3d7ded09008b92e92c64e26e6b6d17f18b70b1d9813de8d2ff151c7a6a0452c660a57c33f13e2d9b88fa5f5c0505722d2e787a425e4a3e9b5efa9668e9199f5fb9fe7d5b8a57719a57df152e7f2c6a1087a2a24084f82455b65353a70559f04d5ed12defb81497ea69c1c7e69c373524770b7473c16a69c7a3648a9dd93377b89cdff61cf62512d1ee67a55ea67993937c1f55a2179bc9c8a337364cfb84d295adda1ad9700fc2f5c11cbfc1b90affb4666c6e7e23a6f7751410a5651819f29f690c6dba2b8a67e0f7f8cc377feb1854c393578994c85391ba21b3961aed477f771645571dc7d6cae72bf79c82a92a4edc3742b1398060a0a5c9e81c016b7f2ae3db529c6ff824cc28678764d8ab49d7dc68e5b0556c9e7ffb6fef442776d86fbd458741830e57f22a1f8513b92abd5b2df93a67cc560134078f0b8ecc3276e40aadef5cd579888b86b4988f396679250701f3869e7493b33692035ecd94aca5189fd0a0893ccc5bb19c0b4caca86cf90ebc2a5558f39cccb33f6773a4e425bf551fb3b6456ee1cc62fa1843a9e5539bb2d02ae6ef82533a9dbcfb562c1ab18c1f639ae7ff02083746f74a15ba2d10e4b955940a5d6f488d326a99f287c48ad463ce40367aeeff519cbad0a2d7fdbfa48bff75955467977764c2be2bd2ffa18396c46920c40c50a4037003666406d177e2cd20aee423d07169d8f611f635ba0b62b61265ff2c5548446a2423dd1038482b6852b2d9d2f90aa05d82c5e2c3d1af0c7aad72d82b3da67471af7b037bb0424a785e73f35b5a10a2ab300a195c20cd119a5390e0cd5d49c70bd80883b933e843d0d2902749dcf3c140c708a0f004b7a2f50bf311305dc01719016fcce5863815ca7951de710fcb71cd177551ff6fcd9f8bf01b93868f24c6129b6d7917125338cf62110083093fc7f862015d48450d992f2bb43e601cab19b2ea7b83962a382fc2a31fdf2358bf8a9a9e506eaa7b6eb5e7444d1ef459b24ffa51362abce902dfd84201a0e4b5a3b62757aad54fb65b83821c6bba663886de092065a565921ea3eb6781bb8ed4f4db3abcfeeb379b7e52fca790bea719918e299ab01bf5e92177d134360bf7a16a59e9d03d3dcfb0a25599237e3d41b3f0026c9402b1fb1894426303413a2cbcf7c72807ca694afa285990d07c3bca26413c9947b3b344aafc04544b8c11416e0312b028da7302e316c3966d41884b15055a49a4a0b3eac8e11f88a5615fb0af582f065d28e5a454447e9d0cfc60356439ebf7e1d0a00f5b9cc6daf2bd7195ba96b4d1a0679ff0fb1c01282c378a880f90f460889b67d76d4d0e8db6c928d113533d1d10b810303c43d8ff622c5bab7f095b96e64bf9daa48a2bdf3d9d40bac00cf1b66df61a4f7c3e21938e876f81b1179dce6a008f28eb682cae690ced0ea0d542da604d8056f2b1813ed36683c4c51aeb2650772cfb1c55d4e60604ff06344cfc271b2175a6c94defb807af240b483e24298ca73bfc743ca2ca2e77e6d5b817b3c1986601537faf59ac84c74d8bd0c068cb8e6bd03ac2dcf5793fb4a00b3c901a33aa3ee86e4f0db317b94bb8678ab26e36d305ebac4b0f7f164947148255b562dd0f87648499d45bccfb7d8c9d5624cadf8160a396e79fbcdc100058ba4606e41c02fb2cc0dc6c36196bd28acfde82a18cda2321d2d83fecd3b85380667cd1d0bc68298c6c8f10421a80c8fa86912b6c3e8ddd9d9668520d5151409e6b77f0d7730b374a68a744151bfbd123cfdf871e8c24e70d2ca3b50e84a48e0b78c1781000cfc848d43584985763a76c0ab9ba882c55e3e4aa8f2174255db38adb8350b48a77be22a869d13d183325f859b883464e5e46de5ea8a92532b9a794daaeff657cd361f7f158f8bebe36e9de1f5b9721d4263dcc9472229bc02d3f552180abfb25ca7aa36cb914d99c09fd5bb99dcab9b4e3c634d18fc7dfe84dc4425ad1e39c3e7410d49b4ea0a8a2958688c7725822f6dfc0827d19dc385e0e35a949941e4dd1aaeaab9ebe402f8c584bca7efc829f2ccfb63fd7bde1c182a67c14f9d3f033ca674e2604e89cd55a15419f956cd61a755c1b13554dae98e77be078aadfc131c9677381f1dbe6ef194eb17603a463e8b844ab46a6046e1f07d96d66de669359bff4c3d80948a4de3abb2f171a09b5d8999c379fb62244114e218c79805df7d899e5661320ee6721d652b95f09e4dfe69bd67099c73294b17ab574e0b966aa3ab44478965b9dca3cb3b9282945f24ccdd07c638ae25a84a728ca24f87ff49d718121a694be46f3616e27b1041b3c6cd24b9cf775bfc28dfbe0a009048f0599f2d5d6586cfd1e7f7fe69872d08b98f60d28e6af0d49d7f06ad71a7b5c41df261aba5de114022c7288bc265cc17909fdeadc3d7b256d7ab3b96e40f857060f16b54a6bb7248ee571f87ace5ee39eab412706cf52fa711468b21ea129c3f44bceb429fcc1a0ac2aa87b9365077dcfcfa9a1b32a0a09699197c20019a66cbd0a897feab3706c23123b888ada643d4560082033e31596b0483578968e3c9593ebd97141c228a42fc7645f92171c120aabca36657683fd7c72fcb87217f124d6fabc52f1d221d8410b47b0ad4bd944bf4085365e9b52a53911ab4ee142c5a1ebbe034c9d98c538c066f2dc0acf372eb2397dcac765055123e0ba19be22b18c886bf0f7490abe9fde91ffa62e059962bd134be8501cb5b715a744b1398e2c4c7e8afe72e189dda0654296afa1c1f99ab7d800fa40f72a758625c833b6fc7b7d42250522b456e1e7de815350c36c9cb2f4d1c9cb99109f89b456c559463f11b8b58247809b17a4ed4912bd0a47a529f1364d6dc593ea7f3eb98962078ac90e5012ee1c7b4b9ed5a8c7a9c0231b4ce425693faab64fa0f3482a04d4be2e06ee5d103694d288810a1a7f4d1e908dd82dd2016a064ece5cd67ef1dd5f4cda728fc6f1ccdd949dd8f775d862621507248ef4c83ae274969d19c7ddb02a4e8a1ab2b7aa539a442b22735ceedeefe60a1059dfaaa0979ce8d5387b5a047841fd9749b88ca91216b02d7926408a01916b7781bb7167528ccdb9a486d173437a5ba3e552c8674dff2cc9b21054e0e4f86b61b8723fca58ceef4413bffae9e9be79c5b9788f5449811ce78be9bc7a86375a670197baaef751beabcba0aa6c7c33f1cd702cb78ec39fa1f17d9da733d6abf2b80f9c51ac8f6f664b24edc53a7c9525c3016bd05c67272375fe816b2b121f2de68b885a0fd8f8b8c6c342237b632f6414a3eb3480f5f42106c5812e9bfd4e8c8dea8d08525d9aa1da7c7c2ee7ff3d31b79b211dd01e304a8ffc83a89a59f3b1e2ef5e969b6d90bea7e161066f25622fad914bff52bacd2807093dda1838b529ee57f718b374ce2841b924a42457867547a6edcb8412", 0xe00}, {&(0x7f0000001040)="9d7fcf3efc63f4a6a555ba8b4726d7ccaf8a207100e69cfac4377876021d7131b838059f96bd206d4776368ed2a92432e5af71", 0x33}], 0x2, &(0x7f00000011c0)=ANY=[@ANYBLOB="1400000000000000010000004100000002010000000000004800000000000000080000000700000010000034366567f2219787566400007300000000000000000000000008000000ef3820f3439cb150a3651e799e1459c9c9a7521737a8879e3ef4dca1e3c32158996e4b2abde5342e22f2ba8b679121ac0b0ad62ade31fb2c47f0bbf781eb8bd1e3064141e90e9eac25b189c0da98b676571bbeefba392c3e15a10e03dee4ae1dfe99793e51ec0c6bb5fa6d7b357d249502f5919ef251e5d0e5bed378265b8bd55fde4689cb509b14fa754813a27e72d175e8d677420e10d651833e6e2ab8168b1d633b1bb9a7d4d59ebdc7083d93d35cd469de", @ANYRES32=0x0, @ANYBLOB="e1212f0409000000e70bcf35ac837225dd355ad309a5ec6096633ba38e1ef5baf006020e5f45c993cb5680017c6720bea9b7c451516a8cff7f00000000000019f20b784b2336d43c8a0f7347801a596dfb0b078a967980ccec1d115c7a0000000000000000000000fed6260fdf140498f1274bc569d0d87656d0d18d903580f0ec0915e89bd286b2c25165043f6a001d53f84eaabf01cc310ff28c7c76867ce1a2c9c91b"], 0x6b}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100"/13], &(0x7f0000000100)='GPL\x00', 0x100, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r9, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mknod(&(0x7f0000000080)='./bus\x00', 0x8000, 0x7)

6.558403266s ago: executing program 1 (id=962):
r0 = socket(0x10, 0x80002, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0x15)
ioctl$TCSETS(r1, 0xc0384707, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB], 0x1c}}, 0x0)
socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001600)={0x0, 0x0, &(0x7f0000001580)=[{&(0x7f0000000280)="db", 0x1}], 0x1}, 0x41)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x1e2e81)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r4, 0x40bc5311, &(0x7f0000002500)={0x80, 0x2, 'client0\x00', 0xffffffff80000004, "00000000ffffffe3", "e4a18560d99f00", 0x800000, 0xfffffffc})
recvmsg(r2, &(0x7f0000000840)={0x0, 0x0, 0x0}, 0x10001)
recvmsg(r2, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r5, 0x0, 0xfffffffffff77049}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r9 = socket(0x2, 0x80805, 0x0)
r10 = getpid()
r11 = syz_pidfd_open(r10, 0x0)
setns(r11, 0x24020000)
r12 = syz_clone(0x16040000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_pidfd_open(r12, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r9, 0x84, 0xc, &(0x7f0000000180)=@assoc_value, &(0x7f00000001c0)=0xfffffffffffffffd)

6.556613101s ago: executing program 2 (id=963):
syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
connect$tipc(0xffffffffffffffff, 0x0, 0x0)
openat$ptp0(0xffffffffffffff9c, 0x0, 0x80042, 0x0)
r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40186f40, &(0x7f0000000440)=0x1f)

6.551331472s ago: executing program 3 (id=964):
r0 = socket$rds(0x15, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000080)={'batadv_slave_1\x00'})
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x4, &(0x7f0000000000)=ANY=[@ANYRES16], &(0x7f00000005c0)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
r2 = socket(0x10, 0x3, 0x0)
sendto$inet6(r2, &(0x7f00000007c0)="7800000018002507b9199b02ffff48000203be04020406050a02040c5c000900580006080a0000000d0085a168d0bf46d32345653600648d270015000a00000849935ade4a460c89b6ec0cff3959547f509058ba86c902007a00004a32000407160016000a0000000000e000e218d1dd3b6ed538f2523250", 0x78, 0x0, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={r1, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, &(0x7f0000000400)="cf2240e6919817e495", 0x0, 0x0, 0x8000}, 0x50)

6.499447829s ago: executing program 0 (id=965):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="4c0000001800dd8d00000000000000000200000000000005000000000600150001000000280016802400010000000000000000000004010020000000000000000000000000000000000001"], 0x4c}}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r1)
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000140)=ANY=[@ANYRES32=r3, @ANYRES32=r2, @ANYBLOB="26080071594900000003000000000000009a24440b6dc8c1c800000000", @ANYRES32, @ANYBLOB, @ANYRES64=0x0], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r3}, &(0x7f0000000000), &(0x7f0000000080)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000000)='nilfs2_mdt_insert_new_block\x00', r1}, 0x18)

6.480778704s ago: executing program 0 (id=966):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="c0260000410007010000000007000000017c00000400fc80a72601"], 0x26c0}}, 0x4010) (fail_nth: 3)

5.949370654s ago: executing program 2 (id=967):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0xffffffffffffffff)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_AUTH_CHUNK(r2, 0x84, 0x15, &(0x7f00000003c0)={0x3}, 0x1)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
r4 = syz_open_dev$sndpcmc(&(0x7f0000000080), 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
lstat(&(0x7f0000000400)='./cgroup\x00', &(0x7f0000000440))
setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x119, 0x1, &(0x7f0000000540)=0x9, 0x4)
r5 = syz_open_procfs(0x0, &(0x7f0000000180)='net/kcm\x00')
ioctl$SNDRV_PCM_IOCTL_CHANNEL_INFO(r4, 0xc0844123, &(0x7f0000000040))
r6 = syz_genetlink_get_family_id$batadv(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000340)={'batadv_slave_1\x00', <r7=>0x0})
sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000fedbdf250f00000008000300", @ANYRES32, @ANYBLOB="08000600", @ANYRES32=r7, @ANYBLOB="f5834f202da8e3a8000a0000006d7f"], 0x24}, 0x1, 0x0, 0x0, 0x2}, 0x8000)
mount(&(0x7f00000000c0)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000000)='erofs\x00', 0x0, 0x0)

5.403436527s ago: executing program 1 (id=968):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="2c0000001800835e010000000000000002000000fd00fe020000000008000400", @ANYRES32=r2, @ANYBLOB="08002700ac141444"], 0x2c}, 0x1, 0xffffff7f}, 0x84)
r3 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000000)={0x0, 0x1f}, 0x14)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
request_key(0x0, 0x0, 0x0, 0x0)
r7 = socket$inet(0x2, 0x1, 0x0)
setsockopt$sock_int(r7, 0x1, 0x2, &(0x7f0000000040)=0x7f, 0x4)
listen(r7, 0x0)
futex(0x0, 0x8, 0x2, 0x0, &(0x7f0000048000)=0x2, 0x0)
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r8, &(0x7f0000001a40)={0x1f, 0xffff, 0x3}, 0x6)
write(r8, &(0x7f0000000000)="2e000300010000", 0x7)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(0xffffffffffffffff, 0xc040564a, &(0x7f0000000280)={0x8008, 0x0, 0x2002, 0x2b, 0x7, 0x0, 0x80, 0x1})
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0xffad, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10)
ioctl$DRM_IOCTL_WAIT_VBLANK(r3, 0xc018643a, &(0x7f0000000080)={0x10000000, 0x2})

5.403020589s ago: executing program 3 (id=969):
syz_usb_connect(0x0, 0x2d, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
setsockopt$inet6_IPV6_HOPOPTS(0xffffffffffffffff, 0x29, 0x36, &(0x7f0000000880)=ANY=[@ANYRES8=r0, @ANYRES64, @ANYRESOCT, @ANYRES8], 0x1b0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(0xffffffffffffffff, 0x29, 0x36, 0x0, 0x0)
syz_io_uring_setup(0x1f10, &(0x7f00000003c0)={0x0, 0x19de, 0x800, 0x0, 0x212}, 0x0, &(0x7f00000001c0))
r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCRSCLRRT(r1, 0x89e4)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket(0x10, 0x3, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
exit(0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f0000000680)={&(0x7f0000000340)=ANY=[@ANYBLOB="3000000068000500fdffffff00000000020000000e"], 0x30}, 0x1, 0x0, 0x0, 0xc001}, 0x8000)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5021900000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_MSG_GETFLOWTABLE(r2, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0xeaebf8747da83363}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0x40, 0x17, 0xa, 0x1907, 0x0, 0x0, {0x0, 0x0, 0x2}, [@NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x20000040)

2.850363321s ago: executing program 0 (id=970):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='sched_switch\x00', r0, 0x0, 0x400}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)={0x30, r3, 0xc4fc9e906872338b, 0x20, 0x200, {{0x15}, {@void, @val={0xc, 0x99, {0x40, 0x52}}}}, [@NL80211_ATTR_TID_CONFIG={0x10, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x8, 0xd, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x4, 0x3, 0x0, 0x0}]}]}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000002340)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca0200000000000000adcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d070490893616810a121ff4feedd1d176b313b9fc7bf31ddff431a4a50760ce18a76c4b7aa73cec3eec984c76d16f798c436410f3f4a41715e736a132c3cb9421be0b3c2bd40b75896c007fa2d47e3d8392d905d582b8eff689b0f493770c91e8c2e8bd0b08ffa4fd0289b04b0ea024768d196ef721314d68d29988b01871c6ea39f95a0b77744caadd24867acab274e8e4bf3fb44df31e15ffdce52f9f60ffe"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000012c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000000)={@cgroup=r4, r5, 0x2f, 0x8, 0x4}, 0x20)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r6 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_SERVICE(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=ANY=[@ANYBLOB="52e06604e1cd8d5f21000000", @ANYRES16=r6, @ANYBLOB="0100000000000000000001000000000001800000070014000000100000000000010002000000000002000c0000000000080009000000000009001500000000000500000000000000028000000e004e220000000002004e24000000000e004e2400000000030004000000000002004e2200000000050005000000000003800000040006000000000003000200000000000600fe80000000000000000000000000003d00000400b8000000000003000400000000000500ffffffff00000180000006007272000000000300e000000200"/218], 0x14}}, 0x0)

2.641234789s ago: executing program 0 (id=971):
r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0xffffffffffff0000, 0x12b103)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000400)={0x0, @bt={0x2, 0xa410, 0x0, 0x0, 0x5f, 0x8001, 0x3, 0x3, 0x8, 0x4, 0xb, 0x6, 0x3ff, 0x8001, 0x2, 0xc, {0x3ff, 0xfffffffc}, 0x3, 0x4}})

2.587476096s ago: executing program 1 (id=972):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002ec0)={0x38, r0, 0x10ada85e65c25359, 0xfffffffd, 0x25dfdbfd, {{0x6b}, {@val={0x8}, @val={0xc, 0x99, {0x2, 0x72}}}}, [@NL80211_ATTR_TID_CONFIG={0x10, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x8, 0xd, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x4}]}]}]}]}, 0x38}}, 0x0)
read$msr(0xffffffffffffffff, 0x0, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000080)={0x1f, 0xffff, 0x4}, 0x6)
sendmsg$IPVS_CMD_FLUSH(0xffffffffffffffff, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000001280)=ANY=[@ANYBLOB='D'], 0x4c}}, 0x0)
write$binfmt_misc(r2, &(0x7f0000001280), 0x6)

2.515781953s ago: executing program 0 (id=973):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) (async)
r1 = gettid()
timer_create(0x0, &(0x7f00000003c0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000000380)) (async)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x2010, 0xffffffffffffffff, 0x37dc5000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) (async)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$getownex(r4, 0x10, &(0x7f0000000180))
sendto$inet6(r5, 0x0, 0x0, 0x20000841, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @empty}, 0x1c) (async)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, 0x0, 0x0, 0xffffffffffffffff) (async)
add_key$fscrypt_v1(0x0, &(0x7f0000000440)={'fscrypt:', @desc3}, 0x0, 0x0, 0xfffffffffffffffe) (async)
sendmsg$NFULNL_MSG_CONFIG(r6, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x30, 0x1, 0x4, 0x101, 0x0, 0x0, {0x1, 0x0, 0x5}, [@NFULA_CFG_MODE={0xa, 0x2, {0x5}}, @NFULA_CFG_CMD={0x5, 0x1, 0x1}, @NFULA_CFG_NLBUFSIZ={0x8, 0x3, 0x1, 0x0, 0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x4040000}, 0x0) (async)
write$cgroup_int(r7, &(0x7f0000000040)=0x1c9, 0x12)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r7, 0xc01864c6, &(0x7f0000000480)={&(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5, 0x80000})
r8 = io_uring_setup(0x4577, &(0x7f0000000540)={0x0, 0x988d, 0x8000, 0x2, 0x2be})
r9 = io_uring_setup(0x7fd0, &(0x7f00000004c0)={0x0, 0x3ed9, 0x2, 0x1, 0x32f, 0x0, r8})
io_uring_register$IORING_REGISTER_CLONE_BUFFERS(r9, 0x1e, &(0x7f0000000000)={r9}, 0x1)

