last executing test programs:

15.140405319s ago: executing program 4 (id=451):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
sendto$packet(0xffffffffffffffff, &(0x7f0000000000)='1', 0x1, 0x0, 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd) (fail_nth: 1)

14.527312826s ago: executing program 4 (id=454):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) (async)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0) (async)
socket$kcm(0x21, 0x0, 0xa) (async)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00') (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) (async)
r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x5ac, 0x8241, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x39, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x5, 0x33, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x8, 0x8, 0xb, 0x7}}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r1}, 0x18) (async)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000002001000001"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x18) (async)
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r5, 0x0, r4, 0x0, 0x6, 0x0) (async)
ioctl$int_in(r4, 0x5452, &(0x7f0000000100)=0x3ff)
fcntl$setstatus(r4, 0x4, 0x7c00) (async)
dup3(r5, r4, 0x0) (async)
sendmsg$IPSET_CMD_PROTOCOL(r4, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000340)=ANY=[@ANYBLOB="2c000000010605"], 0x2c}, 0x1, 0x0, 0x0, 0x40001d0}, 0x0) (async)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000080)={0x40, 0xf, 0x5, {0x5, 0x5, "a7fecf"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) (async)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r6, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) (async)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) (async)
sendmsg$NFT_BATCH(r7, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x17}, @NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x9}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x2}}}, 0x78}, 0x1, 0x0, 0x0, 0x4008891}, 0x10)
read$FUSE(r6, &(0x7f0000006180)={0x2020, 0x0, 0x0, <r8=>0x0, <r9=>0x0}, 0x2020)
syz_fuse_handle_req(r6, &(0x7f0000004180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x1, {0x6, 0x2, 0xffffffffffffeffe, 0xfffffffffffffffd, 0x0, 0x0, {0x40, 0x8, 0xb, 0xffff, 0x0, 0x1, 0x0, 0x0, 0x120, 0x2000, 0x0, r8, r9, 0x501, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000000)=@filename='./bus\x00', r8, &(0x7f0000000100)='./bus\x00')

11.547694326s ago: executing program 4 (id=464):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000340)=0x4)
syz_open_dev$MSR(&(0x7f00000001c0), 0xfffffffffffffffd, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)=ANY=[], 0x164}}, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x114, 0x0, 0x7e, 0x4)
timer_settime(0x0, 0x0, 0x0, 0x0)
r2 = fsopen(&(0x7f00000000c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x1, 0x0)
fchdir(r3)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r4, 0x0)
shmget$private(0x0, 0x4000, 0x20, &(0x7f000026b000/0x4000)=nil)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000380)=ANY=[@ANYBLOB="02000000010000000000000002000600", @ANYRES32, @ANYBLOB="02000100166dcb987054ba99e79217e2229b2c97649688e41ead8c78587640fc46aa331e3887083894afe53f90aa591ef62ac38f100cc0ba5913b50e501bf7f9405451c38079bb253950d6128fd7ef1c7e3c9ab193c5b9f3b7bb38a404a68533669f8e75f098d3df37da62b90ad3295bbe62f22c859e9a3af05feaa860497d95e2be9896f0ea3f72fcc015aa85bedc2fdc5a21d500b25f8951bc35adbe7f5c9797e9320cedfdfeac77d32ea63ca6cfa0dd760ebf5a6c9a31", @ANYRES32, @ANYBLOB="040000000000000010000000000000002000000000000000"], 0x34, 0x0)
mkdir(&(0x7f0000000180)='./bus\x00', 0x0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000ec0), r5)
sendmsg$IEEE802154_START_REQ(r5, &(0x7f0000000fc0)={0x0, 0x0, &(0x7f0000000f80)={&(0x7f0000000f00)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r6, @ANYBLOB="010029bd7000f9d3df250d00000006000a0001060000"], 0x1c}, 0x1, 0x0, 0x0, 0x2000008c}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x8000000000001, 0x0, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)

8.814001649s ago: executing program 0 (id=473):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
socket$netlink(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x6, 0x3, &(0x7f00000003c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x6}}, &(0x7f0000000bc0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x8, 0x2, 0x0, 0x1}, 0x48)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000240), 0x103182, 0x0)
socket(0x1, 0x1, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x2)
open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kmem_cache_free\x00', r2, 0x0, 0xf7}, 0x18)
open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x80002, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e0000000400000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r3}, &(0x7f0000000840), &(0x7f0000000880)=r4}, 0x20)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r6=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000400)={r4, r6, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x5, 0x0, 0x1}}, 0x40)
syz_emit_ethernet(0x4e, &(0x7f0000000800)=ANY=[], 0x0)

8.60721836s ago: executing program 0 (id=475):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x18)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="650a00000000000061115f00000000001800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00'}, 0x90)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r4, &(0x7f0000000140)={0x28, 0x0, 0x2710, @local}, 0x10)

7.673327627s ago: executing program 0 (id=476):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x1d0)
ioctl$SNDCTL_SEQ_SYNC(0xffffffffffffffff, 0x5101)
r1 = syz_open_procfs(0x0, &(0x7f0000000180)='mountinfo\x00')
r2 = epoll_create1(0x0)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
getsockname$packet(r1, &(0x7f0000000540)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000580)=0x14)
r3 = timerfd_create(0x9, 0x0)
timerfd_settime(r3, 0x3, &(0x7f0000000140)={{0x77359400}, {0x0, 0x3938700}}, 0xffffffffffffffff)
timerfd_settime(r3, 0x3, &(0x7f0000000000)={{0x77359400}, {0x77359400}}, 0x0)
ioperm(0x7, 0x449, 0x7ff)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone3(0x0, 0x0)
r4 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r4, 0x29, 0x2a, &(0x7f0000000080)={0x20, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r4, 0x29, 0x2b, &(0x7f0000000ac0)={0x0, {{0xa, 0x6, 0x0, @mcast2, 0x1}}, {{0xa, 0x3, 0xfffffffe, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0xfffffffa}}}, 0x108)
r5 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000380), 0x20000, 0x0)
getsockopt$inet_IP_XFRM_POLICY(r5, 0x0, 0x11, &(0x7f0000000600)={{{@in=@loopback, @in=@broadcast}}, {{@in6=@remote}}}, &(0x7f00000003c0)=0xe8)
prctl$PR_SCHED_CORE(0x3e, 0x4, 0x0, 0x1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000040)={0x80000009})
connect$unix(r4, &(0x7f0000000300)=@file={0x1, './file0\x00'}, 0x6e)
umount2(&(0x7f00000002c0)='./file0\x00', 0x7)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = request_key(&(0x7f0000000400)='keyring\x00', &(0x7f0000000440)={'syz', 0x3}, &(0x7f0000000480)='/sys/kernel/debug/sync/info\x00', 0xfffffffffffffffa)
keyctl$KEYCTL_WATCH_KEY(0x20, r7, r5, 0x34)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000140), r6)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r8, 0x29, 0x4e, &(0x7f0000000000)=0x6, 0x4)
bind$inet6(r8, &(0x7f0000000040)={0xa, 0x4e22, 0xfe1d, @loopback={0xe0}, 0x9371}, 0x1c)

6.932967518s ago: executing program 3 (id=478):
socket$pppl2tp(0x18, 0x1, 0x1)
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2)
ioctl$VIDIOC_G_PARM(r0, 0xc0cc5615, &(0x7f00000001c0)={0x4, @capture={0x0, 0x1, {0x4dbc, 0x9}, 0xfffffff7, 0x7f}})

6.921321988s ago: executing program 0 (id=479):
io_submit(0x0, 0xfffffffffffffcf9, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$KVM_SET_LAPIC(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000240)={"de3505bd13fffedca03799bcbd1b549ce942c5acf5c695d10d5dadcdaf9f67b1251d5130afd730ef6872cdd3af290b9ae402565a29289ab6cff823a23a934fb0f457379c6b358edb83895ab402cb42d4ec31c69e36a2b7d117612d25997170517656dbfb711abf910efb4168da4c3db0f1d847709def72ffffff7f000000005daf4e8e4cf35e98d4375b484cc20eac1fe4eb50aa83accb9e1e558df7c25ba73f148fc51797392f3ff870ce3fd2d9fd6051c57c73dd8fc583f2abfab6f6430407c61ba243e8125644454bd0492377f77203fe7a907861da7be807e1ab9a12ed01fa50c20e0fe8372e5904476e7cab8ad4ea8d43ca167dbe60dbc0d61ad582864b2cf07685fe01795580e1ffd73b9269a0acc3b44b8b5cf40ab684edee8b02828f3cc9a939f238bbe5b370b860c702e30021b25db05189489c6484e0e3131264c1a4d06d827d450f198b21b04a54553fc9346b18d36a040b4854c41bb0a5b4b4d8cfc2186356c31e381b50da79d6a42567730134fc70e6486568798772aaf9533380f5efbd6f02c86b0fd5619a47994400aa65b698c54752a5b7e71826417392d95c234b101c9dba599255a77f015c8748b075bbf113d011df34c29b6dacb410f8b63260d4c0079c22002172126c27b76fff1d49a4a83eae6078effd3892fc9aa173c00476102f4cc52d4e0a417dcaecf8f342f7515ae23db82b9849a8eff88309fb53f0193d35977970c60035b9d6c37fa1df1d35a5a0f3aa1f69bec9e818670029b0d82efd8ef0907c4db22f0ef5bee20259c5c4159e63b376021dbe39002bd268e1ab7fee8002ccf9509d1a956f0d2aeb942c96c91e89183e564a84c431e3d3a1d6b1d7364c369bb6931935d74f19e609b898633378f1d67966b9196ba3d866dc0ee42341f147ccec3aa2c78ce689476eb830756f992c4acc74c166f7992c7452e6b57a43c56194ee25acca5b41afcfa61f963d1e9851eb8d471dfa435deb14ca350b1b50e8e50ece91f75877d02a7a6856beaf0d90259fb75adb86242283fd9e3e1dba5dd941c2b506d92a67f6b2af8dc726e95b351525e4c1b2fe4f38874321a306b4af9d9b48228071e4e3763bf7fbe9c8aa6671c151f8c7e6a8b6cf39217d131d9f34f3534c0cb240e4bf9f8c981517637317c879a2a693f4c05bccdaa7c4ecdaf50800aee17284b488c77298306ddc0cdc4e098d67c4cf6145e5d1489c4e65bd00003e77fde174836c1b3d3a35b81a5f49007737eaa25acd5ef62344ba137ecc4715439b25313e0ddd712562a83f52f2fc80c50965dff03c4d65a7d4804fe870d04f2e02b56f5be821a6a1ba18b1b198122e6bf460c208b04f7a246875ab1e75657ca46051934bc5645700000000000000000000000000000000000700"})
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000300)=ANY=[@ANYBLOB="3c34000000000000040100c910fc020000000000000000"], 0x1b0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1)
socket$key(0xf, 0x3, 0x2)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.kill\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x0, 0xf5b})
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$inet6_sctp(0xa, 0x1, 0x84)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, 0x0, 0x4004010)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, 0x0, &(0x7f0000000300)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_SERVICE(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)=ANY=[@ANYBLOB="14000000", @ANYRES16=r6, @ANYBLOB="110725bd7000fbdbc12504"], 0x14}, 0x1, 0x0, 0x0, 0x24004894}, 0x0)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r7, 0x560a, &(0x7f0000000040)={0x0, 0xfffe, 0xd, 0x3d7a, 0x3})
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)

6.867939415s ago: executing program 1 (id=480):
bpf$PROG_LOAD(0x5, &(0x7f0000001b40)={0x1c, 0x20000000000000bb, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000000740)={"8c3ef01be86258108b331b07f91efab2", 0x0, 0x0, {0x6, 0x40}, {0x3, 0x1}, 0x6, [0x3, 0x5, 0x9, 0x7, 0x7, 0x5, 0x10, 0x953, 0x1, 0x4, 0x8, 0x9000000000000000, 0x2, 0x4, 0x2, 0x5]})
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000007c0)=ANY=[@ANYBLOB="280300002d00090027bd70000000000004000000130317"], 0x328}, 0x1, 0x0, 0x0, 0x1}, 0x84)
ioctl$KDGKBSENT(0xffffffffffffffff, 0x4b48, &(0x7f00000004c0)={0x10, "f506e859be7ccf3150b37202be2aef16fc56789ceda23f5799d10b5c1cbaa9752e27155db1427b844dcd82fe3862903e28fb254160d150fac46cd92b69c42b07dd4615182951428a77fd8cd4475396157231a40386183056a72d3e6b99ee7db4d2688f2e4e5b257c2b27cf1b874a6b5b04f39b03f08bcbb993d0abd99ee1e927aadccb4a5a4eefa6053e1673d2af08c4e9c48ffb6e624536c155f0b5f3e28fde63b69e02c1ef9aff367f17ea3495dcdb92abd9ba3803f5c6f107ad220a22b8403287b8fc0f3d673429bc750cc0f25133e3f219f656d03e0f797636770b490eff3cadaac4df3e44847ed133fedf03c7d080c2a5543138acfe0755758ff72642eed855df3b1bfe195320952c4c5380e8512d21bf6eb33c42e807a9c1d3f6362cd27a5241a261150c26152b37087a0156188ddb88d365af311d570048bb6f57e3a95c3664586ecbbb97a95b56cad2e3e3a3bd65bf39963604200534ca417da6b554ce70912130af712b5e060fef11210dfda44ef3e70ee4d98b773e644bdfa78192ac99e22061522f69f66dc9cfa68cb17dd816820944a48602eb50c9de38eb8f7749dc10dbf809dfc1977e89ff5291adedfb2838cd4f256bf60c9bdb1d2aab10a1092b21a87813bfc0f58998834d812493ff4661876ff4d0429065d1b91e6761af518bab652f86f47f42fa2860f004a05327cc3949435c9e552479eda72938dbf6"})
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000140)='pstore\x00', 0x2014800, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000a80)={0x0, <r2=>0x0})
prctl$PR_SCHED_CORE(0x3e, 0x3, r2, 0x1, &(0x7f0000000980))
chroot(&(0x7f0000000040)='./file0\x00')
umount2(&(0x7f00000000c0)='./file0\x00', 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x2, 0x6, 0x798, 0x1b0, 0x6c8, 0x498, 0x290, 0x498, 0x6c8, 0x6c8, 0x6c8, 0x6c8, 0x6c8, 0x6, 0x0, {[{{@ipv6={@dev={0xfe, 0x80, '\x00', 0x39}, @private1, [0x0, 0x0, 0xffffffff, 0xffffff00], [], 'pimreg0\x00', 'macvtap0\x00', {}, {}, 0x6}, 0x0, 0x188, 0x1b0, 0x0, {0x7a00000010000000}, [@common=@srh1={{0x90}, {0x2f, 0x0, 0xe, 0x0, 0x3ff, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, @private1={0xfc, 0x1, '\x00', 0x1}, @private0, [0xffffff00, 0xff000000, 0xff, 0xff000000], [0xffffffff, 0x0, 0xff000000, 0xffffff00], [0x0, 0x0, 0xff000000, 0xff000000], 0x3, 0x4000}}, @common=@inet=@multiport={{0x50}, {0x0, 0x0, [], [], 0xfd}}]}, @HL={0x28}}, {{@ipv6={@private2={0xfc, 0x2, '\x00', 0x1}, @dev, [], [], 'veth1_macvtap\x00', 'veth1_vlan\x00', {}, {}, 0x0, 0x0, 0x0, 0x22}, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38}}, {{@ipv6={@ipv4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [0x0, 0x0, 0xff000000], 'dummy0\x00', 'bond_slave_0\x00'}, 0x0, 0xa8, 0x118, 0x48000000}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x1ff, 0x8, 0x4, 0x1, 0x0, "52146ee9ae44b62f269737ed481b837e8196a5702a25a4409e992b2c65fd4ce47d5510261c8694c511bcdcbca881691621e9e9f5a9cc6d7b009686f0fdb6fdc2"}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv4, @ipv4=@loopback}}}, {{@uncond, 0x0, 0x208, 0x230, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@rt={{0x138}, {0x0, [], 0x0, 0x0, 0x0, [@empty, @private0, @private0, @empty, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @empty, @mcast2, @dev={0xfe, 0x80, '\x00', 0x22}, @private1, @empty, @loopback, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x32}}, @remote, @private1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private0]}}]}, @HL={0x28, 'HL\x00', 0x0, {0x0, 0x5}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x7f8)
clock_adjtime(0x0, &(0x7f0000000040)={0xd51, 0x3, 0x8, 0x20000000000, 0x7ffe, 0x0, 0x0, 0x0, 0x0, 0x7fffffffffffffff, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x100})
socket$inet_udp(0x2, 0x2, 0x0)

5.840769191s ago: executing program 0 (id=481):
creat(&(0x7f00000001c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000004500)=ANY=[@ANYRESHEX=r0, @ANYBLOB, @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
open(&(0x7f00000000c0)='./file0\x00', 0x44202, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1/file2\x00', 0x81c0, 0x0)
r2 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(r2, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r3 = openat$binfmt_register(0xffffff9c, &(0x7f00000001c0), 0x1, 0x0)
write$binfmt_register(r3, &(0x7f0000000200)={0x3a, 'syz1', 0x3a, 'M', 0x3a, 0x1, 0x3a, '#%\\h*@#Lw\x9e5\x9f6k\x886\xafm\xa0\b\x81\xdc\xd1\x8f\x93r2\x0eeu}\xf7\"\xbd&-~\xeahJ\xee\'X\x9a\xd4\xfeI6\xd9\x1b\xc8\x14.\xfa\xb8\x03\x16\x96\x11\xa8\x90{\xc5\xe2\xf1u\xd1\xca\x8a>\xc3\x84\xd3\xcf\xa7\x1f\xc1\xb5\x12\xd0\x1e\x98\xce+\x12\xaex{\x91\xc7bw\xcaC\xe1/\x19\xfei\xf0\xa2\x9c3\xee/\xcf\xdew \x1c\xc7=\xfb\xb8\x88\x132\xf9\xbf7K\x8d\x16\xa6\xbf4\v\xces\xa4\x13\xb1\x14\x89\xa0\x14P\x97\x81%)\xa1\x0e)2a2\xa2\xef\f\xef\x8a\x95\xdd\xac\xab\xff#T}`\x88r\xb3\xd8\x19\x06\xde\xb7\xf0GR.?i|\xafhs\x1d\xdc\x12\x85!\xaaqg\x10\xec\x1b\xcb\xfc6\xba\xde\x13\xdf\xc6Z+\r\xb4\x9a\xe8V1\x82\xce\xdd\xddx\xe7H\xa3N\x92\xdb\xaa\xdbe\xc1\x05P\b<\x1e\xd6\x92\x89\xaa\xbe\xda\\|\xcf\xaf$.\x10\x8d\x9aie\xd3W\x1e\xd2L\xfa\xcc\xfb\xc2\x90\x99\xa9\x9f\xcd\xfasX\x9d\xbb\x8f\x1a', 0x3a, '#%\\h*@#Lw\x9e5\x9f6k\x886\xafm\xa0\b\x81\xdc\xd1\x8f\x93r2\x0eeu}\xf7\"\xbd&-~\xeahJ\xee\'X\x9a\xd4\xfeI6\xd9\x1b\xc8\x14.\xfa\xb8\x03\x16\x96\x11\xa8\x90{\xc5\xe2\xf1u\xd1\xca\x8a>\xc3\x84\xd3\xcf\xa7\x1f\xc1\xb5\x12\xd0\x1e\x98\xce+\x12\xaex{\x91\xc7bw\xcaC\xe1/\x19\xfei\xf0\xa2\x9c3\xee/\xcf\xdew \x1c\xc7=\xfb\xb8\x88\x132\xf9\xbf7K\x8d\x16\xa6\xbf4\v\xces\xa4\x13\xb1\x14\x89\xa0\x14P\x97\x81%)\xa1\x0e)2a2\xa2\xef\f\xef\x8a\x95\xdd\xac\xab\xff#T}`\x88r\xb3\xd8\x19\x06\xde\xb7\xf0GR.?i|\xafhs\x1d\xdc\x12\x85!\xaaqg\x10\xec\x1b\xcb\xfc6\xba\xde\x13\xdf\xc6Z+\r\xb4\x9a\xe8V1\x82\xce\xdd\xddx\xe7H\xa3N\x92\xdb\xaa\xdbe\xc1\x05P\b<\x1e\xd6\x92\x89\xaa\xbe\xda\\|\xcf\xaf$.\x10\x8d\x9aie\xd3W\x1e\xd2L\xfa\xcc\xfb\xc2\x90\x99\xa9\x9f\xcd\xfasX\x9d\xbb\x8f\x1a', 0x3a, './file1'}, 0x237)
renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file1/file2\x00', 0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x2) (fail_nth: 1)
write$FUSE_INIT(r0, 0x0, 0x0)

5.820298807s ago: executing program 3 (id=482):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=@updpolicy={0xb8, 0x19, 0x1, 0xfffffffe, 0x0, {{@in=@multicast1=0xe0000002, @in, 0x4e22, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x87}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb}, {0x0, 0x0, 0x200000000000000}, 0x0, 0x0, 0x0, 0x1, 0x2}}, 0xb8}}, 0x2c000010)
r1 = signalfd(r0, &(0x7f0000000000)={[0x7fffffff]}, 0x8)
sendmsg$IPSET_CMD_DESTROY(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x4c, 0x3, 0x6, 0x101, 0x0, 0x0, {0x2, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x31, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x40)

5.736421612s ago: executing program 3 (id=484):
socket(0x400000000010, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x44, '\x00', 0x0, 0x2}, 0x94)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x29, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000000000000000000000300000018110000", @ANYRES32=0x1, @ANYBLOB="0000000000000000b702000014099746a7dc850000005509010000000000950000000000000018110000672587f97af8e437a117920f6195401a74fe08a908bf3721fd40fb8e283bd71ca01dff8f4f37222600"/94, @ANYRES32=0x1, @ANYBLOB="0000000000000000b7020000000000008500000086000000950000000000000018000000eb3e0000000000000a00000018000000fdffffff000000000100000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001857000010000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001841000001000000000000000000000018240000", @ANYRES32, @ANYBLOB="00000000080000008520000003000000bf91000000000000b7020000020000008500000084000000b7000000000000009500000000000000"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x4, 0x4}, 0x8, 0x10, &(0x7f0000000180)={0x4, 0x8, 0xf8000000, 0x7053}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], 0x0, 0x10, 0x3ff}, 0x94)
r3 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x8502, 0x0)
write$sndseq(r3, &(0x7f0000001380)=[{0x6, 0x0, 0x0, 0x0, @tick, {0x4}, {}, @connect={{0x0, 0x2}, {0x0, 0xfe}}}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @result={0x40000}}, {0x10, 0x0, 0x8, 0x4, @time={0xffffffff, 0x7000}, {}, {0x40, 0x80}, @connect={{0xc5, 0x3}, {0x77, 0x7}}}, {0x0, 0x0, 0x0, 0x0, @tick=0x3, {}, {}, @time}], 0x70)

5.473575039s ago: executing program 4 (id=485):
recvmmsg(0xffffffffffffffff, &(0x7f00000001c0), 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x13c}, 0x1, 0x0, 0x0, 0x880}, 0x0)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r0, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x4})
ioctl$sock_netdev_private(r0, 0x89f4, &(0x7f0000000000))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0}], 0x1, 0x4, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000040)={[0x4, 0x2, 0x80, 0x5, 0x4, 0x7f, 0x422f, 0x0, 0x81, 0x9c1, 0x8001, 0x5, 0x7, 0x4db6, 0xfffffffffffffffe, 0x10], 0xeeef0000, 0xa0310})
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000040)={0x3, 0x2, 0x3000, 0x1000, &(0x7f0000feb000/0x1000)=nil})
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
landlock_create_ruleset(&(0x7f0000000040)={0x556, 0x2, 0x3}, 0x18, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="1201fb0019030320d812010079de01ec020109021b0001000003000904000001785ecc0009058502"], 0x0)

5.27082503s ago: executing program 1 (id=486):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000740)=[{{&(0x7f0000000580)={0xa, 0x4e22, 0x4, @loopback, 0x9}, 0x1c, &(0x7f0000000680), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="400100000000000029000000370000005c04000000000000c910ff0100000000000000000074b25e68cf1aa8d6dac9f941f5d3715973a40000000001000100071000000003027d060092c03cceb98470626b1801f8ff"], 0x40}}], 0x1, 0x810)
mount$fuse(0x0, 0x0, 0x0, 0x1, &(0x7f0000000ac0)=ANY=[@ANYBLOB="e7e4861f4bcfc6ea1143faf5be5b5e6bb7fabe3baafc310136a16290571ae8331b4e694ced"])
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000440)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

4.641732782s ago: executing program 2 (id=487):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58)
sendmmsg(r0, &(0x7f0000000ec0)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000006c0)}, {&(0x7f00000007c0)}], 0x2}}], 0x1, 0x11)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{0x0}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000540)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

4.513349254s ago: executing program 2 (id=488):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x1000}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
symlink(&(0x7f0000000040)='.\x00', &(0x7f0000000100)='./file0\x00')
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f00000000c0)={@private0, 0x0, 0x0, 0x1, 0x1}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000380)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x800, 0x2, 0x3, 0xc, 0x0, 0x100}, 0x20)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f00000002c0)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x4000}})
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0])
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
syz_emit_ethernet(0x0, 0x0, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f000001aa40)=""/102400, 0x19000)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x101901, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r4, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000005000000095"], &(0x7f00000000c0)='GPL\x00', 0x1}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x4, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0xfffffffc}, 0x50)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000d00)={0x0, <r7=>0x0}, 0x8)
bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f00000002c0)=r7, 0x4)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000440)={@cgroup, 0x10, 0x1, 0x10000, &(0x7f0000000080)=[0x0, 0x0], 0x2, 0x0, &(0x7f0000000200)=[0x0], &(0x7f0000000240)=[0x0], &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0], <r8=>0x0}, 0x40)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000000)={@map=r6, r5, 0x7, 0x0, 0x0, @void, @value, @void, @void, r8}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r6, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r4}, 0x20)
socket$netlink(0x10, 0x3, 0x0)

