last executing test programs:

17.993871519s ago: executing program 2 (id=2533):
setresuid(0x0, 0xee00, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
fcntl$setownex(0xffffffffffffffff, 0xf, &(0x7f0000000100)={0x0, r0})
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="2dc91d14d5152e0f03ba233e480e8c35", 0x10}], 0x1}, 0x1)

17.711279938s ago: executing program 2 (id=2536):
socket$inet(0x2, 0x4000000000000001, 0x0)
openat$sequencer(0xffffffffffffff9c, 0x0, 0x80200, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
bpf$MAP_CREATE(0x0, &(0x7f0000000bc0)=ANY=[@ANYBLOB="0e000000040000000400000002"], 0x50)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000062c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x29, 0x0, 0x80000}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000970700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000160000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000eeffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x20, 0x0, 0x400000000000, {0x0, 0x6}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0xb)
pselect6(0x40, &(0x7f0000000000)={0x64, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0xc3a9}, &(0x7f0000000300)={0x0, 0x3938700}, 0x0)

17.488906216s ago: executing program 2 (id=2539):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x400000000008d}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x9, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
mount$9p_unix(&(0x7f0000002600)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000003600)='.\x00', &(0x7f0000003640), 0x2000000, &(0x7f0000000d00)=ANY=[@ANYBLOB="7472616e733d756e69782c00af0b08c0e8bf5d5ec64a50fc43fd9b18a407300e850bde285c1f36ccf9c64deeec699fb91b904a9f9511377cf9a14fb59aff62177f975eba6b9d48300bb208d10a867a32d8934d6e79495b3cf882d196d3ecc70f2ab1b4ca775907b3f637d1779b1b63715f27e6c8ab7e9576ba037d8c39be5ce73a0b3724cdcaad8d8bf22562200200000032c11cb12550524094fda4598e97520f7741ec12599eece6b710fab8202a6f926ace78ec77da1bc1b64f"])

15.788851289s ago: executing program 2 (id=2547):
r0 = socket(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000, 0x0, 0x1}, 0x20)
setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', <r3=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000300)=0x1, 0x4)
bind$xdp(r1, &(0x7f0000000180)={0x2c, 0xa, r3}, 0x10)
bind$xdp(r1, &(0x7f00000001c0)={0x2c, 0xa, 0x0, 0x6}, 0x10)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(&(0x7f0000000340)='./file0/file0\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x2001080, 0x0)
ioctl$sock_inet_SIOCGIFNETMASK(r2, 0x891b, &(0x7f0000000140)={'dummy0\x00', {0x2, 0x0, @private}})
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000180)={'bond0\x00', <r5=>0x0})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000200)={'batadv0\x00', <r6=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB="480000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="211a0000000000002000128008000100687372001400028008000100", @ANYRES32=r5, @ANYBLOB="08000200", @ANYRES32=r6, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r6], 0x48}}, 0x0)

14.147211745s ago: executing program 2 (id=2554):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x400000000008d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x9, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
mount$9p_unix(&(0x7f0000002600)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000003600)='.\x00', &(0x7f0000003640), 0x2000000, &(0x7f0000000d00)=ANY=[@ANYBLOB="7472616e733d756e69782c00af0b08c0e8bf5d5ec64a50fc43fd9b18a407300e850bde285c1f36ccf9c64deeec699fb91b904a9f9511377cf9a14fb59aff62177f975eba6b9d48300bb208d10a867a32d8934d6e79495b3cf882d196d3ecc70f2ab1b4ca775907b3f637d1779b1b63715f27e6c8ab7e9576ba037d8c39be5ce73a0b3724cdcaad8d8bf22562200200000032c11cb12550524094fda4598e97520f7741ec12599eece6b710fab8202a6f926ace78ec77da1bc1b64f"])

13.956201856s ago: executing program 2 (id=2555):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x409a0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1404200bce)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(serpent)\x00'}, 0x58)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000280)={'syzkaller1\x00', @link_local})
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(des3_ede)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x0)
sendmmsg$alg(r2, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe1a}], 0x1, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x4924924924924b9, 0x0)
ioctl$SIOCPNENABLEPIPE(r2, 0x89ed, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000090000000000000000000000850000002a000000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000040)='sys_exit\x00', r3}, 0x10)
r4 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000080)='.log\x00', 0x1812c1, 0x0)
fchown(r4, 0xee01, 0x0)