2.505749994s ago: executing program 1 (id=974):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r2, &(0x7f0000000480)={0x18}, 0x18)
write$FUSE_INIT(r2, &(0x7f0000000600)={0x50, 0x0, 0x0, {0x7, 0x29, 0x3, 0x0, 0x4, 0x772, 0x7, 0x0, 0x0, 0x0, 0xa0, 0x200}}, 0x50)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}})
r3 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
unshare(0x2c020400)
write$FUSE_INIT(r3, &(0x7f0000000200)={0x50, 0x0, 0x0, {0x7, 0x29, 0x1282, 0x400c6001, 0x5, 0x8, 0x10, 0xc40b, 0x0, 0x0, 0x40, 0x6}}, 0x50)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)

2.250365847s ago: executing program 0 (id=975):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000e80)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x4000000)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @pix={0x434c, 0x8, 0x584e4f53, 0x4, 0x2, 0x7, 0x0, 0x5, 0x1, 0x4, 0x2, 0x7}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000", @ANYBLOB="ad4300000000010000000f"], 0x14}, 0x1, 0x0, 0x0, 0x20000054}, 0x0)
set_mempolicy(0x2, &(0x7f0000000080)=0x51e1, 0x3ff)
ftruncate(0xffffffffffffffff, 0x8800000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmmsg(r2, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x20001b80}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2, 0x0, 0xa0028cb4}}], 0x40000000000013c, 0x700, 0x0)
sendfile(r1, 0xffffffffffffffff, 0x0, 0x578410eb)
r3 = getpid()
process_vm_readv(r3, 0x0, 0x0, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r4 = socket$kcm(0x29, 0x5, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
splice(r4, 0x0, 0xffffffffffffffff, 0x0, 0xf3e, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x4)
syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000000030020f003176c400000000001090224725100000000090400001207010300090501020000000000090582020002"], 0x0)

977.383679ms ago: executing program 3 (id=976):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f00000000c0), 0xffffffffffffffff)
mknod(0x0, 0x8000, 0x7)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x5, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x18, &(0x7f0000003780)=0xf, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
listen(0xffffffffffffffff, 0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f00008b0000/0x4000)=nil, 0x4000, 0xb635773f05ebbeef, 0x810, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
r5 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000009e602206d0414c340000000000109022400010400a000090480000103010100093700086ce82201000905815f"], 0x0)
syz_usb_control_io$hid(r5, &(0x7f00000001c0)={0x24, &(0x7f0000000100)=ANY=[@ANYBLOB="00020c0000000c0002c9"], 0x0, 0x0, 0x0}, 0x0)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000040)=<r6=>0x0)
sched_setaffinity(r6, 0x42, &(0x7f0000000100)=0x5)
recvmmsg(r3, &(0x7f0000000500)=[{{0x0, 0x0, &(0x7f0000000040), 0x1000000000000145, &(0x7f0000002900)=""/4099, 0x1003}, 0xda}, {{0x0, 0x0, &(0x7f0000000280), 0x0, &(0x7f0000000480)=""/94, 0x5e}, 0x4}], 0x2, 0x2, 0x0)
sendmsg$DEVLINK_CMD_RATE_SET(r0, 0x0, 0x20048844)
r7 = fsopen(&(0x7f0000000000)='devtmpfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0)
fsmount(r7, 0x0, 0x1)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r7, 0x7, 0x0, 0x0, 0x0)

862.938591ms ago: executing program 4 (id=977):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00"/13], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xc, &(0x7f00000005c0)=ANY=[@ANYRES16=r0, @ANYRES64=r0, @ANYBLOB="00e8000000000000b7080000000000007b8af8ff0000000000000007020000e2ffffffb703000008000000b7040000fa5400008500001b82000000950000000000"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYRESHEX=r5], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)={0x28, r6, 0x9c3fa077fa966179, 0x386, 0x25dfdbff, {{0x7e}, {@val={0x8}, @val={0xc, 0x99, {0x7ab3cccb, 0x2d}}}}}, 0x28}}, 0x0)
io_setup(0x3fe, &(0x7f00000001c0)=<r7=>0x0)
io_getevents(r7, 0x1, 0x0, &(0x7f0000000380), 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x3a155000)
io_submit(r7, 0x1, &(0x7f0000000280)=[0x0])
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket$pppoe(0x18, 0x1, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000500)={0x0, 0x0, <r9=>0x0}, &(0x7f00000003c0)=0xc)
setresgid(0x0, 0x0, r9)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r8}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000d3e457201e040b40e73e000000010902120001000000000904"], 0x0)

783.747001ms ago: executing program 1 (id=978):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5)
rseq(0x0, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x1, 0x84)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb3, 0x7f}, 0x48)

280.712743ms ago: executing program 2 (id=979):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000000)=0x7, 0x4) (async)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockname(r1, &(0x7f0000000040)=@hci, &(0x7f00000000c0)=0x80) (async)
r2 = socket(0x21, 0x2, 0x100)
sendmsg$NFT_MSG_GETCHAIN(r2, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x64, 0x4, 0xa, 0x201, 0x0, 0x0, {0x0, 0x0, 0x6}, [@NFTA_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x4}, @NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x5}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_TYPE={0xa, 0x7, 'route\x00'}]}, 0x64}, 0x1, 0x0, 0x0, 0x40000001}, 0x20004010)
r3 = accept4(r2, &(0x7f0000000240)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @multicast1}}, &(0x7f00000002c0)=0x80, 0x0)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(r3, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, 0x0, 0x10, 0x70bd2c, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000084}, 0x20004024) (async)
socket$packet(0x11, 0x3, 0x300) (async)
sendmsg$AUDIT_USER_AVC(r2, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x10, 0x453, 0x510, 0x70bd2a, 0x25dfdbfb, "", ["", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x10}, 0xc040) (async)
getsockopt$inet_sctp6_SCTP_CONTEXT(r3, 0x84, 0x11, &(0x7f0000000500)={<r4=>0x0, 0x4}, &(0x7f0000000540)=0x8)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r3, 0x84, 0x70, &(0x7f0000000580)={r4, @in={{0x2, 0x4e23, @multicast1}}, [0x70c, 0x8, 0x0, 0x1f0720fc, 0xf201a70, 0xc1c, 0x3, 0x2, 0x8, 0x3ff, 0x8, 0x80, 0x81, 0x10000, 0x7]}, &(0x7f0000000680)=0x100)
syz_genetlink_get_family_id$l2tp(&(0x7f00000006c0), r2)
r5 = socket$rxrpc(0x21, 0x2, 0xa) (async)
r6 = socket$inet(0x2, 0x2, 0x101)
ioctl$VFAT_IOCTL_READDIR_SHORT(r6, 0x82307202, &(0x7f0000000700)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) (async)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000980), r3)
sendmsg$ETHTOOL_MSG_COALESCE_GET(r2, &(0x7f0000000a80)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000a40)={&(0x7f00000009c0)={0x74, r7, 0x8, 0x70bd2b, 0x25dfdbff, {}, [@HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}]}, @HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'tunl0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg0\x00'}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x80}, 0x1) (async)
ioctl$EXT4_IOC_GETSTATE(r5, 0x40046629, &(0x7f0000000ac0)) (async)
recvmsg(r2, &(0x7f0000002e80)={&(0x7f0000000b00)=@nfc_llcp, 0x80, &(0x7f0000002d40)=[{&(0x7f0000000b80)=""/111, 0x6f}, {&(0x7f0000000c00)=""/4096, 0x1000}, {&(0x7f0000001c00)=""/22, 0x16}, {&(0x7f0000001c40)=""/219, 0xdb}, {&(0x7f0000001d40)=""/4096, 0x1000}], 0x5, &(0x7f0000002dc0)=""/140, 0x8c}, 0x40000100)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000002f00), r2)
sendmsg$NL80211_CMD_EXTERNAL_AUTH(r2, &(0x7f0000002fc0)={&(0x7f0000002ec0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000002f80)={&(0x7f0000002f40)={0x2c, r8, 0x200, 0x70bd28, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_BSSID={0xa}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8010}, 0x440d5)
socket$nl_rdma(0x10, 0x3, 0x14) (async)
r9 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000003200)=@bpf_ext={0x1c, 0x10, &(0x7f0000003000)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9ac, 0x0, 0x0, 0x0, 0x7}, {}, {}, [@exit], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000003080)='GPL\x00', 0x40, 0x50, &(0x7f00000030c0)=""/80, 0x0, 0x12, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000003140)={0x5, 0x1, 0x4, 0xffffffff}, 0x10, 0x29d65, 0xffffffffffffffff, 0x6, 0x0, &(0x7f0000003180)=[{0x1, 0x2, 0xb, 0x4}, {0x4, 0x4, 0x1}, {0x2, 0x5, 0x4, 0x1}, {0x2, 0x3, 0x1, 0x9}, {0x1, 0x5, 0x6, 0xb}, {0x5, 0x4, 0x0, 0x7}], 0x10, 0x2}, 0x94)
bpf$PROG_BIND_MAP(0x23, &(0x7f00000032c0)={r9, 0x1}, 0xc)
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, &(0x7f0000003300)=0xc3d, 0x3, 0x0)
connect$inet6(r2, &(0x7f0000003340)={0xa, 0x4e21, 0x80000001, @mcast1, 0x1}, 0x1c)
r10 = socket$inet_smc(0x2b, 0x1, 0x0)
bind(r10, &(0x7f0000003380)=@can, 0x80) (async)
ioctl$BLKCLOSEZONE(0xffffffffffffffff, 0x40101287, &(0x7f0000003440)={0x9, 0x8})

0s ago: executing program 1 (id=980):
r0 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
setrlimit(0xb, &(0x7f0000000340)={0xa00000000, 0x7abc})
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_extract_tcp_res(&(0x7f0000000300), 0x4, 0xfffffff8)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f00000004c0)='net/ip_mr_cache\x00')
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, 0x34, 0x1, 0x70bd2d, 0x25dbdbfe, {0x1}, [@typed={0x8, 0x7, 0x0, 0x0, @u32=0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x50}, 0x4000040)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000580)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x57, 0x7fc00100}]})
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r4, &(0x7f0000000440), 0x10)
listen(r4, 0x0)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f0000000180)={0x1}, 0x8)
close(0xffffffffffffffff)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f0000000740)={<r5=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r3, 0xc0182101, &(0x7f00000000c0)={r5})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r3, 0xc0502100, &(0x7f00000003c0)={<r6=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r3, 0x40182103, &(0x7f0000000080)={r6, 0x3, r0, 0x5})

kernel console output (not intermixed with test programs):