4.442134564s ago: executing program 3 (id=489):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x900000, &(0x7f0000000080)=ANY=[@ANYBLOB="687567653d616c779000732c687567653d776974"])
chdir(&(0x7f0000000140)='./file0\x00')
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x9a974000)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r2, &(0x7f0000000040)=0x1c9, 0x12)
r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_vs_stats_percpu\x00')
lseek(r3, 0x36, 0x1)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x800000, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_NESTED_STATE(r6, 0x4048aecb, &(0x7f0000001440)={{0x0, 0x0, 0x80, {0xdddd0000, 0x1}}, "cb31455c9ea4288a70a2a6bb8068fd95dd041cf5b177a3bffe992dfbbdf959487337b92336ce1de32e7695c411c0bf9f852d2d71192f33001fd51f5b396a55cb98699a09d21648c4cb30d9d7e3e397c7a3c041c76c72385a46c48c5302848c3696facce956952c2a85822ddf20434ccee5806294ed563ff3a972cddf6ef16ddace933d8a5adea40cd3ad40c9873c29368838e815ff59723519154856b2d5cd9cd79a97dc2fa08dada1175817886e5f9e7aa3dca783a44c667a4806826570ec6acb57d65efc313a384e11fb633dee17ee600145f2cb3103384606140021be766fcb7fa029f0513bbb466177ca1068192550bbf4e6f5694aec747a16e27688a988fa595bca1761b8e88a7dbcaeaf9758b1faf880dd6f1b6eb4c7beb0582b4007f1a67db1352407adbe1456bfe98e94fd825b9419d74f63cdeb6c6976de1890d773f0c8088d2bd48a838cf5b87f5ddf926352960fb978874b0f175acfa55ddfe84de3fc9f75b58bf7a35f33d3c43ed5e3224e92751fa1b43f94f64b681163ef1360a3f3bb7403afc67a188b2104b45c5814aaa9e218552498bf85f4b221d9acc32a331f5f8c109cc9f335ff4e418ab30b54b91fc8211fcbaf64716afdc4b6d0417e04d5723e4675d282b36bef3a3a19e855029e7a9e8b86a6df19332b63e9d8a0f22d96ac230c67657a4e7f7afab91dc0ce751b68980e5a4f6d9d6d9b98802ba9d8576640eea61b8c308a1745df61560e56108bececa3016d93246fdc8b768634e8319b1ffde103c07378f8f4927baba05e992a4b5af0958a7e495e7ce53f7917451d15a963ca14f5cdc4563775688b6533a4b97e0f84b0a33c30077b20805c1f42cc7815efada97ad59ac486bc9e0ee386b49cb97b47fbf8f919f06c75a49636795054b5ebee3e91602c90d7f4db49220affe56d56b96e4f662b2bf36dae482ffc7ba21cbc55e21b73309d6b7aa5509defcb77c236e43b579c61eae5c8d8f8fa71ad876b96069f2e4352c8aaf16e299d21edf5434c0cd9b25cdc9210fb0de759b1dd3fc7fe4c7118bbde72a5617dff21f7a5036448fba7fe41aaee0c289cd076d757e47b0713b236f6f141ba0112c9312b3ec853aabafdf1eb2cbb517d2d7352725f557214d27d9a340af0128fc960a4ea64c933b0d8dd226b6e024471aaac8a7074b2a8695ab990fabba5bf315d246fbfe4260f1fffe54814e33b6235c5b4095437298858909bcbd40a8a286d1bedb06b7b1775bce0a5bca19b0a5c2fa8dbf7b155ae0a43c5086422e5bacb94047e150451f5996420b0d4a697f59decb49900b2b9c13aade536933e14d672c21a35cb68572c3de02f8edd941bff4b8674b91f7aebf35f056a8d388f67f8ef7cfaf6b28fe745831ef41def1839791647016932c70685752851327f1837d2f1e9d8f93443eefed2317119c8152ca451a5d3aeb253fb484283f52e5db9f61f059ad3c217a860ee0571d254483501b00699208c7fa5571cf58b9715c954115bc2db0af28361938bb95ced7370c8cbb6141ef62fdbf369dfc4eccd98ab9886d79a52cbf91a27dd0f4b29940492e860fb94654dea54fad6290570760e3b59a0cf28053732472dc313b7fedfc583fc702a880971dc61286370aaf167810455cce7654dc4325a41d9d1944abcdc4d81378f1e96a8f94cd95b886a01f086e379601504219d57d531ba34e1ba0905785fb629c61f6b940a652cdee9dbef12b7fcde087b92816db3386a5769049ba00788e31de4ddbb8b56de1fbe3a5e671728effda7cfd0b650cf5df2faf22670812efbbb548e47cbf36c64e05a7877820f08948ceedb35e12a4a143ee0101a7bf0a00a4062b50c39020669700adf739a6f75352a45fd1373d3e85c3867170373f0c7a794d8590f4c22ae62d438ec365b0f6a15cb2ffe0fc6f57185e1760761bd4370027c01dfad0502f00b6898115df3c530d0b0b4a64e623fd580b528a733e4c881cf5843a975a97f92a7833527887c79fa8eec82b9526a15c6c5f2972083ce8aec735810580ffa4ea2cef4823aee044dd70927f7c07bba18b930006aa86ae7399ac6b4c24bc9d6a6ab0c5b428d7255d4d983eadf97e10c1b00867da29ac981acb453073a37236e7ae808e7759b2e0cffc3ec43afb1e95cd090a7d4b9225a0e3cbebfe49b93846ab603891e2da7d85a04bf42d12d16a97c965bc4911d3ba7a9ca505794d8744fef00a436089de67aa8b480070230dfb002eb91edaff428d4908a87afae418dff7ca59aefe1ad8f6935f309fe7985c2310881659c60a66a5e50242497ba1cd5d2bd79496ccd23f9fd901afc6622829cb3701caa50f96e09e3b23bfa31819caab43e49ae1d922a1a1eb3682de026323d9215fcec42c54401a1af81450830a4b784ed1c7922734bf3632409147680dd3fabcef296353705bb5c0e650e12905a05db1e7923923a96ddc783fc1ed46e2010416c37d9d149ad73e808bd6e4464f62893024a8501803b6c88fc55c8bbc1da7cbf580b5a81fb7c61455ae399aaec303fba12e0f2b51ed5e8bd31db40e8bdbd00e7b1ddd364766c974d813d86fc88a27bf82bba60c62e5f0f6af6bda3390f8e72a2811baf3d6325e70d9a3b59cab1abe95290ecb87985567e1243504c038de9d4d100ea64eec45208cd8d2474e646f7d81eed6d59b8b0859552b6fc088d874cde3e75ee30243dc9d88ed5b577851a5bd9e2a453287025777fcac19ac33e1c94b4ad272f1055b16b842a6bd6168fb45f1f74ed2467020df5431068a5f2cbeaa6ac1841308c7c9f752aa06927f91fdf18ef9d9e942367e5ecac0abf4d3b8fc7b80238c04799bde63168becc67c5531e843336fb16ab618d37f95a91937b824bf896b044146bc3a5e264a8f23ddd00729cd9aa56d9a9a24b7ab96ae021b193d8874d43ff4b723d86b7564e550378599c3e0c7a2b3d447ad76eb4cd699733d970a5ab218429a1af81df9c8013d6d16a6bcb019f6ace4461cdaa785d20ea027cfa53d521bb91ad2c04aaa6c0f268b14924803977633280c7b7beb14c88fae542b7a13e96253259e7296e37276da88891c14664340e84ae732edbd71e67047e476735b220ca231de31a380ece372db63dec3cb3ef5ac97ec41148febd2acb15cde1ee5e990ea0aaa95c2df39e2111dd1185d14a194e22d34fda8f54e99d3a73e5a231682c726d40816e048c1d059bf3bb9ee2b5f895365d95aa28f6adbf6e16469926b4d8ee7f04c7dbafaa444df5b88596c17874f0efe35e5ada1a69634f4b430f852d33b032f823c5deb54f47a7a4adb1adf56d5440b7a917580004c13e0b36c8e0a203a2be3f8fffd9efef3af19389a12c67859d4381ac0a02da18e25931b41216b731de25e1245482c84d45de1cddbce2109322a3428bff692012573fe9efd02109dbf35c5d3a287dec105cf3f1a2e5f0b1cc08c7b4759766d25d0f7b42c3ea8bf8101e61159a2ba7602e9c7947cf936ac39bf59b24084709fd61d704bbdba7d282aac778b7ec1dcaf984527c8112d56e75ab774d1598d9816abc77b0e693880bffffffffffffff7fb5cb6967fb0ea8e14efce120947092c3b601002f07cad22e971418092481fcad36ecf0cfd6bc3864115b8507c13554584f1f6fee5ee07eb6a091638d8e7781c1c006166e0f987f9f4de535e9f3df1db8c9328e9a19a73c76059ab4edfe9eda7f16cc6b869229bafb179d194e20ccc6af1d8183b673de8138ddab9a0907278f6eaacc55bf59a450ebc10e0b88c82d9f0deca86ff771f46509250fde94e0c94256b77616d099862ddc9b341838d634a9dc4b55a88fcc6248901135f6aa76365433e7e534e0e5ae8eec2a63df62c3e244a40481189ff54122698c7e2da2c829b2eec9efc9894ee05be04ae6dd48406eaace17827e38bf38b414059aded0343e0711a8d864ff41a8d9ed40fb2aa1a3f4014f691cd0e8af62445a021820ff03afa8a192ee255862f306851df1de96ce36cafb6a60b7069db7aa96fd1ffb2fb01e6247f770304dffe4b1c8d0eeb336dd6806d6ab5d418953b1cae7cbbf53766b61e4aad5cfce8255b78af26f9bd11283a9c7d12cd63b82cd2b506fd4061d1e16fc7c713d80763c3b0aa0faadcd9b7d676101aad80e1ca00369297e1f714003ab8d0b545c335014a522a25a767950963ef821425b79b521076166d0df3ef358c7d60d99cc85463c186e8faf16af79785680382e4cc93f6594f8c4461e0988c08717640df24a5f357db22432fcae21702dc792d201212fb3791e0164bb3d433a8268ec96df73766fdba42965e00e619246cba5d96eb853a7c22c34d2fe5e5d3f3ccf9c627d069517b743cd07f6f7b444074bb9a50269f2e03309c58930e56a9583eb00c37fbcdd391972261f41756c10c8899fcd036e2017e088ef9e6ec31f795d55b3bba214c53c98fc9318e4ade0e7e6fd259aa277fed54c27e5210787a5f6937f56fdbe1da5113f059061ca590ddf536a55cb91ac6ed41cb9c0418b115b29f5e823c1b0ee7c2b3982087763545b34e2c945d587ebce69bbe299a7f52b674f351977370fc700474bc15d7e6ef98c14258ecf401a4f3bba1a9aa76c5ab0b8819fe6efe3fba1899909e5e48554299150ee272451b56142d12ae2bb4942db430239701d494917f2c939a6fb9d98d4751a6f2c4537ec870342d223343a9bd7b8d8c99aff8cbfa298395551185f35dec120228073a1e496a58b59d9ac5986249a7c6db9398395cbf341c08ee910700e2daa042dba1846fef59c72ce872bba2046a14fcf9a47a5686d62bfba76309a9865c26e5fa41dd872fc749fdc57953105ace4978f9eb788c8d061c853ad0313e51e732c5d7bc05e752443c8e99b8e81c688befdb5b14c3cc2f96eb8ce8290303e483992fcbece1ff278d0dc036ad437b6cbc695c7741ba4556e242146d40843c73deaf8fceba40e4a4acd739b3031848b17a210a1ff0dc1908b77c4bb94543af52e1fe2a090c8f217428d02336303f7952c3ddefa7c81850676e7f4cc3d32c3937281fa5ab279c3fe39f92ba077dadb8c2c3df17cc511bd33c41cb161d24aea154f0f5902c94b56fe072d321a983668bd9f4838878e66ec44cb233d7d0ca908a794c844ff8b3ba4c57f6c5fc2f3a54db448b013f0c4998bbc6ed0409b3368391cb28c75f4a909fff90f308ff38c758ff7d8a2920bc221236d89b3b769e44e8ce649b32f5135a0217ba9036a8edddee97d7ba15f2c21fb7d3cae3eb6ef09dd03eed650489c83b5ba5dd9daf7a86cf0544fb8a58e46b860e3e42e10cd6f1c4f81179eb2c3ba611793a32abb4c0768db90e8bdd1694efaa9c2b45c89d203fdfb8b926b6a0d666d91b93065a83184fc2065961f2308056241b66f427c0f0aabc75852c90f0624cf036d537032ca8d73325d2ae2a79a7292c240c34584bb881fe5d468a051cbc0bde061f9eddfb758cd2dfba296eef549e5c4ede097111216a0ec60f90e8d6f5dd843c82e15f505f8c74e854ba9cd386249d552978eb8135a5f8c79c3ceb8dd580800000000000000d6cf3ff2f47c276c8169ab98336582a852c1535018fb2306aca6b8c9f9e38d64c66a722762b76c69d4ca6c14bd6992549e4eec17287fce194467f972d9200c3d1ac4fd4a8f2620e2e4281d28c099946ed90789ba122705326390d3e058ceed24044e542efb36416272eadf6304f30efa0b7bc1ae5be92fe50e591ee6f725726e917ec113506920beb2aa53b39f1d76b31500", "cfb220c7d481332f3f1f8079dfe27e23185fd67a407358db7892789f96b7fa9b14daa48617a10d8a91b820ecbaa470ec0bb1f3cbce7f70ec70b19a4cad082229c2788f8611d7dc306d9a45761a97828c36ed87ebde5d4a3e1609c1422a8ae2f7cca428ebdb0dd38b90b9598a353b18a600bf35a369e6e3e5abb0a1c5c0c0e48e014e7ef1b7d768b3c5657f1adfbb7ff2985082b16c99eb83ec3660990dcf1106efa6b7f8a4798fec811c2c85faec0235c83b7093b3d02367421abc40a554e0b0d7fc1bcaece4222c594f8d20e368fe625ca433c75486fe5c94103cd17291349ee12b877602936688666f82ecd8f4f83d50bb1650e08b96cd25ad147c4c956c98649806a3736d072c8d97c6e3a46a7c18535df8d828b86662400d8e9cc861fa1dd5dc193892d3168396c499e07b279fb76c7e289f2fd955691363bc1de74536dc571817615c88b0d594a136966c129e424ccb7ef1c7c7461eac7ca5f03d72ea4c9c3d1156fb4cb1bb70e097357588b5c49f6716bbae1bd118104b42786f09a3b9f7cb80f383cadfd0c462096ff2bb637b7cf79764b6a4b7ffc5d87c1f063fb48e7f08ad5af534c70079f12f28e8921abbd4280801cdf6101ea494768b1274afd0eea5939843d56022a83590920fe446d52dfe699c33977d5592dbf7e0e236b8175d7faae06e0c50f7402174023ce4b996564e945c416fa823f2f9c3213ac50b20bd1fd55bb8d9fe70ee31ea2f404ae0fcbf857bebcc9196c8c622059fea2e248e4058905b69fb98be312d3193ea1d8ff653173e8c4ad8c81d77a5bea45b3cd6fba19b6336f94ec04c8f86d24e9ca959874577d7ca0baf3c4ff30b554bc3ccc06df46d925373fbf7863e2cf684d3bc9603ab72b851ca4728294de87f2dec6f23ca9e43ed2e5cbba662d13137fc1ce0f6ae6aeb974f72f4b750825fafb67715e425f40c7da83b92d4249a0a4e96b789cceb7b07f38cb83f72dd093a345ab3cb8ae760fc14e40ea182a0d7fe1facc62a1ab0902349fd7e27bb0cd349fb5053f4734823abf020739b4b43bb11f5d69b61295068df31177959903c2ea1bb82d24eeaa93d0d475bd5d15b2a401e7ebe0d3cfbd45b2db2882cdb41408aaa718f8320fbb7f9da4f68d0eebeef175442e807e9908132731fe5e268582dcf6dffa4251ebb7121db8e412089fa9d8af9919799547a26b6b8eb44c28f1ce5f9a3021fe30841be204c1b4b3813dccae6baeef9b53fe413cbec46bb0cd95f3793cdc9bfe6cdd96ce0c4aa4a25e1cbbeeee6c9fa558b279048c7e31d07b125bac68d4e1f4253bd4dc7824cf3d722c94cf2b8f61bc8155731f072fd447082b181a13ffb8c08a1d568298c5de2d969fae2bea070a9e2688f294e76b8c200dfb993ec19778eb56ae3127c1116ccc85ef8806fdcb9ee0cb66ff03fbb0fa6c52b9b101b3830fc1650efa859163a264b4059092e5dc9a415ec09bfd1460f142fe5ef00beb6aa9032bd0de97aefc6f65e8cfeea761b3d8174caf528b6627682ff4d4450cb0f34251fc000ed01dd538ef13260984f44703b89dfb511bfb538d0b1c8aded964e1bcc5ca57437468b14a31ec0000a17e4d24369c40500449c37e7dccedba3eceb59d827dace246b5c48afb6a5988e64c560b3dc76c32d831f51cdbc5cfc4364ac8b25372b87c92bacfedc6bc8feb44098dbebc89cda03c59e4c58a31372bd574704b9e788834b9f83c6703f6709efad97c4ce499ea580dae1de282a019247cb3dce5c1906322e6d3ca5157ea6428bc42416936fac194efe136089c07faf7adf1e923003f1dc63fcbc634b389a4f351a6acee785e23c6bb04ca2f265be1e634362b87c6f9fd369bbe62a1db6b286c7ffde6370bb4d6e9e0cc3ec451e1a99d134726c9075e71319d3a683e91e4b900061c0e6d086481069cd32f4cde7816f8e3a0ac6428a7488f31f06ee0da10df3ed0c150d29085879d064f914407f60018bb588735663647bfeda930407d69abef3f72fd461c2b85b00988b412a180fd267fc646a86d297e7e40912607157b6fa873df6442579b1523d8117f0c06c87adf75843b8bff30a5bfb4fe1e9846b7fdd58774641f9cc9c4e38e53ed24a9d9e9dbc7657aa9b220a8545852b0409f5c0812e953823e841967bf55059acc7a4600818134359e72cfae0d04a0738ac8acca133d6395a455b22cdd6f901d4cdea1cf17415f7d7895a4b65f80d2f7c5c60a0dc04b40c9ae5ffc922e074a82afd704673e1766d19db9f60eab0238fb4a3169a08aded607847e5d752d4e24c4914b95bac3892bcfc2076f16a7f07583f0d418b9dec03afdb2e93335a392e1b1ef2910eb2a4b6a63fe61641f3c02bef73cd7e4a77a6f30ae821598c3160511603541bea89022b54f321c2a55cdeeb19335d78a821ab6ca0f36588a9a79a41e2123905a491d658c2a1caeee998c995bb0f816c92c5dc2b862183f80b9f9786c9c5524723c944d11f6894c7f008ab8194f577e22c03631d2a33201f508ea49653e7600639242dbaba704f700ac227f32dc575c559a0a1f4fe0cf6c22fbf7e1ca2ab4b1e4724e8379021e3c9a7c1509c6a413bd7d9c98938e440762eda2546d636597defa86c1ad31126a1182d365f858927d140fb0a97f80adcc5f4ed5efe11ac503453917a263f1d64692348d30f382e85e464ef7616067a42df5de1a1b622fabefe2ca4ceffa4801f7a02fdef40644cd1d079590d900727628d54b44db7ac700d8d664f7eea12837fcf347360d8e43a354fe51b4c49d2b800b5cc06e22c72af2a67ee7bc8ae894e841f2cf2b0a7e381caf944bf4e91ded63b6f82f7474e4f81e986fff7e5339b8e9f60103a1af81833e120f0c88893ecabac044a4a2867cda4fdcb084459a00507aa9e5a8e761a72df3322a1ae8cd918b4994c23bdb1e459b4f21651bd7fa067a00e2a2877bf6b29f289ed8018e0a78f6fb4ded9749640e0e37f6381b320ab72da404f3d70d60152f6fa6738932387b83250cb3148141edb52f109bfd4bda8054959db01f4c550609a63c08cf01ecd110cfc6f0055638c0dde039d2ac2daafe59e561f9f08a8830c3f661e4325de63e98f4a4216ec3b83fd200201ed3f647147611424286ffc6c4a8aca64a6874743242d4feeaa9153de06e51c512d9cab7ae712c6424069f3e5db4ddebe9b48b5f6caa741162edf97674d2368e03a387f798151a4b9b9fa9e3a5838a34313315836bb7291764b9a3c464c0c54a4c64ca774ad200925ac6bf59508c10a8574afde9b821741af43ec64cedc13aa220b39772195283506dfe899dd6a7b37eb21f154056a2df3564ef2bb918a928651de88c3613b84e7960bddd7b46b1304deb30f57b6fe5a3b4788629e91bcc245e748b3387f52da4bb094782326dcfde0827e2d674e41bb375247d349cade9c704e5431785009b0e53f1b45c70b237c9432e07e4c7a8464ed11608a3d2184338dd9e6f6ef4b3d751e979667b6a3953c89aff4eead7a978071a912b3de21a85a5849c57933cf53cd74a610f3e60f699766fbc7e0bb8a891a429c77bb6f3b6f9f8eb0b1bd9588ef2ce98fdf0a0838e4b0bed807d8b673093c717feec8d697e32542274887d039db7a2daed5d52c8e9767443229f8003c5d67e907376ea2f393484fa70deee159cb56f8d097b8fe2736e95f540137e20725f0940a8d049068ead4c46bb3771a671bb00de88931e03445a55868de0c220db05cbda9f996d5fe7c1070efe5e718fed4d4cb4ecacad3d6b643bc0ffe9a71b720ba7b5adbbdefe29106ef6a6ffe4547f5d02bec312147df0abe80efb2d5e598fc7c8b268e58b59e0d75728e9a18126f013c963ddc92d251405f857fe3a5cbacf443be7772975b7bf4f6d7ed6f80dfcc47a88c6d19120942adb5385be6ef3c0d7e396bcac5affc8f9276d6cd1a0b069aed72a98cde8ea7aabe6cc091b19efcfaf9368dfeb3087a05a42e3b893dae5ffeb72e6ac06e995a2a75ea0b5f7876247bb4c38cf3f0153f1f7473b522f1c440b632270e2b1d654d3a5ae16cb788482760d34ca79c8951b29c628e21029715683a3e6f8f77c5d89ecdae37e0190f79c4c1dbc9d0160e359cd6c94d6662ed53bb01a83374ff593c823acc59241b11f020902069fc0054a9b26cb320bef4fb1f8cc5bd8ae76eb029afab731b9876bc4e8708a8315512823cff1f9375d284ce66e53d4efad6c76d17bb532fc938b8f80c13ce86b5ba3e540164bc5a5d47cd321c241d8740f453ef95bd3878d578561ad6ce20877ffbd44062dce8df1d048d8d5e4045be647886108cbb1f0b26a8b74b66858afedb830a161bb02bde4c46a688a0ea3a7018ce24666aab0f422ede2f78ea29f77e28d87c744cba0285ce33dff5ac45774829699de6d725a9b6db6e7d03ad4ec9d075c386e68ca0bcd9e9911d741ed0168cbddb87a7918a964d206629da4e887277b0ef7d3f9c7082f3f15f29a0dfb39f3b0877a5ec3ac4343e0d808f5aee8f1869923aab6dfc1016821c013109f34aece6183994b853d0e9561375c02cdd26b1b55194757341929a8038864cedd6b5a3b8b51ade44637044c4ebddb190f173969a0ca4cf5d42153763a0b91da0110ae7a25204850927d81b00176d4568a3d444d8029bd010df784e3f673fe855601ec4f1b26b2df58841e6a65f0db66373f63cc14a8b07dfc52ac9957eb542d05ed687c79519609de96df18b63cb294b534ddf7d2e8f41bcc1e5a006191c4db057b6709f0a96f18e02000000be2a19c015b9c4b0b3f42e4de366b71f8da8888809473c3c7a02a1158e375f29997a43bc7118ca4d1abb8f8f21972fc589aaa3d73a4d40a1e1705e169ac6e56cff50d89fc45b6863c8fc67bb2b5939a7f33072539ba4c24077be5711ba368bf7efd4897931531d388eb5c2e56bef337777150dd59518652145c9594e110e41d2615196c6b197916c88cc2814e13a3a922b4ecb044bf31cc90e0bfe0ce07de29188bbcb0ec1a12b509f52582fbb948c3cbe0c6964f46991cec0704bfac08aec6ad8ddfc36dc68c7f547c5ee6af4a8d55c79e3dc1c49b045379811f81e9a185a92cd37ae4ee32c5d3c82d36d6202a6c84fd231fe467071d42072827fd77afa5d757e6f37247f783ef09bdfd7536b666e84bc4bb878005b7829293a04ba090272dec844f4ef0e934617c0851800c6b915ac6f3f03e4a6ab88e21c3f21f93b31d95ea3b9228e0031cb69795de5abd19c4cb4a0cf2984e53ca391cc66e33ee0d510151670331fa264753704fea5e400000f74890c49a74a47e0da13155c5470013d53dea0f05b5e088f1511c209f5be940232318af2757951d399e32eb862d915784713baa8ba93645caf04ba78fa3cf600ff92b9c5be58ad87438a340bac00a5ea9fb17e39478ba61fe36335e48d8c5a0b25f024cbd2ec7f217d0f260951da396dc13a2a74cd90df4b52db686e3b34d27cfa4cebd7bf59cbcfaf4007dc943a1da6e0bd1799a21ab449d7bb42935e50c839c5b567c59742436af15bc8d46095520dcd9273ae2b6f3c1cc2b4311ac9e5d297f0940b1552c5955adb302022022bb7457978998b56328629b7725dfbe3dedb37f37af0697a4471d1d6ff6bec633a38540adeba903f3eaaec5785fbb3c6a598f49dbd9ff93c67dea1ef39a614331b119fa8efccc8bac01595fb95a2a57eec9fc6c6fe82782aa89ea971866fd9a3bca4010182092ab6d1e2b49b964be9e3bb13bd6b77850e435f55a5d46e5bcb3330c7edefd31c33f61275e51600"})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000080000000b"], 0x48)
socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="38000000031401002dbd7000000000000900020073797a30000000000800410073697700140033006c6f"], 0xffaf}, 0x1, 0x0, 0x0, 0x854}, 0x0)
mremap(&(0x7f00001a6000/0x4000)=nil, 0x4000, 0x2000, 0x3, &(0x7f0000208000/0x2000)=nil)
mremap(&(0x7f00003ef000/0x3000)=nil, 0x3000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
madvise(&(0x7f000042f000/0x800000)=nil, 0x800000, 0x15)
capset(&(0x7f0000000000)={0x19980330}, 0x0)
r8 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x28a02, 0x0)
ioctl$TIOCSETD(r8, 0x5423, &(0x7f0000000080)=0x3)
close_range(r8, 0xffffffffffffffff, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

4.361605485s ago: executing program 1 (id=490):
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$netlink(r3, &(0x7f0000000200)={0x10, 0x0, 0x0, 0x80065c9}, 0xc)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000dc0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f00000000c0)=r6, 0x4)
sendmsg$unix(r5, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001580)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a140000001100010000000000000000000000000abef32450d6986aeb4d7f"], 0x64}}, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c)
r8 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet_sctp(r8, &(0x7f00000032c0), 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x318, 0x1, 0x24}, 0x9c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0xffffffffffffffff}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)