13.800177142s ago: executing program 32 (id=2555):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x409a0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1404200bce)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(serpent)\x00'}, 0x58)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000280)={'syzkaller1\x00', @link_local})
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(des3_ede)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x0)
sendmmsg$alg(r2, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe1a}], 0x1, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x4924924924924b9, 0x0)
ioctl$SIOCPNENABLEPIPE(r2, 0x89ed, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000090000000000000000000000850000002a000000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000040)='sys_exit\x00', r3}, 0x10)
r4 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000080)='.log\x00', 0x1812c1, 0x0)
fchown(r4, 0xee01, 0x0)

10.106858297s ago: executing program 1 (id=2567):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
ioctl$FBIOGET_VSCREENINFO(0xffffffffffffffff, 0x4600, &(0x7f0000000680))
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x50, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000200)={0xffffffffffffffff, &(0x7f0000000180), 0x0}, 0x20)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
openat$ptp0(0xffffffffffffff9c, 0x0, 0x100, 0x0)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r2, 0x0, 0x12, &(0x7f0000000300)=0x1, 0x4)
sendto$inet(r2, &(0x7f0000000000)="f461c5bbd75c3583", 0x8, 0x0, &(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10)
recvmmsg(r2, &(0x7f000000e280), 0x58a, 0x42, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
socket$nl_generic(0x10, 0x3, 0x10)

8.45488315s ago: executing program 0 (id=2571):
modify_ldt$write(0x1, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sigaltstack(&(0x7f0000000480)={&(0x7f0000004000)=""/4126, 0x80000001, 0x101e}, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000000080)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
socket$packet(0x11, 0x3, 0x300)
socket$packet(0x11, 0x3, 0x300)
socket$inet_udp(0x2, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b708000000bc7a007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth0_to_team\x00'})
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffc00, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r5, 0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000100000001"], 0x18}, 0x0, 0x40000, 0x1})

7.099299517s ago: executing program 1 (id=2574):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x20000053, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
open(0x0, 0x0, 0x0)
io_setup(0x7, &(0x7f0000000280)=<r3=>0x0)
r4 = openat$sysfs(0xffffff9c, &(0x7f00000000c0)='/sys/power/wakeup_count', 0x42, 0x0)
io_submit(r3, 0x1, &(0x7f0000000500)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, r4, &(0x7f00000001c0)='7', 0x1, 0x4}])

6.963236486s ago: executing program 4 (id=2576):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x20000053, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
open(0x0, 0x0, 0x0)
io_setup(0x7, &(0x7f0000000280)=<r3=>0x0)
r4 = openat$sysfs(0xffffff9c, &(0x7f00000000c0)='/sys/power/wakeup_count', 0x42, 0x0)
io_submit(r3, 0x1, &(0x7f0000000500)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, r4, &(0x7f00000001c0)='7', 0x1, 0x4}])

5.624573876s ago: executing program 1 (id=2578):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0x8, &(0x7f0000000000)={0xa, 0x8b}, 0x0)
ioctl$SG_GET_SG_TABLESIZE(0xffffffffffffffff, 0x227f, 0x0)
r0 = gettid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sched_setaffinity(r0, 0x8, &(0x7f00000002c0)=0x1000000000002)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$inet(0x2, 0x2, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_group_source_req(r3, 0x0, 0x2e, &(0x7f0000000340)={0x3, {{0x2, 0x0, @multicast1}}, {{0x2, 0x0, @loopback}}}, 0x108)
write$tcp_congestion(0xffffffffffffffff, &(0x7f0000000340)='hybla\x00', 0xfffffee6)
getsockopt$inet_buf(r3, 0x0, 0x30, &(0x7f0000000340)=""/225, &(0x7f0000000180)=0xe1)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r4 = socket$netlink(0x10, 0x3, 0x0)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000380)}], 0x1)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', 0x0, 0x100144d, &(0x7f0000000200)=ANY=[@ANYBLOB, @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000040000', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(0xffffffffffffffff, &(0x7f00000021c0)={0x2020, 0x0, <r5=>0x0}, 0x67a)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000001dc0)={0x50, 0xfffffffffffffffe, r5, {0x7, 0x2b, 0x3, 0xb04c842, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}}, 0x50)
statx(0xffffffffffffff9c, &(0x7f0000000640)='./file0/file1\x00', 0x1000, 0x100, 0x0)
msgsnd(0x0, 0xfffffffffffffffc, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)