ing attributes in process `syz.0.460'.
[  194.624113][ T7560] netlink: 28 bytes leftover after parsing attributes in process `syz.0.460'.
[  194.636611][ T7560] netlink: 28 bytes leftover after parsing attributes in process `syz.0.460'.
[  194.648532][ T5965] usb 4-1: new low-speed USB device number 15 using dummy_hcd
[  195.043820][ T5965] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  195.212652][ T5965] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  195.329300][ T5965] usb 4-1: config 0 descriptor??
[  195.637717][ T7572] IPVS: set_ctl: invalid protocol: 1 172.20.20.187:20001
[  196.080643][ T7575] : entered promiscuous mode
[  198.095267][ T7589] FAULT_INJECTION: forcing a failure.
[  198.095267][ T7589] name failslab, interval 1, probability 0, space 0, times 0
[  198.144911][ T7591] siw: device registration error -23
[  198.170235][ T7589] CPU: 0 UID: 0 PID: 7589 Comm: syz.2.469 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(full) 
[  198.170261][ T7589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  198.170270][ T7589] Call Trace:
[  198.170276][ T7589]  <TASK>
[  198.170282][ T7589]  dump_stack_lvl+0x16c/0x1f0
[  198.170310][ T7589]  should_fail_ex+0x512/0x640
[  198.170333][ T7589]  ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0
[  198.170357][ T7589]  should_failslab+0xc2/0x120
[  198.170380][ T7589]  kmem_cache_alloc_lru_noprof+0x72/0x3b0
[  198.170401][ T7589]  ? __d_alloc+0x31/0xaa0
[  198.170429][ T7589]  __d_alloc+0x31/0xaa0
[  198.170456][ T7589]  d_alloc_pseudo+0x1c/0xc0
[  198.170474][ T7589]  alloc_file_pseudo+0xcf/0x230
[  198.170492][ T7589]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  198.170507][ T7589]  ? lockdep_hardirqs_on+0x7c/0x110
[  198.170536][ T7589]  __anon_inode_getfile+0xf7/0x3a0
[  198.170563][ T7589]  bpf_link_prime+0x10f/0x290
[  198.170587][ T7589]  tcx_link_attach+0x219/0x9e0
[  198.170615][ T7589]  ? __pfx_tcx_link_attach+0x10/0x10
[  198.170638][ T7589]  ? __might_fault+0xd0/0x190
[  198.170662][ T7589]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  198.170685][ T7589]  __sys_bpf+0x419b/0x4d80
[  198.170710][ T7589]  ? __pfx___sys_bpf+0x10/0x10
[  198.170731][ T7589]  ? ksys_write+0x190/0x250
[  198.170754][ T7589]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  198.170794][ T7589]  ? fput+0x70/0xf0
[  198.170819][ T7589]  ? ksys_write+0x1ac/0x250
[  198.170839][ T7589]  ? __pfx_ksys_write+0x10/0x10
[  198.170864][ T7589]  __x64_sys_bpf+0x78/0xc0
[  198.170888][ T7589]  ? lockdep_hardirqs_on+0x7c/0x110
[  198.170920][ T7589]  do_syscall_64+0xcd/0x4c0
[  198.170947][ T7589]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.170964][ T7589] RIP: 0033:0x7fba6038e929
[  198.170978][ T7589] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  198.170994][ T7589] RSP: 002b:00007fba61218038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  198.171012][ T7589] RAX: ffffffffffffffda RBX: 00007fba605b5fa0 RCX: 00007fba6038e929
[  198.171023][ T7589] RDX: 0000000000000020 RSI: 0000200000000000 RDI: 000000000000001c
[  198.171034][ T7589] RBP: 00007fba61218090 R08: 0000000000000000 R09: 0000000000000000
[  198.171045][ T7589] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  198.171056][ T7589] R13: 0000000000000000 R14: 00007fba605b5fa0 R15: 00007fff997355f8
[  198.171079][ T7589]  </TASK>
[  198.410599][    C0] vkms_vblank_simulate: vblank timer overrun
[  198.551461][ T7597] block device autoloading is deprecated and will be removed.
[  198.635808][ T5965] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0012: -71
[  198.636375][ T7599] overlayfs: failed to resolve './file1': -2
[  198.648073][ T5965] asix 4-1:0.0: probe with driver asix failed with error -71
[  198.663228][ T5965] usb 4-1: USB disconnect, device number 15
[  198.690779][   T48] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  198.977778][ T7604] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  198.991232][ T7604] Error validating options; rc = [-22]
[  199.405589][ T7605] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  199.405589][ T7605] The task syz.2.473 (7605) triggered the difference, watch for misbehavior.
[  199.653188][   T48] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  199.780623][   T48] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  199.788662][   T48] usb 1-1: Product: syz
[  199.826537][   T48] usb 1-1: Manufacturer: syz
[  199.850846][   T48] usb 1-1: SerialNumber: syz
[  199.863606][ T7610] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[  199.870310][ T7610] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  199.886471][   T48] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  200.062614][ T7610] vhci_hcd vhci_hcd.0: Device attached
[  200.101460][ T5933] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  200.111789][ T7610] netlink: 'syz.4.475': attribute type 1 has an invalid length.
[  200.350958][  T837] usb 41-1: new low-speed USB device number 2 using vhci_hcd
[  200.493050][   T30] audit: type=1400 audit(1752410750.600:508): avc:  denied  { accept } for  pid=7609 comm="syz.4.475" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  200.595401][ T7610] 8021q: adding VLAN 0 to HW filter on device bond2
[  200.674947][   T30] audit: type=1400 audit(1752410750.800:509): avc:  denied  { read } for  pid=7609 comm="syz.4.475" laddr=::1 lport=255 faddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  200.762126][ T7619] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7619 comm=syz.4.475
[  200.789184][ T5818] Bluetooth: hci1: connection err: -111
[  200.810125][ T7611] vhci_hcd: connection reset by peer
[  200.852368][   T36] vhci_hcd: stop threads
[  200.857472][   T36] vhci_hcd: release socket
[  200.920614][   T36] vhci_hcd: disconnect device
[  201.001786][ T5931] usb 1-1: USB disconnect, device number 22
[  201.170619][ T5965] usb 4-1: new low-speed USB device number 16 using dummy_hcd
[  201.213284][ T5933] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive
[  201.220296][ T5933] ath9k_htc: Failed to initialize the device
[  201.228327][ T5931] usb 1-1: ath9k_htc: USB layer deinitialized
[  201.241113][ T5893] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  201.332159][ T5965] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  201.350761][ T5965] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  201.373933][ T5965] usb 4-1: config 0 descriptor??
[  201.416706][ T5893] usb 3-1: Using ep0 maxpacket: 16
[  201.422727][   T10] Process accounting resumed
[  201.450839][ T5893] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  201.480625][   T30] audit: type=1400 audit(1752410751.600:510): avc:  denied  { create } for  pid=7630 comm="syz.1.481" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  201.499916][    C0] vkms_vblank_simulate: vblank timer overrun
[  201.513828][ T5893] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  201.524715][ T5893] usb 3-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00
[  201.536703][ T5893] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  201.571417][ T5893] usb 3-1: config 0 descriptor??
[  201.713852][   T30] audit: type=1326 audit(1752410751.820:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7630 comm="syz.1.481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11b698e929 code=0x7ffc0000
[  201.737045][    C0] vkms_vblank_simulate: vblank timer overrun
[  201.800598][   T10] usb 5-1: new full-speed USB device number 20 using dummy_hcd
[  201.975118][ T7645] 9pnet_fd: Insufficient options for proto=fd
[  201.990960][   T30] audit: type=1326 audit(1752410751.820:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7630 comm="syz.1.481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11b698e929 code=0x7ffc0000
[  202.097847][ T5893] hid-picolcd 0003:04D8:F002.000B: unknown main item tag 0x0
[  202.120763][   T30] audit: type=1326 audit(1752410751.820:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7630 comm="syz.1.481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f11b698e929 code=0x7ffc0000
[  202.152710][   T10] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  202.171789][ T5893] hid-picolcd 0003:04D8:F002.000B: No report with id 0xf4 found
[  202.180708][   T10] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  202.196922][   T30] audit: type=1326 audit(1752410751.820:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7630 comm="syz.1.481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11b698e929 code=0x7ffc0000
[  202.220181][    C0] vkms_vblank_simulate: vblank timer overrun
[  202.226517][ T5893] hid-picolcd 0003:04D8:F002.000B: No report with id 0xf3 found
[  202.243146][ T7628] delete_channel: no stack
[  202.245627][   T10] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  202.278274][ T5893] usb 3-1: USB disconnect, device number 18
[  202.284610][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  202.384798][   T30] audit: type=1326 audit(1752410751.820:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7630 comm="syz.1.481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11b698e929 code=0x7ffc0000
[  202.468242][   T30] audit: type=1400 audit(1752410752.000:516): avc:  denied  { connect } for  pid=7641 comm="syz.0.484" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  202.558241][   T30] audit: type=1400 audit(1752410752.090:517): avc:  denied  { open } for  pid=7641 comm="syz.0.484" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=16496 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  202.582369][    C0] vkms_vblank_simulate: vblank timer overrun
[  202.735191][ T7647] Cannot find add_set index 0 as target
[  202.746795][ T7647] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  202.754049][ T7647] team0: Device ipvlan2 is already an upper device of the team interface
[  202.775614][   T10] usb 5-1: GET_CAPABILITIES returned 0
[  202.804613][   T10] usbtmc 5-1:16.0: can't read capabilities
[  203.031265][   T10] usb 5-1: USB disconnect, device number 20
[  203.382861][ T7656] binder: 7649:7656 ioctl 400c620e 200000000400 returned -22
[  203.930618][ T5965] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0012: -71
[  203.999575][ T5965] asix 4-1:0.0: probe with driver asix failed with error -71
[  204.454035][ T5965] usb 4-1: USB disconnect, device number 16
[  204.938348][ T7691] Cannot find add_set index 0 as target
[  204.949676][ T7691] 8021q: adding VLAN 0 to HW filter on device ipvlan1
[  204.956937][ T7691] team0: Device ipvlan1 is already an upper device of the team interface
[  205.606582][  T837] vhci_hcd: vhci_device speed not set
[  205.931574][ T5893] usb 3-1: new full-speed USB device number 19 using dummy_hcd
[  206.585061][ T5893] usb 3-1: too many configurations: 9, using maximum allowed: 8
[  206.609516][ T5893] usb 3-1: unable to read config index 0 descriptor/start: -61
[  206.629332][ T5893] usb 3-1: can't read configurations, error -61
[  206.780705][ T5893] usb 3-1: new full-speed USB device number 20 using dummy_hcd
[  207.491193][ T5893] usb 3-1: too many configurations: 9, using maximum allowed: 8
[  207.512409][ T5893] usb 3-1: unable to read config index 0 descriptor/start: -61
[  207.520014][ T5893] usb 3-1: can't read configurations, error -61
[  207.537025][ T5893] usb usb3-port1: attempt power cycle
[  207.701566][ T7727] FAULT_INJECTION: forcing a failure.
[  207.701566][ T7727] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  207.723557][ T7727] CPU: 1 UID: 0 PID: 7727 Comm: syz.0.513 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(full) 
[  207.723591][ T7727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  207.723601][ T7727] Call Trace:
[  207.723607][ T7727]  <TASK>
[  207.723614][ T7727]  dump_stack_lvl+0x16c/0x1f0
[  207.723645][ T7727]  should_fail_ex+0x512/0x640
[  207.723671][ T7727]  _copy_from_user+0x2e/0xd0
[  207.723697][ T7727]  kstrtouint_from_user+0xd6/0x1d0
[  207.723716][ T7727]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  207.723734][ T7727]  ? __lock_acquire+0xb8a/0x1c90
[  207.723772][ T7727]  proc_fail_nth_write+0x83/0x250
[  207.723794][ T7727]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  207.723823][ T7727]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  207.723842][ T7727]  vfs_write+0x29d/0x1150
[  207.723868][ T7727]  ? __pfx___mutex_lock+0x10/0x10
[  207.723893][ T7727]  ? __pfx_vfs_write+0x10/0x10
[  207.723922][ T7727]  ? __fget_files+0x20e/0x3c0
[  207.723953][ T7727]  ksys_write+0x12a/0x250
[  207.723974][ T7727]  ? __pfx_ksys_write+0x10/0x10
[  207.724003][ T7727]  do_syscall_64+0xcd/0x4c0
[  207.724031][ T7727]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.724049][ T7727] RIP: 0033:0x7f239078d3df
[  207.724064][ T7727] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  207.724081][ T7727] RSP: 002b:00007f23916d8030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  207.724096][ T7727] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f239078d3df
[  207.724107][ T7727] RDX: 0000000000000001 RSI: 00007f23916d80a0 RDI: 0000000000000004
[  207.724117][ T7727] RBP: 00007f23916d8090 R08: 0000000000000000 R09: 0000000000000000
[  207.724127][ T7727] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  207.724136][ T7727] R13: 0000000000000000 R14: 00007f23909b5fa0 R15: 00007ffd6ee5f788
[  207.724160][ T7727]  </TASK>
[  207.791050][   T30] audit: type=1400 audit(1752673157.864:518): avc:  denied  { watch } for  pid=7728 comm="syz.3.514" path="/98/file0" dev="tmpfs" ino=530 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  208.020620][ T5893] usb 3-1: new full-speed USB device number 21 using dummy_hcd
[  208.041825][ T5893] usb 3-1: too many configurations: 9, using maximum allowed: 8
[  209.250753][   T30] audit: type=1400 audit(1752673157.864:519): avc:  denied  { watch_sb watch_reads } for  pid=7728 comm="syz.3.514" path="/98/file0" dev="tmpfs" ino=530 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  209.358811][ T5893] usb 3-1: unable to read config index 0 descriptor/start: -71
[  209.383640][ T5893] usb 3-1: can't read configurations, error -71
[  209.991056][   T30] audit: type=1400 audit(1752673160.044:520): avc:  denied  { listen } for  pid=7745 comm="syz.3.520" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  210.372703][ T7755] tipc: Started in network mode
[  210.390198][ T7755] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[  210.424403][   T30] audit: type=1400 audit(1752673160.554:521): avc:  denied  { write } for  pid=7747 comm="syz.2.521" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  210.425238][ T7755] tipc: Enabled bearer <eth:team0>, priority 0
[  210.901183][ T7767] IPVS: set_ctl: invalid protocol: 1 172.20.20.187:20001
[  211.599791][ T5893] tipc: Node number set to 11578026
[  212.042943][ T7779] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  212.050071][ T7779] team0: Device ipvlan2 is already an upper device of the team interface
[  212.400781][ T5933] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  212.436913][ T7792] dvmrp0: entered allmulticast mode
[  212.597150][ T5933] usb 1-1: Using ep0 maxpacket: 32
[  212.636538][   T30] audit: type=1400 audit(1752673162.744:522): avc:  denied  { connect } for  pid=7789 comm="syz.3.529" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  212.661323][ T5933] usb 1-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  212.671078][ T5933] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  212.689323][ T7797] netlink: 28 bytes leftover after parsing attributes in process `syz.2.530'.
[  212.704585][ T5933] usb 1-1: config 0 descriptor??
[  212.719909][ T7797] netlink: 28 bytes leftover after parsing attributes in process `syz.2.530'.
[  212.725492][ T5933] gspca_main: nw80x-2.14.0 probing 055f:d001
[  212.858846][ T7803] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  212.927562][ T7803] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  213.022771][ T7803] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  213.185978][ T7785] Illegal XDP return value 4294967274 on prog  (id 127) dev N/A, expect packet loss!
[  213.664195][ T5933] gspca_nw80x: reg_r err -71
[  213.676456][ T5933] nw80x 1-1:0.0: probe with driver nw80x failed with error -71
[  213.699779][ T5933] usb 1-1: USB disconnect, device number 23
[  214.460673][ T5879] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  214.710633][ T5879] usb 3-1: Using ep0 maxpacket: 16
[  214.727230][ T5879] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  214.743830][ T5879] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  215.220913][ T5879] usb 3-1: config 0 interface 0 has no altsetting 0
[  215.227562][ T5879] usb 3-1: New USB device found, idVendor=05ac, idProduct=0247, bcdDevice= 0.00
[  215.236652][ T5879] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  215.247663][ T5879] usb 3-1: config 0 descriptor??
[  215.404050][ T7825] erofs (device nbd1): cannot find valid erofs superblock
[  215.559330][   T30] audit: type=1400 audit(1752673165.684:523): avc:  denied  { create } for  pid=7826 comm="syz.0.540" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[  215.644017][ T7832] SELinux: security_context_str_to_sid (5ýÆÉ]ÖS9q#“�ë) failed with errno=-22
[  215.709517][ T5879] apple 0003:05AC:0247.000C: fixing up Magic Keyboard JIS report descriptor
[  215.729071][ T5879] apple 0003:05AC:0247.000C: unexpected long global item
[  215.739174][ T5879] apple 0003:05AC:0247.000C: parse failed
[  215.745215][ T5879] apple 0003:05AC:0247.000C: probe with driver apple failed with error -22
[  215.910892][   T30] audit: type=1400 audit(1752673166.034:524): avc:  denied  { setattr } for  pid=7823 comm="syz.4.539" name="anycast6" dev="proc" ino=4026533300 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  215.934790][ T5933] usb 4-1: new low-speed USB device number 17 using dummy_hcd
[  215.942988][ T7812] netlink: 8 bytes leftover after parsing attributes in process `syz.2.535'.
[  215.961939][ T7812] netlink: 12 bytes leftover after parsing attributes in process `syz.2.535'.
[  216.000938][ T7812] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  216.009964][ T7812] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  216.018810][ T7812] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  216.027962][ T7812] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  216.053335][ T5965] usb 3-1: USB disconnect, device number 23
[  216.111803][ T5933] usb 4-1: Invalid ep0 maxpacket: 64
[  216.254022][ T5933] usb 4-1: new low-speed USB device number 18 using dummy_hcd
[  216.448772][ T7842] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  216.462265][ T7842] Error validating options; rc = [-22]
[  216.720732][ T5933] usb 4-1: Invalid ep0 maxpacket: 64
[  216.733862][ T5933] usb usb4-port1: attempt power cycle
[  216.776518][   T30] audit: type=1400 audit(1752673166.884:525): avc:  denied  { connect } for  pid=7840 comm="syz.1.543" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  216.814407][ T7848] erofs (device nbd4): cannot find valid erofs superblock
[  217.340237][ T7851] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  217.408655][ T7851] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  217.493836][ T7851] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  217.598520][ T7861] syz.4.548: attempt to access beyond end of device
[  217.598520][ T7861] nbd4: rw=0, sector=6, nr_sectors = 2 limit=0
[  217.620102][ T7861] ADFS-fs (nbd4): error: unable to read block 3, try 0
[  217.646021][   T30] audit: type=1400 audit(1752673167.774:526): avc:  denied  { bind } for  pid=7860 comm="syz.4.548" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  217.650728][ T5933] usb 4-1: new low-speed USB device number 19 using dummy_hcd
[  217.681187][   T30] audit: type=1400 audit(1752673167.794:527): avc:  denied  { connect } for  pid=7860 comm="syz.4.548" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  217.706681][ T5933] usb 4-1: Invalid ep0 maxpacket: 64
[  217.840627][ T5933] usb 4-1: new low-speed USB device number 20 using dummy_hcd
[  217.862445][ T5933] usb 4-1: Invalid ep0 maxpacket: 64
[  217.868001][ T5933] usb usb4-port1: unable to enumerate USB device
[  217.940745][ T5879] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  218.100579][ T5879] usb 3-1: Using ep0 maxpacket: 32
[  218.106851][ T5879] usb 3-1: config index 0 descriptor too short (expected 156, got 27)
[  218.117732][ T5879] usb 3-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  218.129037][ T5879] usb 3-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  218.142606][ T5879] usb 3-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid wMaxPacketSize 0
[  218.154004][ T5879] usb 3-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  218.169772][ T5879] usb 3-1: config 0 interface 0 has no altsetting 0
[  218.179919][ T5879] usb 3-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  218.189435][ T5879] usb 3-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  218.198226][ T5879] usb 3-1: Product: syz
[  218.202711][ T5879] usb 3-1: Manufacturer: syz
[  218.207774][ T5879] usb 3-1: SerialNumber: syz
[  218.222725][ T5879] usb 3-1: config 0 descriptor??
[  218.240720][ T5879] ldusb 3-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  218.253521][ T5879] ldusb 3-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  218.504629][   T30] audit: type=1400 audit(1752673168.634:528): avc:  denied  { accept } for  pid=7862 comm="syz.2.549" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[  218.505191][ T7877] ldusb 3-1:0.0: Couldn't submit interrupt_in_urb -90
[  218.780680][ T5893] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  218.910626][  T837] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  218.930925][ T5893] usb 5-1: Using ep0 maxpacket: 16