3.557603324s ago: executing program 2 (id=491):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000380), 0xffffffffffffffff)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x120002)
openat$selinux_load(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0)
r0 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x49)
openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
write$sndseq(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
mremap(&(0x7f0000724000/0x4000)=nil, 0x4000, 0x4000, 0x3, &(0x7f0000290000/0x4000)=nil)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="fc0000001900010029bd7000fbdbdf25ff010000060000800000000000000001fe8000000000000000000000000000bb00000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000004000000000000000000000000000000000000000000000000000000000000000200000000000000fdffffffffffffff000000000000000000000000000000000500000000000000000000000020000000000000000000000000000000000000010002000000000044000500fe800000000000000000000000000044000004d42b0000000a000000e00000010000000000000000000000000000000004000000ce0000000000"], 0xfc}, 0x1, 0x0, 0x0, 0x24008040}, 0x0)
bind$inet(r3, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10)
setsockopt$sock_int(r3, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x300, 0x59555956, 0x7, 0x0, [{0x0, 0x1000}, {}, {0x1, 0x6}, {0x8}, {}, {0x0, 0x4}], 0x6, 0x6}})
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r5, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x4)
connect$inet(r3, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10)
sendmmsg$inet(r3, &(0x7f0000004d00), 0x7fffffffffffd33, 0x20000890)

3.375806583s ago: executing program 0 (id=492):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1f, 0x0, 0x0, 0x1000, 0x0, 0x1}, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0f000000040000000800000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x4, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r1, 0x2000300, 0xe, 0x0, &(0x7f0000000000)="63eced8e46dc3f0adf3389f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x39)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffc}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_io_uring_setup(0x230, &(0x7f0000000080)={0x0, 0x20, 0x10100}, &(0x7f0000000040)=<r5=>0x0, &(0x7f0000000100)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffff86})
io_uring_enter(r4, 0x7a98, 0x0, 0x0, 0x0, 0xfffffffffffffc76)

2.408757071s ago: executing program 2 (id=493):
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x300, 0x0, 0xc8, 0x8, 0x160, 0x5803, 0x280, 0x2e8, 0x2e8, 0x280, 0x2e8, 0x3, 0x0, {[{{@ipv6={@loopback, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', [0xffffffff, 0xff000000, 0xffffff00, 0xffffff00], [0xffffffff, 0xffffffff, 0xffffff00, 0xffffff], 'bridge_slave_0\x00', 'dvmrp1\x00', {}, {}, 0x8, 0x3, 0x4, 0x23}, 0x0, 0xd0, 0x138, 0x0, {0x0, 0x2000000000000}, [@common=@hl={{0x28}, {0x1, 0x5}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0xe, 0x5, 0x8, 0x401, 'netbios-ns\x00', 'syz0\x00'}}}, {{@uncond, 0x0, 0xd0, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@inet=@SYNPROXY={0x28, 'SYNPROXY\x00', 0x0, {0xf, 0x9, 0xe28}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x360)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x11}, 0x94)
io_setup(0xff, 0x0)
r0 = socket$kcm(0x2, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000280)={&(0x7f0000000300)={0x2, 0x4e1f, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000040)=[@ip_retopts={{0x14, 0x0, 0x7, {[@generic={0x89, 0x2}]}}}], 0x18, 0x5}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
mount(&(0x7f0000000140)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000040)='./cgroup\x00', 0x0, 0x2208004, 0x0)

2.407998781s ago: executing program 3 (id=494):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write(r0, &(0x7f0000000000)="2a000200010078", 0x7) (fail_nth: 1)

2.166160366s ago: executing program 4 (id=495):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001880)={&(0x7f0000002940)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x3}, {0x0, [0x0]}}, &(0x7f0000001780)=""/46, 0x1b, 0x2e, 0x0, 0xffffffff, 0x10000}, 0x28)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000002a00)={0x1b, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x2}, 0x50)
r4 = userfaultfd(0x801)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000001c0)={0xaa, 0x380})
r5 = syz_open_procfs(0x0, &(0x7f0000000580)='net/fib_trie\x00')
pread64(r5, &(0x7f0000019180)=""/102355, 0x18fd3, 0xc2a)
ioctl$UFFDIO_COPY(r4, 0xc028aa03, &(0x7f0000000000)={&(0x7f00002b9000/0x400000)=nil, &(0x7f0000113000/0x3000)=nil, 0x400000, 0x0, 0x2})
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xc)
write$sysctl(0xffffffffffffffff, &(0x7f0000000580)='1\x00', 0x2)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
r6 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000780), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r6, 0x4008af00, 0x0)
write$vhost_msg_v2(r6, &(0x7f0000000640)={0x2, 0x0, {&(0x7f0000001900)=""/4097, 0xffffffffffffffcc, 0x0, 0x2, 0x2}}, 0x48)

1.541054056s ago: executing program 2 (id=496):
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
openat$dsp1(0xffffffffffffff9c, &(0x7f0000000200), 0x800, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r1, 0x0, 0x100}, 0x18)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10)

995.406395ms ago: executing program 1 (id=497):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000006c0)={0x94, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @local}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}]}, 0x94}}, 0x0)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="14000000020105"], 0x14}, 0x1, 0x0, 0x0, 0x20044804}, 0x40040)

927.991533ms ago: executing program 3 (id=498):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='contention_begin\x00', r0}, 0x18)
r1 = syz_io_uring_setup(0x3fed, &(0x7f0000000380), &(0x7f0000000080), &(0x7f00000000c0))
io_uring_register$IORING_REGISTER_FILES2(r1, 0xd, &(0x7f0000000280)={0x1, 0x0, 0x0, &(0x7f0000000200)=[{0x0}], 0x0}, 0x20)
socket$nl_sock_diag(0x10, 0x3, 0x4)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)
timer_create(0x7, &(0x7f0000000300)={0x0, 0x13, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000240)=<r2=>0x0)
r3 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r3, 0x97fef000)
timer_settime(r2, 0x0, &(0x7f0000000340)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
io_uring_register$IORING_UNREGISTER_FILES(r1, 0x3, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket(0x10, 0x803, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
creat(&(0x7f0000000ac0)='./file0\x00', 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, <r7=>0x0}, 0x0)
chown(&(0x7f00000003c0)='./file0\x00', r7, 0xee01)
lsetxattr$system_posix_acl(&(0x7f0000000800)='./file0\x00', &(0x7f0000000840)='system.posix_acl_access\x00', &(0x7f0000000300)={{}, {}, [{}, {0x2, 0x6}], {}, [], {0x10, 0x2}}, 0x34, 0x0)

836.197675ms ago: executing program 1 (id=499):
socket$packet(0x11, 0x3, 0x300)
prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x8b}, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
socket$alg(0x26, 0x5, 0x0)
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0)
r1 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r1, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
sendmsg$rds(r1, &(0x7f0000000140)={&(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0) (fail_nth: 1)
setsockopt$RDS_CANCEL_SENT_TO(r1, 0x114, 0x1, 0x0, 0x0)

659.689749ms ago: executing program 4 (id=500):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/tty/ldiscs\x00', 0x0, 0x0)
socket$kcm(0x2d, 0x2, 0x0)
sync()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0x0)
io_setup(0x5, &(0x7f0000000140)=<r3=>0x0)
r4 = eventfd2(0x0, 0x0)
io_submit(r3, 0x1, &(0x7f0000000280)=[&(0x7f0000000000)={0x1802, 0x0, 0x0, 0x5, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x1, r4}])
close(r4)
shutdown(r2, 0x0)
ioctl$BTRFS_IOC_DEFRAG(r4, 0x50009402, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f000001b700)=""/102392, 0x18ff8)
socket(0x2, 0x80805, 0x0)
sync()
r6 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r6, 0x0, 0x32, &(0x7f0000000f00)=0x1000000, 0x4)
sendfile(r0, r1, 0x0, 0x20000000006)

51.790811ms ago: executing program 2 (id=501):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x4, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000b, 0x8031, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
r0 = socket(0x400000000010, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001500)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), 0x100}, 0x0)
write(r0, &(0x7f0000000040)="3a03000018002551075c0165ff0ffc02802000030004000500e1000c0400070080000900", 0x33a)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
shutdown(0xffffffffffffffff, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="600000000206050000000000000000000000000005000400000000000900020073797a32000000000500010007000000050005000a00000011000300686173683a6e65742c6e65740000000014000780050015001100000008001240"], 0x60}}, 0x0)

0s ago: executing program 1 (id=502):
syz_open_dev$video4linux(0x0, 0x83, 0x0)
socket$unix(0x1, 0x1, 0x0)
prlimit64(0x0, 0xc, &(0x7f0000000140)={0x1, 0x2845}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x40, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r0, &(0x7f000001b700)=""/102392, 0x18ff8)
futex(0x0, 0x80000000000b, 0x0, 0x0, 0x0, 0x0)
futex(0x0, 0x4, 0x1000001, 0x0, 0x0, 0x0)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x20, 0x1411, 0x1, 0x0, 0x0, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x1000000}]}, 0x20}}, 0x0)
ioprio_get$uid(0x3, 0x0) (fail_nth: 1)
r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$SCSI_IOCTL_GET_PCI(r3, 0x5393, &(0x7f0000000000))

kernel console output (not intermixed with test programs):