4.972881855s ago: executing program 4 (id=2580):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
ioctl$FBIOGET_VSCREENINFO(0xffffffffffffffff, 0x4600, &(0x7f0000000680))
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x50, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000200)={0xffffffffffffffff, &(0x7f0000000180), 0x0}, 0x20)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
openat$ptp0(0xffffffffffffff9c, 0x0, 0x100, 0x0)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r2, 0x0, 0x12, &(0x7f0000000300)=0x1, 0x4)
sendto$inet(r2, &(0x7f0000000000)="f461c5bbd75c3583", 0x8, 0x0, &(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10)
recvmmsg(r2, &(0x7f000000e280), 0x58a, 0x42, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
socket$nl_generic(0x10, 0x3, 0x10)

4.897814702s ago: executing program 3 (id=2581):
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={0xffffffffffffffff, 0xe0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x4, 0x7, &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r1=>0x0, 0x33, &(0x7f0000000200)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000000240), &(0x7f0000000280), 0x8, 0x5c, 0x8, 0x8, &(0x7f00000002c0)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xe, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x4, 0x2, 0x1, 0x4}]}, &(0x7f0000000040)='syzkaller\x00', 0x8, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @sk_skb=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0}, 0x94)
r2 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
socket(0x10, 0x3, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file1/file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x7ffeedc0, 0x0)
r7 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r7, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r7, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4)
setsockopt$sock_int(r7, 0x1, 0x8, &(0x7f0000000200), 0x4)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="980000000001010400000000000000000a0000003c0001802c00018014000300fe8000000000000000000000000000aa14000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8800000000000000000000000000010c0002800500010000000000080007"], 0x98}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000001c0)=ANY=[], 0x98}, 0x1, 0x0, 0x0, 0x20040800}, 0x0)
read$FUSE(r2, 0x0, 0xfffffffffffffee6)
copy_file_range(0xffffffffffffffff, 0x0, r0, &(0x7f0000000080)=0x8000, 0x456, 0x0)

4.245266351s ago: executing program 0 (id=2582):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0xe, 0x7fff0000}]})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1404200bce)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0xb9)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(des3_ede)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292", 0xc)
r2 = accept4(r1, 0x0, 0x0, 0x0)
sendmmsg$alg(r2, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe1a}], 0x1, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x4924924924924b9, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000090000000000000000000000850000002a000000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000040)='sys_exit\x00', r3}, 0x10)
r4 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000080)='.log\x00', 0x1812c1, 0x0)
fchown(r4, 0xee01, 0x0)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000000c0)=""/81, 0x51}, {&(0x7f0000000440)=""/79, 0x4f}], 0x2}, 0x20000253)

3.883580593s ago: executing program 3 (id=2583):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f00000013c0)={0x9, 0x2, 0x2, {0x5, @vbi={0x0, 0x0, 0x4, 0x0, [], [0x8200], 0x1}}})
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="b00000001a00010000000000000000000a8000ff0000000000000000080010000e000000790008806bbea9748248ee4beb0129741dab2a1c5772dc4494e8b1a19b9ca6fdcef7598d4dd11bd6ea3f677ecfe817609bad8d7549a01d6cf602d48a97ed3ed38f125aa3503b96084b85aacf24fe78ba0e1347daa0245c06ee5afbf13674206d95a899d9610e6bf644b475eb378db7ceba0f98b13c1c01722b00000005001b0001"], 0xb0}}, 0x20040010)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000040)={'wlan1\x00', &(0x7f0000000140)=@ethtool_eee={0x44, 0x4, 0x9, 0x7, 0x1, 0xfffffe00, 0x5, 0x80000000, [0x6, 0xfffffffd]}})
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f000001aa40)=""/102400, 0x19000)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000f40)={<r4=>0xffffffffffffffff})
sendmsg$sock(r4, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000001380)=[{&(0x7f0000001000)='z', 0x101d0}], 0x1}, 0x0)
ioctl$VIDIOC_S_SELECTION(0xffffffffffffffff, 0xc040565f, &(0x7f00000007c0)={0xa, 0x100, 0x3, {0x3, 0xffffffff, 0x403, 0x4}})
close(0x3)

3.262473067s ago: executing program 0 (id=2584):
preadv(0xffffffffffffffff, &(0x7f00000002c0)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1, 0x0, 0x7)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="1201fb0019030320d812010079de01ec020109021b0001000003000904000001785ecc00090585020004"], 0x0)