[  218.942872][ T5893] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  218.958361][ T5893] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  218.974121][ T5893] usb 5-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00
[  218.990648][ T5893] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  219.005447][ T5893] usb 5-1: config 0 descriptor??
[  219.090746][  T837] usb 1-1: Using ep0 maxpacket: 32
[  219.101339][  T837] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  219.120576][  T837] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  219.130343][  T837] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  219.155548][  T837] usb 1-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[  219.165674][  T837] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  219.185914][  T837] usb 1-1: config 0 descriptor??
[  219.424166][ T5893] usbhid 5-1:0.0: can't add hid device: -71
[  219.424332][ T7875] delete_channel: no stack
[  219.430153][ T5893] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  219.473037][ T5893] usb 5-1: USB disconnect, device number 21
[  219.729089][  T837] input: HID 0458:5011 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0458:5011.000D/input/input11
[  219.981178][  T837] input: HID 0458:5011 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0458:5011.000D/input/input12
[  220.493006][  T837] kye 0003:0458:5011.000D: input,hiddev1,hidraw0: USB HID v9.00 Mouse [HID 0458:5011] on usb-dummy_hcd.0-1/input0
[  221.183092][ T5931] usb 3-1: USB disconnect, device number 24
[  221.697415][ T5931] ldusb 3-1:0.0: LD USB Device #0 now disconnected
[  221.858903][ T7894] Set syz1 is full, maxelem 65536 reached
[  221.877050][ T5927] usb 1-1: reset high-speed USB device number 24 using dummy_hcd
[  222.569556][   T30] audit: type=1400 audit(1752673172.694:529): avc:  denied  { getopt } for  pid=7914 comm="syz.3.563" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  222.732606][ T7918] siw: device registration error -23
[  223.109224][   T30] audit: type=1400 audit(1752673173.154:530): avc:  denied  { accept } for  pid=7914 comm="syz.3.563" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  223.793223][ T7931] netlink: 'syz.4.564': attribute type 10 has an invalid length.
[  223.805302][ T7931] bridge0: port 2(bridge_slave_1) entered disabled state
[  223.813644][ T7931] bridge0: port 1(bridge_slave_0) entered disabled state
[  225.083653][ T7931] bridge0: port 2(bridge_slave_1) entered blocking state
[  225.090831][ T7931] bridge0: port 2(bridge_slave_1) entered forwarding state
[  225.098964][ T7931] bridge0: port 1(bridge_slave_0) entered blocking state
[  225.106087][ T7931] bridge0: port 1(bridge_slave_0) entered forwarding state
[  225.298588][ T7931] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  225.759137][ T7937] netlink: 4 bytes leftover after parsing attributes in process `syz.4.564'.
[  225.786093][ T7937] bridge_slave_1: left allmulticast mode
[  225.910417][ T7937] bridge_slave_1: left promiscuous mode
[  225.977973][ T7937] bridge0: port 2(bridge_slave_1) entered disabled state
[  226.027681][ T7937] bridge_slave_0: left allmulticast mode
[  226.039471][ T7937] bridge_slave_0: left promiscuous mode
[  226.051843][ T7937] bridge0: port 1(bridge_slave_0) entered disabled state
[  226.120977][ T7946] FAULT_INJECTION: forcing a failure.
[  226.120977][ T7946] name failslab, interval 1, probability 0, space 0, times 0
[  226.143589][ T7946] CPU: 0 UID: 0 PID: 7946 Comm: syz.1.570 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(full) 
[  226.143615][ T7946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  226.143625][ T7946] Call Trace:
[  226.143635][ T7946]  <TASK>
[  226.143642][ T7946]  dump_stack_lvl+0x16c/0x1f0
[  226.143669][ T7946]  should_fail_ex+0x512/0x640
[  226.143682][ T7946]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  226.143698][ T7946]  should_failslab+0xc2/0x120
[  226.143716][ T7946]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  226.143736][ T7946]  ? vm_area_dup+0x27/0x8d0
[  226.143759][ T7946]  vm_area_dup+0x27/0x8d0
[  226.143778][ T7946]  __split_vma+0x18e/0x1070
[  226.143798][ T7946]  ? __pfx___split_vma+0x10/0x10
[  226.143809][ T7946]  ? mas_next_slot+0x12d3/0x21b0
[  226.143833][ T7946]  vms_gather_munmap_vmas+0x392/0x1310
[  226.143848][ T7946]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[  226.143866][ T7946]  ? mas_walk+0x6a6/0x910
[  226.143900][ T7946]  __mmap_region+0x3c7/0x25e0
[  226.143924][ T7946]  ? __pfx___mmap_region+0x10/0x10
[  226.143947][ T7946]  ? __lock_acquire+0x622/0x1c90
[  226.143964][ T7946]  ? kernel_text_address+0x8d/0x100
[  226.143976][ T7946]  ? __kernel_text_address+0xd/0x40
[  226.143988][ T7946]  ? __lock_acquire+0x622/0x1c90
[  226.144007][ T7946]  ? avc_has_perm_noaudit+0x117/0x3b0
[  226.144073][ T7946]  mmap_region+0x1ab/0x3f0
[  226.144092][ T7946]  do_mmap+0xa3e/0x1210
[  226.144105][ T7946]  ? __pfx_do_mmap+0x10/0x10
[  226.144114][ T7946]  ? __pfx_down_write_killable+0x10/0x10
[  226.144127][ T7946]  vm_mmap_pgoff+0x281/0x450
[  226.144146][ T7946]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  226.144174][ T7946]  ? __fget_files+0x20e/0x3c0
[  226.144200][ T7946]  ksys_mmap_pgoff+0x32c/0x5c0
[  226.144223][ T7946]  ? __pfx_ksys_write+0x10/0x10
[  226.144239][ T7946]  __x64_sys_mmap+0x125/0x190
[  226.144256][ T7946]  do_syscall_64+0xcd/0x4c0
[  226.144272][ T7946]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  226.144282][ T7946] RIP: 0033:0x7f11b698e929
[  226.144293][ T7946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  226.144309][ T7946] RSP: 002b:00007f11b47f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  226.144324][ T7946] RAX: ffffffffffffffda RBX: 00007f11b6bb6080 RCX: 00007f11b698e929
[  226.144335][ T7946] RDX: 000000000000000b RSI: 0000000000400000 RDI: 0000200000200000
[  226.144344][ T7946] RBP: 00007f11b47f6090 R08: 0000000000000008 R09: 0000000000000000
[  226.144353][ T7946] R10: 0000000000002012 R11: 0000000000000246 R12: 0000000000000001
[  226.144363][ T7946] R13: 0000000000000000 R14: 00007f11b6bb6080 R15: 00007ffcd847aff8
[  226.144385][ T7946]  </TASK>
[  226.413821][ T5931] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  226.455221][ T7937] bond0: (slave bridge0): Releasing backup interface
[  226.813449][ T5931] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  226.826480][ T5931] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  227.038431][   T30] audit: type=1400 audit(1752673177.044:531): avc:  denied  { mount } for  pid=7951 comm="syz.0.572" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  227.306354][ T5933] usb 1-1: USB disconnect, device number 24
[  227.389044][ T5931] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  227.399406][ T5931] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  227.440354][ T7943] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  227.569976][ T5931] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  227.961648][ T5879] usb 4-1: USB disconnect, device number 21
[  228.229260][ T7943] overlay: ./file0 is not a directory
[  228.327203][   T30] audit: type=1400 audit(1752673178.454:532): avc:  denied  { unmount } for  pid=5806 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  228.373734][ T5818] Bluetooth: hci1: unexpected event for opcode 0x0c7a
[  228.610610][ T5879] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  228.781683][ T5879] usb 4-1: Using ep0 maxpacket: 16
[  228.797195][ T5879] usb 4-1: New USB device found, idVendor=10b9, idProduct=8000, bcdDevice=c0.fa
[  228.808618][ T5879] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  228.819050][ T5879] usb 4-1: Product: syz
[  228.823584][ T5879] usb 4-1: Manufacturer: syz
[  228.828931][ T5879] usb 4-1: SerialNumber: syz
[  228.839646][ T5879] usb 4-1: config 0 descriptor??
[  229.057234][ T5879] usb 4-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  229.368459][ T7979] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  229.407395][ T7979] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  229.510016][ T5879] dvb_usb_af9015 4-1:0.0: probe with driver dvb_usb_af9015 failed with error -22
[  229.548587][ T5879] usb 4-1: USB disconnect, device number 22
[  229.840945][ T7984] erofs (device nbd0): cannot find valid erofs superblock
[  231.334529][ T7997] trusted_key: encrypted_key: master key parameter 'eser:syz' is invalid
[  232.560956][ T8004] 
: renamed from bridge_slave_0 (while UP)
[  232.591466][   T30] audit: type=1400 audit(1752673182.664:533): avc:  denied  { write } for  pid=8003 comm="syz.1.586" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  232.650712][   T30] audit: type=1400 audit(1752673182.664:534): avc:  denied  { nlmsg_write } for  pid=8003 comm="syz.1.586" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  232.799421][   T30] audit: type=1400 audit(1752673182.694:535): avc:  denied  { ioctl } for  pid=8003 comm="syz.1.586" path="socket:[17359]" dev="sockfs" ino=17359 ioctlcmd=0x8923 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  232.824107][    C0] vkms_vblank_simulate: vblank timer overrun
[  232.927448][   T30] audit: type=1400 audit(1752673183.034:536): avc:  denied  { ioctl } for  pid=8012 comm="syz.4.591" path="socket:[16342]" dev="sockfs" ino=16342 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  233.281012][ T8021] siw: device registration error -23
[  233.323967][ T8023] netlink: 32 bytes leftover after parsing attributes in process `syz.3.593'.
[  233.511221][   T30] audit: type=1400 audit(1752673183.584:537): avc:  denied  { setopt } for  pid=8024 comm="syz.4.594" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  233.550833][   T30] audit: type=1400 audit(1752673183.594:538): avc:  denied  { name_bind } for  pid=8024 comm="syz.4.594" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  233.571829][    C0] vkms_vblank_simulate: vblank timer overrun
[  233.744370][ T8030] netlink: 20 bytes leftover after parsing attributes in process `syz.0.596'.
[  233.919236][   T30] audit: type=1400 audit(1752673184.044:539): avc:  denied  { read } for  pid=8032 comm="syz.2.597" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  234.563832][ T8041] IPVS: set_ctl: invalid protocol: 1 172.20.20.187:20001
[  235.230596][ T5931] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  235.516803][ T5931] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  235.540059][   T30] audit: type=1400 audit(1752673185.634:540): avc:  denied  { remount } for  pid=8048 comm="syz.3.602" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  235.675518][ T5931] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  235.754704][ T5931] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  235.777688][ T5931] usb 1-1: config 0 descriptor??
[  235.804665][ T5931] pwc: Askey VC010 type 2 USB webcam detected.
[  236.447883][ T8067] siw: device registration error -23
[  236.638397][ T5931] pwc: recv_control_msg error -32 req 02 val 2700
[  236.647964][ T5931] pwc: recv_control_msg error -32 req 02 val 2c00
[  236.675845][ T5931] pwc: recv_control_msg error -32 req 04 val 1000
[  236.684540][ T5931] pwc: recv_control_msg error -71 req 04 val 1300
[  236.692864][ T5931] pwc: recv_control_msg error -71 req 04 val 1400
[  236.700774][ T5933] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  236.713607][ T5931] pwc: recv_control_msg error -71 req 02 val 2000
[  236.726119][ T5931] pwc: recv_control_msg error -71 req 02 val 2100
[  236.734297][ T5931] pwc: recv_control_msg error -71 req 04 val 1500
[  236.741431][ T5931] pwc: recv_control_msg error -71 req 02 val 2500
[  236.748442][ T5931] pwc: recv_control_msg error -71 req 02 val 2400
[  236.755634][ T5931] pwc: recv_control_msg error -71 req 02 val 2600
[  236.763091][ T5931] pwc: recv_control_msg error -71 req 02 val 2900
[  236.769972][ T5931] pwc: recv_control_msg error -71 req 02 val 2800
[  236.777421][ T5931] pwc: recv_control_msg error -71 req 04 val 1100
[  236.785108][ T5931] pwc: recv_control_msg error -71 req 04 val 1200
[  236.793322][ T5931] pwc: Registered as video103.
[  236.799652][ T5931] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/input/input13
[  236.824727][ T5931] usb 1-1: USB disconnect, device number 25
[  236.864682][ T5933] usb 3-1: Using ep0 maxpacket: 8
[  236.874001][ T5933] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  236.892914][ T5933] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF9, changing to 0x89
[  236.919961][ T5933] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  236.945015][ T5933] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 59391, setting to 1024
[  236.960672][ T5933] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  236.974490][ T5933] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  236.995780][ T5933] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  237.015343][ T5933] usb 3-1: New USB device found, idVendor=0bc7, idProduct=0008, bcdDevice=4f.c8
[  237.021212][ T8073] netlink: 256 bytes leftover after parsing attributes in process `syz.3.610'.
[  237.025166][ T5933] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  237.043831][ T5933] usb 3-1: Product: syz
[  237.045365][ T8073] netlink: 56 bytes leftover after parsing attributes in process `syz.3.610'.
[  237.048005][ T5933] usb 3-1: Manufacturer: syz
[  237.048022][ T5933] usb 3-1: SerialNumber: syz
[  237.080030][ T5933] usb 3-1: config 0 descriptor??
[  237.087555][ T8069] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  237.102809][ T5933] ati_remote 3-1:0.0: Initializing ati_remote hardware failed.
[  237.112357][ T5933] ati_remote 3-1:0.0: probe with driver ati_remote failed with error -5
[  237.210197][ T8076] program syz.3.611 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  237.219429][   T30] audit: type=1400 audit(1752673187.334:541): avc:  denied  { write } for  pid=8074 comm="syz.3.611" name="sg0" dev="devtmpfs" ino=756 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  237.269055][ T8077] program syz.3.611 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  237.354604][ T8077] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  237.777116][   T30] audit: type=1400 audit(1752673187.874:542): avc:  denied  { block_suspend } for  pid=8068 comm="syz.2.608" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  238.397866][   T30] audit: type=1400 audit(1752673188.524:543): avc:  denied  { ioctl } for  pid=8079 comm="syz.4.612" path="socket:[17513]" dev="sockfs" ino=17513 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  238.424027][ T8089] netlink: 16 bytes leftover after parsing attributes in process `syz.4.612'.
[  238.689735][ T5818] Bluetooth: hci0: unexpected event for opcode 0x041c
[  239.151428][ T5893] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  239.392225][ T5893] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  239.429567][ T5893] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  239.446234][ T5893] usb 5-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  239.504535][ T5893] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  239.550421][ T5893] usb 5-1: config 0 descriptor??
[  239.767419][   T30] audit: type=1400 audit(1752673189.894:544): avc:  denied  { write } for  pid=8096 comm="syz.1.616" name="fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  239.790470][    C0] vkms_vblank_simulate: vblank timer overrun
[  240.110976][ T8107] trusted_key: encrypted_key: insufficient parameters specified
[  240.113272][ T5872] dvb-usb: did not find the firmware file 'dvb-usb-az6027-03.fw' (status -110). You can use <kernel_dir>/scripts/get_dvb_firmware to get the firmware
[  240.138520][   T30] audit: type=1400 audit(1752673190.094:545): avc:  denied  { ioctl } for  pid=8096 comm="syz.1.616" path="/dev/fb0" dev="devtmpfs" ino=629 ioctlcmd=0x4620 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  240.164131][ T5872] dvb_usb_az6027 2-1:0.0: probe with driver dvb_usb_az6027 failed with error -110
[  240.175814][ T5872] usb 2-1: USB disconnect, device number 21
[  240.208901][ T5931] usb 3-1: USB disconnect, device number 25
[  240.223396][ T5893] hid-thrustmaster 0003:044F:B65D.000E: reserved main item tag 0xd
[  240.231465][ T5893] hid-thrustmaster 0003:044F:B65D.000E: item fetching failed at offset 2/5
[  240.240990][ T5893] hid-thrustmaster 0003:044F:B65D.000E: parse failed with error -22
[  240.249504][ T5893] hid-thrustmaster 0003:044F:B65D.000E: probe with driver hid-thrustmaster failed with error -22
[  240.542832][   T30] audit: type=1400 audit(1752673190.674:546): avc:  denied  { ioctl } for  pid=8118 comm="syz.2.621" path="socket:[18559]" dev="sockfs" ino=18559 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  240.631949][ T8121] netlink: 156 bytes leftover after parsing attributes in process `syz.4.615'.
[  241.177823][   T30] audit: type=1400 audit(1752673191.304:547): avc:  denied  { bind } for  pid=8124 comm="syz.0.624" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  241.562933][ T8131] siw: device registration error -23
[  241.632134][   T30] audit: type=1400 audit(1752673191.304:548): avc:  denied  { name_bind } for  pid=8124 comm="syz.0.624" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  241.700622][   T30] audit: type=1400 audit(1752673191.304:549): avc:  denied  { node_bind } for  pid=8124 comm="syz.0.624" saddr=ff02::1 src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  241.729199][   T30] audit: type=1400 audit(1752673191.734:550): avc:  denied  { create } for  pid=8133 comm="syz.2.625" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  242.047918][ T8139] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  242.065093][   T30] audit: type=1400 audit(1752673192.174:551): avc:  denied  { ioctl } for  pid=8133 comm="syz.2.625" path="/dev/fuse" dev="devtmpfs" ino=99 ioctlcmd=0xe500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  242.089640][    C0] vkms_vblank_simulate: vblank timer overrun
[  242.107479][ T5872] usb 5-1: USB disconnect, device number 22
[  242.896208][ T8149] syzkaller1: entered promiscuous mode
[  242.960479][ T8149] syzkaller1: entered allmulticast mode
[  243.167094][ T8167] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  243.262442][   T30] audit: type=1400 audit(1752673193.394:552): avc:  denied  { write } for  pid=8165 comm="syz.1.632" path="socket:[18633]" dev="sockfs" ino=18633 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  244.941109][   T48] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  245.130607][   T48] usb 4-1: Using ep0 maxpacket: 32
[  245.173242][   T48] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  245.231986][   T48] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  245.257478][   T48] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  245.285060][   T48] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  245.294680][   T48] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  245.328876][   T48] usb 4-1: config 0 descriptor??
[  245.329796][ T8179] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  245.341065][   T48] hub 4-1:0.0: USB hub found
[  245.520782][ T5931] usb 2-1: new full-speed USB device number 22 using dummy_hcd
[  245.540935][   T48] hub 4-1:0.0: 2 ports detected
[  245.675277][ T5931] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x31, changing to 0x1
[  245.727224][ T5931] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 13364, setting to 64
[  245.794360][ T5931] usb 2-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  245.816643][ T5931] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  245.862257][ T5931] usb 2-1: Product: syz
[  245.878965][ T5931] usb 2-1: Manufacturer: syz
[  245.900201][ T5931] usb 2-1: SerialNumber: syz
[  245.939570][ T5931] usb 2-1: config 0 descriptor??
[  246.063702][ T5931] hub 2-1:0.0: bad descriptor, ignoring hub
[  246.092463][ T5931] hub 2-1:0.0: probe with driver hub failed with error -5
[  246.512826][ T5872] usb 2-1: USB disconnect, device number 22
[  246.557949][ T5927] hub 4-1:0.0: hub_ext_port_status failed (err = 0)
[  246.622256][ T8214] netlink: 8 bytes leftover after parsing attributes in process `syz.0.647'.
[  247.210641][ T8179] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  247.219324][ T8179] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  247.300660][ T5927] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  247.382501][   T48] usb 4-1: USB disconnect, device number 23
[  247.483522][ T5927] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  247.497902][ T5927] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  247.510718][ T5927] usb 2-1: Product: syz
[  247.532154][ T5927] usb 2-1: Manufacturer: syz
[  247.547302][ T5927] usb 2-1: SerialNumber: syz
[  247.582441][ T5927] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  247.597429][   T48] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  247.730737][ T5872] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  247.902878][ T5872] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  247.917721][ T5872] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  247.928224][ T5872] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  247.944370][ T5872] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  247.953992][ T5872] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  247.973008][ T5872] usb 5-1: config 0 descriptor??
[  248.057445][ T5927] usb 2-1: USB disconnect, device number 23
[  248.273975][   T30] audit: type=1400 audit(1752673198.404:553): avc:  denied  { accept } for  pid=8239 comm="syz.2.655" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  248.314988][ T8242] binder: BINDER_SET_CONTEXT_MGR already set