th.
[  111.155509][ T6417] netlink: 'syz.4.123': attribute type 1 has an invalid length.
[  111.166919][ T6417] netlink: 'syz.4.123': attribute type 1 has an invalid length.
[  111.350218][ T5870] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  111.365926][ T5870] usb 2-1: config 0 descriptor??
[  111.377309][ T5870] usbhid 2-1:0.1: couldn't find an input interrupt endpoint
[  112.554983][ T5925] usb 2-1: USB disconnect, device number 2
[  112.630100][ T6426] netlink: 1688 bytes leftover after parsing attributes in process `syz.3.127'.
[  112.681384][ T6430] FAULT_INJECTION: forcing a failure.
[  112.681384][ T6430] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  112.737211][ T6430] CPU: 1 UID: 0 PID: 6430 Comm: syz.1.128 Not tainted syzkaller #0 PREEMPT(full) 
[  112.737237][ T6430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  112.737247][ T6430] Call Trace:
[  112.737253][ T6430]  <TASK>
[  112.737260][ T6430]  dump_stack_lvl+0x16c/0x1f0
[  112.737286][ T6430]  should_fail_ex+0x512/0x640
[  112.737312][ T6430]  _copy_from_user+0x2e/0xd0
[  112.737336][ T6430]  copy_msghdr_from_user+0x98/0x160
[  112.737360][ T6430]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  112.737394][ T6430]  ___sys_sendmsg+0xfe/0x1d0
[  112.737416][ T6430]  ? __pfx____sys_sendmsg+0x10/0x10
[  112.737435][ T6430]  ? __lock_acquire+0x622/0x1c90
[  112.737489][ T6430]  __sys_sendmsg+0x16d/0x220
[  112.737510][ T6430]  ? __pfx___sys_sendmsg+0x10/0x10
[  112.737551][ T6430]  do_syscall_64+0xcd/0xfa0
[  112.737574][ T6430]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.737591][ T6430] RIP: 0033:0x7fce2c78efc9
[  112.737605][ T6430] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  112.737620][ T6430] RSP: 002b:00007fce2a9f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  112.737638][ T6430] RAX: ffffffffffffffda RBX: 00007fce2c9e5fa0 RCX: 00007fce2c78efc9
[  112.737649][ T6430] RDX: ea5bc50b6199d7fe RSI: 00002000000000c0 RDI: 0000000000000003
[  112.737659][ T6430] RBP: 00007fce2a9f6090 R08: 0000000000000000 R09: 0000000000000000
[  112.737669][ T6430] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  112.737678][ T6430] R13: 00007fce2c9e6038 R14: 00007fce2c9e5fa0 R15: 00007ffc40a57678
[  112.737703][ T6430]  </TASK>
[  112.904851][    C1] vkms_vblank_simulate: vblank timer overrun
[  113.164266][ T6435] siw: device registration error -23
[  113.535862][ T6442] gfs2: error -5 reading superblock
[  114.233092][ T6447] CIFS mount error: No usable UNC path provided in device string!
[  114.233092][ T6447] 
[  114.243173][ T6447] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  114.395415][ T6453] netlink: 4 bytes leftover after parsing attributes in process `syz.0.134'.
[  116.419512][ T6466] gfs2: error -5 reading superblock
[  116.463140][   T30] audit: type=1400 audit(1760867257.719:221): avc:  denied  { read write } for  pid=6467 comm="syz.1.139" name="ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  116.508938][   T30] audit: type=1400 audit(1760867257.719:222): avc:  denied  { open } for  pid=6467 comm="syz.1.139" path="/dev/ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  116.611168][ T6470] netlink: 'syz.2.140': attribute type 72 has an invalid length.
[  116.828112][   T30] audit: type=1400 audit(1760867258.079:223): avc:  denied  { nlmsg_write } for  pid=6473 comm="syz.4.142" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  117.219521][   T30] audit: type=1400 audit(1760867258.479:224): avc:  denied  { append } for  pid=6482 comm="syz.0.145" name="card1" dev="devtmpfs" ino=628 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  117.548428][ T6481] Zero length message leads to an empty skb
[  117.711040][ T6495] FAULT_INJECTION: forcing a failure.
[  117.711040][ T6495] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  117.780050][   T30] audit: type=1400 audit(1760867259.039:225): avc:  denied  { read write } for  pid=6486 comm="syz.2.146" name="video1" dev="devtmpfs" ino=931 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  117.814669][ T6495] CPU: 0 UID: 0 PID: 6495 Comm: syz.0.147 Not tainted syzkaller #0 PREEMPT(full) 
[  117.814695][ T6495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  117.814706][ T6495] Call Trace:
[  117.814711][ T6495]  <TASK>
[  117.814718][ T6495]  dump_stack_lvl+0x16c/0x1f0
[  117.814763][ T6495]  should_fail_ex+0x512/0x640
[  117.814789][ T6495]  _copy_to_user+0x32/0xd0
[  117.814819][ T6495]  simple_read_from_buffer+0xcb/0x170
[  117.814843][ T6495]  proc_fail_nth_read+0x197/0x240
[  117.814872][ T6495]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  117.814899][ T6495]  ? rw_verify_area+0xcf/0x6c0
[  117.814918][ T6495]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  117.814943][ T6495]  vfs_read+0x1e4/0xcf0
[  117.814968][ T6495]  ? __pfx___mutex_lock+0x10/0x10
[  117.814991][ T6495]  ? __pfx_vfs_read+0x10/0x10
[  117.815020][ T6495]  ? __fget_files+0x20e/0x3c0
[  117.815052][ T6495]  ksys_read+0x12a/0x250
[  117.815073][ T6495]  ? __pfx_ksys_read+0x10/0x10
[  117.815097][ T6495]  ? rcu_is_watching+0x12/0xc0
[  117.815118][ T6495]  do_syscall_64+0xcd/0xfa0
[  117.815142][ T6495]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.815159][ T6495] RIP: 0033:0x7fefaa18d9dc
[  117.815174][ T6495] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  117.815189][ T6495] RSP: 002b:00007fefab076030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  117.815206][ T6495] RAX: ffffffffffffffda RBX: 00007fefaa3e6090 RCX: 00007fefaa18d9dc
[  117.815217][ T6495] RDX: 000000000000000f RSI: 00007fefab0760a0 RDI: 0000000000000003
[  117.815227][ T6495] RBP: 00007fefab076090 R08: 0000000000000000 R09: 0000000000000000
[  117.815236][ T6495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  117.815246][ T6495] R13: 00007fefaa3e6128 R14: 00007fefaa3e6090 R15: 00007ffc0d002908
[  117.815272][ T6495]  </TASK>
[  117.997786][    C0] vkms_vblank_simulate: vblank timer overrun
[  118.035308][   T30] audit: type=1400 audit(1760867259.039:226): avc:  denied  { open } for  pid=6486 comm="syz.2.146" path="/dev/video1" dev="devtmpfs" ino=931 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  118.062875][   T30] audit: type=1400 audit(1760867259.039:227): avc:  denied  { ioctl } for  pid=6486 comm="syz.2.146" path="/dev/video1" dev="devtmpfs" ino=931 ioctlcmd=0x5608 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  119.527649][   T30] audit: type=1400 audit(1760867260.409:228): avc:  denied  { read } for  pid=6511 comm="syz.0.152" name="fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  119.648692][   T30] audit: type=1400 audit(1760867260.409:229): avc:  denied  { open } for  pid=6511 comm="syz.0.152" path="/dev/fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  119.738729][ T6519] netlink: 'syz.3.154': attribute type 72 has an invalid length.
[  119.752617][   T30] audit: type=1400 audit(1760867260.409:230): avc:  denied  { ioctl } for  pid=6511 comm="syz.0.152" path="/dev/fb0" dev="devtmpfs" ino=629 ioctlcmd=0x4602 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  119.822324][   T52] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  119.836485][   T52] Bluetooth: hci0: command 0x0c1a tx timeout
[  119.874923][ T5870] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  120.018551][ T6521] geneve2: entered promiscuous mode
[  120.023854][ T6521] geneve2: entered allmulticast mode
[  120.058103][ T5870] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  120.150772][ T5870] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  120.184613][ T5870] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  120.204160][ T5870] usb 2-1: config 0 descriptor??
[  120.251779][ T5870] pwc: Askey VC010 type 2 USB webcam detected.
[  120.459805][ T6538] FAULT_INJECTION: forcing a failure.
[  120.459805][ T6538] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  120.472888][ T6538] CPU: 0 UID: 0 PID: 6538 Comm: syz.2.160 Not tainted syzkaller #0 PREEMPT(full) 
[  120.472904][ T6538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  120.472910][ T6538] Call Trace:
[  120.472914][ T6538]  <TASK>
[  120.472919][ T6538]  dump_stack_lvl+0x16c/0x1f0
[  120.472937][ T6538]  should_fail_ex+0x512/0x640
[  120.472954][ T6538]  _copy_from_user+0x2e/0xd0
[  120.472970][ T6538]  copy_msghdr_from_user+0x98/0x160
[  120.472985][ T6538]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  120.473013][ T6538]  ___sys_sendmsg+0xfe/0x1d0
[  120.473027][ T6538]  ? __pfx____sys_sendmsg+0x10/0x10
[  120.473039][ T6538]  ? __lock_acquire+0x622/0x1c90
[  120.473073][ T6538]  __sys_sendmsg+0x16d/0x220
[  120.473087][ T6538]  ? __pfx___sys_sendmsg+0x10/0x10
[  120.473110][ T6538]  do_syscall_64+0xcd/0xfa0
[  120.473125][ T6538]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.473137][ T6538] RIP: 0033:0x7fa8b118efc9
[  120.473146][ T6538] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  120.473156][ T6538] RSP: 002b:00007fa8af3f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  120.473167][ T6538] RAX: ffffffffffffffda RBX: 00007fa8b13e5fa0 RCX: 00007fa8b118efc9
[  120.473174][ T6538] RDX: 0000000000000010 RSI: 0000200000000540 RDI: 0000000000000007
[  120.473180][ T6538] RBP: 00007fa8af3f6090 R08: 0000000000000000 R09: 0000000000000000
[  120.473186][ T6538] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  120.473192][ T6538] R13: 00007fa8b13e6038 R14: 00007fa8b13e5fa0 R15: 00007ffde19c1ab8
[  120.473207][ T6538]  </TASK>
[  120.634466][    C0] vkms_vblank_simulate: vblank timer overrun
[  120.658762][ T5870] pwc: recv_control_msg error -32 req 02 val 2b00
[  120.665902][ T5870] pwc: recv_control_msg error -32 req 02 val 2700
[  120.829125][ T6546] netlink: 4 bytes leftover after parsing attributes in process `syz.3.159'.
[  120.917115][ T6522] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  120.942726][ T6522] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  120.970612][ T5870] pwc: recv_control_msg error -71 req 04 val 1000
[  120.995700][ T5870] pwc: recv_control_msg error -71 req 04 val 1300
[  121.002385][ T5870] pwc: recv_control_msg error -71 req 04 val 1400
[  121.009340][ T5870] pwc: recv_control_msg error -71 req 02 val 2000
[  121.016225][ T5870] pwc: recv_control_msg error -71 req 02 val 2100
[  121.022997][ T5870] pwc: recv_control_msg error -71 req 04 val 1500
[  121.115126][ T5870] pwc: recv_control_msg error -71 req 02 val 2500
[  121.125417][ T5870] pwc: recv_control_msg error -71 req 02 val 2400
[  121.132387][ T5870] pwc: recv_control_msg error -71 req 02 val 2600
[  121.143086][ T5870] pwc: recv_control_msg error -71 req 02 val 2900
[  121.150048][ T5870] pwc: recv_control_msg error -71 req 02 val 2800
[  121.157782][ T5870] pwc: recv_control_msg error -71 req 04 val 1100
[  121.165794][ T5870] pwc: recv_control_msg error -71 req 04 val 1200
[  121.178107][ T5870] pwc: Registered as video103.
[  121.203766][ T5870] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input6
[  121.407314][ T5870] usb 2-1: USB disconnect, device number 3
[  122.192045][   T30] kauditd_printk_skb: 8 callbacks suppressed
[  122.192056][   T30] audit: type=1400 audit(1760867263.449:239): avc:  denied  { read } for  pid=6558 comm="syz.4.165" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  122.567543][ T6564] ipvlan1: entered allmulticast mode
[  122.572890][ T6564] veth0_vlan: entered allmulticast mode
[  122.691708][   T52] Bluetooth: hci0: unexpected event for opcode 0x042c
[  122.718115][   T30] audit: type=1400 audit(1760867263.749:240): avc:  denied  { write } for  pid=6558 comm="syz.4.165" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  123.612317][ T6566] netlink: 'syz.2.166': attribute type 72 has an invalid length.
[  123.795137][ T6573] FAULT_INJECTION: forcing a failure.
[  123.795137][ T6573] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  123.808330][ T6573] CPU: 0 UID: 0 PID: 6573 Comm: syz.2.169 Not tainted syzkaller #0 PREEMPT(full) 
[  123.808344][ T6573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  123.808350][ T6573] Call Trace:
[  123.808354][ T6573]  <TASK>
[  123.808358][ T6573]  dump_stack_lvl+0x16c/0x1f0
[  123.808375][ T6573]  should_fail_ex+0x512/0x640
[  123.808391][ T6573]  _copy_from_user+0x2e/0xd0
[  123.808406][ T6573]  copy_msghdr_from_user+0x98/0x160
[  123.808421][ T6573]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  123.808437][ T6573]  ? __lock_acquire+0x622/0x1c90
[  123.808453][ T6573]  ___sys_recvmsg+0xdb/0x1a0
[  123.808467][ T6573]  ? __pfx____sys_recvmsg+0x10/0x10
[  123.808481][ T6573]  ? find_held_lock+0x2b/0x80
[  123.808500][ T6573]  do_recvmmsg+0x2fe/0x750
[  123.808515][ T6573]  ? __pfx_do_recvmmsg+0x10/0x10
[  123.808536][ T6573]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  123.808567][ T6573]  ? __fget_files+0x20e/0x3c0
[  123.808592][ T6573]  __x64_sys_recvmmsg+0x22a/0x280
[  123.808607][ T6573]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  123.808625][ T6573]  do_syscall_64+0xcd/0xfa0
[  123.808639][ T6573]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.808650][ T6573] RIP: 0033:0x7fa8b118efc9
[  123.808665][ T6573] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  123.808675][ T6573] RSP: 002b:00007fa8af3f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  123.808686][ T6573] RAX: ffffffffffffffda RBX: 00007fa8b13e5fa0 RCX: 00007fa8b118efc9
[  123.808693][ T6573] RDX: 0000000000000001 RSI: 00002000000050c0 RDI: 0000000000000004
[  123.808699][ T6573] RBP: 00007fa8af3f6090 R08: 0000000000000000 R09: 0000000000000000
[  123.808705][ T6573] R10: 0000000040000100 R11: 0000000000000246 R12: 0000000000000001
[  123.808711][ T6573] R13: 00007fa8b13e6038 R14: 00007fa8b13e5fa0 R15: 00007ffde19c1ab8
[  123.808725][ T6573]  </TASK>
[  123.999812][   T30] audit: type=1400 audit(1760867265.049:241): avc:  denied  { listen } for  pid=6572 comm="syz.2.169" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  124.615688][ T6592] overlayfs: missing 'lowerdir'
[  124.688721][ T6594] misc userio: Begin command sent, but we're already running
[  125.034076][ T6602] loop4: detected capacity change from 0 to 2560
[  125.059017][ T5825] buffer_io_error: 311 callbacks suppressed
[  125.059027][ T5825] Buffer I/O error on dev loop4, logical block 0, async page read
[  125.095303][ T5825] Buffer I/O error on dev loop4, logical block 0, async page read
[  125.107041][ T5825] Buffer I/O error on dev loop4, logical block 0, async page read
[  125.119961][ T5825] Buffer I/O error on dev loop4, logical block 0, async page read
[  125.216021][ T5825] Buffer I/O error on dev loop4, logical block 0, async page read
[  125.445603][ T5890] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  125.454916][ T5926] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  125.578215][ T5825] Buffer I/O error on dev loop4, logical block 0, async page read
[  125.594991][ T5890] usb 2-1: Using ep0 maxpacket: 16
[  125.604062][ T5890] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  125.616438][ T5926] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  125.618874][ T5890] usb 2-1: config 0 interface 0 has no altsetting 0
[  125.635199][ T5825] Buffer I/O error on dev loop4, logical block 0, async page read
[  125.644580][ T5926] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  125.657628][ T5825] Buffer I/O error on dev loop4, logical block 0, async page read
[  125.672141][ T5825] Buffer I/O error on dev loop4, logical block 0, async page read
[  125.684295][ T5890] usb 2-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[  125.693856][ T5890] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  125.703075][ T5890] usb 2-1: Product: syz
[  125.707407][ T5890] usb 2-1: Manufacturer: syz
[  125.715683][ T5825] Buffer I/O error on dev loop4, logical block 0, async page read
[  125.724334][ T5890] usb 2-1: SerialNumber: syz
[  125.730962][ T6606] team_slave_0: entered promiscuous mode
[  125.736741][ T6606] team_slave_1: entered promiscuous mode
[  125.744447][ T5890] usb 2-1: config 0 descriptor??
[  125.754164][ T6606] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  125.769251][ T5926] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  125.839362][ T5926] usb 1-1: config 0 descriptor??
[  125.874342][ T6608] netlink: 1752 bytes leftover after parsing attributes in process `syz.4.179'.
[  125.890654][ T5926] pwc: Askey VC010 type 2 USB webcam detected.
[  126.002519][ T6610] FAULT_INJECTION: forcing a failure.
[  126.002519][ T6610] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  126.055433][ T6610] CPU: 0 UID: 0 PID: 6610 Comm: syz.2.180 Not tainted syzkaller #0 PREEMPT(full) 
[  126.055456][ T6610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  126.055466][ T6610] Call Trace:
[  126.055472][ T6610]  <TASK>
[  126.055478][ T6610]  dump_stack_lvl+0x16c/0x1f0
[  126.055505][ T6610]  should_fail_ex+0x512/0x640
[  126.055532][ T6610]  _copy_from_user+0x2e/0xd0
[  126.055556][ T6610]  copy_msghdr_from_user+0x98/0x160
[  126.055579][ T6610]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  126.055612][ T6610]  ___sys_sendmsg+0xfe/0x1d0
[  126.055635][ T6610]  ? __pfx____sys_sendmsg+0x10/0x10
[  126.055653][ T6610]  ? __lock_acquire+0x622/0x1c90
[  126.055707][ T6610]  __sys_sendmsg+0x16d/0x220
[  126.055734][ T6610]  ? __pfx___sys_sendmsg+0x10/0x10
[  126.055773][ T6610]  do_syscall_64+0xcd/0xfa0
[  126.055796][ T6610]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.055813][ T6610] RIP: 0033:0x7fa8b118efc9
[  126.055827][ T6610] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  126.055842][ T6610] RSP: 002b:00007fa8af3f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  126.055859][ T6610] RAX: ffffffffffffffda RBX: 00007fa8b13e5fa0 RCX: 00007fa8b118efc9
[  126.055869][ T6610] RDX: 0000000000008040 RSI: 0000200000000480 RDI: 0000000000000003
[  126.055879][ T6610] RBP: 00007fa8af3f6090 R08: 0000000000000000 R09: 0000000000000000
[  126.055889][ T6610] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  126.055899][ T6610] R13: 00007fa8b13e6038 R14: 00007fa8b13e5fa0 R15: 00007ffde19c1ab8
[  126.055924][ T6610]  </TASK>
[  126.251426][ T5926] pwc: recv_control_msg error -32 req 02 val 2b00
[  126.252120][ T5926] pwc: recv_control_msg error -32 req 02 val 2700
[  126.380426][ T1205] usb 5-1: new full-speed USB device number 4 using dummy_hcd
[  126.444141][ T6619] netlink: 4 bytes leftover after parsing attributes in process `syz.2.183'.
[  126.537277][   T52] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  126.554969][   T52] Bluetooth: hci0: command 0x0c1a tx timeout
[  126.577492][ T6604] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  126.577843][ T6604] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  126.581205][ T5926] pwc: recv_control_msg error -71 req 04 val 1000
[  126.581670][ T5926] pwc: recv_control_msg error -71 req 04 val 1300
[  126.582757][ T5926] pwc: recv_control_msg error -71 req 04 val 1400
[  126.583656][ T5926] pwc: recv_control_msg error -71 req 02 val 2000
[  126.584134][ T5926] pwc: recv_control_msg error -71 req 02 val 2100
[  126.586729][ T5926] pwc: recv_control_msg error -71 req 04 val 1500
[  126.587230][ T5926] pwc: recv_control_msg error -71 req 02 val 2500
[  126.588253][ T5926] pwc: recv_control_msg error -71 req 02 val 2400
[  126.589276][ T5926] pwc: recv_control_msg error -71 req 02 val 2600
[  126.590356][ T5926] pwc: recv_control_msg error -71 req 02 val 2900
[  126.590703][ T5926] pwc: recv_control_msg error -71 req 02 val 2800
[  126.591051][ T5926] pwc: recv_control_msg error -71 req 04 val 1100
[  126.591375][ T5926] pwc: recv_control_msg error -71 req 04 val 1200
[  126.592212][ T5926] pwc: Registered as video103.
[  126.593041][ T5926] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/input/input7
[  126.600519][ T5926] usb 1-1: USB disconnect, device number 3
[  126.851582][ T5890] usb 2-1: USB disconnect, device number 4
[  126.912444][ T6624] netlink: 4 bytes leftover after parsing attributes in process `syz.3.184'.
[  127.129942][ T1205] usb 5-1: unable to get BOS descriptor or descriptor too short
[  127.338902][ T1205] usb 5-1: not running at top speed; connect to a high speed hub
[  127.360435][ T1205] usb 5-1: config 1 interface 0 altsetting 2 endpoint 0x81 has invalid maxpacket 1007, setting to 64
[  127.378084][ T1205] usb 5-1: config 1 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  127.392713][ T1205] usb 5-1: config 1 interface 0 has no altsetting 0
[  127.415525][ T1205] usb 5-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.40
[  127.424538][ T1205] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  127.458325][ T1205] usb 5-1: Product: syz
[  127.462509][ T1205] usb 5-1: Manufacturer: syz
[  127.474869][ T1205] usb 5-1: SerialNumber: syz
[  127.620748][ T6613] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[  128.132959][ T1205] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/input/input8
[  128.388384][ T6639] netlink: 16 bytes leftover after parsing attributes in process `syz.4.188'.
[  128.448355][ T1205] usb 5-1: USB disconnect, device number 4
[  128.454190][    C1] pxrc 5-1:1.0: pxrc_usb_irq - usb_submit_urb failed with result: -19
[  128.482084][ T5166] pxrc 5-1:1.0: pxrc_open - usb_submit_urb failed, error: -19
[  128.501109][ T5166] pxrc 5-1:1.0: pxrc_open - usb_submit_urb failed, error: -19
[  128.541372][ T6645] netlink: 'syz.2.189': attribute type 23 has an invalid length.
[  128.568844][ T5166] pxrc 5-1:1.0: pxrc_open - usb_submit_urb failed, error: -19
[  128.631145][ T6651] ip6t_srh: unknown srh invflags 4000
[  128.760693][ T6649] netlink: 1752 bytes leftover after parsing attributes in process `syz.1.191'.
[  129.226737][   T30] audit: type=1400 audit(1760867270.099:242): avc:  denied  { bind } for  pid=6644 comm="syz.4.190" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  130.814914][ T5926] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  131.168950][ T6667] veth0_to_team: entered promiscuous mode
[  131.174779][ T6667] veth0_to_team: entered allmulticast mode
[  131.226471][ T6670] FAULT_INJECTION: forcing a failure.
[  131.226471][ T6670] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  131.240178][ T6670] CPU: 0 UID: 0 PID: 6670 Comm: syz.4.196 Not tainted syzkaller #0 PREEMPT(full) 
[  131.240193][ T6670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  131.240199][ T6670] Call Trace:
[  131.240203][ T6670]  <TASK>
[  131.240207][ T6670]  dump_stack_lvl+0x16c/0x1f0
[  131.240225][ T6670]  should_fail_ex+0x512/0x640
[  131.240241][ T6670]  _copy_from_user+0x2e/0xd0
[  131.240256][ T6670]  __x64_sys_rt_sigqueueinfo+0xff/0x260
[  131.240270][ T6670]  ? __pfx___x64_sys_rt_sigqueueinfo+0x10/0x10
[  131.240290][ T6670]  do_syscall_64+0xcd/0xfa0
[  131.240305][ T6670]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.240315][ T6670] RIP: 0033:0x7eff8ab8efc9
[  131.240324][ T6670] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  131.240334][ T6670] RSP: 002b:00007eff8ba2b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000081
[  131.240344][ T6670] RAX: ffffffffffffffda RBX: 00007eff8ade5fa0 RCX: 00007eff8ab8efc9
[  131.240351][ T6670] RDX: 0000200000000ac0 RSI: 000000000000003d RDI: 0000000000000090
[  131.240357][ T6670] RBP: 00007eff8ba2b090 R08: 0000000000000000 R09: 0000000000000000
[  131.240363][ T6670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  131.240369][ T6670] R13: 00007eff8ade6038 R14: 00007eff8ade5fa0 R15: 00007ffd03a96d48
[  131.240383][ T6670]  </TASK>
[  131.464930][ T5926] usb 3-1: Using ep0 maxpacket: 32
[  131.479872][ T5926] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  131.533006][ T5926] usb 3-1: New USB device found, idVendor=067b, idProduct=27a1, bcdDevice=b0.9b
[  131.566000][ T6673] FAULT_INJECTION: forcing a failure.
[  131.566000][ T6673] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  131.592435][ T5926] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  131.621740][ T5926] usb 3-1: Product: syz
[  131.642285][ T6673] CPU: 1 UID: 0 PID: 6673 Comm: syz.0.197 Not tainted syzkaller #0 PREEMPT(full) 
[  131.642308][ T6673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  131.642318][ T6673] Call Trace:
[  131.642324][ T6673]  <TASK>
[  131.642330][ T6673]  dump_stack_lvl+0x16c/0x1f0
[  131.642357][ T6673]  should_fail_ex+0x512/0x640
[  131.642382][ T6673]  _copy_from_user+0x2e/0xd0
[  131.642406][ T6673]  copy_msghdr_from_user+0x98/0x160
[  131.642429][ T6673]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  131.642456][ T6673]  ? __pfx__kstrtoull+0x10/0x10
[  131.642478][ T6673]  ___sys_sendmsg+0xfe/0x1d0
[  131.642500][ T6673]  ? __pfx____sys_sendmsg+0x10/0x10
[  131.642532][ T6673]  ? find_held_lock+0x2b/0x80
[  131.642566][ T6673]  __sys_sendmmsg+0x200/0x420
[  131.642591][ T6673]  ? __pfx___sys_sendmmsg+0x10/0x10
[  131.642621][ T6673]  ? __seccomp_filter+0x8e7/0x11c0
[  131.642653][ T6673]  ? fput+0x9b/0xd0
[  131.642670][ T6673]  ? ksys_write+0x1ac/0x250
[  131.642699][ T6673]  __x64_sys_sendmmsg+0x9c/0x100
[  131.642719][ T6673]  do_syscall_64+0xcd/0xfa0
[  131.642743][ T6673]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.642761][ T6673] RIP: 0033:0x7fefaa18efc9
[  131.642775][ T6673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  131.642791][ T6673] RSP: 002b:00007fefab097038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  131.642808][ T6673] RAX: ffffffffffffffda RBX: 00007fefaa3e5fa0 RCX: 00007fefaa18efc9
[  131.642820][ T6673] RDX: 0000000000000001 RSI: 0000200000003c00 RDI: 0000000000000003
[  131.642829][ T6673] RBP: 00007fefab097090 R08: 0000000000000000 R09: 0000000000000000
[  131.642838][ T6673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  131.642846][ T6673] R13: 00007fefaa3e6038 R14: 00007fefaa3e5fa0 R15: 00007ffc0d002908
[  131.642871][ T6673]  </TASK>
[  131.914125][ T6675] netlink: 16 bytes leftover after parsing attributes in process `syz.4.198'.
[  131.924136][ T5926] usb 3-1: Manufacturer: syz
[  131.929028][ T5926] usb 3-1: SerialNumber: syz
[  131.935975][ T5926] usb 3-1: config 0 descriptor??
[  131.943455][ T5926] plusb 3-1:0.0: probe with driver plusb failed with error -22
[  132.275019][   T24] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  132.420924][   T24] usb 4-1: device descriptor read/64, error -71
[  132.479088][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  132.745624][ T5890] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  132.825004][   T30] audit: type=1400 audit(1760867273.939:243): avc:  denied  { audit_control } for  pid=6659 comm="syz.2.192" capability=30  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  132.852005][ T6685] netlink: 4 bytes leftover after parsing attributes in process `syz.0.200'.
[  132.954884][   T24] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  133.063915][ T5890] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  133.083727][ T5890] usb 5-1: New USB device found, idVendor=046d, idProduct=7f26, bcdDevice= 0.00
[  133.127619][ T1205] usb 3-1: USB disconnect, device number 4
[  133.130866][ T5890] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  133.214939][   T24] usb 4-1: device descriptor read/64, error -71
[  133.226213][ T5890] usb 5-1: config 0 descriptor??