[  248.321855][ T8242] binder: 8241:8242 ioctl 4018620d 200000000040 returned -16
[  248.425327][ T8245] netlink: 8 bytes leftover after parsing attributes in process `syz.0.657'.
[  248.648529][ T5818] Bluetooth: hci0: unexpected event for opcode 0x2023
[  248.660868][   T48] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive
[  248.667955][   T48] ath9k_htc: Failed to initialize the device
[  248.674544][ T5927] usb 2-1: ath9k_htc: USB layer deinitialized
[  248.740787][ T5893] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  248.750268][ T5872] plantronics 0003:047F:FFFF.000F: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  248.772582][ T8237] netlink: 8 bytes leftover after parsing attributes in process `syz.4.654'.
[  248.786726][ T8248] netlink: 156 bytes leftover after parsing attributes in process `syz.1.659'.
[  248.829535][ T8237] netlink: 'syz.4.654': attribute type 20 has an invalid length.
[  248.853214][ T8237] netlink: 'syz.4.654': attribute type 21 has an invalid length.
[  249.301739][   T48] usb 5-1: USB disconnect, device number 23
[  249.302064][ T5893] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  249.302118][ T5893] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  249.302149][ T5893] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  249.302171][ T5893] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  249.323052][ T5893] usb 3-1: config 0 descriptor??
[  249.790272][ T5893] pyra 0003:1E7D:2CF6.0010: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.2-1/input0
[  250.072528][   T30] audit: type=1400 audit(1752673200.194:554): avc:  denied  { setopt } for  pid=8261 comm="syz.1.661" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  250.380595][ T5872] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  251.334449][ T8271] vxcan0: tx address claim with different name
[  251.356116][   T30] audit: type=1400 audit(1752673201.464:555): avc:  denied  { write } for  pid=8268 comm="syz.4.663" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  251.394587][ T5893] pyra 0003:1E7D:2CF6.0010: couldn't init struct pyra_device
[  251.502845][ T5893] pyra 0003:1E7D:2CF6.0010: couldn't install mouse
[  251.584152][ T5893] pyra 0003:1E7D:2CF6.0010: probe with driver pyra failed with error -71
[  251.606357][ T5893] usb 3-1: USB disconnect, device number 26
[  251.673998][ T5872] usb 4-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  251.688967][ T5872] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  251.701836][ T5872] usb 4-1: config 0 descriptor??
[  251.786873][ T8271] mmap: syz.4.663 (8271) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  251.802793][ T8274] netlink: 'syz.0.664': attribute type 7 has an invalid length.
[  251.813217][ T8274] netlink: 32 bytes leftover after parsing attributes in process `syz.0.664'.
[  252.042128][   T30] audit: type=1400 audit(1752935602.174:556): avc:  denied  { connect } for  pid=8283 comm="syz.0.668" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  253.244387][ T5872] elan 0003:04F3:0755.0011: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.3-1/input0
[  253.266231][ T5872] usb 4-1: USB disconnect, device number 24
[  253.355501][ T8288] fido_id[8288]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  253.566947][ T8298] netlink: 32 bytes leftover after parsing attributes in process `syz.2.670'.
[  253.736232][ T8301] FAULT_INJECTION: forcing a failure.
[  253.736232][ T8301] name failslab, interval 1, probability 0, space 0, times 0
[  253.878492][ T8301] CPU: 1 UID: 0 PID: 8301 Comm: syz.0.674 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(full) 
[  253.878518][ T8301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  253.878528][ T8301] Call Trace:
[  253.878534][ T8301]  <TASK>
[  253.878540][ T8301]  dump_stack_lvl+0x16c/0x1f0
[  253.878572][ T8301]  should_fail_ex+0x512/0x640
[  253.878593][ T8301]  ? __kmalloc_noprof+0xbf/0x510
[  253.878614][ T8301]  ? ima_write_template_field_data+0x5d/0x1f0
[  253.878631][ T8301]  should_failslab+0xc2/0x120
[  253.878659][ T8301]  __kmalloc_noprof+0xd2/0x510
[  253.878678][ T8301]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.878699][ T8301]  ima_write_template_field_data+0x5d/0x1f0
[  253.878720][ T8301]  ima_eventdigest_init_common+0x154/0x430
[  253.878741][ T8301]  ? __pfx_ima_eventdigest_init_common+0x10/0x10
[  253.878774][ T8301]  ? rcu_is_watching+0x12/0xc0
[  253.878797][ T8301]  ? trace_kmalloc+0x2b/0xd0
[  253.878816][ T8301]  ? __kmalloc_noprof+0x242/0x510
[  253.878840][ T8301]  ima_alloc_init_template+0x3a0/0x720
[  253.878869][ T8301]  ima_add_violation+0x123/0x3d0
[  253.878895][ T8301]  ? __pfx_ima_add_violation+0x10/0x10
[  253.878917][ T8301]  ? ima_d_path+0x12b/0x2a0
[  253.878941][ T8301]  ? __pfx_ima_d_path+0x10/0x10
[  253.878967][ T8301]  ? lockdep_init_map_type+0x5c/0x280
[  253.878992][ T8301]  ? ima_inode_get+0x39e/0x580
[  253.879015][ T8301]  process_measurement+0x1783/0x23e0
[  253.879043][ T8301]  ? avc_has_perm_noaudit+0x149/0x3b0
[  253.879079][ T8301]  ? __pfx_process_measurement+0x10/0x10
[  253.879100][ T8301]  ? __pfx_avc_has_perm+0x10/0x10
[  253.879114][ T8301]  ? avc_has_perm_noaudit+0x117/0x3b0
[  253.879152][ T8301]  ? file_map_prot_check+0x1eb/0x360
[  253.879169][ T8301]  ima_file_mmap+0x1a8/0x1d0
[  253.879186][ T8301]  ? __pfx_ima_file_mmap+0x10/0x10
[  253.879201][ T8301]  ? __lock_acquire+0x622/0x1c90
[  253.879225][ T8301]  security_mmap_file+0x88c/0x990
[  253.879244][ T8301]  vm_mmap_pgoff+0xec/0x450
[  253.879266][ T8301]  ? find_held_lock+0x2b/0x80
[  253.879271][ T8307] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  253.879285][ T8301]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  253.879311][ T8301]  ? __fget_files+0x20e/0x3c0
[  253.879340][ T8301]  ksys_mmap_pgoff+0x32c/0x5c0
[  253.879363][ T8301]  ? __pfx_ksys_write+0x10/0x10
[  253.879389][ T8301]  __x64_sys_mmap+0x125/0x190
[  253.879413][ T8301]  do_syscall_64+0xcd/0x4c0
[  253.879437][ T8301]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.879452][ T8301] RIP: 0033:0x7f239078e929
[  253.879466][ T8301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  253.879480][ T8301] RSP: 002b:00007f23916d8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  253.879495][ T8301] RAX: ffffffffffffffda RBX: 00007f23909b5fa0 RCX: 00007f239078e929
[  253.879505][ T8301] RDX: 000000000000001f RSI: 0000000000002000 RDI: 0000200000ffc000
[  253.879514][ T8301] RBP: 00007f23916d8090 R08: 0000000000000004 R09: 0000000100000000
[  253.879523][ T8301] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000001
[  253.879531][ T8301] R13: 0000000000000000 R14: 00007f23909b5fa0 R15: 00007ffd6ee5f788
[  253.879552][ T8301]  </TASK>
[  254.401835][   T30] audit: type=1804 audit(1752935604.524:557): pid=8301 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.0.674" name="/newroot/143/file0" dev="tmpfs" ino=765 res=0 errno=0
[  254.435177][ T8309] netlink: 20 bytes leftover after parsing attributes in process `syz.3.676'.
[  254.582326][ T8311] FAULT_INJECTION: forcing a failure.
[  254.582326][ T8311] name failslab, interval 1, probability 0, space 0, times 0
[  254.627429][ T8311] CPU: 0 UID: 0 PID: 8311 Comm: syz.4.677 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(full) 
[  254.627458][ T8311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  254.627470][ T8311] Call Trace:
[  254.627476][ T8311]  <TASK>
[  254.627483][ T8311]  dump_stack_lvl+0x16c/0x1f0
[  254.627510][ T8311]  should_fail_ex+0x512/0x640
[  254.627532][ T8311]  ? fs_reclaim_acquire+0xae/0x150
[  254.627551][ T8311]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  254.627575][ T8311]  should_failslab+0xc2/0x120
[  254.627601][ T8311]  __kmalloc_noprof+0xd2/0x510
[  254.627629][ T8311]  tomoyo_realpath_from_path+0xc2/0x6e0
[  254.627656][ T8311]  ? tomoyo_profile+0x47/0x60
[  254.627685][ T8311]  tomoyo_path_number_perm+0x245/0x580
[  254.627704][ T8311]  ? tomoyo_path_number_perm+0x237/0x580
[  254.627727][ T8311]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  254.627749][ T8311]  ? find_held_lock+0x2b/0x80
[  254.627791][ T8311]  ? find_held_lock+0x2b/0x80
[  254.627809][ T8311]  ? hook_file_ioctl_common+0x145/0x410
[  254.627841][ T8311]  ? __fget_files+0x20e/0x3c0
[  254.627869][ T8311]  security_file_ioctl+0x9b/0x240
[  254.627894][ T8311]  __x64_sys_ioctl+0xb7/0x210
[  254.627916][ T8311]  do_syscall_64+0xcd/0x4c0
[  254.627944][ T8311]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.627961][ T8311] RIP: 0033:0x7f331218e929
[  254.627976][ T8311] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  254.627993][ T8311] RSP: 002b:00007f3313042038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  254.628010][ T8311] RAX: ffffffffffffffda RBX: 00007f33123b5fa0 RCX: 00007f331218e929
[  254.628020][ T8311] RDX: 00002000000001c0 RSI: 00000000c0405602 RDI: 0000000000000003
[  254.628030][ T8311] RBP: 00007f3313042090 R08: 0000000000000000 R09: 0000000000000000
[  254.628040][ T8311] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  254.628049][ T8311] R13: 0000000000000000 R14: 00007f33123b5fa0 R15: 00007fff817022c8
[  254.628073][ T8311]  </TASK>
[  254.628080][ T8311] ERROR: Out of memory at tomoyo_realpath_from_path.
[  254.738750][   T30] audit: type=1400 audit(1752935604.854:558): avc:  denied  { getopt } for  pid=8313 comm="syz.0.679" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  254.739011][   T92] usb 3-1: new full-speed USB device number 27 using dummy_hcd
[  254.959397][ T8321] program syz.0.679 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  255.055801][ T8322] net veth1_virt_wifi 
€Â: renamed from virt_wifi0
[  255.461697][ T8324] program syz.0.679 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  255.492959][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  255.499240][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  255.509762][ T8324] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  255.522533][   T48] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  255.740117][   T92] usb 3-1: config 0 has an invalid interface number: 11 but max is 0
[  255.790687][   T48] usb 2-1: Using ep0 maxpacket: 16
[  255.849894][   T48] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  255.854130][   T92] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  255.872866][   T48] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  255.933451][   T48] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  256.235005][   T92] usb 3-1: config 0 has no interface number 0
[  256.238377][   T48] usb 2-1: Product: syz
[  256.301341][   T48] usb 2-1: Manufacturer: syz
[  256.307284][   T48] usb 2-1: SerialNumber: syz
[  256.460607][   T92] usb 3-1: config 0 interface 11 altsetting 253 endpoint 0x87 has an invalid bInterval 0, changing to 10
[  256.461299][   T48] usb 2-1: config 0 descriptor??
[  256.510042][   T92] usb 3-1: config 0 interface 11 altsetting 253 endpoint 0x87 has invalid maxpacket 8456, setting to 64
[  256.524713][   T48] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  256.537962][   T48] em28xx 2-1:0.0: DVB interface 0 found: bulk
[  256.541692][   T92] usb 3-1: config 0 interface 11 altsetting 253 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  256.593125][   T92] usb 3-1: config 0 interface 11 has no altsetting 0
[  256.609940][   T92] usb 3-1: New USB device found, idVendor=06cd, idProduct=010f, bcdDevice=d5.1b
[  256.621048][   T92] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  256.633295][   T92] usb 3-1: config 0 descriptor??
[  256.656986][   T92] keyspan 3-1:0.11: Keyspan 2 port adapter converter detected
[  257.072916][   T92] keyspan 3-1:0.11: found no endpoint descriptor for endpoint 7
[  257.084403][   T92] keyspan 3-1:0.11: found no endpoint descriptor for endpoint 81
[  257.133350][   T92] keyspan 3-1:0.11: found no endpoint descriptor for endpoint 82
[  257.159083][   T92] keyspan 3-1:0.11: found no endpoint descriptor for endpoint 1
[  257.183049][   T92] keyspan 3-1:0.11: found no endpoint descriptor for endpoint 2
[  257.191674][   T92] keyspan 3-1:0.11: found no endpoint descriptor for endpoint 85
[  257.199491][   T92] keyspan 3-1:0.11: found no endpoint descriptor for endpoint 5
[  257.289732][ T8336] bridge0: port 2(bridge_slave_1) entered disabled state
[  257.297085][ T8336] bridge0: port 1(bridge_slave_0) entered disabled state
[  257.330656][   T92] usb 3-1: Keyspan 2 port adapter converter now attached to ttyUSB0
[  257.868981][   T48] em28xx 2-1:0.0: unknown em28xx chip ID (0)
[  257.905029][   T92] keyspan 3-1:0.11: found no endpoint descriptor for endpoint 83
[  257.954623][   T92] keyspan 3-1:0.11: found no endpoint descriptor for endpoint 84
[  257.976737][   T92] keyspan 3-1:0.11: found no endpoint descriptor for endpoint 3
[  258.069053][   T92] keyspan 3-1:0.11: found no endpoint descriptor for endpoint 4
[  258.077128][   T92] keyspan 3-1:0.11: found no endpoint descriptor for endpoint 86
[  258.086029][   T92] keyspan 3-1:0.11: found no endpoint descriptor for endpoint 6
[  258.111504][   T92] usb 3-1: Keyspan 2 port adapter converter now attached to ttyUSB1
[  258.139390][   T92] usb 3-1: USB disconnect, device number 27
[  258.161279][   T92] keyspan_2 ttyUSB0: Keyspan 2 port adapter converter now disconnected from ttyUSB0
[  258.191591][   T92] keyspan_2 ttyUSB1: Keyspan 2 port adapter converter now disconnected from ttyUSB1
[  258.207620][   T92] keyspan 3-1:0.11: device disconnected
[  258.331293][   T48] em28xx 2-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  258.347784][   T30] audit: type=1400 audit(1752935608.464:559): avc:  denied  { write } for  pid=8316 comm="syz.1.680" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  258.350558][   T48] em28xx 2-1:0.0: board has no eeprom
[  258.366938][    C0] vkms_vblank_simulate: vblank timer overrun
[  258.676298][ T8361] netlink: 8 bytes leftover after parsing attributes in process `syz.3.689'.
[  258.690229][ T8361] dummy0: entered promiscuous mode
[  258.699418][ T8361] dummy0: left promiscuous mode
[  258.990690][ T5927] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  259.037978][   T30] audit: type=1400 audit(1752935609.164:560): avc:  denied  { ioctl } for  pid=8369 comm="syz.3.695" path="socket:[19066]" dev="sockfs" ino=19066 ioctlcmd=0x89e1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  259.085485][   T30] audit: type=1400 audit(1752935609.174:561): avc:  denied  { mount } for  pid=8369 comm="syz.3.695" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  259.108502][   T30] audit: type=1400 audit(1752935609.174:562): avc:  denied  { remount } for  pid=8369 comm="syz.3.695" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  259.152581][ T5927] usb 3-1: unable to read config index 0 descriptor/start: -61
[  259.165978][ T5927] usb 3-1: can't read configurations, error -61
[  259.211990][   T92] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  259.300605][ T5927] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  259.372244][   T92] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  259.382502][   T92] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  259.391855][   T92] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  259.402820][   T92] usb 1-1: config 0 descriptor??
[  259.411120][   T92] pwc: Askey VC010 type 2 USB webcam detected.
[  259.453841][ T5927] usb 3-1: unable to read config index 0 descriptor/start: -61
[  259.461820][ T5927] usb 3-1: can't read configurations, error -61
[  259.468394][ T5927] usb usb3-port1: attempt power cycle
[  259.480599][ T5933] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  259.631561][ T5933] usb 5-1: Using ep0 maxpacket: 32
[  259.644215][ T5933] usb 5-1: config 0 has an invalid interface number: 16 but max is 0
[  259.672910][ T5933] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  259.683410][ T5933] usb 5-1: config 0 has no interface number 0
[  259.690128][ T5933] usb 5-1: config 0 interface 16 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 855
[  259.701014][ T5933] usb 5-1: config 0 interface 16 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  259.717136][ T5933] usb 5-1: New USB device found, idVendor=0499, idProduct=102a, bcdDevice=85.2d
[  259.727542][ T5933] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  259.735694][   T48] em28xx 2-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  259.743769][   T48] em28xx 2-1:0.0: dvb set to bulk mode.
[  259.864565][ T5931] em28xx 2-1:0.0: Binding DVB extension
[  259.870997][ T5933] usb 5-1: Product: syz
[  259.875460][ T5933] usb 5-1: Manufacturer: syz
[  259.880043][ T5933] usb 5-1: SerialNumber: syz
[  259.892295][   T48] usb 2-1: USB disconnect, device number 24
[  259.901318][   T48] em28xx 2-1:0.0: Disconnecting em28xx
[  259.913093][ T5933] usb 5-1: config 0 descriptor??
[  259.918792][ T8372] raw-gadget.3 gadget.4: fail, usb_ep_enable returned -22
[  259.931894][ T5927] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  260.055461][ T5927] usb 3-1: unable to read config index 0 descriptor/start: -61
[  260.154343][ T5933] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  260.188461][ T5927] usb 3-1: can't read configurations, error -61
[  260.251386][ T5933] usb 5-1: invalid MIDI in EP 0
[  260.353335][   T92] pwc: recv_control_msg error -32 req 02 val 2700
[  260.370873][   T92] pwc: recv_control_msg error -32 req 02 val 2c00
[  260.389075][ T5931] em28xx 2-1:0.0: Registering input extension
[  260.389999][   T92] pwc: recv_control_msg error -32 req 04 val 1000
[  260.400732][ T5927] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  260.407768][   T92] pwc: recv_control_msg error -71 req 04 val 1300
[  260.416835][   T48] em28xx 2-1:0.0: Closing input extension
[  260.417893][   T92] pwc: recv_control_msg error -71 req 04 val 1400
[  260.430135][   T92] pwc: recv_control_msg error -71 req 02 val 2000
[  260.443273][   T92] pwc: recv_control_msg error -71 req 02 val 2100
[  260.444422][ T5927] usb 3-1: unable to read config index 0 descriptor/start: -61
[  260.450149][   T92] pwc: recv_control_msg error -71 req 04 val 1500
[  260.470350][   T92] pwc: recv_control_msg error -71 req 02 val 2500
[  260.479070][   T92] pwc: recv_control_msg error -71 req 02 val 2400
[  260.482709][ T5927] usb 3-1: can't read configurations, error -61
[  260.488159][   T92] pwc: recv_control_msg error -71 req 02 val 2600
[  260.499611][   T92] pwc: recv_control_msg error -71 req 02 val 2900
[  260.503327][   T48] em28xx 2-1:0.0: Freeing device
[  260.510157][   T92] pwc: recv_control_msg error -71 req 02 val 2800
[  260.512216][ T5927] usb usb3-port1: unable to enumerate USB device
[  260.518367][   T92] pwc: recv_control_msg error -71 req 04 val 1100
[  260.538439][   T92] pwc: recv_control_msg error -71 req 04 val 1200
[  260.550319][   T92] pwc: Registered as video103.
[  260.555231][ T5933] snd-usb-audio 5-1:0.16: probe with driver snd-usb-audio failed with error -22
[  260.574747][   T92] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/input/input16
[  260.586682][ T5933] usb 5-1: USB disconnect, device number 24
[  260.594472][   T92] usb 1-1: USB disconnect, device number 26
[  260.662454][ T5989] udevd[5989]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.16/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  261.130696][ T5818] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  261.643628][   T30] audit: type=1400 audit(1752935611.774:563): avc:  denied  { unmount } for  pid=5819 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  262.934109][ T8402] netlink: 'syz.2.705': attribute type 10 has an invalid length.
[  262.987917][ T8402] netlink: 40 bytes leftover after parsing attributes in process `syz.2.705'.
[  263.070956][ T8402] batadv0: entered promiscuous mode
[  263.170261][ T8402] batadv0: entered allmulticast mode
[  263.332899][ T8402] bridge0: port 3(batadv0) entered blocking state
[  263.456539][ T8402] bridge0: port 3(batadv0) entered disabled state
[  263.512465][ T8402] bridge0: port 3(batadv0) entered blocking state
[  263.519175][ T8402] bridge0: port 3(batadv0) entered forwarding state
[  263.532758][ T7345] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  263.542381][ T7345] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  263.706998][ T5893] kernel write not supported for file /464/attr/exec (pid: 5893 comm: kworker/0:5)
[  264.017665][ T8410] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  266.130986][   T92] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  266.647701][   T30] audit: type=1400 audit(1752935616.774:564): avc:  denied  { mount } for  pid=8438 comm="syz.1.715" name="/" dev="autofs" ino=19153 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  266.696150][   T30] audit: type=1400 audit(1752935616.784:565): avc:  denied  { mounton } for  pid=8438 comm="syz.1.715" path="/137/file1/file0" dev="autofs" ino=19160 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=dir permissive=1
[  266.791758][   T92] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  266.803409][   T30] audit: type=1400 audit(1752935616.784:566): avc:  denied  { mount } for  pid=8438 comm="syz.1.715" name="/" dev="hugetlbfs" ino=19161 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  266.839347][   T92] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  266.855538][   T92] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  266.877558][   T92] usb 5-1: config 0 descriptor??
[  266.882870][   T30] audit: type=1400 audit(1752935616.784:567): avc:  denied  { unmount } for  pid=8438 comm="syz.1.715" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  266.906035][   T92] pwc: Askey VC010 type 2 USB webcam detected.
[  266.962486][   T30] audit: type=1400 audit(1752935617.094:568): avc:  denied  { unmount } for  pid=5809 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  267.028722][ T8447] 8021q: adding VLAN 0 to HW filter on device bond0
[  267.129730][ T8447] bond0: (slave rose0): Enslaving as an active interface with an up link
[  267.566439][ T8457] siw: device registration error -23
[  267.830644][   T92] pwc: recv_control_msg error -32 req 02 val 2700
[  267.850246][   T92] pwc: recv_control_msg error -32 req 02 val 2c00
[  267.861759][   T92] pwc: recv_control_msg error -32 req 04 val 1000
[  267.875696][   T92] pwc: recv_control_msg error -71 req 04 val 1300
[  267.883113][   T92] pwc: recv_control_msg error -71 req 04 val 1400
[  267.889969][   T92] pwc: recv_control_msg error -71 req 02 val 2000
[  267.904848][   T92] pwc: recv_control_msg error -71 req 02 val 2100
[  267.917335][   T92] pwc: recv_control_msg error -71 req 04 val 1500
[  267.937057][   T92] pwc: recv_control_msg error -71 req 02 val 2500
[  268.138556][   T92] pwc: recv_control_msg error -71 req 02 val 2400
[  268.313602][   T92] pwc: recv_control_msg error -71 req 02 val 2600
[  268.325422][   T92] pwc: recv_control_msg error -71 req 02 val 2900
[  268.333094][   T92] pwc: recv_control_msg error -71 req 02 val 2800
[  268.339946][   T92] pwc: recv_control_msg error -71 req 04 val 1100
[  268.363136][   T92] pwc: recv_control_msg error -71 req 04 val 1200
[  268.377257][ T8466] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  268.535775][ T8472] pimreg3: entered allmulticast mode
[  268.572826][   T92] pwc: Registered as video103.
[  268.579211][   T92] input: PWC snapshot button as /devices/platform/dummy_hcd.4/usb5/5-1/input/input17
[  268.656032][ T8472] bond1: entered promiscuous mode
[  268.661270][ T8472] bond1: entered allmulticast mode
[  268.668882][ T8466] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  268.679478][ T8472] 8021q: adding VLAN 0 to HW filter on device bond1
[  268.726538][   T92] usb 5-1: USB disconnect, device number 25
[  268.727263][ T8473] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  268.748759][   T30] audit: type=1400 audit(1752935618.874:569): avc:  denied  { getattr } for  pid=8469 comm="syz.2.725" path="user:[4026531837]" dev="nsfs" ino=4026531837 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  268.897243][ T8476] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  268.897452][ T8474] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  269.160964][ T8473] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  269.253380][ T8485] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  269.980771][ T8492] ucma_write: process 454 (syz.2.729) changed security contexts after opening file descriptor, this is not allowed.
[  270.838612][ T8496] vivid-001: disconnect
[  270.844612][ T8495] vivid-001: reconnect
[  270.957438][ T8498] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  270.984172][ T8504] openvswitch: netlink: Unexpected mask (mask=20040, allowed=10048)
[  271.004767][ T8505] vlan2: entered promiscuous mode
[  271.009969][ T8505] vlan2: entered allmulticast mode
[  271.025009][ T8510] siw: device registration error -23
[  271.045311][ T8512] x_tables: ip_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[  271.081031][ T8505] hsr_slave_1: entered allmulticast mode
[  271.410781][ T5933] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  271.572055][ T5933] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  271.592485][ T5933] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  271.601656][ T5933] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  271.617990][ T5933] usb 3-1: config 0 descriptor??
[  271.646712][ T5933] pwc: Askey VC010 type 2 USB webcam detected.
[  271.647543][ T8526] 8021q: adding VLAN 0 to HW filter on device bond1
[  272.023099][   T30] audit: type=1400 audit(1752935622.154:570): avc:  denied  { map } for  pid=8532 comm="syz.4.742" path="socket:[19385]" dev="sockfs" ino=19385 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  272.049127][   T30] audit: type=1400 audit(1752935622.154:571): avc:  denied  { accept } for  pid=8532 comm="syz.4.742" path="socket:[19385]" dev="sockfs" ino=19385 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  272.329504][ T5933] pwc: recv_control_msg error -32 req 02 val 2700
[  272.352905][ T5933] pwc: recv_control_msg error -32 req 02 val 2c00
[  272.382271][ T5933] pwc: recv_control_msg error -32 req 04 val 1000
[  272.389979][ T5933] pwc: recv_control_msg error -71 req 04 val 1300
[  272.397912][ T5933] pwc: recv_control_msg error -71 req 04 val 1400
[  272.420195][ T5933] pwc: recv_control_msg error -71 req 02 val 2000
[  272.431372][ T5933] pwc: recv_control_msg error -71 req 02 val 2100
[  272.438896][ T5933] pwc: recv_control_msg error -71 req 04 val 1500
[  272.446877][ T5933] pwc: recv_control_msg error -71 req 02 val 2500
[  272.454593][ T5933] pwc: recv_control_msg error -71 req 02 val 2400
[  272.462690][ T5933] pwc: recv_control_msg error -71 req 02 val 2600
[  272.470211][ T5933] pwc: recv_control_msg error -71 req 02 val 2900
[  272.477935][ T5933] pwc: recv_control_msg error -71 req 02 val 2800
[  272.486508][ T5933] pwc: recv_control_msg error -71 req 04 val 1100
[  272.496219][ T5933] pwc: recv_control_msg error -71 req 04 val 1200
[  272.614548][ T5933] pwc: Registered as video103.
[  272.630694][ T5933] input: PWC snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/input/input18
[  272.656029][ T5933] usb 3-1: USB disconnect, device number 32
[  273.199092][ T8545] netlink: 4 bytes leftover after parsing attributes in process `syz.0.744'.
[  274.551660][   T30] audit: type=1400 audit(1752935624.614:572): avc:  denied  { bind } for  pid=8551 comm="syz.4.747" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  276.146869][   T30] audit: type=1400 audit(1752935626.274:573): avc:  denied  { bind } for  pid=8583 comm="syz.3.755" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  276.637824][ T8593] x_tables: arp_tables: CLASSIFY target: used from hooks INPUT, but only usable from FORWARD/OUTPUT
[  277.033727][   T30] audit: type=1400 audit(1752935627.164:574): avc:  denied  { name_connect } for  pid=8594 comm="syz.0.758" dest=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1
[  277.061023][ T8587] netlink: 'syz.2.757': attribute type 1 has an invalid length.
[  277.161642][ T8587] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  277.171039][ T8587] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  277.179831][ T8587] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  277.188725][ T8587] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  277.199183][ T8587] bond1: (slave geneve2): making interface the new active one
[  277.207486][ T8587] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  277.276503][ T8587] netlink: 28 bytes leftover after parsing attributes in process `syz.2.757'.
[  277.306727][   T30] audit: type=1326 audit(1752935627.424:575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8586 comm="syz.2.757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba6038e929 code=0x7ffc0000
[  277.481618][   T30] audit: type=1326 audit(1752935627.424:576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8586 comm="syz.2.757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba6038e929 code=0x7ffc0000
[  277.562884][   T30] audit: type=1326 audit(1752935627.424:577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8586 comm="syz.2.757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=117 compat=0 ip=0x7fba6038e929 code=0x7ffc0000
[  277.607959][   T30] audit: type=1326 audit(1752935627.424:578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8586 comm="syz.2.757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba6038e929 code=0x7ffc0000
[  277.677364][   T30] audit: type=1326 audit(1752935627.424:579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8586 comm="syz.2.757" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fba6038e929 code=0x7ffc0000
[  277.700571][    C0] vkms_vblank_simulate: vblank timer overrun
[  277.996505][   T51] Bluetooth: hci1: unexpected event for opcode 0x2023
[  278.783962][ T8633] hsr0: entered promiscuous mode
[  279.786107][ T8643] zonefs (nullb0) ERROR: Not a zoned block device
[  279.909224][  T837] usb 3-1: new full-speed USB device number 33 using dummy_hcd
[  280.261064][   T30] audit: type=1400 audit(1752935630.394:580): avc:  denied  { audit_read } for  pid=8648 comm="syz.1.773" capability=37  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  280.262240][  T837] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  280.450474][  T837] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  280.468314][  T837] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  280.481475][  T837] usb 3-1: New USB device found, idVendor=05ac, idProduct=0269, bcdDevice= 0.00
[  280.490732][  T837] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  280.514004][   T30] audit: type=1400 audit(1752935630.634:581): avc:  denied  { mount } for  pid=8650 comm="syz.1.775" name="/" dev="configfs" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  280.521067][  T837] usb 3-1: config 0 descriptor??
[  280.543183][   T30] audit: type=1400 audit(1752935630.634:582): avc:  denied  { search } for  pid=8650 comm="syz.1.775" name="/" dev="configfs" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  280.567473][   T30] audit: type=1400 audit(1752935630.634:583): avc:  denied  { search } for  pid=8650 comm="syz.1.775" name="/" dev="configfs" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  280.593603][ T8637] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  280.638858][ T8656] FAULT_INJECTION: forcing a failure.
[  280.638858][ T8656] name failslab, interval 1, probability 0, space 0, times 0
[  280.651664][ T8656] CPU: 1 UID: 0 PID: 8656 Comm: syz.0.776 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(full) 
[  280.651687][ T8656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  280.651696][ T8656] Call Trace:
[  280.651702][ T8656]  <TASK>
[  280.651706][ T8656]  dump_stack_lvl+0x16c/0x1f0
[  280.651726][ T8656]  should_fail_ex+0x512/0x640
[  280.651740][ T8656]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  280.651754][ T8656]  should_failslab+0xc2/0x120
[  280.651772][ T8656]  __kmalloc_cache_noprof+0x6a/0x3e0
[  280.651785][ T8656]  ? alloc_fs_context+0x57/0x9c0
[  280.651803][ T8656]  alloc_fs_context+0x57/0x9c0
[  280.651820][ T8656]  path_mount+0xaf8/0x2020
[  280.651836][ T8656]  ? kmem_cache_free+0x2d1/0x4d0
[  280.651848][ T8656]  ? __pfx_path_mount+0x10/0x10
[  280.651865][ T8656]  ? putname+0x154/0x1a0
[  280.651882][ T8656]  __x64_sys_mount+0x28d/0x310
[  280.651898][ T8656]  ? __pfx___x64_sys_mount+0x10/0x10
[  280.651917][ T8656]  do_syscall_64+0xcd/0x4c0
[  280.651933][ T8656]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  280.651944][ T8656] RIP: 0033:0x7f239078e929
[  280.651953][ T8656] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  280.651963][ T8656] RSP: 002b:00007f23916d8038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  280.651973][ T8656] RAX: ffffffffffffffda RBX: 00007f23909b5fa0 RCX: 00007f239078e929
[  280.651980][ T8656] RDX: 0000200000000040 RSI: 0000200000000000 RDI: 00002000000000c0
[  280.651986][ T8656] RBP: 00007f23916d8090 R08: 0000000000000000 R09: 0000000000000000
[  280.651992][ T8656] R10: 0000000002000010 R11: 0000000000000246 R12: 0000000000000002
[  280.651998][ T8656] R13: 0000000000000000 R14: 00007f23909b5fa0 R15: 00007ffd6ee5f788
[  280.652011][ T8656]  </TASK>
[  281.113195][  T837] magicmouse 0003:05AC:0269.0012: hidraw0: USB HID v0.01 Device [HID 05ac:0269] on usb-dummy_hcd.2-1/input0
[  281.574709][  T837] usb 3-1: USB disconnect, device number 33
[  281.636369][ T8666] fido_id[8666]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/3-1/report_descriptor': No such file or directory
[  282.180815][ T5893] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  282.362898][ T5893] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  282.374707][ T5893] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  282.387431][ T5893] usb 5-1: New USB device found, idVendor=172f, idProduct=0038, bcdDevice= 0.00
[  282.424774][ T5893] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  282.428874][ T8679] FAULT_INJECTION: forcing a failure.
[  282.428874][ T8679] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  282.452947][ T8679] CPU: 1 UID: 0 PID: 8679 Comm: syz.3.784 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(full) 
[  282.452970][ T8679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  282.452979][ T8679] Call Trace:
[  282.452984][ T8679]  <TASK>
[  282.452990][ T8679]  dump_stack_lvl+0x16c/0x1f0
[  282.453019][ T8679]  should_fail_ex+0x512/0x640
[  282.453044][ T8679]  should_fail_alloc_page+0xe7/0x130
[  282.453069][ T8679]  prepare_alloc_pages+0x3c2/0x610
[  282.453088][ T8679]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  282.453115][ T8679]  ? __lock_acquire+0x622/0x1c90
[  282.453143][ T8679]  ? xas_create+0x1d7/0x1460
[  282.453158][ T8679]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  282.453182][ T8679]  ? lock_acquire+0x179/0x350
[  282.453206][ T8679]  ? rcu_is_watching+0x12/0xc0
[  282.453233][ T8679]  ? __lock_acquire+0x622/0x1c90
[  282.453257][ T8679]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  282.453279][ T8679]  ? policy_nodemask+0xea/0x4e0
[  282.453304][ T8679]  alloc_pages_mpol+0x1fb/0x550
[  282.453326][ T8679]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  282.453351][ T8679]  ? filemap_get_entry+0x1a7/0x3b0
[  282.453379][ T8679]  folio_alloc_noprof+0x20/0x2d0
[  282.453394][ T8679]  filemap_alloc_folio_noprof+0x3a1/0x470
[  282.453415][ T8679]  ? __pfx_filemap_alloc_folio_noprof+0x10/0x10
[  282.453442][ T8679]  __filemap_get_folio+0x5e1/0xc30
[  282.453472][ T8679]  fuse_write_begin+0x14d/0x5f0
[  282.453493][ T8679]  generic_perform_write+0x3cd/0x930
[  282.453520][ T8679]  ? __pfx_generic_perform_write+0x10/0x10
[  282.453541][ T8679]  ? generic_write_checks+0x311/0x480
[  282.453561][ T8679]  ? __pfx_generic_write_checks+0x10/0x10
[  282.453582][ T8679]  __generic_file_write_iter+0x1f7/0x240
[  282.453609][ T8679]  generic_file_write_iter+0xe1/0x3c0
[  282.453632][ T8679]  fuse_file_write_iter+0x6be/0x950
[  282.453657][ T8679]  vfs_write+0x6c4/0x1150
[  282.453677][ T8679]  ? __pfx_fuse_file_write_iter+0x10/0x10
[  282.453698][ T8679]  ? __pfx___mutex_lock+0x10/0x10
[  282.453723][ T8679]  ? __pfx_vfs_write+0x10/0x10
[  282.453767][ T8679]  ksys_write+0x12a/0x250
[  282.453787][ T8679]  ? __pfx_ksys_write+0x10/0x10
[  282.453813][ T8679]  do_syscall_64+0xcd/0x4c0
[  282.453840][ T8679]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  282.453861][ T8679] RIP: 0033:0x7fd0ed18e929
[  282.453875][ T8679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  282.453891][ T8679] RSP: 002b:00007fd0ee0b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  282.453908][ T8679] RAX: ffffffffffffffda RBX: 00007fd0ed3b5fa0 RCX: 00007fd0ed18e929
[  282.453919][ T8679] RDX: 00000000fffffdef RSI: 00002000000000c0 RDI: 0000000000000006
[  282.453930][ T8679] RBP: 00007fd0ee0b4090 R08: 0000000000000000 R09: 0000000000000000
[  282.453940][ T8679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  282.453949][ T8679] R13: 0000000000000000 R14: 00007fd0ed3b5fa0 R15: 00007fffdd669578
[  282.453973][ T8679]  </TASK>
[  282.460636][ T5893] usb 5-1: config 0 descriptor??
[  282.690640][ T5933] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  282.923487][ T5933] usb 3-1: config 5 has an invalid descriptor of length 0, skipping remainder of the config
[  282.933907][ T5933] usb 3-1: config 5 has 0 interfaces, different from the descriptor's value: 1
[  282.945663][ T5933] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  282.948301][ T8689] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=8689 comm=syz.3.787
[  282.955102][ T5933] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  282.977187][ T5933] usb 3-1: SerialNumber: syz
[  283.055221][ T8687] netlink: 32 bytes leftover after parsing attributes in process `syz.3.787'.
[  283.128430][ T5893] waltop 0003:172F:0038.0013: hidraw0: USB HID v0.00 Device [HID 172f:0038] on usb-dummy_hcd.4-1/input0
[  283.219758][ T8684] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  283.240490][ T8684] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  283.254070][ T5893] usb 3-1: USB disconnect, device number 34
[  283.295644][   T30] kauditd_printk_skb: 7 callbacks suppressed
[  283.295661][   T30] audit: type=1400 audit(1752935633.424:591): avc:  denied  { append } for  pid=8691 comm="syz.0.788" name="btrfs-control" dev="devtmpfs" ino=1309 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  283.551596][ T5965] usb 1-1: new full-speed USB device number 27 using dummy_hcd
[  283.701809][ T5965] usb 1-1: device descriptor read/64, error -71
[  283.926052][ T8704] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  283.970698][ T5965] usb 1-1: new full-speed USB device number 28 using dummy_hcd
[  284.120675][ T5965] usb 1-1: device descriptor read/64, error -71
[  284.232107][ T8714] siw: device registration error -23
[  284.241351][ T5965] usb usb1-port1: attempt power cycle
[  284.252329][   T30] audit: type=1400 audit(1752935634.384:592): avc:  denied  { create } for  pid=8713 comm="syz.3.796" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  284.281496][   T30] audit: type=1400 audit(1752935634.384:593): avc:  denied  { write } for  pid=8713 comm="syz.3.796" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  284.359538][   T30] audit: type=1400 audit(1752935634.484:594): avc:  denied  { append } for  pid=8713 comm="syz.3.796" name="event1" dev="devtmpfs" ino=919 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  285.110555][ T5965] usb 1-1: new full-speed USB device number 29 using dummy_hcd
[  285.204029][ T5927] usb 5-1: USB disconnect, device number 26
[  285.231871][ T5965] usb 1-1: device descriptor read/8, error -71
[  285.357840][ T8718] netlink: 4 bytes leftover after parsing attributes in process `syz.4.797'.
[  285.500930][ T5965] usb 1-1: new full-speed USB device number 30 using dummy_hcd
[  285.579894][ T5965] usb 1-1: device descriptor read/8, error -71
[  285.713968][ T5965] usb usb1-port1: unable to enumerate USB device
[  286.645252][ T8739] FAULT_INJECTION: forcing a failure.
[  286.645252][ T8739] name failslab, interval 1, probability 0, space 0, times 0
[  286.704348][ T8739] CPU: 1 UID: 0 PID: 8739 Comm: syz.0.802 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(full) 
[  286.704377][ T8739] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  286.704387][ T8739] Call Trace:
[  286.704393][ T8739]  <TASK>
[  286.704400][ T8739]  dump_stack_lvl+0x16c/0x1f0
[  286.704431][ T8739]  should_fail_ex+0x512/0x640
[  286.704453][ T8739]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  286.704476][ T8739]  should_failslab+0xc2/0x120
[  286.704501][ T8739]  __kmalloc_cache_noprof+0x6a/0x3e0
[  286.704521][ T8739]  ? v9fs_mount+0xa6/0xa30
[  286.704545][ T8739]  v9fs_mount+0xa6/0xa30
[  286.704564][ T8739]  ? __pfx_v9fs_mount+0x10/0x10
[  286.704584][ T8739]  ? cap_capable+0xb3/0x250
[  286.704605][ T8739]  ? __pfx_v9fs_mount+0x10/0x10
[  286.704623][ T8739]  legacy_get_tree+0x109/0x220
[  286.704651][ T8739]  vfs_get_tree+0x8e/0x340
[  286.704669][ T8739]  path_mount+0x1414/0x2020
[  286.704698][ T8739]  ? kmem_cache_free+0x2d1/0x4d0
[  286.704718][ T8739]  ? __pfx_path_mount+0x10/0x10
[  286.704747][ T8739]  ? putname+0x154/0x1a0
[  286.704776][ T8739]  __x64_sys_mount+0x28d/0x310
[  286.704803][ T8739]  ? __pfx___x64_sys_mount+0x10/0x10
[  286.704837][ T8739]  do_syscall_64+0xcd/0x4c0
[  286.704865][ T8739]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  286.704883][ T8739] RIP: 0033:0x7f239078e929
[  286.704897][ T8739] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  286.704913][ T8739] RSP: 002b:00007f23916d8038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  286.704929][ T8739] RAX: ffffffffffffffda RBX: 00007f23909b5fa0 RCX: 00007f239078e929
[  286.704941][ T8739] RDX: 0000200000000080 RSI: 0000200000000040 RDI: 0000000000000000
[  286.704951][ T8739] RBP: 00007f23916d8090 R08: 0000200000000240 R09: 0000000000000000
[  286.704961][ T8739] R10: 0000000000800000 R11: 0000000000000246 R12: 0000000000000002
[  286.704976][ T8739] R13: 0000000000000000 R14: 00007f23909b5fa0 R15: 00007ffd6ee5f788
[  286.705002][ T8739]  </TASK>
[  287.456648][ T8752] netlink: 16 bytes leftover after parsing attributes in process `syz.0.804'.
[  288.216374][ T8754] vlan2: entered promiscuous mode
[  288.226912][ T8754] vlan2: entered allmulticast mode
[  288.672715][   T30] audit: type=1400 audit(1752935638.794:595): avc:  denied  { listen } for  pid=8762 comm="syz.2.808" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  288.755593][   T30] audit: type=1326 audit(1752935638.834:596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8762 comm="syz.2.808" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fba6038e929 code=0x0
[  288.783051][   T51] Bluetooth: hci4: unexpected event for opcode 0x2023
[  288.845961][ T8766] 9pnet: Could not find request transport: fùxdno=0xffffffffffffffff
[  289.481661][ T8772] netlink: 4 bytes leftover after parsing attributes in process `syz.1.810'.
[  289.920655][ T5933] usb 1-1: new full-speed USB device number 31 using dummy_hcd
[  289.973976][ T8782] ceph: No mds server is up or the cluster is laggy
[  289.982015][ T5927] libceph: connect (1)[c::]:6789 error -97
[  289.988669][ T5927] libceph: mon0 (1)[c::]:6789 connect error
[  290.154902][ T5933] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  290.349532][ T5933] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[  290.350190][ T8792] ubi31: attaching mtd0