[  133.374086][   T24] usb usb4-port1: attempt power cycle
[  133.771060][ T5890] hid-generic 0003:046D:7F26.0001: item fetching failed at offset 7/11
[  133.787505][ T5890] hid-generic 0003:046D:7F26.0001: probe with driver hid-generic failed with error -22
[  133.844902][   T24] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  133.883472][   T24] usb 4-1: device descriptor read/8, error -71
[  133.949546][   T30] audit: type=1400 audit(1760867275.209:244): avc:  denied  { getopt } for  pid=6692 comm="syz.0.203" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  134.023549][ T1205] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  134.124870][   T24] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  134.164212][   T24] usb 4-1: device descriptor read/8, error -71
[  134.166280][ T5890] usb 5-1: USB disconnect, device number 5
[  134.285751][ T6700] netlink: 1752 bytes leftover after parsing attributes in process `syz.2.204'.
[  134.296108][   T24] usb usb4-port1: unable to enumerate USB device
[  134.341949][ T1205] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  134.353067][ T1205] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  134.374782][ T1205] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2dbe, bcdDevice= 0.00
[  134.392593][ T1205] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.514493][ T1205] usb 2-1: config 0 descriptor??
[  135.299574][ T6716] gfs2: error -5 reading superblock
[  135.311791][ T1205] konepure 0003:1E7D:2DBE.0002: unknown main item tag 0x1
[  135.334127][ T1205] konepure 0003:1E7D:2DBE.0002: unknown main item tag 0x2
[  135.490245][ T1205] konepure 0003:1E7D:2DBE.0002: hidraw0: USB HID v0.00 Device [HID 1e7d:2dbe] on usb-dummy_hcd.1-1/input0
[  135.547240][ T6725] netlink: 4 bytes leftover after parsing attributes in process `syz.4.212'.
[  135.965518][ T1205] usb 2-1: USB disconnect, device number 5
[  136.081654][ T6726] fido_id[6726]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  136.997084][ T6732] siw: device registration error -23
[  138.606570][ T6747] siw: device registration error -23
[  139.174871][   T30] audit: type=1400 audit(1760867280.429:245): avc:  denied  { setopt } for  pid=6749 comm="syz.1.218" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  140.310387][ T6757] tipc: Started in network mode
[  140.325015][ T6757] tipc: Node identity d62b2e4aff17, cluster identity 4711
[  140.359416][ T6757] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  140.369447][   T30] audit: type=1400 audit(1760867281.589:246): avc:  denied  { setopt } for  pid=6749 comm="syz.1.218" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  140.410498][ T6761] syzkaller0: entered promiscuous mode
[  140.517233][ T6761] syzkaller0: entered allmulticast mode
[  140.548052][   T30] audit: type=1400 audit(1760867281.589:247): avc:  denied  { write } for  pid=6749 comm="syz.1.218" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  140.882476][   T30] audit: type=1400 audit(1760867282.029:248): avc:  denied  { load_policy } for  pid=6749 comm="syz.1.218" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  140.916589][ T6755] tipc: Resetting bearer <eth:syzkaller0>
[  140.935503][ T5918] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  140.948389][ T6755] tipc: Disabling bearer <eth:syzkaller0>
[  141.073033][ T5918] usb 1-1: device descriptor read/64, error -71
[  141.304654][   T30] audit: type=1400 audit(1760867282.279:249): avc:  denied  { getopt } for  pid=6764 comm="syz.3.224" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  141.408589][ T6756] SELinux: failed to load policy
[  141.634922][ T5918] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  141.949684][ T6781] lo speed is unknown, defaulting to 1000
[  142.142719][ T5918] usb 1-1: device descriptor read/64, error -71
[  142.266708][ T5918] usb usb1-port1: attempt power cycle
[  142.422759][ T6786] loop4: detected capacity change from 0 to 2560
[  142.459591][ T5812] buffer_io_error: 10 callbacks suppressed
[  142.459601][ T5812] Buffer I/O error on dev loop4, logical block 0, async page read
[  142.479776][ T5812] Buffer I/O error on dev loop4, logical block 0, async page read
[  142.488639][ T5812] Buffer I/O error on dev loop4, logical block 0, async page read
[  142.498141][ T5812] Buffer I/O error on dev loop4, logical block 0, async page read
[  142.507156][ T5812] Buffer I/O error on dev loop4, logical block 0, async page read
[  142.814864][ T5890] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  142.851535][ T5918] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  142.882280][ T6794] netlink: 'syz.1.228': attribute type 2 has an invalid length.
[  142.891001][ T6794] netlink: 'syz.1.228': attribute type 1 has an invalid length.
[  142.909902][ T6794] netlink: 'syz.1.228': attribute type 1 has an invalid length.
[  142.965391][ T5918] usb 1-1: device descriptor read/8, error -71
[  142.977046][ T5890] usb 5-1: Using ep0 maxpacket: 16
[  142.985544][ T5890] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  143.000699][ T5890] usb 5-1: config 0 interface 0 has no altsetting 0
[  143.089883][ T5890] usb 5-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[  143.122316][ T5890] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  143.138853][ T5890] usb 5-1: Product: syz
[  143.143784][ T5890] usb 5-1: Manufacturer: syz
[  143.148581][ T5890] usb 5-1: SerialNumber: syz
[  143.159198][ T5890] usb 5-1: config 0 descriptor??
[  143.247706][ T6798] gfs2: error -5 reading superblock
[  143.265254][ T5918] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  143.378498][ T5918] usb 1-1: device descriptor read/8, error -71
[  143.736423][ T6800] siw: device registration error -23
[  143.863928][ T5918] usb usb1-port1: unable to enumerate USB device
[  143.880826][ T6806] netlink: 4 bytes leftover after parsing attributes in process `syz.0.232'.
[  144.041788][ T6808] Buffer I/O error on dev loop4, logical block 0, lost async page write
[  144.087016][ T6808] Buffer I/O error on dev loop4, logical block 1, lost async page write
[  144.101734][ T6808] Buffer I/O error on dev loop4, logical block 2, lost async page write
[  144.112672][ T6808] Buffer I/O error on dev loop4, logical block 3, lost async page write
[  144.121725][ T6808] Buffer I/O error on dev loop4, logical block 4, lost async page write
[  144.433158][    T9] usb 5-1: USB disconnect, device number 6
[  145.757753][   T30] audit: type=1400 audit(1760867287.019:250): avc:  denied  { read write } for  pid=6814 comm="syz.3.234" name="sg0" dev="devtmpfs" ino=750 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  145.781596][    C1] vkms_vblank_simulate: vblank timer overrun
[  145.937140][ T6815] usb usb7: usbfs: process 6815 (syz.3.234) did not claim interface 0 before use
[  146.110079][   T30] audit: type=1400 audit(1760867287.369:251): avc:  denied  { ioctl } for  pid=6827 comm="syz.0.238" path="socket:[13083]" dev="sockfs" ino=13083 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  146.208282][    T9] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  147.292044][ T6840] netlink: 'syz.0.240': attribute type 2 has an invalid length.
[  147.340479][ T6840] netlink: 'syz.0.240': attribute type 1 has an invalid length.
[  147.340954][    T9] usb 4-1: config 1 has an invalid descriptor of length 235, skipping remainder of the config
[  147.360763][ T6840] netlink: 'syz.0.240': attribute type 1 has an invalid length.
[  147.500787][    T9] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2
[  147.935064][    T9] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  147.950182][    T9] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  147.979702][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  148.116477][    T9] usb 4-1: Product: syz
[  148.125631][    T9] usb 4-1: Manufacturer: syz
[  148.130304][    T9] usb 4-1: SerialNumber: syz
[  148.567966][ T6851] veth0_to_team: entered promiscuous mode
[  148.573732][ T6851] veth0_to_team: entered allmulticast mode
[  148.618941][ T3090] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  148.794915][ T3090] usb 3-1: device descriptor read/64, error -71
[  148.814713][ T6854] netlink: 'syz.0.244': attribute type 23 has an invalid length.
[  149.231434][ T3090] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  149.242875][ T6858] ip6t_srh: unknown srh invflags 4000
[  149.338118][    T9] cdc_ncm 4-1:1.0: skipping garbage
[  149.343320][    T9] cdc_ncm 4-1:1.0: CDC Union missing and no IAD found
[  149.365231][ T3090] usb 3-1: device descriptor read/64, error -71
[  149.375091][    T9] cdc_ncm 4-1:1.0: bind() failure
[  149.401376][    T9] usb 4-1: USB disconnect, device number 8
[  149.475530][ T3090] usb usb3-port1: attempt power cycle
[  150.101213][ T6872] netlink: 4 bytes leftover after parsing attributes in process `syz.0.247'.
[  150.137119][ T6873] netlink: 4 bytes leftover after parsing attributes in process `syz.1.248'.
[  150.247507][ T3090] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  150.255052][    T9] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  150.285773][ T3090] usb 3-1: device descriptor read/8, error -71
[  150.782865][    T9] usb 4-1: config index 0 descriptor too short (expected 292, got 36)
[  150.827618][    T9] usb 4-1: config 0 has an invalid descriptor of length 168, skipping remainder of the config
[  150.862789][    T9] usb 4-1: config 0 has no interfaces?
[  150.904057][    T9] usb 4-1: New USB device found, idVendor=0451, idProduct=3410, bcdDevice=ef.1e
[  150.915407][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  150.925011][    T9] usb 4-1: Product: syz
[  150.930186][    T9] usb 4-1: Manufacturer: syz
[  150.940907][    T9] usb 4-1: SerialNumber: syz
[  150.995154][    T9] usb 4-1: config 0 descriptor??
[  151.410830][ T6860] comedi comedi0: Minor 3 could not be opened
[  151.418579][ T5890] usb 4-1: USB disconnect, device number 9
[  151.697144][ T6893] netlink: 'syz.0.254': attribute type 2 has an invalid length.
[  151.705377][ T6893] netlink: 'syz.0.254': attribute type 1 has an invalid length.
[  151.714314][ T6893] netlink: 'syz.0.254': attribute type 1 has an invalid length.
[  153.055423][ T6907] netlink: 'syz.3.258': attribute type 1 has an invalid length.
[  153.109391][ T6907] bond1: entered promiscuous mode
[  153.605901][ T6907] 8021q: adding VLAN 0 to HW filter on device bond1
[  153.624871][ T3090] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  153.653291][ T6907] bond1: (slave bridge1): making interface the new active one
[  153.664090][ T6907] bridge1: entered promiscuous mode
[  153.670961][ T6907] bond1: (slave bridge1): Enslaving as an active interface with an up link
[  153.722472][   T30] audit: type=1400 audit(1760867294.979:252): avc:  denied  { mounton } for  pid=6914 comm="syz.2.260" path="/56/file0" dev="tmpfs" ino=312 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  153.877517][ T3090] usb 1-1: config index 0 descriptor too short (expected 292, got 36)
[  153.894977][ T3090] usb 1-1: config 0 has an invalid descriptor of length 168, skipping remainder of the config
[  154.395040][ T3090] usb 1-1: config 0 has no interfaces?
[  154.402459][ T3090] usb 1-1: New USB device found, idVendor=0451, idProduct=3410, bcdDevice=ef.1e
[  154.421747][ T3090] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  154.464040][ T3090] usb 1-1: Product: syz
[  154.478036][ T3090] usb 1-1: Manufacturer: syz
[  154.482637][ T3090] usb 1-1: SerialNumber: syz
[  154.527937][ T3090] usb 1-1: config 0 descriptor??
[  154.605129][    T9] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  154.734901][    T9] usb 4-1: device descriptor read/64, error -71
[  154.768511][ T6920] netlink: 24 bytes leftover after parsing attributes in process `syz.2.260'.
[  154.874549][ T6899] comedi comedi0: Minor 3 could not be opened
[  154.884462][ T3090] usb 1-1: USB disconnect, device number 8
[  154.985784][    T9] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  155.155611][    T9] usb 4-1: device descriptor read/64, error -71
[  155.447447][    T9] usb usb4-port1: attempt power cycle
[  156.446713][    T9] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  156.484998][ T6949] veth0_to_team: entered promiscuous mode
[  156.485490][    T9] usb 4-1: device descriptor read/8, error -71
[  156.490768][ T6949] veth0_to_team: entered allmulticast mode
[  156.542874][   T30] audit: type=1400 audit(1760867297.789:253): avc:  denied  { create } for  pid=6954 comm="syz.4.270" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  156.596880][   T30] audit: type=1400 audit(1760867297.829:254): avc:  denied  { bind } for  pid=6954 comm="syz.4.270" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  156.616043][   T30] audit: type=1400 audit(1760867297.829:255): avc:  denied  { connect } for  pid=6954 comm="syz.4.270" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  156.639597][   T30] audit: type=1400 audit(1760867297.829:256): avc:  denied  { write } for  pid=6954 comm="syz.4.270" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  157.069122][   T30] audit: type=1400 audit(1760867298.329:257): avc:  denied  { write } for  pid=6968 comm="syz.0.275" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  157.328145][ T6965] siw: device registration error -23
[  157.403654][ T6971] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  157.422982][   T30] audit: type=1400 audit(1760867298.679:258): avc:  denied  { read } for  pid=6978 comm="syz.0.278" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  157.500965][ T6973] syzkaller0: entered promiscuous mode
[  157.509195][ T6973] syzkaller0: entered allmulticast mode
[  157.687085][   T30] audit: type=1400 audit(1760867298.929:259): avc:  denied  { sys_module } for  pid=6970 comm="syz.4.276" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  157.776748][   T30] audit: type=1326 audit(1760867298.969:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6981 comm="syz.2.279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8b118efc9 code=0x7ffc0000
[  157.796961][ T6988] netlink: 20 bytes leftover after parsing attributes in process `syz.0.280'.
[  157.820021][   T30] audit: type=1326 audit(1760867298.969:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6981 comm="syz.2.279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8b118efc9 code=0x7ffc0000
[  157.842488][ T6970] tipc: Resetting bearer <eth:syzkaller0>
[  158.063239][ T6970] tipc: Disabling bearer <eth:syzkaller0>
[  159.444906][    T9] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  159.665371][    T9] usb 5-1: Using ep0 maxpacket: 32
[  159.699907][    T9] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  159.729828][    T9] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 2
[  159.742829][    T9] usb 5-1: New USB device found, idVendor=0582, idProduct=0016, bcdDevice=8e.57
[  159.762125][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  159.779169][    T9] usb 5-1: Product: syz
[  159.787823][    T9] usb 5-1: Manufacturer: syz
[  159.799871][    T9] usb 5-1: SerialNumber: syz
[  159.814522][    T9] usb 5-1: config 0 descriptor??
[  159.862968][   T30] kauditd_printk_skb: 5 callbacks suppressed
[  159.862982][   T30] audit: type=1326 audit(1760867301.109:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6981 comm="syz.2.279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8b118efc9 code=0x7ffc0000
[  159.893188][   T30] audit: type=1326 audit(1760867301.109:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6981 comm="syz.2.279" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8b118efc9 code=0x7ffc0000
[  159.916416][    C1] vkms_vblank_simulate: vblank timer overrun
[  160.034588][ T7007] FAULT_INJECTION: forcing a failure.
[  160.034588][ T7007] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  160.047766][ T7007] CPU: 1 UID: 0 PID: 7007 Comm: syz.1.285 Not tainted syzkaller #0 PREEMPT(full) 
[  160.047788][ T7007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  160.047798][ T7007] Call Trace:
[  160.047804][ T7007]  <TASK>
[  160.047810][ T7007]  dump_stack_lvl+0x16c/0x1f0
[  160.047837][ T7007]  should_fail_ex+0x512/0x640
[  160.047863][ T7007]  _copy_from_user+0x2e/0xd0
[  160.047887][ T7007]  copy_msghdr_from_user+0x98/0x160
[  160.047909][ T7007]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  160.047929][ T7007]  ? lock_acquire+0x179/0x350
[  160.047955][ T7007]  ? __lock_acquire+0xb8a/0x1c90
[  160.047983][ T7007]  ___sys_sendmsg+0xfe/0x1d0
[  160.048002][ T7007]  ? sched_clock_cpu+0x6c/0x530
[  160.048024][ T7007]  ? __pfx____sys_sendmsg+0x10/0x10
[  160.048042][ T7007]  ? __lock_acquire+0x622/0x1c90
[  160.048096][ T7007]  __sys_sendmsg+0x16d/0x220
[  160.048118][ T7007]  ? __pfx___sys_sendmsg+0x10/0x10
[  160.048156][ T7007]  do_syscall_64+0xcd/0xfa0
[  160.048180][ T7007]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.048197][ T7007] RIP: 0033:0x7fce2c78efc9
[  160.048211][ T7007] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  160.048227][ T7007] RSP: 002b:00007fce2a9b4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  160.048244][ T7007] RAX: ffffffffffffffda RBX: 00007fce2c9e6180 RCX: 00007fce2c78efc9
[  160.048255][ T7007] RDX: 000000000000c000 RSI: 0000200000000000 RDI: 0000000000000006
[  160.048266][ T7007] RBP: 00007fce2a9b4090 R08: 0000000000000000 R09: 0000000000000000
[  160.048276][ T7007] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  160.048286][ T7007] R13: 00007fce2c9e6218 R14: 00007fce2c9e6180 R15: 00007ffc40a57678
[  160.048312][ T7007]  </TASK>
[  160.229225][    C1] vkms_vblank_simulate: vblank timer overrun
[  161.396080][ T5890] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  161.550675][   T24] usb 5-1: USB disconnect, device number 7
[  161.644910][ T5890] usb 4-1: Using ep0 maxpacket: 16
[  161.693401][ T5890] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  161.738151][ T5890] usb 4-1: config 0 interface 0 has no altsetting 0
[  161.832296][ T5890] usb 4-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[  161.845144][ T5890] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  162.100503][ T5890] usb 4-1: Product: syz
[  162.120904][ T5890] usb 4-1: Manufacturer: syz
[  162.144510][ T7037] siw: device registration error -23
[  162.274275][ T5890] usb 4-1: SerialNumber: syz
[  162.333349][ T5890] usb 4-1: config 0 descriptor??
[  162.353407][ T7039] netlink: 4 bytes leftover after parsing attributes in process `syz.2.293'.
[  163.211491][ T7048] netlink: 4 bytes leftover after parsing attributes in process `syz.4.295'.
[  163.490430][ T5890] usb 4-1: USB disconnect, device number 14
[  164.509705][ T7068] FAULT_INJECTION: forcing a failure.
[  164.509705][ T7068] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  164.655064][ T7068] CPU: 1 UID: 0 PID: 7068 Comm: syz.1.300 Not tainted syzkaller #0 PREEMPT(full) 
[  164.655088][ T7068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  164.655098][ T7068] Call Trace:
[  164.655103][ T7068]  <TASK>
[  164.655110][ T7068]  dump_stack_lvl+0x16c/0x1f0
[  164.655136][ T7068]  should_fail_ex+0x512/0x640
[  164.655162][ T7068]  _copy_from_user+0x2e/0xd0
[  164.655186][ T7068]  copy_msghdr_from_user+0x98/0x160
[  164.655208][ T7068]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  164.655241][ T7068]  ___sys_sendmsg+0xfe/0x1d0
[  164.655263][ T7068]  ? __pfx____sys_sendmsg+0x10/0x10
[  164.655287][ T7068]  ? __lock_acquire+0x622/0x1c90
[  164.655340][ T7068]  __sys_sendmsg+0x16d/0x220
[  164.655362][ T7068]  ? __pfx___sys_sendmsg+0x10/0x10
[  164.655401][ T7068]  do_syscall_64+0xcd/0xfa0
[  164.655425][ T7068]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.655442][ T7068] RIP: 0033:0x7fce2c78efc9
[  164.655457][ T7068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  164.655475][ T7068] RSP: 002b:00007fce2a9b4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  164.655492][ T7068] RAX: ffffffffffffffda RBX: 00007fce2c9e6180 RCX: 00007fce2c78efc9
[  164.655503][ T7068] RDX: 0000000004040000 RSI: 0000200000000640 RDI: 0000000000000003
[  164.655513][ T7068] RBP: 00007fce2a9b4090 R08: 0000000000000000 R09: 0000000000000000
[  164.655522][ T7068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  164.655532][ T7068] R13: 00007fce2c9e6218 R14: 00007fce2c9e6180 R15: 00007ffc40a57678
[  164.655557][ T7068]  </TASK>
[  165.524645][ T5820] Bluetooth: hci0: command 0x0c1a tx timeout
[  165.530697][   T52] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  165.607973][ T7054] siw: device registration error -23
[  165.940381][    T9] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  166.121802][    T9] usb 1-1: Using ep0 maxpacket: 32
[  166.128736][    T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  166.185286][    T9] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 2
[  166.203948][    T9] usb 1-1: New USB device found, idVendor=0582, idProduct=0016, bcdDevice=8e.57
[  166.213619][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  166.324882][    T9] usb 1-1: Product: syz
[  166.372463][    T9] usb 1-1: Manufacturer: syz
[  166.377849][    T9] usb 1-1: SerialNumber: syz
[  166.387675][    T9] usb 1-1: config 0 descriptor??
[  166.986059][   T30] audit: type=1400 audit(1760867308.239:269): avc:  denied  { unmount } for  pid=5811 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  167.289545][   T30] audit: type=1400 audit(1760867308.449:270): avc:  denied  { set_context_mgr } for  pid=7096 comm="syz.1.306" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  167.761449][ T7105] loop4: detected capacity change from 0 to 2560
[  167.893629][    T9] usb 1-1: USB disconnect, device number 9
[  168.035549][ T7105] buffer_io_error: 315 callbacks suppressed
[  168.035576][ T7105] Buffer I/O error on dev loop4, logical block 0, lost async page write
[  168.085464][ T7105] Buffer I/O error on dev loop4, logical block 1, lost async page write
[  168.111149][ T7105] Buffer I/O error on dev loop4, logical block 2, lost async page write
[  168.140086][ T7109] netlink: 4 bytes leftover after parsing attributes in process `syz.0.309'.
[  168.177531][ T7105] Buffer I/O error on dev loop4, logical block 3, lost async page write
[  168.186398][ T7105] Buffer I/O error on dev loop4, logical block 4, lost async page write
[  168.202211][ T7105] Buffer I/O error on dev loop4, logical block 5, lost async page write
[  168.226637][ T7105] Buffer I/O error on dev loop4, logical block 6, lost async page write
[  168.256794][ T7105] Buffer I/O error on dev loop4, logical block 7, lost async page write
[  168.284881][ T5926] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  168.313783][ T7105] Buffer I/O error on dev loop4, logical block 8, lost async page write
[  168.324142][ T7105] Buffer I/O error on dev loop4, logical block 9, lost async page write
[  168.485194][ T5926] usb 3-1: Using ep0 maxpacket: 16
[  168.563398][ T5926] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  168.771642][ T5926] usb 3-1: config 0 interface 0 has no altsetting 0
[  168.861820][ T5926] usb 3-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[  168.914365][ T5926] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  168.933573][ T5926] usb 3-1: Product: syz
[  168.943703][ T5926] usb 3-1: Manufacturer: syz
[  168.967470][ T5926] usb 3-1: SerialNumber: syz
[  168.993045][ T5926] usb 3-1: config 0 descriptor??
[  169.642358][   T30] audit: type=1400 audit(1760867310.899:271): avc:  denied  { create } for  pid=7130 comm="syz.4.316" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  169.967059][ T7132] FAULT_INJECTION: forcing a failure.
[  169.967059][ T7132] name failslab, interval 1, probability 0, space 0, times 0
[  169.980921][ T7132] CPU: 1 UID: 0 PID: 7132 Comm: syz.4.316 Not tainted syzkaller #0 PREEMPT(full) 
[  169.980942][ T7132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  169.980949][ T7132] Call Trace:
[  169.980953][ T7132]  <TASK>
[  169.980958][ T7132]  dump_stack_lvl+0x16c/0x1f0
[  169.980975][ T7132]  should_fail_ex+0x512/0x640
[  169.980989][ T7132]  ? kmem_cache_alloc_noprof+0x62/0x6e0
[  169.981004][ T7132]  should_failslab+0xc2/0x120
[  169.981021][ T7132]  kmem_cache_alloc_noprof+0x75/0x6e0
[  169.981033][ T7132]  ? getname_flags.part.0+0x4c/0x550
[  169.981048][ T7132]  ? getname_flags.part.0+0x4c/0x550
[  169.981058][ T7132]  getname_flags.part.0+0x4c/0x550
[  169.981071][ T7132]  getname_flags+0x93/0xf0
[  169.981085][ T7132]  do_sys_openat2+0xb8/0x1d0
[  169.981096][ T7132]  ? __pfx_do_sys_openat2+0x10/0x10
[  169.981107][ T7132]  ? __fget_files+0x20e/0x3c0
[  169.981125][ T7132]  __x64_sys_openat+0x174/0x210
[  169.981136][ T7132]  ? __pfx___x64_sys_openat+0x10/0x10
[  169.981146][ T7132]  ? ksys_write+0x1ac/0x250
[  169.981173][ T7132]  do_syscall_64+0xcd/0xfa0
[  169.981195][ T7132]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  169.981213][ T7132] RIP: 0033:0x7eff8ab8efc9
[  169.981223][ T7132] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  169.981234][ T7132] RSP: 002b:00007eff8ba0a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  169.981246][ T7132] RAX: ffffffffffffffda RBX: 00007eff8ade6090 RCX: 00007eff8ab8efc9
[  169.981253][ T7132] RDX: 0000000000000002 RSI: 0000200000000240 RDI: ffffffffffffff9c
[  169.981260][ T7132] RBP: 00007eff8ba0a090 R08: 0000000000000000 R09: 0000000000000000
[  169.981266][ T7132] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  169.981272][ T7132] R13: 00007eff8ade6128 R14: 00007eff8ade6090 R15: 00007ffd03a96d48
[  169.981287][ T7132]  </TASK>
[  170.169279][    C1] vkms_vblank_simulate: vblank timer overrun
[  170.316837][ T3090] usb 3-1: USB disconnect, device number 9
[  170.537077][ T7142] netlink: 4 bytes leftover after parsing attributes in process `syz.1.319'.
[  170.560383][ T7137] syz.4.317 uses obsolete (PF_INET,SOCK_PACKET)
[  170.794909][   T52] Bluetooth: hci0: command 0x0c1a tx timeout
[  170.795117][ T5813] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  171.053987][ T7156] netlink: 4 bytes leftover after parsing attributes in process `syz.4.321'.
[  171.129970][ T7155] netlink: 4 bytes leftover after parsing attributes in process `syz.0.320'.
[  172.565219][ T5918] usb 3-1: new full-speed USB device number 10 using dummy_hcd
[  172.701436][   T30] audit: type=1400 audit(1760867313.959:272): avc:  denied  { read write } for  pid=7172 comm="syz.3.327" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  172.756141][ T5918] usb 3-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  172.775523][   T30] audit: type=1400 audit(1760867313.989:273): avc:  denied  { open } for  pid=7172 comm="syz.3.327" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  172.799971][ T5918] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  172.825195][ T7174] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  172.842493][ T5918] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 64
[  172.873803][ T5918] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  172.890941][ T7175] netlink: 28 bytes leftover after parsing attributes in process `syz.3.327'.
[  172.900898][   T30] audit: type=1400 audit(1760867314.149:274): avc:  denied  { name_connect } for  pid=7172 comm="syz.3.327" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[  172.920850][    C1] vkms_vblank_simulate: vblank timer overrun
[  172.943944][ T5918] usb 3-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice=a4.8f
[  172.953090][ T5918] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  172.963190][ T5918] usb 3-1: Product: syz
[  172.974097][ T5918] usb 3-1: Manufacturer: syz
[  172.991227][ T7179] FAULT_INJECTION: forcing a failure.
[  172.991227][ T7179] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  173.004840][ T5918] usb 3-1: SerialNumber: syz
[  173.027543][ T5918] usb 3-1: config 0 descriptor??
[  173.031549][ T7179] CPU: 0 UID: 0 PID: 7179 Comm: syz.1.328 Not tainted syzkaller #0 PREEMPT(full) 
[  173.031571][ T7179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  173.031581][ T7179] Call Trace:
[  173.031586][ T7179]  <TASK>
[  173.031592][ T7179]  dump_stack_lvl+0x16c/0x1f0
[  173.031615][ T7179]  should_fail_ex+0x512/0x640
[  173.031638][ T7179]  _copy_from_user+0x2e/0xd0
[  173.031659][ T7179]  copy_msghdr_from_user+0x98/0x160
[  173.031679][ T7179]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  173.031709][ T7179]  ___sys_sendmsg+0xfe/0x1d0
[  173.031729][ T7179]  ? __pfx____sys_sendmsg+0x10/0x10
[  173.031746][ T7179]  ? __lock_acquire+0x622/0x1c90
[  173.031793][ T7179]  __sys_sendmsg+0x16d/0x220
[  173.031812][ T7179]  ? __pfx___sys_sendmsg+0x10/0x10
[  173.031845][ T7179]  do_syscall_64+0xcd/0xfa0
[  173.031866][ T7179]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.031881][ T7179] RIP: 0033:0x7fce2c78efc9
[  173.031894][ T7179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  173.031909][ T7179] RSP: 002b:00007fce2a9f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  173.031924][ T7179] RAX: ffffffffffffffda RBX: 00007fce2c9e5fa0 RCX: 00007fce2c78efc9
[  173.031934][ T7179] RDX: 0000000000000000 RSI: 0000200000000400 RDI: 0000000000000003
[  173.031943][ T7179] RBP: 00007fce2a9f6090 R08: 0000000000000000 R09: 0000000000000000
[  173.031953][ T7179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  173.031962][ T7179] R13: 00007fce2c9e6038 R14: 00007fce2c9e5fa0 R15: 00007ffc40a57678
[  173.031984][ T7179]  </TASK>
[  173.191135][ T7185] netlink: 4 bytes leftover after parsing attributes in process `syz.0.330'.
[  173.428383][ T7169] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  173.481025][ T7191] loop4: detected capacity change from 0 to 2560
[  173.590683][ T5813] Bluetooth: hci0: unexpected event for opcode 0x202d
[  173.601686][ T5806] buffer_io_error: 310 callbacks suppressed
[  173.601699][ T5806] Buffer I/O error on dev loop4, logical block 0, lost async page write
[  173.604886][ T5918] rc_core: IR keymap rc-xbox-dvd not found
[  174.075121][ T7198] fuse: root generation should be zero
[  174.174900][    T9] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  174.186443][ T7191] Buffer I/O error on dev loop4, logical block 256, lost async page write
[  174.227237][ T5806] Buffer I/O error on dev loop4, logical block 1, lost async page write
[  174.237491][ T7191] Buffer I/O error on dev loop4, logical block 257, lost async page write
[  174.246423][ T7191] Buffer I/O error on dev loop4, logical block 258, lost async page write
[  174.255309][ T7191] Buffer I/O error on dev loop4, logical block 259, lost async page write
[  174.264120][ T7191] Buffer I/O error on dev loop4, logical block 260, lost async page write
[  174.272967][ T7191] Buffer I/O error on dev loop4, logical block 261, lost async page write
[  174.282008][ T7191] Buffer I/O error on dev loop4, logical block 262, lost async page write
[  174.290864][ T7191] Buffer I/O error on dev loop4, logical block 263, lost async page write
[  174.326498][ T5918] Registered IR keymap rc-empty
[  174.338065][ T5918] rc rc0: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[  174.407427][    T9] usb 2-1: Using ep0 maxpacket: 16
[  174.416769][ T5918] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input9
[  174.468565][    T9] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  174.494912][    T9] usb 2-1: config 0 interface 0 has no altsetting 0
[  174.522227][ T5918] usb 3-1: USB disconnect, device number 10
[  174.528185][    C1] xbox_remote 3-1:0.0: xbox_remote_irq_in: usb_submit_urb()=-19
[  174.583029][    T9] usb 2-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[  174.604011][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  174.637493][    T9] usb 2-1: Product: syz
[  174.650444][    T9] usb 2-1: Manufacturer: syz
[  174.665551][    T9] usb 2-1: SerialNumber: syz
[  174.691260][    T9] usb 2-1: config 0 descriptor??
[  175.372833][ T7211] gfs2: error -5 reading superblock
[  175.575261][ T5890] usb 2-1: USB disconnect, device number 6
[  175.835496][ T5925] usb 4-1: new full-speed USB device number 15 using dummy_hcd
[  176.200962][ T5925] usb 4-1: config 5 has an invalid interface number: 123 but max is 0
[  176.209545][ T5925] usb 4-1: config 5 has an invalid descriptor of length 0, skipping remainder of the config
[  176.219826][ T7221] netlink: 20 bytes leftover after parsing attributes in process `syz.4.340'.
[  176.247377][   T52] Bluetooth: hci0: command 0x0c1a tx timeout
[  176.253424][ T5813] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  176.275515][ T5925] usb 4-1: config 5 has no interface number 0
[  176.326816][ T5925] usb 4-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=d8.d7
[  176.358749][ T5925] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  176.366919][ T5925] usb 4-1: Product: syz
[  176.371195][ T5925] usb 4-1: Manufacturer: syz
[  176.375901][ T5925] usb 4-1: SerialNumber: syz
[  177.261351][ T7233] siw: device registration error -23
[  177.669817][ T5925] comedi comedi5: Wrong number of endpoints
[  177.692945][ T5925] ni6501 4-1:5.123: driver 'ni6501' failed to auto-configure device.
[  177.752131][ T5925] usb 4-1: USB disconnect, device number 15
[  177.789990][   T30] audit: type=1400 audit(1760867319.029:275): avc:  denied  { create } for  pid=7239 comm="syz.0.344" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  177.809285][    C0] vkms_vblank_simulate: vblank timer overrun
[  178.092228][   T30] audit: type=1400 audit(1760867319.049:276): avc:  denied  { connect } for  pid=7239 comm="syz.0.344" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  178.113249][ T3090] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  178.113965][ T7243] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  178.277709][ T3090] usb 5-1: config index 0 descriptor too short (expected 292, got 36)
[  178.293211][ T3090] usb 5-1: config 0 has an invalid descriptor of length 168, skipping remainder of the config
[  178.303894][ T3090] usb 5-1: config 0 has no interfaces?
[  178.319068][ T3090] usb 5-1: New USB device found, idVendor=0451, idProduct=3410, bcdDevice=ef.1e
[  178.656883][ T3090] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  178.696402][ T7256] siw: device registration error -23
[  178.723891][   T30] audit: type=1400 audit(1760867319.929:277): avc:  denied  { setopt } for  pid=7250 comm="syz.0.350" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  178.797023][ T3090] usb 5-1: Product: syz
[  179.078060][ T3090] usb 5-1: Manufacturer: syz
[  179.092967][ T3090] usb 5-1: SerialNumber: syz
[  179.113588][ T7258] netlink: 4 bytes leftover after parsing attributes in process `syz.2.348'.
[  179.210428][ T3090] usb 5-1: config 0 descriptor??
[  179.551277][ T7236] comedi comedi0: Minor 3 could not be opened
[  179.559742][ T3090] usb 5-1: USB disconnect, device number 8
[  179.774721][ T7269] process 'syz.0.350' launched './file2' with NULL argv: empty string added
[  179.872545][   T30] audit: type=1400 audit(1760867321.039:278): avc:  denied  { execute_no_trans } for  pid=7250 comm="syz.0.350" path="/68/file2" dev="tmpfs" ino=371 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  179.895658][    C0] vkms_vblank_simulate: vblank timer overrun
[  180.279032][ T7274] No control pipe specified
[  180.799279][   T30] audit: type=1400 audit(1760867322.019:279): avc:  denied  { ioctl } for  pid=7282 comm="syz.1.357" path="/dev/ttyq6" dev="devtmpfs" ino=381 ioctlcmd=0x540a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  181.392629][   T30] audit: type=1400 audit(1760867322.019:280): avc:  denied  { write } for  pid=7282 comm="syz.1.357" name="event2" dev="devtmpfs" ino=922 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  181.547341][   T30] audit: type=1400 audit(1760867322.019:281): avc:  denied  { open } for  pid=7282 comm="syz.1.357" path="/dev/input/event2" dev="devtmpfs" ino=922 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  181.784890][   T30] audit: type=1400 audit(1760867322.599:282): avc:  denied  { connect } for  pid=7282 comm="syz.1.357" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  182.583310][ T7300] FAULT_INJECTION: forcing a failure.
[  182.583310][ T7300] name failslab, interval 1, probability 0, space 0, times 0
[  182.596145][ T7300] CPU: 0 UID: 0 PID: 7300 Comm: syz.4.361 Not tainted syzkaller #0 PREEMPT(full) 
[  182.596170][ T7300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  182.596181][ T7300] Call Trace:
[  182.596187][ T7300]  <TASK>
[  182.596194][ T7300]  dump_stack_lvl+0x16c/0x1f0
[  182.596221][ T7300]  should_fail_ex+0x512/0x640
[  182.596243][ T7300]  ? fs_reclaim_acquire+0xae/0x150
[  182.596272][ T7300]  should_failslab+0xc2/0x120
[  182.596299][ T7300]  __kmalloc_noprof+0xdd/0x880
[  182.596319][ T7300]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  182.596351][ T7300]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  182.596376][ T7300]  tomoyo_realpath_from_path+0xc2/0x6e0
[  182.596405][ T7300]  ? tomoyo_profile+0x47/0x60
[  182.596425][ T7300]  tomoyo_path_number_perm+0x245/0x580
[  182.596446][ T7300]  ? tomoyo_path_number_perm+0x237/0x580
[  182.596471][ T7300]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  182.596494][ T7300]  ? find_held_lock+0x2b/0x80
[  182.596534][ T7300]  ? find_held_lock+0x2b/0x80
[  182.596550][ T7300]  ? hook_file_ioctl_common+0x145/0x410
[  182.596573][ T7300]  ? __fget_files+0x20e/0x3c0
[  182.596602][ T7300]  security_file_ioctl+0x9b/0x240
[  182.596627][ T7300]  __x64_sys_ioctl+0xb7/0x210
[  182.596648][ T7300]  do_syscall_64+0xcd/0xfa0
[  182.596672][ T7300]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  182.596689][ T7300] RIP: 0033:0x7eff8ab8efc9
[  182.596703][ T7300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  182.596720][ T7300] RSP: 002b:00007eff8ba0a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  182.596737][ T7300] RAX: ffffffffffffffda RBX: 00007eff8ade6090 RCX: 00007eff8ab8efc9
[  182.596748][ T7300] RDX: 0000200000002600 RSI: 000000008108551b RDI: 0000000000000007
[  182.596759][ T7300] RBP: 00007eff8ba0a090 R08: 0000000000000000 R09: 0000000000000000
[  182.596769][ T7300] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  182.596779][ T7300] R13: 00007eff8ade6128 R14: 00007eff8ade6090 R15: 00007ffd03a96d48
[  182.596804][ T7300]  </TASK>
[  182.596854][ T7300] ERROR: Out of memory at tomoyo_realpath_from_path.
[  183.602760][ T7315] No source specified
[  184.329426][ T7319] FAULT_INJECTION: forcing a failure.
[  184.329426][ T7319] name failslab, interval 1, probability 0, space 0, times 0
[  184.342158][ T7319] CPU: 0 UID: 0 PID: 7319 Comm: syz.1.366 Not tainted syzkaller #0 PREEMPT(full) 
[  184.342180][ T7319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  184.342191][ T7319] Call Trace:
[  184.342197][ T7319]  <TASK>
[  184.342204][ T7319]  dump_stack_lvl+0x16c/0x1f0
[  184.342231][ T7319]  should_fail_ex+0x512/0x640
[  184.342253][ T7319]  ? fs_reclaim_acquire+0xae/0x150
[  184.342281][ T7319]  should_failslab+0xc2/0x120
[  184.342308][ T7319]  __kmalloc_noprof+0xdd/0x880
[  184.342327][ T7319]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  184.342359][ T7319]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  184.342383][ T7319]  tomoyo_realpath_from_path+0xc2/0x6e0
[  184.342410][ T7319]  ? tomoyo_profile+0x47/0x60
[  184.342430][ T7319]  tomoyo_path_number_perm+0x245/0x580
[  184.342451][ T7319]  ? tomoyo_path_number_perm+0x237/0x580
[  184.342475][ T7319]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  184.342509][ T7319]  ? __pfx___schedule+0x10/0x10
[  184.342543][ T7319]  ? rcu_is_watching+0x12/0xc0
[  184.342560][ T7319]  ? irqentry_exit+0x3b/0x90
[  184.342581][ T7319]  ? lockdep_hardirqs_on+0x7c/0x110
[  184.342611][ T7319]  ? security_file_ioctl+0x21c/0x240
[  184.342640][ T7319]  security_file_ioctl+0x9b/0x240
[  184.342666][ T7319]  __x64_sys_ioctl+0xb7/0x210
[  184.342688][ T7319]  do_syscall_64+0xcd/0xfa0
[  184.342711][ T7319]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  184.342729][ T7319] RIP: 0033:0x7fce2c78efc9
[  184.342743][ T7319] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  184.342759][ T7319] RSP: 002b:00007fce2a9b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  184.342776][ T7319] RAX: ffffffffffffffda RBX: 00007fce2c9e6180 RCX: 00007fce2c78efc9
[  184.342788][ T7319] RDX: 0000000000000000 RSI: 0000000000004bfa RDI: 0000000000000007
[  184.342798][ T7319] RBP: 00007fce2a9b4090 R08: 0000000000000000 R09: 0000000000000000
[  184.342808][ T7319] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  184.342818][ T7319] R13: 00007fce2c9e6218 R14: 00007fce2c9e6180 R15: 00007ffc40a57678
[  184.342845][ T7319]  </TASK>
[  184.550144][    C0] vkms_vblank_simulate: vblank timer overrun
[  184.556423][ T7319] ERROR: Out of memory at tomoyo_realpath_from_path.
[  184.641286][ T7305] siw: device registration error -23
[  184.924196][ T7327] block nbd0: Unsupported socket: should be TCP or UNIX.
[  185.391329][ T7335] FAULT_INJECTION: forcing a failure.
[  185.391329][ T7335] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  185.405519][ T7335] CPU: 1 UID: 0 PID: 7335 Comm: syz.3.372 Not tainted syzkaller #0 PREEMPT(full) 
[  185.405544][ T7335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  185.405555][ T7335] Call Trace:
[  185.405561][ T7335]  <TASK>
[  185.405568][ T7335]  dump_stack_lvl+0x16c/0x1f0
[  185.405596][ T7335]  should_fail_ex+0x512/0x640
[  185.405622][ T7335]  _copy_from_user+0x2e/0xd0
[  185.405646][ T7335]  copy_msghdr_from_user+0x98/0x160
[  185.405670][ T7335]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  185.405704][ T7335]  ___sys_sendmsg+0xfe/0x1d0
[  185.405727][ T7335]  ? __pfx____sys_sendmsg+0x10/0x10
[  185.405747][ T7335]  ? __lock_acquire+0x622/0x1c90
[  185.405803][ T7335]  __sys_sendmsg+0x16d/0x220
[  185.405826][ T7335]  ? __pfx___sys_sendmsg+0x10/0x10
[  185.405865][ T7335]  do_syscall_64+0xcd/0xfa0
[  185.405890][ T7335]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.405908][ T7335] RIP: 0033:0x7fab0218efc9
[  185.405922][ T7335] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  185.405939][ T7335] RSP: 002b:00007fab03108038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  185.405957][ T7335] RAX: ffffffffffffffda RBX: 00007fab023e5fa0 RCX: 00007fab0218efc9
[  185.405969][ T7335] RDX: 0000000004000084 RSI: 0000200000000000 RDI: 0000000000000004
[  185.405979][ T7335] RBP: 00007fab03108090 R08: 0000000000000000 R09: 0000000000000000
[  185.405989][ T7335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  185.406000][ T7335] R13: 00007fab023e6038 R14: 00007fab023e5fa0 R15: 00007fff72763818
[  185.406025][ T7335]  </TASK>
[  186.077569][ T5131] Bluetooth: hci1: command 0x0406 tx timeout
[  186.083587][ T5131] Bluetooth: hci3: command 0x0406 tx timeout
[  186.089599][ T5131] Bluetooth: hci4: command 0x0406 tx timeout
[  186.095633][ T5131] Bluetooth: hci2: command 0x0406 tx timeout
[  186.135906][ T5815] Bluetooth: hci0: command 0x0c1a tx timeout
[  186.454441][   T30] audit: type=1400 audit(1760867327.649:283): avc:  denied  { connect } for  pid=7338 comm="syz.2.374" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  186.977788][   T30] audit: type=1400 audit(1760867327.809:284): avc:  denied  { read } for  pid=7338 comm="syz.2.374" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  187.103024][   T30] audit: type=1400 audit(1760867328.239:285): avc:  denied  { write } for  pid=7338 comm="syz.2.374" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  187.180311][ T7352] netlink: 'syz.2.374': attribute type 29 has an invalid length.
[  187.188256][ T7352] netlink: 'syz.2.374': attribute type 3 has an invalid length.
[  187.195999][ T7352] netlink: 76 bytes leftover after parsing attributes in process `syz.2.374'.
[  187.755152][ T3090] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  187.833803][ T7363] FAULT_INJECTION: forcing a failure.
[  187.833803][ T7363] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  187.846969][ T7363] CPU: 1 UID: 0 PID: 7363 Comm: syz.1.379 Not tainted syzkaller #0 PREEMPT(full) 
[  187.846992][ T7363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  187.847003][ T7363] Call Trace:
[  187.847009][ T7363]  <TASK>
[  187.847016][ T7363]  dump_stack_lvl+0x16c/0x1f0
[  187.847044][ T7363]  should_fail_ex+0x512/0x640
[  187.847071][ T7363]  _copy_to_user+0x32/0xd0
[  187.847098][ T7363]  simple_read_from_buffer+0xcb/0x170
[  187.847129][ T7363]  proc_fail_nth_read+0x197/0x240
[  187.847157][ T7363]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  187.847185][ T7363]  ? rw_verify_area+0xcf/0x6c0
[  187.847205][ T7363]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  187.847232][ T7363]  vfs_read+0x1e4/0xcf0
[  187.847257][ T7363]  ? __pfx___mutex_lock+0x10/0x10
[  187.847282][ T7363]  ? __pfx_vfs_read+0x10/0x10
[  187.847311][ T7363]  ? __fget_files+0x20e/0x3c0
[  187.847343][ T7363]  ksys_read+0x12a/0x250
[  187.847364][ T7363]  ? __pfx_ksys_read+0x10/0x10
[  187.847386][ T7363]  ? fput+0x9b/0xd0
[  187.847408][ T7363]  do_syscall_64+0xcd/0xfa0
[  187.847432][ T7363]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.847451][ T7363] RIP: 0033:0x7fce2c78d9dc
[  187.847465][ T7363] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  187.847483][ T7363] RSP: 002b:00007fce2a9d5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  187.847501][ T7363] RAX: ffffffffffffffda RBX: 00007fce2c9e6090 RCX: 00007fce2c78d9dc
[  187.847512][ T7363] RDX: 000000000000000f RSI: 00007fce2a9d50a0 RDI: 0000000000000006
[  187.847522][ T7363] RBP: 00007fce2a9d5090 R08: 0000000000000000 R09: 0000000000000000
[  187.847533][ T7363] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[  187.847543][ T7363] R13: 00007fce2c9e6128 R14: 00007fce2c9e6090 R15: 00007ffc40a57678
[  187.847570][ T7363]  </TASK>
[  187.914844][ T3090] usb 1-1: Using ep0 maxpacket: 32
[  188.056356][   T30] audit: type=1400 audit(1760867329.319:286): avc:  denied  { create } for  pid=7360 comm="syz.2.381" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  188.093347][ T3090] usb 1-1: config 1 has an invalid descriptor of length 43, skipping remainder of the config
[  188.104046][ T3090] usb 1-1: config 1 interface 0 altsetting 11 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  188.117368][ T3090] usb 1-1: config 1 interface 0 has no altsetting 0
[  188.125123][ T3090] usb 1-1: New USB device found, idVendor=ff25, idProduct=00ff, bcdDevice= 0.00
[  188.554723][   T52] Bluetooth: hci0: unexpected event for opcode 0x202d
[  188.614900][ T3090] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  188.932494][   T30] audit: type=1400 audit(1760867330.029:287): avc:  denied  { read } for  pid=7360 comm="syz.2.381" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  188.934988][ T3090] usb 1-1: string descriptor 0 read error: -71
[  189.065433][ T3090] usb 1-1: USB disconnect, device number 10
[  189.125820][ T7379] netlink: 4 bytes leftover after parsing attributes in process `syz.2.384'.
[  190.548811][ T7396] netlink: 8 bytes leftover after parsing attributes in process `syz.2.389'.
[  190.660610][ T7398] FAULT_INJECTION: forcing a failure.
[  190.660610][ T7398] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  190.740276][ T7398] CPU: 1 UID: 0 PID: 7398 Comm: syz.4.390 Not tainted syzkaller #0 PREEMPT(full) 
[  190.740300][ T7398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  190.740311][ T7398] Call Trace:
[  190.740317][ T7398]  <TASK>
[  190.740329][ T7398]  dump_stack_lvl+0x16c/0x1f0
[  190.740357][ T7398]  should_fail_ex+0x512/0x640
[  190.740384][ T7398]  _copy_from_user+0x2e/0xd0
[  190.740407][ T7398]  copy_msghdr_from_user+0x98/0x160
[  190.740430][ T7398]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  190.740464][ T7398]  ___sys_sendmsg+0xfe/0x1d0
[  190.740487][ T7398]  ? __pfx____sys_sendmsg+0x10/0x10
[  190.740506][ T7398]  ? __lock_acquire+0x622/0x1c90
[  190.740560][ T7398]  __sys_sendmsg+0x16d/0x220
[  190.740583][ T7398]  ? __pfx___sys_sendmsg+0x10/0x10
[  190.740621][ T7398]  do_syscall_64+0xcd/0xfa0
[  190.740644][ T7398]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  190.740662][ T7398] RIP: 0033:0x7eff8ab8efc9
[  190.740677][ T7398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  190.740693][ T7398] RSP: 002b:00007eff8ba2b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  190.740710][ T7398] RAX: ffffffffffffffda RBX: 00007eff8ade5fa0 RCX: 00007eff8ab8efc9
[  190.740721][ T7398] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  190.740732][ T7398] RBP: 00007eff8ba2b090 R08: 0000000000000000 R09: 0000000000000000
[  190.740742][ T7398] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  190.740752][ T7398] R13: 00007eff8ade6038 R14: 00007eff8ade5fa0 R15: 00007ffd03a96d48
[  190.740777][ T7398]  </TASK>
[  192.980677][ T7429] netlink: 4 bytes leftover after parsing attributes in process `syz.4.398'.
[  193.444709][ T7431] ip6gretap0: entered promiscuous mode
[  193.541654][ T7431] vlan2: entered promiscuous mode
[  193.657615][ T7435] FAULT_INJECTION: forcing a failure.
[  193.657615][ T7435] name failslab, interval 1, probability 0, space 0, times 0
[  193.670917][ T7435] CPU: 0 UID: 0 PID: 7435 Comm: syz.1.400 Not tainted syzkaller #0 PREEMPT(full) 
[  193.670939][ T7435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  193.670950][ T7435] Call Trace:
[  193.670956][ T7435]  <TASK>
[  193.670962][ T7435]  dump_stack_lvl+0x16c/0x1f0
[  193.670989][ T7435]  should_fail_ex+0x512/0x640
[  193.671011][ T7435]  ? kmem_cache_alloc_noprof+0x62/0x6e0
[  193.671035][ T7435]  should_failslab+0xc2/0x120
[  193.671060][ T7435]  kmem_cache_alloc_noprof+0x75/0x6e0
[  193.671088][ T7435]  ? getname_flags.part.0+0x4c/0x550
[  193.671111][ T7435]  ? getname_flags.part.0+0x4c/0x550
[  193.671127][ T7435]  getname_flags.part.0+0x4c/0x550
[  193.671148][ T7435]  getname_flags+0x93/0xf0
[  193.671169][ T7435]  __x64_sys_mkdirat+0x76/0xb0
[  193.671193][ T7435]  do_syscall_64+0xcd/0xfa0
[  193.671217][ T7435]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.671234][ T7435] RIP: 0033:0x7fce2c78efc9
[  193.671248][ T7435] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  193.671265][ T7435] RSP: 002b:00007fce2a9d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  193.671282][ T7435] RAX: ffffffffffffffda RBX: 00007fce2c9e6090 RCX: 00007fce2c78efc9
[  193.671293][ T7435] RDX: 00000000000001c0 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  193.671304][ T7435] RBP: 00007fce2a9d5090 R08: 0000000000000000 R09: 0000000000000000
[  193.671315][ T7435] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  193.671324][ T7435] R13: 00007fce2c9e6128 R14: 00007fce2c9e6090 R15: 00007ffc40a57678
[  193.671350][ T7435]  </TASK>
[  193.932634][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  194.299364][ T7447] ip6t_srh: unknown srh invflags 4000
[  194.671226][ T7449] loop4: detected capacity change from 0 to 2560
[  194.776861][   T30] audit: type=1400 audit(1760867336.039:288): avc:  denied  { getopt } for  pid=7450 comm="syz.0.408" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  194.782406][ T7449] buffer_io_error: 315 callbacks suppressed
[  194.782420][ T7449] Buffer I/O error on dev loop4, logical block 0, lost async page write
[  194.819046][ T7449] Buffer I/O error on dev loop4, logical block 1, lost async page write
[  194.867229][ T7449] Buffer I/O error on dev loop4, logical block 2, lost async page write
[  194.887810][ T7449] Buffer I/O error on dev loop4, logical block 3, lost async page write
[  194.969018][ T5812] Buffer I/O error on dev loop4, logical block 256, lost async page write
[  195.021935][ T5812] Buffer I/O error on dev loop4, logical block 257, lost async page write
[  195.041432][ T7449] Buffer I/O error on dev loop4, logical block 4, lost async page write
[  195.048688][ T5812] Buffer I/O error on dev loop4, logical block 258, lost async page write
[  195.059837][ T5812] Buffer I/O error on dev loop4, logical block 259, lost async page write
[  195.089673][ T7449] Buffer I/O error on dev loop4, logical block 5, lost async page write
[  195.294911][ T5918] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  196.096842][ T5918] usb 2-1: Using ep0 maxpacket: 16
[  196.255413][ T5918] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  196.267743][   T30] audit: type=1400 audit(1760867337.489:289): avc:  denied  { create } for  pid=7462 comm="syz.0.409" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  196.335417][   T30] audit: type=1400 audit(1760867337.599:290): avc:  denied  { create } for  pid=7462 comm="syz.0.409" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  196.430917][ T5918] usb 2-1: config 0 interface 0 has no altsetting 0
[  196.489431][ T7460] siw: device registration error -23
[  196.712364][ T5918] usb 2-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[  196.724841][ T5918] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  196.775170][ T5918] usb 2-1: Product: syz
[  196.850098][ T5918] usb 2-1: Manufacturer: syz
[  196.868129][ T5918] usb 2-1: SerialNumber: syz
[  196.892722][   T30] audit: type=1400 audit(1760867337.629:291): avc:  denied  { ioctl } for  pid=7462 comm="syz.0.409" path="socket:[16573]" dev="sockfs" ino=16573 ioctlcmd=0x89ef scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  196.939945][ T5918] usb 2-1: config 0 descriptor??
[  196.961796][ T7479] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  197.418777][ T7488] FAULT_INJECTION: forcing a failure.
[  197.418777][ T7488] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  197.439483][ T7488] CPU: 0 UID: 0 PID: 7488 Comm: syz.4.415 Not tainted syzkaller #0 PREEMPT(full) 
[  197.439506][ T7488] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  197.439517][ T7488] Call Trace:
[  197.439522][ T7488]  <TASK>
[  197.439529][ T7488]  dump_stack_lvl+0x16c/0x1f0
[  197.439556][ T7488]  should_fail_ex+0x512/0x640
[  197.439582][ T7488]  _copy_from_user+0x2e/0xd0
[  197.439606][ T7488]  copy_msghdr_from_user+0x98/0x160
[  197.439628][ T7488]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  197.439663][ T7488]  ___sys_sendmsg+0xfe/0x1d0
[  197.439685][ T7488]  ? __pfx____sys_sendmsg+0x10/0x10
[  197.439703][ T7488]  ? __lock_acquire+0x622/0x1c90
[  197.439757][ T7488]  __sys_sendmsg+0x16d/0x220
[  197.439779][ T7488]  ? __pfx___sys_sendmsg+0x10/0x10
[  197.439810][ T7488]  ? fput+0x9b/0xd0
[  197.439831][ T7488]  do_syscall_64+0xcd/0xfa0