[  290.385129][ T8792] ubi31: scanning is finished
[  290.385697][ T5933] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid maxpacket 121, setting to 64
[  290.400711][ T8792] ubi31: empty MTD device detected
[  290.495360][ T5933] usb 1-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  290.504883][ T5933] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  290.513419][ T5933] usb 1-1: Product: syz
[  290.520030][ T5933] usb 1-1: Manufacturer: syz
[  290.739155][ T8792] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  290.748224][ T8792] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  290.751346][ T5933] usb 1-1: SerialNumber: syz
[  290.762846][ T8792] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  290.773844][ T8792] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  290.783105][ T8792] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  290.792064][ T8792] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  290.802491][ T8792] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 4120297952
[  290.813343][ T8792] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  290.840041][ T8794] ubi31: background thread "ubi_bgt31d" started, PID 8794
[  290.841040][ T5933] usb 1-1: config 0 descriptor??
[  290.940137][ T8798] siw: device registration error -23
[  290.981131][ T8784] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  290.988334][ T8784] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  290.996320][ T5933] usb 1-1: ucan: probing device on interface #0
[  291.178160][ T8802] netlink: 12 bytes leftover after parsing attributes in process `syz.1.817'.
[  291.464041][ T8803] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  291.514180][ T5933] usb 1-1: ucan: device reported invalid device info
[  291.547845][   T30] audit: type=1400 audit(1752935641.674:597): avc:  denied  { accept } for  pid=8804 comm="syz.2.818" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  291.576300][ T5933] usb 1-1: ucan: probe failed; try to update the device firmware
[  292.166128][   T30] audit: type=1400 audit(1752935642.284:598): avc:  denied  { getattr } for  pid=8811 comm="syz.1.820" name="/" dev="secretmem" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  292.714325][   T30] audit: type=1400 audit(1752935642.834:599): avc:  denied  { write } for  pid=8815 comm="syz.1.822" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  292.785132][ T5933] usb 1-1: USB disconnect, device number 31
[  293.700893][ T8833] netlink: 8 bytes leftover after parsing attributes in process `syz.2.826'.
[  293.727300][ T8833] netlink: 36 bytes leftover after parsing attributes in process `syz.2.826'.
[  293.750728][ T8839] binder: 8837:8839 ioctl c0306201 200000000180 returned -22
[  293.759247][   T30] audit: type=1400 audit(1752935643.884:600): avc:  denied  { remount } for  pid=8837 comm="syz.4.828" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  293.790770][ T8833] netlink: 4 bytes leftover after parsing attributes in process `syz.2.826'.
[  293.942094][ T8848] netlink: 8 bytes leftover after parsing attributes in process `syz.3.829'.
[  294.090884][  T837] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  294.510598][  T837] usb 5-1: Using ep0 maxpacket: 32
[  294.526271][  T837] usb 5-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  294.553545][  T837] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  294.603070][  T837] usb 5-1: config 0 descriptor??
[  294.635217][  T837] gspca_main: nw80x-2.14.0 probing 055f:d001
[  294.825145][  T837] gspca_nw80x: reg_w err -71
[  294.830229][  T837] nw80x 5-1:0.0: probe with driver nw80x failed with error -71
[  295.054296][  T837] usb 5-1: USB disconnect, device number 27
[  295.134192][   T30] audit: type=1400 audit(1752935645.254:601): avc:  denied  { read } for  pid=8859 comm="syz.2.836" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  295.448746][   T30] audit: type=1400 audit(1752935645.254:602): avc:  denied  { open } for  pid=8859 comm="syz.2.836" path="/dev/snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  295.872290][   T30] audit: type=1400 audit(1752935645.554:603): avc:  denied  { append } for  pid=8859 comm="syz.2.836" name="card0" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  295.914239][ T8867] netlink: 56 bytes leftover after parsing attributes in process `syz.3.837'.
[  295.966679][   T30] audit: type=1400 audit(1752935645.724:604): avc:  denied  { write } for  pid=8865 comm="syz.3.837" path="socket:[20417]" dev="sockfs" ino=20417 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  296.004612][   T30] audit: type=1400 audit(1752935645.794:605): avc:  denied  { setattr } for  pid=8870 comm="syz.1.838" name="NETLINK" dev="sockfs" ino=20430 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  296.050959][ T8863] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  296.058736][ T8863] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  296.331911][ T8863] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  296.338420][ T8863] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  296.350417][ T8863] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  296.356820][ T8863] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  296.377438][ T8863] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  296.393056][ T8863] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  296.670952][ T5927] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  296.820764][   T92] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  296.940698][ T5927] usb 4-1: Using ep0 maxpacket: 16
[  296.950606][   T92] usb 1-1: device descriptor read/64, error -71
[  296.951942][ T5927] usb 4-1: config 0 has an invalid interface number: 8 but max is 0
[  296.971181][ T5927] usb 4-1: config 0 has no interface number 0
[  296.977510][ T5927] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  296.988958][ T5927] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  296.999224][  T837] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[  297.012859][ T5927] usb 4-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  297.022319][ T5927] usb 4-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  297.030596][ T5927] usb 4-1: Product: syz
[  297.035428][ T5927] usb 4-1: SerialNumber: syz
[  297.053321][ T5927] usb 4-1: config 0 descriptor??
[  297.081853][ T5927] cm109 4-1:0.8: invalid payload size 0, expected 4
[  297.093207][ T5927] input: CM109 USB driver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.8/input/input19
[  297.140704][  T837] usb 3-1: device descriptor read/64, error -71
[  297.190644][   T92] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  297.282616][    C1] cm109 4-1:0.8: cm109_urb_ctl_callback: usb_submit_urb (urb_irq) failed -90
[  297.331785][   T92] usb 1-1: device descriptor read/64, error -71
[  297.380840][  T837] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  297.419309][ T8903] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=8903 comm=syz.1.849
[  297.441495][   T92] usb usb1-port1: attempt power cycle
[  297.497434][    C0] cm109_urb_ctl_callback: 6 callbacks suppressed
[  297.497456][    C0] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[  297.511516][    C0] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[  297.518680][    C0] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[  297.525895][    C0] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[  297.530616][  T837] usb 3-1: device descriptor read/64, error -71
[  297.533068][    C0] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[  297.547045][    C0] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[  297.556092][    C0] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[  297.563329][    C0] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[  297.570598][    C0] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[  297.577829][    C0] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[  297.640984][  T837] usb usb3-port1: attempt power cycle
[  297.698305][ T5872] usb 4-1: USB disconnect, device number 25
[  297.698354][    C0] cm109 4-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  297.741571][ T5872] cm109 4-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  297.960595][   T92] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  298.014144][   T51] Bluetooth: hci0: command 0x0401 tx timeout
[  298.021578][  T837] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[  298.172751][  T837] usb 3-1: device descriptor read/8, error -71
[  298.509826][   T51] Bluetooth: hci4: command 0x0406 tx timeout
[  298.516995][   T51] Bluetooth: hci3: command 0x0406 tx timeout
[  298.524245][  T837] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[  298.533295][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[  298.572886][  T837] usb 3-1: device descriptor read/8, error -71
[  298.706348][   T92] usb 1-1: device descriptor read/8, error -71
[  298.724688][  T837] usb usb3-port1: unable to enumerate USB device
[  299.974639][ T8924] input: syz1 as /devices/virtual/input/input20
[  300.003455][   T30] audit: type=1400 audit(1752935650.134:606): avc:  denied  { write } for  pid=8925 comm="syz.2.857" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  300.090639][ T5818] Bluetooth: hci0: command 0x0401 tx timeout
[  300.570718][   T51] Bluetooth: hci3: command 0x0406 tx timeout
[  300.577102][   T51] Bluetooth: hci4: command 0x0406 tx timeout
[  300.583459][ T5818] Bluetooth: hci1: command 0x0406 tx timeout
[  300.790612][   T30] audit: type=1400 audit(1752935650.914:607): avc:  denied  { map } for  pid=8932 comm="syz.4.860" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  300.936388][ T8953] tipc: Started in network mode
[  300.941662][ T8953] tipc: Node identity 7f000001, cluster identity 4711
[  300.949854][ T8953] tipc: Enabled bearer <udp:syz2>, priority 10
[  300.963303][ T8944] lo speed is unknown, defaulting to 1000
[  300.985383][   T30] audit: type=1400 audit(1752935650.914:608): avc:  denied  { execute } for  pid=8932 comm="syz.4.860" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  301.237727][ T8969] netlink: 24 bytes leftover after parsing attributes in process `syz.0.868'.
[  301.306455][ T8976] FAULT_INJECTION: forcing a failure.
[  301.306455][ T8976] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  301.343563][ T8976] CPU: 1 UID: 0 PID: 8976 Comm: syz.3.870 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(full) 
[  301.343589][ T8976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  301.343599][ T8976] Call Trace:
[  301.343605][ T8976]  <TASK>
[  301.343611][ T8976]  dump_stack_lvl+0x16c/0x1f0
[  301.343641][ T8976]  should_fail_ex+0x512/0x640
[  301.343667][ T8976]  _copy_to_user+0x32/0xd0
[  301.343693][ T8976]  simple_read_from_buffer+0xcb/0x170
[  301.343719][ T8976]  proc_fail_nth_read+0x197/0x270
[  301.343742][ T8976]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  301.343765][ T8976]  ? rw_verify_area+0xcf/0x680
[  301.343783][ T8976]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  301.343805][ T8976]  vfs_read+0x1e4/0xc60
[  301.343834][ T8976]  ? __pfx___mutex_lock+0x10/0x10
[  301.343859][ T8976]  ? __pfx_vfs_read+0x10/0x10
[  301.343886][ T8976]  ? __fget_files+0x20e/0x3c0
[  301.343917][ T8976]  ksys_read+0x12a/0x250
[  301.343938][ T8976]  ? __pfx_ksys_read+0x10/0x10
[  301.343966][ T8976]  do_syscall_64+0xcd/0x4c0
[  301.343993][ T8976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  301.344011][ T8976] RIP: 0033:0x7fd0ed18d33c
[  301.344025][ T8976] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  301.344041][ T8976] RSP: 002b:00007fd0ee0b4030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  301.344058][ T8976] RAX: ffffffffffffffda RBX: 00007fd0ed3b5fa0 RCX: 00007fd0ed18d33c
[  301.344069][ T8976] RDX: 000000000000000f RSI: 00007fd0ee0b40a0 RDI: 0000000000000003
[  301.344078][ T8976] RBP: 00007fd0ee0b4090 R08: 0000000000000000 R09: 0000000000000000
[  301.344088][ T8976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  301.344098][ T8976] R13: 0000000000000000 R14: 00007fd0ed3b5fa0 R15: 00007fffdd669578
[  301.344122][ T8976]  </TASK>
[  301.929822][ T8994] netlink: 40 bytes leftover after parsing attributes in process `syz.0.878'.
[  302.305518][  T837] tipc: Node number set to 2130706433
[  302.311298][   T30] audit: type=1400 audit(1752935652.144:609): avc:  denied  { accept } for  pid=8986 comm="syz.0.878" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  302.346572][ T8998] FAULT_INJECTION: forcing a failure.
[  302.346572][ T8998] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  302.359843][ T8998] CPU: 0 UID: 0 PID: 8998 Comm: syz.4.877 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(full) 
[  302.359867][ T8998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  302.359876][ T8998] Call Trace:
[  302.359881][ T8998]  <TASK>
[  302.359888][ T8998]  dump_stack_lvl+0x16c/0x1f0
[  302.359916][ T8998]  should_fail_ex+0x512/0x640
[  302.359939][ T8998]  _copy_from_user+0x2e/0xd0
[  302.359961][ T8998]  memdup_user+0x6b/0xe0
[  302.359982][ T8998]  strndup_user+0x78/0xe0
[  302.360003][ T8998]  __x64_sys_mount+0x180/0x310
[  302.360026][ T8998]  ? __pfx___x64_sys_mount+0x10/0x10
[  302.360050][ T8998]  ? trace_irq_enable.constprop.0+0x2f/0x120
[  302.360074][ T8998]  do_syscall_64+0xcd/0x4c0
[  302.360098][ T8998]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  302.360115][ T8998] RIP: 0033:0x7f331218e929
[  302.360128][ T8998] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  302.360144][ T8998] RSP: 002b:00007f3313021038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  302.360159][ T8998] RAX: ffffffffffffffda RBX: 00007f33123b6080 RCX: 00007f331218e929
[  302.360170][ T8998] RDX: 0000200000000180 RSI: 0000200000000040 RDI: 0000200000000140
[  302.360180][ T8998] RBP: 00007f3313021090 R08: 0000000000000000 R09: 0000000000000000
[  302.360189][ T8998] R10: 0000000002208004 R11: 0000000000000246 R12: 0000000000000001
[  302.360199][ T8998] R13: 0000000000000001 R14: 00007f33123b6080 R15: 00007fff817022c8
[  302.360221][ T8998]  </TASK>
[  302.365028][ T8992] netlink: 4 bytes leftover after parsing attributes in process `syz.2.876'.
[  302.895349][ T8992] bond_slave_0: entered promiscuous mode
[  302.901326][ T8992] bond_slave_1: entered promiscuous mode
[  302.908645][ T8992] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  303.070710][   T92] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  303.159764][   T30] audit: type=1400 audit(1752935653.194:610): avc:  denied  { mounton } for  pid=9000 comm="syz.0.880" path="/191/file0" dev="configfs" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  303.388515][   T30] audit: type=1400 audit(1752935653.214:611): avc:  denied  { read } for  pid=9000 comm="syz.0.880" name="/" dev="configfs" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  303.902270][   T30] audit: type=1400 audit(1752935653.214:612): avc:  denied  { open } for  pid=9000 comm="syz.0.880" path="/191/file0" dev="overlay" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  303.925029][   T30] audit: type=1400 audit(1752935653.214:613): avc:  denied  { read } for  pid=9000 comm="syz.0.880" name="/" dev="configfs" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  303.946738][    C0] vkms_vblank_simulate: vblank timer overrun
[  303.953131][   T92] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  303.963438][   T92] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  303.972372][   T30] audit: type=1400 audit(1752935653.214:614): avc:  denied  { read } for  pid=9000 comm="syz.0.880" name="/" dev="configfs" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  303.994073][    C0] vkms_vblank_simulate: vblank timer overrun
[  304.000159][   T92] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  304.038156][   T92] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  304.047665][   T92] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  304.055727][   T92] usb 5-1: Product: syz
[  304.060083][   T92] usb 5-1: Manufacturer: syz
[  304.065290][   T30] audit: type=1400 audit(1752935654.194:615): avc:  denied  { unmount } for  pid=5806 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  304.087074][   T92] usb 5-1: SerialNumber: syz
[  304.111751][   T92] cdc_ncm 5-1:1.0: NCM or ECM functional descriptors missing
[  304.119193][   T92] cdc_ncm 5-1:1.0: bind() failure
[  304.164050][ T9012] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  304.237673][ T9012] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  304.312607][ T5927] usb 5-1: USB disconnect, device number 28
[  304.693411][ T9027] 9pnet_fd: Insufficient options for proto=fd
[  305.667670][   T30] audit: type=1400 audit(1752935655.794:616): avc:  denied  { map } for  pid=9029 comm="syz.1.888" path="socket:[21327]" dev="sockfs" ino=21327 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  305.813655][   T30] audit: type=1400 audit(1752935655.944:617): avc:  denied  { setopt } for  pid=9037 comm="syz.3.891" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  305.836055][ T9038] trusted_key: syz.3.891 sent an empty control message without MSG_MORE.
[  306.003752][ T9046] netlink: 'syz.2.893': attribute type 1 has an invalid length.
[  306.116201][   T30] audit: type=1400 audit(1752935656.244:618): avc:  denied  { getopt } for  pid=9045 comm="syz.2.893" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  306.370733][ T5872] usb 1-1: new low-speed USB device number 36 using dummy_hcd
[  306.611165][ T5872] usb 1-1: no configurations
[  306.615941][ T5872] usb 1-1: can't read configurations, error -22
[  306.750592][ T5872] usb 1-1: new low-speed USB device number 37 using dummy_hcd
[  306.887381][ T9061] netlink: 28 bytes leftover after parsing attributes in process `syz.3.899'.
[  306.953980][   T30] audit: type=1400 audit(1752935657.074:619): avc:  denied  { relabelfrom } for  pid=9063 comm="syz.4.901" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  306.977992][   T30] audit: type=1400 audit(1752935657.084:620): avc:  denied  { relabelto } for  pid=9063 comm="syz.4.901" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[  307.064461][ T5872] usb 1-1: no configurations
[  307.069332][ T5872] usb 1-1: can't read configurations, error -22
[  307.106706][ T5872] usb usb1-port1: attempt power cycle
[  307.170798][ T5893] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  307.321722][ T5893] usb 4-1: Using ep0 maxpacket: 8
[  307.334912][ T5893] usb 4-1: unable to get BOS descriptor or descriptor too short
[  307.369870][ T5893] usb 4-1: unable to read config index 0 descriptor/start: -71
[  307.438316][ T5893] usb 4-1: can't read configurations, error -71
[  307.480707][ T5872] usb 1-1: new low-speed USB device number 38 using dummy_hcd
[  307.698239][ T5872] usb 1-1: no configurations
[  307.733960][ T5872] usb 1-1: can't read configurations, error -22
[  307.922373][ T5872] usb 1-1: new low-speed USB device number 39 using dummy_hcd
[  307.983680][ T5872] usb 1-1: no configurations
[  308.004011][ T5872] usb 1-1: can't read configurations, error -22
[  308.071059][ T5872] usb usb1-port1: unable to enumerate USB device
[  308.777925][ T9089] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  309.165341][ T9089] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  309.236239][ T9089] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  309.620649][ T5893] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[  309.886576][ T5893] usb 3-1: config 0 interface 0 altsetting 6 endpoint 0x81 has invalid maxpacket 50827, setting to 1024
[  309.898116][ T5893] usb 3-1: config 0 interface 0 has no altsetting 0
[  309.905130][ T5893] usb 3-1: New USB device found, idVendor=056e, idProduct=00fe, bcdDevice= 0.00
[  309.915035][ T5893] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  309.925388][ T5893] usb 3-1: config 0 descriptor??
[  309.931811][ T9102] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  309.948740][ T9111] netlink: 'syz.3.916': attribute type 64 has an invalid length.
[  309.959066][ T9111] netlink: 44 bytes leftover after parsing attributes in process `syz.3.916'.
[  310.348666][ T5893] usbhid 3-1:0.0: can't add hid device: -71
[  310.366219][ T5893] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  310.391903][ T5893] usb 3-1: USB disconnect, device number 39
[  310.969049][ T9126] FAULT_INJECTION: forcing a failure.
[  310.969049][ T9126] name failslab, interval 1, probability 0, space 0, times 0
[  311.025873][ T9126] CPU: 1 UID: 0 PID: 9126 Comm: syz.4.920 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(full) 
[  311.025897][ T9126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  311.025907][ T9126] Call Trace:
[  311.025913][ T9126]  <TASK>
[  311.025919][ T9126]  dump_stack_lvl+0x16c/0x1f0
[  311.025948][ T9126]  should_fail_ex+0x512/0x640
[  311.025970][ T9126]  ? fs_reclaim_acquire+0xae/0x150
[  311.025989][ T9126]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  311.026013][ T9126]  should_failslab+0xc2/0x120
[  311.026037][ T9126]  __kmalloc_noprof+0xd2/0x510
[  311.026064][ T9126]  tomoyo_realpath_from_path+0xc2/0x6e0
[  311.026090][ T9126]  ? tomoyo_profile+0x47/0x60
[  311.026118][ T9126]  tomoyo_path_number_perm+0x245/0x580
[  311.026137][ T9126]  ? tomoyo_path_number_perm+0x237/0x580
[  311.026159][ T9126]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  311.026181][ T9126]  ? find_held_lock+0x2b/0x80
[  311.026225][ T9126]  ? find_held_lock+0x2b/0x80
[  311.026244][ T9126]  ? hook_file_ioctl_common+0x145/0x410
[  311.026277][ T9126]  ? __fget_files+0x20e/0x3c0
[  311.026303][ T9126]  security_file_ioctl+0x9b/0x240