[  197.439854][ T7488]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  197.439871][ T7488] RIP: 0033:0x7eff8ab8efc9
[  197.439885][ T7488] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  197.439902][ T7488] RSP: 002b:00007eff8ba2b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  197.439919][ T7488] RAX: ffffffffffffffda RBX: 00007eff8ade5fa0 RCX: 00007eff8ab8efc9
[  197.439930][ T7488] RDX: 0000000000008010 RSI: 00002000000001c0 RDI: 0000000000000004
[  197.439940][ T7488] RBP: 00007eff8ba2b090 R08: 0000000000000000 R09: 0000000000000000
[  197.439951][ T7488] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  197.439960][ T7488] R13: 00007eff8ade6038 R14: 00007eff8ade5fa0 R15: 00007ffd03a96d48
[  197.439985][ T7488]  </TASK>
[  197.446123][ T7486] mmap: syz.0.413 (7486) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  197.506930][ T7490] netlink: 'syz.4.417': attribute type 23 has an invalid length.
[  197.605269][ T7493] ip6t_srh: unknown srh invflags 4000
[  197.644960][ T5926] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  197.966037][ T5926] usb 3-1: Using ep0 maxpacket: 8
[  198.356508][ T5926] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  198.375955][ T3090] usb 2-1: USB disconnect, device number 7
[  198.422271][ T5926] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  198.477084][   T30] audit: type=1400 audit(1760867339.739:292): avc:  denied  { setopt } for  pid=7498 comm="syz.4.419" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  198.503382][ T5926] usb 3-1: config 0 descriptor??
[  198.511422][ T7501] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  198.543961][ T7501] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  198.793345][ T5926] asix 3-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random
[  198.828032][ T7510] netlink: 4 bytes leftover after parsing attributes in process `syz.0.421'.
[  199.884772][ T5926] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  199.934948][ T7518] FAULT_INJECTION: forcing a failure.
[  199.934948][ T7518] name failslab, interval 1, probability 0, space 0, times 0
[  199.945137][ T5926] asix 3-1:0.0: probe with driver asix failed with error -71
[  199.983468][ T5926] usb 3-1: USB disconnect, device number 11
[  200.074972][ T7518] CPU: 1 UID: 0 PID: 7518 Comm: syz.4.424 Not tainted syzkaller #0 PREEMPT(full) 
[  200.075001][ T7518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  200.075012][ T7518] Call Trace:
[  200.075019][ T7518]  <TASK>
[  200.075026][ T7518]  dump_stack_lvl+0x16c/0x1f0
[  200.075054][ T7518]  should_fail_ex+0x512/0x640
[  200.075076][ T7518]  ? fs_reclaim_acquire+0xae/0x150
[  200.075105][ T7518]  should_failslab+0xc2/0x120
[  200.075132][ T7518]  __kmalloc_noprof+0xdd/0x880
[  200.075152][ T7518]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  200.075185][ T7518]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  200.075209][ T7518]  tomoyo_realpath_from_path+0xc2/0x6e0
[  200.075238][ T7518]  ? tomoyo_profile+0x47/0x60
[  200.075258][ T7518]  tomoyo_path_number_perm+0x245/0x580
[  200.075279][ T7518]  ? tomoyo_path_number_perm+0x237/0x580
[  200.075304][ T7518]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  200.075328][ T7518]  ? find_held_lock+0x2b/0x80
[  200.075369][ T7518]  ? find_held_lock+0x2b/0x80
[  200.075385][ T7518]  ? hook_file_ioctl_common+0x145/0x410
[  200.075410][ T7518]  ? __fget_files+0x20e/0x3c0
[  200.075438][ T7518]  security_file_ioctl+0x9b/0x240
[  200.075465][ T7518]  __x64_sys_ioctl+0xb7/0x210
[  200.075487][ T7518]  do_syscall_64+0xcd/0xfa0
[  200.075511][ T7518]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  200.075529][ T7518] RIP: 0033:0x7eff8ab8efc9
[  200.075543][ T7518] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  200.075560][ T7518] RSP: 002b:00007eff8ba2b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  200.075579][ T7518] RAX: ffffffffffffffda RBX: 00007eff8ade5fa0 RCX: 00007eff8ab8efc9
[  200.075590][ T7518] RDX: 0000200000000080 RSI: 00000000c0585605 RDI: 0000000000000003
[  200.075601][ T7518] RBP: 00007eff8ba2b090 R08: 0000000000000000 R09: 0000000000000000
[  200.075611][ T7518] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  200.075621][ T7518] R13: 00007eff8ade6038 R14: 00007eff8ade5fa0 R15: 00007ffd03a96d48
[  200.075648][ T7518]  </TASK>
[  200.075655][ T7518] ERROR: Out of memory at tomoyo_realpath_from_path.
[  201.039803][ T7529] netlink: 'syz.3.429': attribute type 23 has an invalid length.
[  201.105215][ T7532] netlink: 'syz.4.427': attribute type 2 has an invalid length.
[  201.112861][ T7532] netlink: 'syz.4.427': attribute type 1 has an invalid length.
[  201.120659][ T7532] netlink: 'syz.4.427': attribute type 1 has an invalid length.
[  201.163743][ T7529] ip6t_srh: unknown srh invflags 4000
[  201.210282][ T7536] FAULT_INJECTION: forcing a failure.
[  201.210282][ T7536] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  201.232103][ T7536] CPU: 0 UID: 0 PID: 7536 Comm: syz.4.430 Not tainted syzkaller #0 PREEMPT(full) 
[  201.232127][ T7536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  201.232137][ T7536] Call Trace:
[  201.232143][ T7536]  <TASK>
[  201.232150][ T7536]  dump_stack_lvl+0x16c/0x1f0
[  201.232176][ T7536]  should_fail_ex+0x512/0x640
[  201.232203][ T7536]  _copy_from_user+0x2e/0xd0
[  201.232234][ T7536]  copy_msghdr_from_user+0x98/0x160
[  201.232257][ T7536]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  201.232292][ T7536]  ___sys_sendmsg+0xfe/0x1d0
[  201.232315][ T7536]  ? __pfx____sys_sendmsg+0x10/0x10
[  201.232334][ T7536]  ? __lock_acquire+0x622/0x1c90
[  201.232389][ T7536]  __sys_sendmsg+0x16d/0x220
[  201.232411][ T7536]  ? __pfx___sys_sendmsg+0x10/0x10
[  201.232449][ T7536]  do_syscall_64+0xcd/0xfa0
[  201.232472][ T7536]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  201.232490][ T7536] RIP: 0033:0x7eff8ab8efc9
[  201.232504][ T7536] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  201.232522][ T7536] RSP: 002b:00007eff8ba2b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  201.232538][ T7536] RAX: ffffffffffffffda RBX: 00007eff8ade5fa0 RCX: 00007eff8ab8efc9
[  201.232550][ T7536] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  201.232560][ T7536] RBP: 00007eff8ba2b090 R08: 0000000000000000 R09: 0000000000000000
[  201.232570][ T7536] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  201.232580][ T7536] R13: 00007eff8ade6038 R14: 00007eff8ade5fa0 R15: 00007ffd03a96d48
[  201.232605][ T7536]  </TASK>
[  202.242532][ T7550] FAULT_INJECTION: forcing a failure.
[  202.242532][ T7550] name failslab, interval 1, probability 0, space 0, times 0
[  202.355959][ T7550] CPU: 1 UID: 0 PID: 7550 Comm: syz.0.434 Not tainted syzkaller #0 PREEMPT(full) 
[  202.355987][ T7550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  202.355998][ T7550] Call Trace:
[  202.356004][ T7550]  <TASK>
[  202.356011][ T7550]  dump_stack_lvl+0x16c/0x1f0
[  202.356038][ T7550]  should_fail_ex+0x512/0x640
[  202.356060][ T7550]  ? fs_reclaim_acquire+0xae/0x150
[  202.356089][ T7550]  should_failslab+0xc2/0x120
[  202.356116][ T7550]  __kmalloc_noprof+0xdd/0x880
[  202.356135][ T7550]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  202.356167][ T7550]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  202.356196][ T7550]  tomoyo_realpath_from_path+0xc2/0x6e0
[  202.356224][ T7550]  ? tomoyo_profile+0x47/0x60
[  202.356243][ T7550]  tomoyo_path_number_perm+0x245/0x580
[  202.356264][ T7550]  ? tomoyo_path_number_perm+0x237/0x580
[  202.356288][ T7550]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  202.356312][ T7550]  ? find_held_lock+0x2b/0x80
[  202.356353][ T7550]  ? find_held_lock+0x2b/0x80
[  202.356369][ T7550]  ? hook_file_ioctl_common+0x145/0x410
[  202.356396][ T7550]  ? __fget_files+0x20e/0x3c0
[  202.356424][ T7550]  security_file_ioctl+0x9b/0x240
[  202.356450][ T7550]  __x64_sys_ioctl+0xb7/0x210
[  202.356472][ T7550]  do_syscall_64+0xcd/0xfa0
[  202.356495][ T7550]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.356512][ T7550] RIP: 0033:0x7fefaa18efc9
[  202.356527][ T7550] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  202.356544][ T7550] RSP: 002b:00007fefab097038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  202.356562][ T7550] RAX: ffffffffffffffda RBX: 00007fefaa3e5fa0 RCX: 00007fefaa18efc9
[  202.356573][ T7550] RDX: 00002000000001c0 RSI: 00000000c0cc5615 RDI: 0000000000000003
[  202.356584][ T7550] RBP: 00007fefab097090 R08: 0000000000000000 R09: 0000000000000000
[  202.356594][ T7550] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  202.356605][ T7550] R13: 00007fefaa3e6038 R14: 00007fefaa3e5fa0 R15: 00007ffc0d002908
[  202.356631][ T7550]  </TASK>
[  202.569698][ T7550] ERROR: Out of memory at tomoyo_realpath_from_path.
[  203.536684][ T7568] FAULT_INJECTION: forcing a failure.
[  203.536684][ T7568] name failslab, interval 1, probability 0, space 0, times 0
[  203.671799][ T7573] netlink: 'syz.4.440': attribute type 2 has an invalid length.
[  203.679594][ T7573] netlink: 'syz.4.440': attribute type 1 has an invalid length.
[  203.687329][ T7573] netlink: 'syz.4.440': attribute type 1 has an invalid length.
[  203.754822][ T7568] CPU: 1 UID: 0 PID: 7568 Comm: syz.1.439 Not tainted syzkaller #0 PREEMPT(full) 
[  203.754847][ T7568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  203.754857][ T7568] Call Trace:
[  203.754863][ T7568]  <TASK>
[  203.754870][ T7568]  dump_stack_lvl+0x16c/0x1f0
[  203.754897][ T7568]  should_fail_ex+0x512/0x640
[  203.754925][ T7568]  ? fs_reclaim_acquire+0xae/0x150
[  203.754952][ T7568]  should_failslab+0xc2/0x120
[  203.754978][ T7568]  __kmalloc_noprof+0xdd/0x880
[  203.754997][ T7568]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  203.755028][ T7568]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  203.755052][ T7568]  tomoyo_realpath_from_path+0xc2/0x6e0
[  203.755080][ T7568]  ? tomoyo_profile+0x47/0x60
[  203.755100][ T7568]  tomoyo_path_number_perm+0x245/0x580
[  203.755120][ T7568]  ? tomoyo_path_number_perm+0x237/0x580
[  203.755145][ T7568]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  203.755168][ T7568]  ? find_held_lock+0x2b/0x80
[  203.755210][ T7568]  ? find_held_lock+0x2b/0x80
[  203.755225][ T7568]  ? hook_file_ioctl_common+0x145/0x410
[  203.755249][ T7568]  ? __fget_files+0x20e/0x3c0
[  203.755277][ T7568]  security_file_ioctl+0x9b/0x240
[  203.755303][ T7568]  __x64_sys_ioctl+0xb7/0x210
[  203.755324][ T7568]  do_syscall_64+0xcd/0xfa0
[  203.755348][ T7568]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.755366][ T7568] RIP: 0033:0x7fce2c78efc9
[  203.755381][ T7568] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  203.755397][ T7568] RSP: 002b:00007fce2a9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  203.755414][ T7568] RAX: ffffffffffffffda RBX: 00007fce2c9e5fa0 RCX: 00007fce2c78efc9
[  203.755425][ T7568] RDX: 0000000000000002 RSI: 000000000000540a RDI: 0000000000000003
[  203.755435][ T7568] RBP: 00007fce2a9f6090 R08: 0000000000000000 R09: 0000000000000000
[  203.755445][ T7568] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  203.755455][ T7568] R13: 00007fce2c9e6038 R14: 00007fce2c9e5fa0 R15: 00007ffc40a57678
[  203.755480][ T7568]  </TASK>
[  203.755486][ T7568] ERROR: Out of memory at tomoyo_realpath_from_path.
[  203.877442][ T3090] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  204.365999][ T7582] netlink: 'syz.0.443': attribute type 23 has an invalid length.
[  204.466770][ T7582] ip6t_srh: unknown srh invflags 4000
[  204.605053][ T3090] usb 4-1: Using ep0 maxpacket: 8
[  204.860145][ T7596] netlink: 4 bytes leftover after parsing attributes in process `syz.2.447'.
[  204.881997][ T3090] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  204.918937][ T3090] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  205.019014][ T3090] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  205.112902][ T3090] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  205.130409][ T7603] netlink: 4 bytes leftover after parsing attributes in process `syz.0.449'.
[  205.769606][ T3090] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0
[  205.780346][ T3090] usb 4-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  205.897024][ T3090] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  206.024533][ T3090] usb 4-1: config 0 descriptor??
[  206.131450][ T7610] FAULT_INJECTION: forcing a failure.
[  206.131450][ T7610] name failslab, interval 1, probability 0, space 0, times 0
[  206.145172][   T52] Bluetooth: hci5: urb ffff888032ec2c00 submission failed (90)
[  206.166119][ T7610] CPU: 0 UID: 0 PID: 7610 Comm: syz.4.451 Not tainted syzkaller #0 PREEMPT(full) 
[  206.166143][ T7610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  206.166154][ T7610] Call Trace:
[  206.166160][ T7610]  <TASK>
[  206.166166][ T7610]  dump_stack_lvl+0x16c/0x1f0
[  206.166194][ T7610]  should_fail_ex+0x512/0x640
[  206.166215][ T7610]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[  206.166240][ T7610]  should_failslab+0xc2/0x120
[  206.166265][ T7610]  kmem_cache_alloc_node_noprof+0x78/0x770
[  206.166286][ T7610]  ? __alloc_skb+0x2b2/0x380
[  206.166311][ T7610]  ? __alloc_skb+0x2b2/0x380
[  206.166328][ T7610]  __alloc_skb+0x2b2/0x380
[  206.166346][ T7610]  ? __pfx___alloc_skb+0x10/0x10
[  206.166364][ T7610]  ? find_held_lock+0x2b/0x80
[  206.166391][ T7610]  alloc_skb_with_frags+0xe0/0x860
[  206.166422][ T7610]  sock_alloc_send_pskb+0x7f9/0x980
[  206.166441][ T7610]  ? avc_has_perm+0x144/0x1f0
[  206.166460][ T7610]  ? __pfx_avc_has_perm+0x10/0x10
[  206.166481][ T7610]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  206.166504][ T7610]  ? sock_has_perm+0x259/0x2f0
[  206.166524][ T7610]  ? __pfx_sock_has_perm+0x10/0x10
[  206.166548][ T7610]  hci_sock_sendmsg+0x1c7/0x25f0
[  206.166575][ T7610]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  206.166602][ T7610]  sock_write_iter+0x566/0x610
[  206.166628][ T7610]  ? __pfx_sock_write_iter+0x10/0x10
[  206.166661][ T7610]  ? bpf_lsm_file_permission+0x9/0x10
[  206.166682][ T7610]  ? security_file_permission+0x71/0x210
[  206.166707][ T7610]  ? rw_verify_area+0xcf/0x6c0
[  206.166729][ T7610]  vfs_write+0x7d3/0x11d0
[  206.166751][ T7610]  ? __pfx_sock_write_iter+0x10/0x10
[  206.166779][ T7610]  ? __pfx_vfs_write+0x10/0x10
[  206.166796][ T7610]  ? find_held_lock+0x2b/0x80
[  206.166828][ T7610]  ksys_write+0x1f8/0x250
[  206.166850][ T7610]  ? __pfx_ksys_write+0x10/0x10
[  206.166885][ T7610]  do_syscall_64+0xcd/0xfa0
[  206.166910][ T7610]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.166927][ T7610] RIP: 0033:0x7eff8ab8efc9
[  206.166941][ T7610] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  206.166957][ T7610] RSP: 002b:00007eff8ba0a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  206.166974][ T7610] RAX: ffffffffffffffda RBX: 00007eff8ade6090 RCX: 00007eff8ab8efc9
[  206.166985][ T7610] RDX: 000000000000000d RSI: 0000200000000000 RDI: 0000000000000004
[  206.166995][ T7610] RBP: 00007eff8ba0a090 R08: 0000000000000000 R09: 0000000000000000
[  206.167005][ T7610] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  206.167014][ T7610] R13: 00007eff8ade6128 R14: 00007eff8ade6090 R15: 00007ffd03a96d48
[  206.167040][ T7610]  </TASK>
[  206.555395][ T3090] usb 4-1: USB disconnect, device number 16
[  206.588586][ T7616] netlink: 'syz.1.452': attribute type 2 has an invalid length.
[  206.596828][ T7616] netlink: 'syz.1.452': attribute type 1 has an invalid length.
[  206.604435][ T7616] netlink: 'syz.1.452': attribute type 1 has an invalid length.
[  206.625711][   T30] audit: type=1400 audit(1760867347.889:293): avc:  denied  { unlink } for  pid=7611 comm="syz.4.454" name="#1" dev="tmpfs" ino=552 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  206.648292][   T30] audit: type=1400 audit(1760867347.889:294): avc:  denied  { mount } for  pid=7611 comm="syz.4.454" name="/" dev="overlay" ino=548 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  206.850904][ T7621] FAULT_INJECTION: forcing a failure.
[  206.850904][ T7621] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  206.897189][ T7621] CPU: 1 UID: 0 PID: 7621 Comm: syz.1.456 Not tainted syzkaller #0 PREEMPT(full) 
[  206.897213][ T7621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  206.897223][ T7621] Call Trace:
[  206.897228][ T7621]  <TASK>
[  206.897235][ T7621]  dump_stack_lvl+0x16c/0x1f0
[  206.897260][ T7621]  should_fail_ex+0x512/0x640
[  206.897284][ T7621]  _copy_from_user+0x2e/0xd0
[  206.897307][ T7621]  copy_msghdr_from_user+0x98/0x160
[  206.897334][ T7621]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  206.897368][ T7621]  ___sys_sendmsg+0xfe/0x1d0
[  206.897390][ T7621]  ? __pfx____sys_sendmsg+0x10/0x10
[  206.897409][ T7621]  ? __lock_acquire+0x622/0x1c90
[  206.897457][ T7621]  __sys_sendmsg+0x16d/0x220
[  206.897477][ T7621]  ? __pfx___sys_sendmsg+0x10/0x10
[  206.897511][ T7621]  do_syscall_64+0xcd/0xfa0
[  206.897532][ T7621]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.897547][ T7621] RIP: 0033:0x7fce2c78efc9
[  206.897560][ T7621] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  206.897575][ T7621] RSP: 002b:00007fce2a9f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  206.897590][ T7621] RAX: ffffffffffffffda RBX: 00007fce2c9e5fa0 RCX: 00007fce2c78efc9
[  206.897601][ T7621] RDX: 0000000000040010 RSI: 0000200000002000 RDI: 0000000000000003
[  206.897611][ T7621] RBP: 00007fce2a9f6090 R08: 0000000000000000 R09: 0000000000000000
[  206.897621][ T7621] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  206.897629][ T7621] R13: 00007fce2c9e6038 R14: 00007fce2c9e5fa0 R15: 00007ffc40a57678
[  206.897653][ T7621]  </TASK>
[  207.135642][ T7626] IPv6: addrconf: prefix option has invalid lifetime
[  207.269878][ T5918] usb 5-1: new full-speed USB device number 9 using dummy_hcd
[  207.322789][   T30] audit: type=1400 audit(1760867348.579:295): avc:  denied  { write } for  pid=7630 comm="syz.3.460" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  207.462844][ T5918] usb 5-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  208.294561][   T30] audit: type=1400 audit(1760867348.669:296): avc:  denied  { mount } for  pid=7625 comm="syz.2.457" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  208.321986][   T30] audit: type=1400 audit(1760867348.679:297): avc:  denied  { ioctl } for  pid=7625 comm="syz.2.457" path="socket:[16020]" dev="sockfs" ino=16020 ioctlcmd=0x7459 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  208.382054][ T5918] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  208.748800][ T5918] usb 5-1: config 0 descriptor??
[  209.316575][   T30] audit: type=1400 audit(1760867350.239:298): avc:  denied  { read } for  pid=7611 comm="syz.4.454" path="socket:[16093]" dev="sockfs" ino=16093 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  209.428395][ T5918] usbhid 5-1:0.0: can't add hid device: -71
[  209.454901][ T5918] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  209.493684][   T30] audit: type=1400 audit(1760867350.739:299): avc:  denied  { firmware_load } for  pid=7630 comm="syz.3.460" path="/lib/firmware/regulatory.db" dev="sda1" ino=448 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[  209.501856][ T7637] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -12
[  209.532465][ T5918] usb 5-1: USB disconnect, device number 9
[  209.547329][ T7637] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -12
[  209.580679][ T7637] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  209.585470][   T30] audit: type=1400 audit(1760867350.829:300): avc:  denied  { firmware_load } for  pid=7630 comm="syz.3.460" scontext=system_u:system_r:kernel_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  209.682896][   T30] audit: type=1400 audit(1760867350.939:301): avc:  denied  { read write } for  pid=7651 comm="syz.2.465" name="raw-gadget" dev="devtmpfs" ino=820 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  209.685718][ T7637] syz.3.460 (7637) used greatest stack depth: 19928 bytes left
[  209.740653][   T30] audit: type=1400 audit(1760867350.939:302): avc:  denied  { open } for  pid=7651 comm="syz.2.465" path="/dev/raw-gadget" dev="devtmpfs" ino=820 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  209.934887][ T5926] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  210.107618][ T5926] usb 3-1: Using ep0 maxpacket: 16
[  210.231066][ T5926] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  210.263640][ T5926] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  210.750178][ T5926] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  210.771038][ T5926] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  210.803530][ T5926] usb 3-1: Product: syz
[  210.813334][ T5926] usb 3-1: Manufacturer: syz
[  210.830162][ T5926] usb 3-1: SerialNumber: syz
[  210.850080][ T5926] usb 3-1: config 0 descriptor??
[  210.961714][ T5926] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  210.994873][ T5926] em28xx 3-1:0.0: Audio interface 0 found (Vendor Class)
[  211.377934][ T7662] ip6t_srh: unknown srh invflags 4000
[  211.453346][ T7672] FAULT_INJECTION: forcing a failure.
[  211.453346][ T7672] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  211.527263][ T7672] CPU: 1 UID: 0 PID: 7672 Comm: syz.1.471 Not tainted syzkaller #0 PREEMPT(full) 
[  211.527288][ T7672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  211.527298][ T7672] Call Trace:
[  211.527304][ T7672]  <TASK>
[  211.527310][ T7672]  dump_stack_lvl+0x16c/0x1f0
[  211.527333][ T7672]  should_fail_ex+0x512/0x640
[  211.527350][ T7672]  _copy_to_user+0x32/0xd0
[  211.527366][ T7672]  simple_read_from_buffer+0xcb/0x170
[  211.527382][ T7672]  proc_fail_nth_read+0x197/0x240
[  211.527399][ T7672]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  211.527416][ T7672]  ? rw_verify_area+0xcf/0x6c0
[  211.527428][ T7672]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  211.527444][ T7672]  vfs_read+0x1e4/0xcf0
[  211.527459][ T7672]  ? __pfx___mutex_lock+0x10/0x10
[  211.527474][ T7672]  ? __pfx_vfs_read+0x10/0x10
[  211.527491][ T7672]  ? __fget_files+0x20e/0x3c0
[  211.527518][ T7672]  ksys_read+0x12a/0x250
[  211.527539][ T7672]  ? __pfx_ksys_read+0x10/0x10
[  211.527558][ T7672]  do_syscall_64+0xcd/0xfa0
[  211.527572][ T7672]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.527584][ T7672] RIP: 0033:0x7fce2c78d9dc
[  211.527593][ T7672] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  211.527603][ T7672] RSP: 002b:00007fce2a9f6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  211.527615][ T7672] RAX: ffffffffffffffda RBX: 00007fce2c9e5fa0 RCX: 00007fce2c78d9dc
[  211.527621][ T7672] RDX: 000000000000000f RSI: 00007fce2a9f60a0 RDI: 0000000000000004
[  211.527628][ T7672] RBP: 00007fce2a9f6090 R08: 0000000000000000 R09: 0000000000000000
[  211.527634][ T7672] R10: 0000200000000d80 R11: 0000000000000246 R12: 0000000000000001
[  211.527640][ T7672] R13: 00007fce2c9e6038 R14: 00007fce2c9e5fa0 R15: 00007ffc40a57678
[  211.527655][ T7672]  </TASK>
[  211.684908][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  211.684923][   T30] audit: type=1400 audit(1760867352.849:305): avc:  denied  { read } for  pid=7673 comm="syz.3.469" name="loop-control" dev="devtmpfs" ino=646 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  211.689548][ T5926] em28xx 3-1:0.0: unknown em28xx chip ID (0)
[  211.716264][   T30] audit: type=1400 audit(1760867352.849:306): avc:  denied  { open } for  pid=7673 comm="syz.3.469" path="/dev/loop-control" dev="devtmpfs" ino=646 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  211.798760][ T5926] em28xx 3-1:0.0: Config register raw data: 0xfffffffb
[  211.903294][   T30] audit: type=1400 audit(1760867352.849:307): avc:  denied  { read write } for  pid=7673 comm="syz.3.469" name="uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  211.987481][   T30] audit: type=1400 audit(1760867352.849:308): avc:  denied  { open } for  pid=7673 comm="syz.3.469" path="/dev/uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  212.171954][ T7678] netlink: 64985 bytes leftover after parsing attributes in process `syz.1.472'.
[  212.186967][ T7678] netlink: 64985 bytes leftover after parsing attributes in process `syz.1.472'.
[  212.221510][ T7678] netlink: 64985 bytes leftover after parsing attributes in process `syz.1.472'.
[  212.253872][   T30] audit: type=1400 audit(1760867353.479:309): avc:  denied  { ioctl } for  pid=7673 comm="syz.3.469" path="/dev/loop-control" dev="devtmpfs" ino=646 ioctlcmd=0x4c82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  212.283192][ T7678] netlink: 64985 bytes leftover after parsing attributes in process `syz.1.472'.
[  212.303036][ T7678] netlink: 64985 bytes leftover after parsing attributes in process `syz.1.472'.
[  212.391886][ T7678] netlink: 64985 bytes leftover after parsing attributes in process `syz.1.472'.
[  212.572641][ T7678] netlink: 64985 bytes leftover after parsing attributes in process `syz.1.472'.
[  212.582712][ T7678] netlink: 64985 bytes leftover after parsing attributes in process `syz.1.472'.
[  212.592591][ T5926] em28xx 3-1:0.0: Unknown AC97 audio processor detected!
[  213.702532][ T5926] em28xx 3-1:0.0: couldn't setup AC97 register 2
[  213.770973][ T5926] em28xx 3-1:0.0: couldn't setup AC97 register 4
[  213.774100][ T7691] FAULT_INJECTION: forcing a failure.
[  213.774100][ T7691] name failslab, interval 1, probability 0, space 0, times 0
[  213.790230][ T7691] CPU: 0 UID: 0 PID: 7691 Comm: syz.1.477 Not tainted syzkaller #0 PREEMPT(full) 
[  213.790252][ T7691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  213.790262][ T7691] Call Trace:
[  213.790267][ T7691]  <TASK>
[  213.790273][ T7691]  dump_stack_lvl+0x16c/0x1f0
[  213.790299][ T7691]  should_fail_ex+0x512/0x640
[  213.790320][ T7691]  ? fs_reclaim_acquire+0xae/0x150
[  213.790348][ T7691]  should_failslab+0xc2/0x120
[  213.790373][ T7691]  __kmalloc_noprof+0xdd/0x880
[  213.790392][ T7691]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  213.790423][ T7691]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  213.790447][ T7691]  tomoyo_realpath_from_path+0xc2/0x6e0
[  213.790474][ T7691]  ? tomoyo_profile+0x47/0x60
[  213.790497][ T7691]  tomoyo_path_number_perm+0x245/0x580
[  213.790517][ T7691]  ? tomoyo_path_number_perm+0x237/0x580
[  213.790541][ T7691]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  213.790564][ T7691]  ? find_held_lock+0x2b/0x80
[  213.790602][ T7691]  ? find_held_lock+0x2b/0x80
[  213.790617][ T7691]  ? hook_file_ioctl_common+0x145/0x410
[  213.790640][ T7691]  ? __fget_files+0x20e/0x3c0
[  213.790668][ T7691]  security_file_ioctl+0x9b/0x240
[  213.790693][ T7691]  __x64_sys_ioctl+0xb7/0x210
[  213.790715][ T7691]  do_syscall_64+0xcd/0xfa0
[  213.790737][ T7691]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.790755][ T7691] RIP: 0033:0x7fce2c78efc9
[  213.790769][ T7691] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  213.790786][ T7691] RSP: 002b:00007fce2a9f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  213.790803][ T7691] RAX: ffffffffffffffda RBX: 00007fce2c9e5fa0 RCX: 00007fce2c78efc9
[  213.790814][ T7691] RDX: 0000200000000140 RSI: 00000000c0189436 RDI: 0000000000000003
[  213.790824][ T7691] RBP: 00007fce2a9f6090 R08: 0000000000000000 R09: 0000000000000000
[  213.790834][ T7691] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  213.790844][ T7691] R13: 00007fce2c9e6038 R14: 00007fce2c9e5fa0 R15: 00007ffc40a57678
[  213.790870][ T7691]  </TASK>
[  213.790892][ T7691] ERROR: Out of memory at tomoyo_realpath_from_path.
[  214.016051][ T5926] em28xx 3-1:0.0: couldn't setup AC97 register 6
[  214.042531][   T30] audit: type=1400 audit(1760867355.289:310): avc:  denied  { wake_alarm } for  pid=7692 comm="syz.0.476" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  214.073820][ T5926] em28xx 3-1:0.0: couldn't setup AC97 register 54
[  214.117500][ T5926] em28xx 3-1:0.0: couldn't setup AC97 register 56
[  214.171784][ T5926] usb 3-1: USB disconnect, device number 12
[  215.152791][ T7700] netlink: 'syz.1.480': attribute type 23 has an invalid length.
[  215.211757][ T7702] fuse: Unknown parameter '0x000000000000000400000000000000000000'
[  215.565646][ T7700] ip6t_srh: unknown srh invflags 4000
[  215.619065][ T7708] FAULT_INJECTION: forcing a failure.
[  215.619065][ T7708] name failslab, interval 1, probability 0, space 0, times 0
[  215.642344][ T7708] CPU: 0 UID: 0 PID: 7708 Comm: syz.0.481 Not tainted syzkaller #0 PREEMPT(full) 
[  215.642369][ T7708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  215.642378][ T7708] Call Trace:
[  215.642382][ T7708]  <TASK>
[  215.642386][ T7708]  dump_stack_lvl+0x16c/0x1f0
[  215.642405][ T7708]  should_fail_ex+0x512/0x640
[  215.642419][ T7708]  ? kmem_cache_alloc_noprof+0x62/0x6e0
[  215.642433][ T7708]  should_failslab+0xc2/0x120
[  215.642450][ T7708]  kmem_cache_alloc_noprof+0x75/0x6e0
[  215.642462][ T7708]  ? getname_flags.part.0+0x4c/0x550
[  215.642477][ T7708]  ? getname_flags.part.0+0x4c/0x550
[  215.642488][ T7708]  getname_flags.part.0+0x4c/0x550
[  215.642500][ T7708]  getname_flags+0x93/0xf0
[  215.642515][ T7708]  __x64_sys_renameat2+0xc7/0x130
[  215.642532][ T7708]  do_syscall_64+0xcd/0xfa0
[  215.642547][ T7708]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  215.642558][ T7708] RIP: 0033:0x7fefaa18efc9
[  215.642567][ T7708] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  215.642578][ T7708] RSP: 002b:00007fefab076038 EFLAGS: 00000246 ORIG_RAX: 000000000000013c
[  215.642588][ T7708] RAX: ffffffffffffffda RBX: 00007fefaa3e6090 RCX: 00007fefaa18efc9
[  215.642595][ T7708] RDX: ffffffffffffff9c RSI: 0000200000000480 RDI: ffffffffffffff9c
[  215.642602][ T7708] RBP: 00007fefab076090 R08: 0000000000000002 R09: 0000000000000000
[  215.642608][ T7708] R10: 00002000000004c0 R11: 0000000000000246 R12: 0000000000000001
[  215.642614][ T7708] R13: 00007fefaa3e6128 R14: 00007fefaa3e6090 R15: 00007ffc0d002908
[  215.642629][ T7708]  </TASK>
[  216.033364][ T7718] dlm: no local IP address has been set
[  216.039053][ T7718] dlm: cannot start dlm midcomms -107
[  216.127315][   T30] audit: type=1400 audit(1760867357.289:311): avc:  denied  { append } for  pid=7712 comm="syz.3.484" name="dlm-control" dev="devtmpfs" ino=94 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  216.195896][ T1205] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  216.580610][ T1205] usb 5-1: device descriptor read/64, error -71
[  217.054962][ T1205] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  217.200024][ T7734] netlink: 4 bytes leftover after parsing attributes in process `syz.1.490'.
[  217.335336][ T7729] siw: device registration error -23
[  217.534878][ T1205] usb 5-1: device descriptor read/64, error -71
[  217.649345][ T1205] usb usb5-port1: attempt power cycle
[  218.674874][ T1205] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  218.709392][ T7746] FAULT_INJECTION: forcing a failure.
[  218.709392][ T7746] name failslab, interval 1, probability 0, space 0, times 0
[  218.915276][ T1205] usb 5-1: device not accepting address 12, error -71
[  218.978674][ T7746] CPU: 1 UID: 0 PID: 7746 Comm: syz.3.494 Not tainted syzkaller #0 PREEMPT(full) 
[  218.978699][ T7746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  218.978708][ T7746] Call Trace:
[  218.978714][ T7746]  <TASK>
[  218.978720][ T7746]  dump_stack_lvl+0x16c/0x1f0
[  218.978744][ T7746]  should_fail_ex+0x512/0x640
[  218.978764][ T7746]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[  218.978792][ T7746]  should_failslab+0xc2/0x120
[  218.978817][ T7746]  kmem_cache_alloc_node_noprof+0x78/0x770
[  218.978837][ T7746]  ? __alloc_skb+0x2b2/0x380
[  218.978861][ T7746]  ? __alloc_skb+0x2b2/0x380
[  218.978877][ T7746]  __alloc_skb+0x2b2/0x380
[  218.978896][ T7746]  ? __pfx___alloc_skb+0x10/0x10
[  218.978912][ T7746]  ? find_held_lock+0x2b/0x80
[  218.978936][ T7746]  alloc_skb_with_frags+0xe0/0x860
[  218.978966][ T7746]  sock_alloc_send_pskb+0x7f9/0x980
[  218.978986][ T7746]  ? avc_has_perm+0x144/0x1f0
[  218.979003][ T7746]  ? __pfx_avc_has_perm+0x10/0x10
[  218.979023][ T7746]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  218.979046][ T7746]  ? sock_has_perm+0x259/0x2f0
[  218.979064][ T7746]  ? __pfx_sock_has_perm+0x10/0x10
[  218.979084][ T7746]  hci_sock_sendmsg+0x1c7/0x25f0
[  218.979109][ T7746]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  218.979138][ T7746]  sock_write_iter+0x566/0x610
[  218.979162][ T7746]  ? __pfx_sock_write_iter+0x10/0x10
[  218.979194][ T7746]  ? bpf_lsm_file_permission+0x9/0x10
[  218.979216][ T7746]  ? security_file_permission+0x71/0x210
[  218.979242][ T7746]  ? rw_verify_area+0xcf/0x6c0
[  218.979262][ T7746]  vfs_write+0x7d3/0x11d0
[  218.979284][ T7746]  ? __pfx_sock_write_iter+0x10/0x10
[  218.979311][ T7746]  ? __pfx_vfs_write+0x10/0x10
[  218.979330][ T7746]  ? find_held_lock+0x2b/0x80
[  218.979362][ T7746]  ksys_write+0x1f8/0x250
[  218.979383][ T7746]  ? __pfx_ksys_write+0x10/0x10
[  218.979411][ T7746]  do_syscall_64+0xcd/0xfa0
[  218.979434][ T7746]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.979450][ T7746] RIP: 0033:0x7fab0218efc9
[  218.979465][ T7746] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  218.979481][ T7746] RSP: 002b:00007fab03108038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  218.979498][ T7746] RAX: ffffffffffffffda RBX: 00007fab023e5fa0 RCX: 00007fab0218efc9
[  218.979508][ T7746] RDX: 0000000000000007 RSI: 0000200000000000 RDI: 0000000000000004
[  218.979517][ T7746] RBP: 00007fab03108090 R08: 0000000000000000 R09: 0000000000000000
[  218.979526][ T7746] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  218.979536][ T7746] R13: 00007fab023e6038 R14: 00007fab023e5fa0 R15: 00007fff72763818
[  218.979561][ T7746]  </TASK>
[  220.474892][   T30] audit: type=1400 audit(1760867361.729:312): avc:  denied  { create } for  pid=7763 comm="syz.1.499" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  220.501586][ T7765] FAULT_INJECTION: forcing a failure.
[  220.501586][ T7765] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  220.515024][ T7765] CPU: 0 UID: 0 PID: 7765 Comm: syz.1.499 Not tainted syzkaller #0 PREEMPT(full) 
[  220.515048][ T7765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  220.515058][ T7765] Call Trace:
[  220.515065][ T7765]  <TASK>
[  220.515071][ T7765]  dump_stack_lvl+0x16c/0x1f0
[  220.515098][ T7765]  should_fail_ex+0x512/0x640
[  220.515123][ T7765]  _copy_from_user+0x2e/0xd0
[  220.515147][ T7765]  copy_msghdr_from_user+0x98/0x160
[  220.515170][ T7765]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  220.515204][ T7765]  ___sys_sendmsg+0xfe/0x1d0
[  220.515227][ T7765]  ? __pfx____sys_sendmsg+0x10/0x10
[  220.515246][ T7765]  ? __lock_acquire+0x622/0x1c90
[  220.515300][ T7765]  __sys_sendmsg+0x16d/0x220
[  220.515322][ T7765]  ? __pfx___sys_sendmsg+0x10/0x10
[  220.515360][ T7765]  do_syscall_64+0xcd/0xfa0
[  220.515384][ T7765]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.515401][ T7765] RIP: 0033:0x7fce2c78efc9
[  220.515414][ T7765] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  220.515431][ T7765] RSP: 002b:00007fce2a9d5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  220.515448][ T7765] RAX: ffffffffffffffda RBX: 00007fce2c9e6090 RCX: 00007fce2c78efc9
[  220.515459][ T7765] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000006
[  220.515469][ T7765] RBP: 00007fce2a9d5090 R08: 0000000000000000 R09: 0000000000000000
[  220.515479][ T7765] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  220.515489][ T7765] R13: 00007fce2c9e6128 R14: 00007fce2c9e6090 R15: 00007ffc40a57678
[  220.515515][ T7765]  </TASK>
[  220.988499][   T30] audit: type=1400 audit(1760867361.729:313): avc:  denied  { bind } for  pid=7763 comm="syz.1.499" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  221.009536][   T30] audit: type=1400 audit(1760867361.779:314): avc:  denied  { setopt } for  pid=7763 comm="syz.1.499" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  221.325625][ T7774] FAULT_INJECTION: forcing a failure.
[  221.325625][ T7774] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  221.326335][ T7774] 
[  221.326339][ T7774] ======================================================
[  221.326343][ T7774] WARNING: possible circular locking dependency detected
[  221.326347][ T7774] syzkaller #0 Not tainted
[  221.326353][ T7774] ------------------------------------------------------
[  221.326356][ T7774] syz.1.502/7774 is trying to acquire lock:
[  221.326362][ T7774] ffffffff8e2d1680 (console_owner){-.-.}-{0:0}, at: console_lock_spinning_enable+0x61/0x80
[  221.326396][ T7774] 
[  221.326396][ T7774] but task is already holding lock:
[  221.326399][ T7774] ffff8880b843a398 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130
[  221.326426][ T7774] 
[  221.326426][ T7774] which lock already depends on the new lock.
[  221.326426][ T7774] 
[  221.326429][ T7774] 
[  221.326429][ T7774] the existing dependency chain (in reverse order) is:
[  221.326433][ T7774] 
[  221.326433][ T7774] -> #4 (&rq->__lock){-.-.}-{2:2}:
[  221.326445][ T7774]        _raw_spin_lock_nested+0x31/0x40
[  221.326457][ T7774]        raw_spin_rq_lock_nested+0x29/0x130
[  221.326473][ T7774]        task_rq_lock+0xcf/0x490
[  221.326481][ T7774]        cgroup_move_task+0x81/0x2a0
[  221.326491][ T7774]        css_set_move_task+0x288/0x5f0
[  221.326506][ T7774]        cgroup_post_fork+0x201/0x9d0
[  221.326515][ T7774]        copy_process+0x602d/0x76a0
[  221.326525][ T7774]        kernel_clone+0xfc/0x930
[  221.326533][ T7774]        user_mode_thread+0xc8/0x110
[  221.326543][ T7774]        rest_init+0x23/0x2b0
[  221.326550][ T7774]        start_kernel+0x3f6/0x4e0
[  221.326560][ T7774]        x86_64_start_reservations+0x18/0x30
[  221.326571][ T7774]        x86_64_start_kernel+0x130/0x190
[  221.326581][ T7774]        common_startup_64+0x13e/0x148
[  221.326595][ T7774] 
[  221.326595][ T7774] -> #3 (&p->pi_lock){-.-.}-{2:2}:
[  221.326608][ T7774]        _raw_spin_lock_irqsave+0x3a/0x60
[  221.326618][ T7774]        try_to_wake_up+0xb7/0x1870
[  221.326633][ T7774]        __wake_up_common+0x135/0x1f0
[  221.326646][ T7774]        __wake_up+0x31/0x60
[  221.326655][ T7774]        tty_port_default_wakeup+0x47/0x60
[  221.326665][ T7774]        serial8250_tx_chars+0x68e/0x860
[  221.326675][ T7774]        serial8250_handle_irq+0x761/0xcb0
[  221.326686][ T7774]        serial8250_default_handle_irq+0x9e/0x270
[  221.326697][ T7774]        serial8250_interrupt+0xf8/0x1d0
[  221.326709][ T7774]        __handle_irq_event_percpu+0x236/0x920
[  221.326718][ T7774]        handle_irq_event+0xab/0x1e0
[  221.326726][ T7774]        handle_edge_irq+0x3ca/0x9e0
[  221.326741][ T7774]        __common_interrupt+0xd0/0x2f0
[  221.326750][ T7774]        common_interrupt+0xba/0xe0
[  221.326766][ T7774]        asm_common_interrupt+0x26/0x40
[  221.326781][ T7774]        console_flush_all+0x9a2/0xc60
[  221.326796][ T7774]        console_unlock+0xd8/0x210
[  221.326811][ T7774]        vprintk_emit+0x3d7/0x680
[  221.326819][ T7774]        _printk+0xc7/0x100
[  221.326831][ T7774]        kauditd_hold_skb+0x205/0x250
[  221.326844][ T7774]        kauditd_send_queue+0x239/0x290
[  221.326856][ T7774]        kauditd_thread+0x623/0xa70
[  221.326868][ T7774]        kthread+0x3c5/0x780
[  221.326882][ T7774]        ret_from_fork+0x675/0x7d0
[  221.326894][ T7774]        ret_from_fork_asm+0x1a/0x30
[  221.326904][ T7774] 
[  221.326904][ T7774] -> #2 (&tty->write_wait){-.-.}-{3:3}:
[  221.326917][ T7774]        _raw_spin_lock_irqsave+0x3a/0x60
[  221.326927][ T7774]        __wake_up+0x1c/0x60
[  221.326936][ T7774]        tty_port_default_wakeup+0x47/0x60
[  221.326945][ T7774]        serial8250_tx_chars+0x68e/0x860
[  221.326955][ T7774]        serial8250_handle_irq+0x761/0xcb0
[  221.326965][ T7774]        serial8250_default_handle_irq+0x9e/0x270
[  221.326976][ T7774]        serial8250_interrupt+0xf8/0x1d0
[  221.326987][ T7774]        __handle_irq_event_percpu+0x236/0x920
[  221.326996][ T7774]        handle_irq_event+0xab/0x1e0
[  221.327004][ T7774]        handle_edge_irq+0x3ca/0x9e0
[  221.327019][ T7774]        __common_interrupt+0xd0/0x2f0
[  221.327029][ T7774]        common_interrupt+0xba/0xe0
[  221.327044][ T7774]        asm_common_interrupt+0x26/0x40
[  221.327054][ T7774]        _raw_spin_unlock_irqrestore+0x31/0x80
[  221.327065][ T7774]        uart_write+0x2a4/0xb30
[  221.327073][ T7774]        n_tty_write+0x41e/0x11e0
[  221.327083][ T7774]        file_tty_write.constprop.0+0x503/0x9b0
[  221.327099][ T7774]        redirected_tty_write+0xd4/0x150
[  221.327114][ T7774]        vfs_write+0x7d3/0x11d0
[  221.327126][ T7774]        ksys_write+0x12a/0x250
[  221.327138][ T7774]        do_syscall_64+0xcd/0xfa0
[  221.327149][ T7774]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  221.327159][ T7774] 
[  221.327159][ T7774] -> #1 (&port_lock_key){-.-.}-{3:3}:
[  221.327171][ T7774]        _raw_spin_lock_irqsave+0x3a/0x60
[  221.327182][ T7774]        serial8250_console_write+0x181/0x1890
[  221.327193][ T7774]        console_flush_all+0x801/0xc60
[  221.327208][ T7774]        console_unlock+0xd8/0x210
[  221.327223][ T7774]        vprintk_emit+0x3d7/0x680
[  221.327231][ T7774]        _printk+0xc7/0x100
[  221.327244][ T7774]        register_console+0xc2d/0x11b0
[  221.327257][ T7774]        univ8250_console_init+0x5f/0x90
[  221.327275][ T7774]        console_init+0x152/0x680
[  221.327291][ T7774]        start_kernel+0x29f/0x4e0
[  221.327301][ T7774]        x86_64_start_reservations+0x18/0x30
[  221.327311][ T7774]        x86_64_start_kernel+0x130/0x190
[  221.327321][ T7774]        common_startup_64+0x13e/0x148
[  221.327334][ T7774] 
[  221.327334][ T7774] -> #0 (console_owner){-.-.}-{0:0}:
[  221.327346][ T7774]        __lock_acquire+0x126f/0x1c90
[  221.327359][ T7774]        lock_acquire+0x179/0x350
[  221.327370][ T7774]        console_lock_spinning_enable+0x72/0x80
[  221.327386][ T7774]        console_flush_all+0x7aa/0xc60
[  221.327401][ T7774]        console_unlock+0xd8/0x210
[  221.327415][ T7774]        vprintk_emit+0x3d7/0x680
[  221.327424][ T7774]        _printk+0xc7/0x100
[  221.327435][ T7774]        should_fail_ex+0x4e7/0x640
[  221.327448][ T7774]        strncpy_from_user+0x3b/0x2e0
[  221.327458][ T7774]        strncpy_from_user_nofault+0x7f/0x180
[  221.327471][ T7774]        bpf_bprintf_prepare+0xe90/0x13f0
[  221.327485][ T7774]        bpf_trace_printk+0xda/0x190
[  221.327500][ T7774]        bpf_prog_930ede9872f2967c+0x3e/0x44
[  221.327508][ T7774]        bpf_trace_run2+0x239/0x590
[  221.327523][ T7774]        __bpf_trace_contention_begin+0xc9/0x110
[  221.327535][ T7774]        trace_contention_begin.constprop.0+0xde/0x160
[  221.327550][ T7774]        __pv_queued_spin_lock_slowpath+0x109/0xcf0
[  221.327564][ T7774]        do_raw_spin_lock+0x20e/0x2b0
[  221.327578][ T7774]        raw_spin_rq_lock_nested+0x7e/0x130
[  221.327593][ T7774]        __schedule+0x307/0x5de0
[  221.327604][ T7774]        preempt_schedule_irq+0x51/0x90
[  221.327615][ T7774]        irqentry_exit+0x36/0x90
[  221.327627][ T7774]        asm_sysvec_reschedule_ipi+0x1a/0x20
[  221.327637][ T7774]        __do_sys_ioprio_get+0x4b0/0x1280
[  221.327651][ T7774]        do_syscall_64+0xcd/0xfa0
[  221.327663][ T7774]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  221.327672][ T7774] 
[  221.327672][ T7774] other info that might help us debug this:
[  221.327672][ T7774] 
[  221.327675][ T7774] Chain exists of:
[  221.327675][ T7774]   console_owner --> &p->pi_lock --> &rq->__lock
[  221.327675][ T7774] 
[  221.327689][ T7774]  Possible unsafe locking scenario:
[  221.327689][ T7774] 
[  221.327692][ T7774]        CPU0                    CPU1
[  221.327695][ T7774]        ----                    ----
[  221.327698][ T7774]   lock(&rq->__lock);
[  221.327704][ T7774]                                lock(&p->pi_lock);
[  221.327710][ T7774]                                lock(&rq->__lock);
[  221.327716][ T7774]   lock(console_owner);
[  221.327722][ T7774] 
[  221.327722][ T7774]  *** DEADLOCK ***
[  221.327722][ T7774] 
[  221.327725][ T7774] 6 locks held by syz.1.502/7774:
[  221.327730][ T7774]  #0: ffffffff8e3c4460 (rcu_read_lock){....}-{1:3}, at: __do_sys_ioprio_get+0x2c/0x1280
[  221.327757][ T7774]  #1: ffffffff8e3c4460 (rcu_read_lock){....}-{1:3}, at: __do_sys_ioprio_get+0x425/0x1280
[  221.327789][ T7774]  #2: ffff8880b843a398 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130
[  221.327817][ T7774]  #3: ffffffff8e3c4460 (rcu_read_lock){....}-{1:3}, at: bpf_trace_run2+0x1bc/0x590
[  221.327845][ T7774]  #4: ffffffff8e3b1ac0 (console_lock){+.+.}-{0:0}, at: _printk+0xc7/0x100
[  221.327870][ T7774]  #5: ffffffff8e3b1b30 (console_srcu){....}-{0:0}, at: console_flush_all+0x158/0xc60
[  221.327898][ T7774] 
[  221.327898][ T7774] stack backtrace:
[  221.327903][ T7774] CPU: 0 UID: 0 PID: 7774 Comm: syz.1.502 Not tainted syzkaller #0 PREEMPT(full) 
[  221.327915][ T7774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  221.327921][ T7774] Call Trace:
[  221.327925][ T7774]  <TASK>
[  221.327929][ T7774]  dump_stack_lvl+0x116/0x1f0
[  221.327943][ T7774]  print_circular_bug+0x275/0x350
[  221.327955][ T7774]  check_noncircular+0x14c/0x170
[  221.327970][ T7774]  __lock_acquire+0x126f/0x1c90
[  221.327985][ T7774]  lock_acquire+0x179/0x350
[  221.327997][ T7774]  ? console_lock_spinning_enable+0x61/0x80
[  221.328014][ T7774]  ? console_lock_spinning_enable+0x4a/0x80
[  221.328031][ T7774]  console_lock_spinning_enable+0x72/0x80
[  221.328047][ T7774]  ? console_lock_spinning_enable+0x61/0x80
[  221.328063][ T7774]  console_flush_all+0x7aa/0xc60
[  221.328081][ T7774]  ? __pfx_console_flush_all+0x10/0x10
[  221.328099][ T7774]  ? is_printk_cpu_sync_owner+0x32/0x40
[  221.328111][ T7774]  console_unlock+0xd8/0x210
[  221.328127][ T7774]  ? __pfx_console_unlock+0x10/0x10
[  221.328143][ T7774]  ? do_raw_spin_unlock+0xe0/0x230
[  221.328158][ T7774]  ? _printk+0xc7/0x100
[  221.328171][ T7774]  ? __down_trylock_console_sem+0xb0/0x140
[  221.328186][ T7774]  vprintk_emit+0x3d7/0x680
[  221.328196][ T7774]  ? __pfx_vprintk_emit+0x10/0x10
[  221.328207][ T7774]  _printk+0xc7/0x100
[  221.328220][ T7774]  ? __pfx__printk+0x10/0x10
[  221.328233][ T7774]  ? __pfx____ratelimit+0x10/0x10
[  221.328245][ T7774]  ? __pfx_bpf_trace_run2+0x10/0x10
[  221.328262][ T7774]  should_fail_ex+0x4e7/0x640
[  221.328275][ T7774]  strncpy_from_user+0x3b/0x2e0
[  221.328288][ T7774]  strncpy_from_user_nofault+0x7f/0x180
[  221.328301][ T7774]  bpf_bprintf_prepare+0xe90/0x13f0
[  221.328317][ T7774]  ? __pfx_bpf_bprintf_prepare+0x10/0x10
[  221.328331][ T7774]  ? __pv_queued_spin_lock_slowpath+0x28d/0xcf0
[  221.328348][ T7774]  ? bpf_trace_run2+0x3e1/0x590
[  221.328363][ T7774]  bpf_trace_printk+0xda/0x190
[  221.328378][ T7774]  ? __pfx_bpf_trace_printk+0x10/0x10
[  221.328394][ T7774]  ? bpf_trace_run2+0x3e1/0x590
[  221.328412][ T7774]  bpf_prog_930ede9872f2967c+0x3e/0x44
[  221.328420][ T7774]  bpf_trace_run2+0x239/0x590
[  221.328435][ T7774]  ? trace_sched_exit_tp+0xd1/0x120
[  221.328450][ T7774]  ? __pfx_bpf_trace_run2+0x10/0x10
[  221.328469][ T7774]  __bpf_trace_contention_begin+0xc9/0x110
[  221.328482][ T7774]  ? __pfx___bpf_trace_contention_begin+0x10/0x10
[  221.328497][ T7774]  ? mark_held_locks+0x49/0x80
[  221.328511][ T7774]  trace_contention_begin.constprop.0+0xde/0x160
[  221.328527][ T7774]  __pv_queued_spin_lock_slowpath+0x109/0xcf0
[  221.328542][ T7774]  ? __lock_acquire+0xb8a/0x1c90
[  221.328554][ T7774]  ? __pfx___pv_queued_spin_lock_slowpath+0x10/0x10
[  221.328570][ T7774]  ? do_raw_spin_lock+0x12c/0x2b0
[  221.328586][ T7774]  do_raw_spin_lock+0x20e/0x2b0
[  221.328601][ T7774]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  221.328616][ T7774]  ? rcu_qs+0x2b/0xe0
[  221.328625][ T7774]  ? rcu_note_context_switch+0x192/0x1e00
[  221.328643][ T7774]  raw_spin_rq_lock_nested+0x7e/0x130
[  221.328660][ T7774]  ? preempt_schedule_irq+0x51/0x90
[  221.328672][ T7774]  __schedule+0x307/0x5de0
[  221.328683][ T7774]  ? get_pid_task+0xfc/0x250
[  221.328696][ T7774]  ? get_pid_task+0x106/0x250
[  221.328709][ T7774]  ? find_held_lock+0x2b/0x80
[  221.328720][ T7774]  ? __pfx___schedule+0x10/0x10
[  221.328732][ T7774]  ? __lock_acquire+0x622/0x1c90
[  221.328746][ T7774]  preempt_schedule_irq+0x51/0x90
[  221.328759][ T7774]  irqentry_exit+0x36/0x90
[  221.328771][ T7774]  asm_sysvec_reschedule_ipi+0x1a/0x20
[  221.328785][ T7774] RIP: 0010:__do_sys_ioprio_get+0x4b0/0x1280
[  221.328800][ T7774] Code: ed 0f 85 01 08 00 00 e8 4e 1a 35 fd 48 8d 7d 08 48 89 f8 48 c1 e8 03 0f b6 04 18 84 c0 74 08 3c 03 0f 8e 6e 0c 00 00 8b 6d 08 <e8> bb 78 de 06 31 ff 41 89 c5 89 c6 e8 5f 15 35 fd 45 85 ed 0f 85
[  221.328810][ T7774] RSP: 0018:ffffc9001b47fea0 EFLAGS: 00000246
[  221.328818][ T7774] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: ffffffff84883674
[  221.328825][ T7774] RDX: ffff88805531c900 RSI: ffffffff84882e62 RDI: ffff888140430108
[  221.328832][ T7774] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000
[  221.328837][ T7774] R10: 0000000000000001 R11: 0000000000000001 R12: ffffed10037dd5bc
[  221.328843][ T7774] R13: 0000000000000001 R14: ffff88801beea480 R15: ffff88801beea9c8
[  221.328852][ T7774]  ? __do_sys_ioprio_get+0xca4/0x1280
[  221.328865][ T7774]  ? __do_sys_ioprio_get+0x492/0x1280
[  221.328882][ T7774]  do_syscall_64+0xcd/0xfa0
[  221.328896][ T7774]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  221.328906][ T7774] RIP: 0033:0x7fce2c78efc9
[  221.328913][ T7774] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  221.328923][ T7774] RSP: 002b:00007fce2a9f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fc
[  221.328932][ T7774] RAX: ffffffffffffffda RBX: 00007fce2c9e5fa0 RCX: 00007fce2c78efc9
[  221.328939][ T7774] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  221.328945][ T7774] RBP: 00007fce2a9f6090 R08: 0000000000000000 R09: 0000000000000000
[  221.328951][ T7774] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  221.328957][ T7774] R13: 00007fce2c9e6038 R14: 00007fce2c9e5fa0 R15: 00007ffc40a57678
[  221.328967][ T7774]  </TASK>
[  222.636585][ T7774] CPU: 0 UID: 0 PID: 7774 Comm: syz.1.502 Not tainted syzkaller #0 PREEMPT(full) 
[  222.636600][ T7774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  222.636607][ T7774] Call Trace:
[  222.636611][ T7774]  <TASK>
[  222.636616][ T7774]  dump_stack_lvl+0x116/0x1f0
[  222.636634][ T7774]  should_fail_ex+0x512/0x640
[  222.636649][ T7774]  strncpy_from_user+0x3b/0x2e0
[  222.636662][ T7774]  strncpy_from_user_nofault+0x7f/0x180
[  222.636676][ T7774]  bpf_bprintf_prepare+0xe90/0x13f0
[  222.636693][ T7774]  ? __pfx_bpf_bprintf_prepare+0x10/0x10
[  222.636708][ T7774]  ? __pv_queued_spin_lock_slowpath+0x28d/0xcf0
[  222.636728][ T7774]  ? bpf_trace_run2+0x3e1/0x590
[  222.636745][ T7774]  bpf_trace_printk+0xda/0x190
[  222.636760][ T7774]  ? __pfx_bpf_trace_printk+0x10/0x10
[  222.636776][ T7774]  ? bpf_trace_run2+0x3e1/0x590
[  222.636795][ T7774]  bpf_prog_930ede9872f2967c+0x3e/0x44
[  222.636804][ T7774]  bpf_trace_run2+0x239/0x590
[  222.636819][ T7774]  ? trace_sched_exit_tp+0xd1/0x120
[  222.636835][ T7774]  ? __pfx_bpf_trace_run2+0x10/0x10
[  222.636854][ T7774]  __bpf_trace_contention_begin+0xc9/0x110
[  222.636869][ T7774]  ? __pfx___bpf_trace_contention_begin+0x10/0x10
[  222.636884][ T7774]  ? mark_held_locks+0x49/0x80
[  222.636898][ T7774]  trace_contention_begin.constprop.0+0xde/0x160
[  222.636914][ T7774]  __pv_queued_spin_lock_slowpath+0x109/0xcf0
[  222.636930][ T7774]  ? __lock_acquire+0xb8a/0x1c90
[  222.636942][ T7774]  ? __pfx___pv_queued_spin_lock_slowpath+0x10/0x10
[  222.636957][ T7774]  ? do_raw_spin_lock+0x12c/0x2b0
[  222.636974][ T7774]  do_raw_spin_lock+0x20e/0x2b0
[  222.636989][ T7774]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  222.637003][ T7774]  ? rcu_qs+0x2b/0xe0
[  222.637012][ T7774]  ? rcu_note_context_switch+0x192/0x1e00
[  222.637031][ T7774]  raw_spin_rq_lock_nested+0x7e/0x130
[  222.637048][ T7774]  ? preempt_schedule_irq+0x51/0x90
[  222.637060][ T7774]  __schedule+0x307/0x5de0
[  222.637072][ T7774]  ? get_pid_task+0xfc/0x250
[  222.637086][ T7774]  ? get_pid_task+0x106/0x250
[  222.637099][ T7774]  ? find_held_lock+0x2b/0x80
[  222.637109][ T7774]  ? __pfx___schedule+0x10/0x10
[  222.637122][ T7774]  ? __lock_acquire+0x622/0x1c90
[  222.637136][ T7774]  preempt_schedule_irq+0x51/0x90
[  222.637149][ T7774]  irqentry_exit+0x36/0x90
[  222.637162][ T7774]  asm_sysvec_reschedule_ipi+0x1a/0x20
[  222.637174][ T7774] RIP: 0010:__do_sys_ioprio_get+0x4b0/0x1280
[  222.637190][ T7774] Code: ed 0f 85 01 08 00 00 e8 4e 1a 35 fd 48 8d 7d 08 48 89 f8 48 c1 e8 03 0f b6 04 18 84 c0 74 08 3c 03 0f 8e 6e 0c 00 00 8b 6d 08 <e8> bb 78 de 06 31 ff 41 89 c5 89 c6 e8 5f 15 35 fd 45 85 ed 0f 85
[  222.637200][ T7774] RSP: 0018:ffffc9001b47fea0 EFLAGS: 00000246
[  222.637209][ T7774] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: ffffffff84883674
[  222.637216][ T7774] RDX: ffff88805531c900 RSI: ffffffff84882e62 RDI: ffff888140430108
[  222.637222][ T7774] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000
[  222.637228][ T7774] R10: 0000000000000001 R11: 0000000000000001 R12: ffffed10037dd5bc
[  222.637234][ T7774] R13: 0000000000000001 R14: ffff88801beea480 R15: ffff88801beea9c8
[  222.637243][ T7774]  ? __do_sys_ioprio_get+0xca4/0x1280
[  222.637256][ T7774]  ? __do_sys_ioprio_get+0x492/0x1280
[  222.637274][ T7774]  do_syscall_64+0xcd/0xfa0
[  222.637287][ T7774]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.637298][ T7774] RIP: 0033:0x7fce2c78efc9
[  222.637306][ T7774] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  222.637316][ T7774] RSP: 002b:00007fce2a9f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fc
[  222.637325][ T7774] RAX: ffffffffffffffda RBX: 00007fce2c9e5fa0 RCX: 00007fce2c78efc9
[  222.637332][ T7774] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  222.637338][ T7774] RBP: 00007fce2a9f6090 R08: 0000000000000000 R09: 0000000000000000
[  222.637344][ T7774] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  222.637350][ T7774] R13: 00007fce2c9e6038 R14: 00007fce2c9e5fa0 R15: 00007ffc40a57678
[  222.637360][ T7774]  </TASK>
[  223.423126][ T7773] netlink: 566 bytes leftover after parsing attributes in process `syz.2.501'.