[  311.026327][ T9126]  __x64_sys_ioctl+0xb7/0x210
[  311.026348][ T9126]  do_syscall_64+0xcd/0x4c0
[  311.026375][ T9126]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.026393][ T9126] RIP: 0033:0x7f331218e929
[  311.026406][ T9126] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  311.026422][ T9126] RSP: 002b:00007f3313042038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  311.026439][ T9126] RAX: ffffffffffffffda RBX: 00007f33123b5fa0 RCX: 00007f331218e929
[  311.026450][ T9126] RDX: 00002000000003c0 RSI: 00000000c0d05605 RDI: 0000000000000003
[  311.026459][ T9126] RBP: 00007f3313042090 R08: 0000000000000000 R09: 0000000000000000
[  311.026468][ T9126] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  311.026477][ T9126] R13: 0000000000000000 R14: 00007f33123b5fa0 R15: 00007fff817022c8
[  311.026499][ T9126]  </TASK>
[  311.026506][ T9126] ERROR: Out of memory at tomoyo_realpath_from_path.
[  313.859041][   T30] audit: type=1400 audit(1752935663.904:621): avc:  denied  { kexec_image_load } for  pid=9151 comm="syz.4.929" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[  314.258195][   T30] audit: type=1400 audit(1752935664.384:622): avc:  denied  { setattr } for  pid=9165 comm="syz.0.934" name="/" dev="configfs" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  314.280384][  T837] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  314.280842][ T9168] netlink: 20 bytes leftover after parsing attributes in process `syz.0.934'.
[  314.386430][   T30] audit: type=1400 audit(1752935664.424:623): avc:  denied  { ioctl } for  pid=9169 comm="syz.1.935" path="socket:[22594]" dev="sockfs" ino=22594 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  314.483274][  T837] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[  314.520580][  T837] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 1544, setting to 1024
[  314.543333][   T30] audit: type=1400 audit(1752935664.454:624): avc:  denied  { create } for  pid=9167 comm="syz.3.936" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_nflog_socket permissive=1
[  314.573807][  T837] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024
[  314.621439][  T837] usb 5-1: New USB device found, idVendor=2c7c, idProduct=030e, bcdDevice=81.28
[  314.640418][  T837] usb 5-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[  314.670973][  T837] usb 5-1: Product: syz
[  314.675186][  T837] usb 5-1: Manufacturer: syz
[  314.679792][  T837] usb 5-1: SerialNumber: syz
[  314.708285][  T837] usb 5-1: config 0 descriptor??
[  314.723934][ T9163] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  314.740084][ T9163] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  314.794046][  T837] option 5-1:0.0: GSM modem (1-port) converter detected
[  314.813770][  T837] usb 5-1: GSM modem (1-port) converter now attached to ttyUSB0
[  315.003915][ T5893] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[  315.053174][ T9189] overlayfs: missing 'lowerdir'
[  315.201340][ T9152] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  315.217475][  T837] usb 5-1: USB disconnect, device number 29
[  315.220603][ T5893] usb 1-1: Using ep0 maxpacket: 16
[  315.230750][  T837] option1 ttyUSB0: GSM modem (1-port) converter now disconnected from ttyUSB0
[  315.232381][ T5893] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  315.253404][ T5893] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  315.258171][  T837] option 5-1:0.0: device disconnected
[  315.263692][ T5893] usb 1-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00
[  315.278368][ T5893] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  315.288571][ T5893] usb 1-1: config 0 descriptor??
[  315.738152][ T5893] hid-picolcd 0003:04D8:F002.0014: unknown main item tag 0x0
[  315.805046][ T5893] hid-picolcd 0003:04D8:F002.0014: No report with id 0xf4 found
[  315.870190][ T5893] hid-picolcd 0003:04D8:F002.0014: No report with id 0xf3 found
[  316.276186][ T9184] delete_channel: no stack
[  316.319299][ T5893] usb 1-1: USB disconnect, device number 40
[  316.703438][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  316.709816][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  317.046505][   T30] audit: type=1400 audit(1752935667.174:625): avc:  denied  { map } for  pid=9218 comm="syz.4.951" path="socket:[22747]" dev="sockfs" ino=22747 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  317.126580][ T9220] netlink: 164 bytes leftover after parsing attributes in process `syz.4.951'.
[  317.262133][ T9224] dummy0: entered promiscuous mode
[  317.309566][ T9224] lo speed is unknown, defaulting to 1000
[  319.554652][ T9255] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  319.652525][ T9265] ubi: mtd0 is already attached to ubi31
[  320.032341][   T30] audit: type=1400 audit(1752935670.064:626): avc:  denied  { ioctl } for  pid=9260 comm="syz.3.964" path="socket:[22904]" dev="sockfs" ino=22904 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  320.107900][   T30] audit: type=1400 audit(1752935670.134:627): avc:  denied  { create } for  pid=9259 comm="syz.1.962" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[  320.624699][   T30] audit: type=1400 audit(1752935670.144:628): avc:  denied  { sys_admin } for  pid=9259 comm="syz.1.962" capability=21  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[  320.900471][ T9282] netlink: 24 bytes leftover after parsing attributes in process `syz.3.969'.
[  323.311547][ T9279] erofs (device nbd2): cannot find valid erofs superblock
[  323.608475][ T9293] block device autoloading is deprecated and will be removed.
[  325.131155][ T5933] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[  325.880699][ T5931] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  326.463360][   T30] audit: type=1326 audit(1752935676.594:629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9308 comm="syz.4.977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f331218e929 code=0x7ffc0000
[  326.512927][ T5931] usb 4-1: Using ep0 maxpacket: 32
[  326.582818][ T9315] netlink: 'syz.1.980': attribute type 7 has an invalid length.
[  326.595062][   T30] audit: type=1326 audit(1752935676.594:630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9308 comm="syz.4.977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f331218e929 code=0x7ffc0000
[  326.623585][ T5931] usb 4-1: config 4 has an invalid interface number: 128 but max is 0
[  326.680708][ T5931] usb 4-1: config 4 has no interface number 0
[  326.683884][   T30] audit: type=1326 audit(1752935676.614:631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9308 comm="syz.4.977" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f331218e929 code=0x7ffc0000
[  326.690599][ T5931] usb 4-1: config 4 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  326.731476][ T5931] usb 4-1: config 4 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  326.748399][ T5931] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  326.825292][ T5872] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  326.894685][    C1] ==================================================================
[  326.902773][    C1] BUG: KASAN: slab-use-after-free in rose_timer_expiry+0x45a/0x4d0
[  326.910650][    C1] Read of size 2 at addr ffff88807b49dc2a by task syz.0.975/9300
[  326.918337][    C1] 
[  326.920638][    C1] CPU: 1 UID: 0 PID: 9300 Comm: syz.0.975 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(full) 
[  326.920653][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  326.920660][    C1] Call Trace:
[  326.920665][    C1]  <IRQ>
[  326.920669][    C1]  dump_stack_lvl+0x116/0x1f0
[  326.920686][    C1]  print_report+0xcd/0x680
[  326.920701][    C1]  ? __virt_addr_valid+0x81/0x610
[  326.920713][    C1]  ? __phys_addr+0xe8/0x180
[  326.920724][    C1]  ? rose_timer_expiry+0x45a/0x4d0
[  326.920737][    C1]  kasan_report+0xe0/0x110
[  326.920751][    C1]  ? rose_timer_expiry+0x45a/0x4d0
[  326.920765][    C1]  rose_timer_expiry+0x45a/0x4d0
[  326.920779][    C1]  ? __pfx_rose_timer_expiry+0x10/0x10
[  326.920792][    C1]  call_timer_fn+0x197/0x620
[  326.920806][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[  326.920821][    C1]  ? rcu_is_watching+0x12/0xc0
[  326.920834][    C1]  ? __pfx_rose_timer_expiry+0x10/0x10
[  326.920848][    C1]  __run_timers+0x6ef/0x960
[  326.920863][    C1]  ? __pfx___run_timers+0x10/0x10
[  326.920881][    C1]  run_timer_base+0x114/0x190
[  326.920895][    C1]  ? __pfx_run_timer_base+0x10/0x10
[  326.920909][    C1]  ? rcu_is_watching+0x12/0xc0
[  326.920921][    C1]  run_timer_softirq+0x1a/0x40
[  326.920941][    C1]  handle_softirqs+0x219/0x8e0
[  326.920965][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  326.920985][    C1]  __irq_exit_rcu+0x109/0x170
[  326.920997][    C1]  irq_exit_rcu+0x9/0x30
[  326.921007][    C1]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  326.921022][    C1]  </IRQ>
[  326.921026][    C1]  <TASK>
[  326.921029][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  326.921041][    C1] RIP: 0010:_raw_spin_unlock_irq+0x29/0x50
[  326.921055][    C1] Code: 90 f3 0f 1e fa 53 48 8b 74 24 08 48 89 fb 48 83 c7 18 e8 aa f0 14 f6 48 89 df e8 92 44 15 f6 e8 cd 6b 40 f6 fb bf 01 00 00 00 <e8> d2 64 05 f6 65 8b 05 9b 5a 49 08 85 c0 74 06 5b e9 41 4d 00 00
[  326.921065][    C1] RSP: 0018:ffffc9000c287cd8 EFLAGS: 00000202
[  326.921074][    C1] RAX: 000000000016e115 RBX: ffff888027e80940 RCX: ffffffff81c3f04f
[  326.921080][    C1] RDX: 0000000000000000 RSI: ffffffff8de1a6a6 RDI: 0000000000000001
[  326.921087][    C1] RBP: ffff888027e80d40 R08: 0000000000000001 R09: 0000000000000001
[  326.921092][    C1] R10: ffffffff90a81857 R11: 0000000000000001 R12: 0000000000000000
[  326.921098][    C1] R13: 0000000000000021 R14: 0000000000000400 R15: ffff888027e80940
[  326.921106][    C1]  ? trace_irq_enable.constprop.0+0x2f/0x120
[  326.921120][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  326.921132][    C1]  get_signal+0x1e6c/0x26d0
[  326.921147][    C1]  ? __pfx_get_signal+0x10/0x10
[  326.921160][    C1]  arch_do_signal_or_restart+0x8f/0x7d0
[  326.921172][    C1]  ? __pfx_restore_altstack+0x10/0x10
[  326.921186][    C1]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  326.921197][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  326.921210][    C1]  ? __do_sys_rt_sigreturn+0x16b/0x230
[  326.921222][    C1]  ? __pfx___do_sys_rt_sigreturn+0x10/0x10
[  326.921234][    C1]  exit_to_user_mode_loop+0x84/0x110
[  326.921246][    C1]  do_syscall_64+0x3f6/0x4c0
[  326.921261][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.921272][    C1] RIP: 0033:0x7f239078e927
[  326.921280][    C1] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[  326.921289][    C1] RSP: 002b:00007f23916d80e8 EFLAGS: 00000246
[  326.921296][    C1] RAX: 00000000000000ca RBX: 00007f23909b5fa8 RCX: 00007f239078e929
[  326.921303][    C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f23909b5fa8
[  326.921309][    C1] RBP: 00007f23909b5fa0 R08: 0000000000000000 R09: 0000000000000000
[  326.921317][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f23909b5fac
[  326.921323][    C1] R13: 0000000000000000 R14: 00007ffd6ee5f6a0 R15: 00007ffd6ee5f788
[  326.921332][    C1]  </TASK>
[  326.921336][    C1] 
[  327.292905][    C1] Allocated by task 8957:
[  327.297204][    C1]  kasan_save_stack+0x33/0x60
[  327.301861][    C1]  kasan_save_track+0x14/0x30
[  327.306524][    C1]  __kasan_kmalloc+0xaa/0xb0
[  327.311097][    C1]  garp_init_applicant+0xbb/0x500
[  327.316096][    C1]  register_vlan_dev+0x197/0x940
[  327.321020][    C1]  vlan_ioctl_handler+0x8dd/0xa70
[  327.326027][    C1]  sock_ioctl+0x4b8/0x6b0
[  327.330330][    C1]  __x64_sys_ioctl+0x18b/0x210
[  327.335068][    C1]  do_syscall_64+0xcd/0x4c0
[  327.339549][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  327.345417][    C1] 
[  327.347715][    C1] Freed by task 6015:
[  327.351678][    C1]  kasan_save_stack+0x33/0x60
[  327.356343][    C1]  kasan_save_track+0x14/0x30
[  327.360999][    C1]  kasan_save_free_info+0x3b/0x60
[  327.365997][    C1]  __kasan_slab_free+0x51/0x70
[  327.370737][    C1]  kmem_cache_free_bulk.part.0+0x383/0x7f0
[  327.376518][    C1]  kvfree_rcu_bulk+0x1b7/0x1e0
[  327.381266][    C1]  kfree_rcu_work+0x124/0x1a0
[  327.385917][    C1]  process_one_work+0x9cf/0x1b70
[  327.390828][    C1]  worker_thread+0x6c8/0xf10
[  327.395399][    C1]  kthread+0x3c2/0x780
[  327.399444][    C1]  ret_from_fork+0x5d4/0x6f0
[  327.404011][    C1]  ret_from_fork_asm+0x1a/0x30
[  327.408748][    C1] 
[  327.411053][    C1] Last potentially related work creation:
[  327.416749][    C1]  kasan_save_stack+0x33/0x60
[  327.421412][    C1]  kasan_record_aux_stack+0xa7/0xc0
[  327.426591][    C1]  kvfree_call_rcu+0x76/0x470
[  327.431242][    C1]  garp_uninit_applicant+0x284/0x460
[  327.436502][    C1]  unregister_vlan_dev+0x3ff/0x590
[  327.441586][    C1]  vlan_device_event+0x1960/0x2290
[  327.446668][    C1]  notifier_call_chain+0xb9/0x410
[  327.451674][    C1]  call_netdevice_notifiers_info+0xbe/0x140
[  327.457545][    C1]  unregister_netdevice_many_notify+0xf9d/0x2700
[  327.463857][    C1]  unregister_netdevice_queue+0x305/0x3f0
[  327.469554][    C1]  __tun_detach+0x1249/0x1540
[  327.474205][    C1]  tun_chr_close+0xc2/0x230
[  327.478683][    C1]  __fput+0x402/0xb70
[  327.482643][    C1]  task_work_run+0x150/0x240
[  327.487204][    C1]  exit_to_user_mode_loop+0xeb/0x110
[  327.492464][    C1]  do_syscall_64+0x3f6/0x4c0
[  327.497045][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  327.502916][    C1] 
[  327.505225][    C1] The buggy address belongs to the object at ffff88807b49dc00
[  327.505225][    C1]  which belongs to the cache kmalloc-512 of size 512
[  327.519260][    C1] The buggy address is located 42 bytes inside of
[  327.519260][    C1]  freed 512-byte region [ffff88807b49dc00, ffff88807b49de00)
[  327.532957][    C1] 
[  327.535277][    C1] The buggy address belongs to the physical page:
[  327.541659][    C1] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807b49dc00 pfn:0x7b49c
[  327.551699][    C1] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  327.560174][    C1] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[  327.568649][    C1] page_type: f5(slab)
[  327.572604][    C1] raw: 00fff00000000240 ffff88801b841c80 ffffea0001530510 ffffea0000a59a10
[  327.581187][    C1] raw: ffff88807b49dc00 000000000010000c 00000000f5000000 0000000000000000
[  327.589743][    C1] head: 00fff00000000240 ffff88801b841c80 ffffea0001530510 ffffea0000a59a10
[  327.598389][    C1] head: ffff88807b49dc00 000000000010000c 00000000f5000000 0000000000000000
[  327.607047][    C1] head: 00fff00000000002 ffffea0001ed2701 00000000ffffffff 00000000ffffffff
[  327.615704][    C1] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  327.624359][    C1] page dumped because: kasan: bad access detected
[  327.630749][    C1] page_owner tracks the page as allocated
[  327.636435][    C1] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5152, tgid 5152 (mount), ts 17348193785, free_ts 17346603698
[  327.656412][    C1]  post_alloc_hook+0x1c0/0x230
[  327.661159][    C1]  get_page_from_freelist+0x1321/0x3890
[  327.666683][    C1]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  327.672553][    C1]  alloc_pages_mpol+0x1fb/0x550
[  327.677384][    C1]  new_slab+0x23b/0x330
[  327.681522][    C1]  ___slab_alloc+0xd9c/0x1940
[  327.686196][    C1]  __slab_alloc.constprop.0+0x56/0xb0
[  327.691556][    C1]  __kmalloc_noprof+0x2f2/0x510
[  327.696388][    C1]  tomoyo_init_log+0x1385/0x2140
[  327.701314][    C1]  tomoyo_supervisor+0x302/0x13b0
[  327.706329][    C1]  tomoyo_mount_acl+0x50c/0x850
[  327.711156][    C1]  tomoyo_mount_permission+0x16d/0x420
[  327.716593][    C1]  security_sb_mount+0x9b/0x260
[  327.721422][    C1]  path_mount+0x128/0x2020
[  327.725817][    C1]  __x64_sys_mount+0x28d/0x310
[  327.730560][    C1]  do_syscall_64+0xcd/0x4c0
[  327.735043][    C1] page last free pid 5152 tgid 5152 stack trace:
[  327.741352][    C1]  __free_frozen_pages+0x7fe/0x1180
[  327.746531][    C1]  stack_depot_save_flags+0x354/0xa40
[  327.751886][    C1]  kasan_save_stack+0x42/0x60
[  327.756551][    C1]  kasan_save_track+0x14/0x30
[  327.761389][    C1]  __kasan_kmalloc+0xaa/0xb0
[  327.765969][    C1]  shrinker_alloc+0xf5/0xbf0
[  327.770544][    C1]  alloc_super+0x7c8/0xbd0
[  327.774950][    C1]  sget_fc+0x116/0xc20
[  327.778999][    C1]  get_tree_keyed+0x59/0x1d0
[  327.783581][    C1]  vfs_get_tree+0x8e/0x340
[  327.787975][    C1]  path_mount+0x1414/0x2020
[  327.792462][    C1]  __x64_sys_mount+0x28d/0x310
[  327.797209][    C1]  do_syscall_64+0xcd/0x4c0
[  327.801692][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  327.807560][    C1] 
[  327.809857][    C1] Memory state around the buggy address:
[  327.815459][    C1]  ffff88807b49db00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  327.823497][    C1]  ffff88807b49db80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  327.831533][    C1] >ffff88807b49dc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  327.839568][    C1]                                   ^
[  327.844909][    C1]  ffff88807b49dc80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  327.852957][    C1]  ffff88807b49dd00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  327.861009][    C1] ==================================================================
[  327.869094][    C1] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  327.876264][    C1] CPU: 1 UID: 0 PID: 9300 Comm: syz.0.975 Not tainted 6.16.0-rc4-syzkaller-00108-g17bbde2e1716 #0 PREEMPT(full) 
[  327.888123][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  327.898155][    C1] Call Trace:
[  327.901411][    C1]  <IRQ>
[  327.904232][    C1]  dump_stack_lvl+0x3d/0x1f0
[  327.908816][    C1]  panic+0x71c/0x800
[  327.912689][    C1]  ? __pfx_panic+0x10/0x10
[  327.917080][    C1]  ? mark_held_locks+0x49/0x80
[  327.921823][    C1]  ? rose_timer_expiry+0x45a/0x4d0
[  327.926914][    C1]  ? check_panic_on_warn+0x1f/0xb0
[  327.932003][    C1]  ? rose_timer_expiry+0x45a/0x4d0
[  327.937087][    C1]  check_panic_on_warn+0xab/0xb0
[  327.942009][    C1]  end_report+0x107/0x170
[  327.946315][    C1]  kasan_report+0xee/0x110
[  327.950705][    C1]  ? rose_timer_expiry+0x45a/0x4d0
[  327.955813][    C1]  rose_timer_expiry+0x45a/0x4d0
[  327.960764][    C1]  ? __pfx_rose_timer_expiry+0x10/0x10
[  327.966230][    C1]  call_timer_fn+0x197/0x620
[  327.970816][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[  327.975919][    C1]  ? rcu_is_watching+0x12/0xc0
[  327.980672][    C1]  ? __pfx_rose_timer_expiry+0x10/0x10
[  327.986118][    C1]  __run_timers+0x6ef/0x960
[  327.990613][    C1]  ? __pfx___run_timers+0x10/0x10
[  327.995629][    C1]  run_timer_base+0x114/0x190
[  328.000292][    C1]  ? __pfx_run_timer_base+0x10/0x10
[  328.005477][    C1]  ? rcu_is_watching+0x12/0xc0
[  328.010230][    C1]  run_timer_softirq+0x1a/0x40
[  328.015000][    C1]  handle_softirqs+0x219/0x8e0
[  328.019750][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  328.025023][    C1]  __irq_exit_rcu+0x109/0x170
[  328.029687][    C1]  irq_exit_rcu+0x9/0x30
[  328.033914][    C1]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  328.039537][    C1]  </IRQ>
[  328.042456][    C1]  <TASK>
[  328.045370][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  328.051335][    C1] RIP: 0010:_raw_spin_unlock_irq+0x29/0x50
[  328.057135][    C1] Code: 90 f3 0f 1e fa 53 48 8b 74 24 08 48 89 fb 48 83 c7 18 e8 aa f0 14 f6 48 89 df e8 92 44 15 f6 e8 cd 6b 40 f6 fb bf 01 00 00 00 <e8> d2 64 05 f6 65 8b 05 9b 5a 49 08 85 c0 74 06 5b e9 41 4d 00 00
[  328.076728][    C1] RSP: 0018:ffffc9000c287cd8 EFLAGS: 00000202
[  328.082778][    C1] RAX: 000000000016e115 RBX: ffff888027e80940 RCX: ffffffff81c3f04f
[  328.090774][    C1] RDX: 0000000000000000 RSI: ffffffff8de1a6a6 RDI: 0000000000000001
[  328.098726][    C1] RBP: ffff888027e80d40 R08: 0000000000000001 R09: 0000000000000001
[  328.106679][    C1] R10: ffffffff90a81857 R11: 0000000000000001 R12: 0000000000000000
[  328.114633][    C1] R13: 0000000000000021 R14: 0000000000000400 R15: ffff888027e80940
[  328.122592][    C1]  ? trace_irq_enable.constprop.0+0x2f/0x120
[  328.128565][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  328.133751][    C1]  get_signal+0x1e6c/0x26d0
[  328.138251][    C1]  ? __pfx_get_signal+0x10/0x10
[  328.143094][    C1]  arch_do_signal_or_restart+0x8f/0x7d0
[  328.148632][    C1]  ? __pfx_restore_altstack+0x10/0x10
[  328.153990][    C1]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  328.160126][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  328.165314][    C1]  ? __do_sys_rt_sigreturn+0x16b/0x230
[  328.170761][    C1]  ? __pfx___do_sys_rt_sigreturn+0x10/0x10
[  328.176555][    C1]  exit_to_user_mode_loop+0x84/0x110
[  328.181823][    C1]  do_syscall_64+0x3f6/0x4c0
[  328.186404][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  328.192292][    C1] RIP: 0033:0x7f239078e927
[  328.196691][    C1] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[  328.216281][    C1] RSP: 002b:00007f23916d80e8 EFLAGS: 00000246
[  328.222331][    C1] RAX: 00000000000000ca RBX: 00007f23909b5fa8 RCX: 00007f239078e929
[  328.230292][    C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f23909b5fa8
[  328.238251][    C1] RBP: 00007f23909b5fa0 R08: 0000000000000000 R09: 0000000000000000
[  328.246204][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f23909b5fac
[  328.254159][    C1] R13: 0000000000000000 R14: 00007ffd6ee5f6a0 R15: 00007ffd6ee5f788
[  328.262118][    C1]  </TASK>
[  328.265458][    C1] Kernel Offset: disabled
[  328.269757][    C1] Rebooting in 86400 seconds..