3.252966876s ago: executing program 4 (id=2585):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$F2FS_IOC_GET_FEATURES(r3, 0x8004f50c, &(0x7f0000000040))
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="3c00000010000304000000000000000000007400", @ANYRES32=r2, @ANYBLOB="02101b00010062726964676500000c00020000002700200000269c8ea891c4bd908ef377288f51af09c6a4cd1c10a1684221b23464b7532b5c4c0a24b79b53f68f0029cb0cf1f696b8ca532cd8d8c0bc62ebd53766325200"/98], 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
sendmsg$RDMA_NLDEV_CMD_RES_QP_GET(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x20, 0x140a, 0x200, 0x70bd28, 0x25dfdbff, "", [@RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @RDMA_NLDEV_ATTR_RES_LQPN={0x8, 0x15, 0x3}]}, 0x20}, 0x1, 0x0, 0x0, 0xc081}, 0x40c0)

2.79848328s ago: executing program 1 (id=2586):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0x8, &(0x7f0000000000)={0xa, 0x8b}, 0x0)
ioctl$SG_GET_SG_TABLESIZE(0xffffffffffffffff, 0x227f, 0x0)
r0 = gettid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sched_setaffinity(r0, 0x8, &(0x7f00000002c0)=0x1000000000002)
socket$key(0xf, 0x3, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$inet(0x2, 0x2, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
write$tcp_congestion(0xffffffffffffffff, &(0x7f0000000340)='hybla\x00', 0xfffffee6)
getsockopt$inet_buf(r3, 0x0, 0x30, &(0x7f0000000340)=""/225, &(0x7f0000000180)=0xe1)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
writev(0xffffffffffffffff, &(0x7f00000003c0), 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', 0x0, 0x100144d, &(0x7f0000000200)=ANY=[@ANYBLOB, @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000040000', @ANYRESDEC=0x0])
read$FUSE(0xffffffffffffffff, &(0x7f00000021c0)={0x2020, 0x0, <r4=>0x0}, 0x67a)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000001dc0)={0x50, 0xfffffffffffffffe, r4, {0x7, 0x2b, 0x3, 0xb04c842, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}}, 0x50)
statx(0xffffffffffffff9c, &(0x7f0000000640)='./file0/file1\x00', 0x1000, 0x100, 0x0)
msgsnd(0x0, 0xfffffffffffffffc, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)

2.797084201s ago: executing program 3 (id=2587):
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(0x0, 0xa5ee, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = syz_io_uring_setup(0x237, &(0x7f0000000480)={0x0, 0x8901, 0x400, 0x0, 0x2cf}, &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000600)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
sendmsg$rds(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440), 0x0, 0x0, 0x0, 0x20000800}, 0x4000008)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in={{0x2, 0x0, @empty}}, 0x5, 0x12, 0x0, 0x3}, 0x9c)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r4, &(0x7f00000001c0)=ANY=[@ANYBLOB='3'], 0x118)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x6a, 0x0, @fd=r1, 0x100000001, 0x0, 0x0, 0x2, 0x1})
io_uring_enter(r1, 0x47ba, 0x0, 0x0, 0x0, 0x0)
socket$kcm(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)

2.690980826s ago: executing program 4 (id=2588):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setownex(r1, 0xf, 0x0)
sendmsg$unix(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="2dc91d14d5152e0f03ba233e480e8c35", 0x10}], 0x1}, 0x1)

1.916074574s ago: executing program 4 (id=2589):
bind$netlink(0xffffffffffffffff, &(0x7f0000000080)={0x10, 0x0, 0x25dfdbfe, 0x2ffffffff}, 0xffffffffffffffb0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ptrace$ARCH_ENABLE_TAGGED_ADDR(0x1e, 0x0, 0x5, 0x4002)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x33}, 0xe70bdd3d34fcba6)
r2 = openat$sysfs(0xffffff9c, &(0x7f00000037c0)='/sys/kernel/notes', 0x0, 0x44)
r3 = syz_io_uring_setup(0xbdf, &(0x7f0000000000)={0x0, 0x6d0a, 0x80, 0xfffffffd, 0x40000331, 0x0, r2}, &(0x7f0000000080)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r2, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r3, 0x847ba, 0x2000, 0xe, 0x0, 0x0)
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r0, 0x8982, 0x0)
ioctl$VIDIOC_G_EXT_CTRLS(0xffffffffffffffff, 0xc0205649, 0x0)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r6}, 0x4)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="50000000020601080000000000000000000000080c00078008000640200000000500010006000000050005000a00000005000400000000000900020073797a31000000000c000300686173683a6970"], 0x50}, 0x1, 0x0, 0x0, 0x4010}, 0x20040000)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYRES64=r1], 0x44}, 0x1, 0x0, 0x0, 0xc881}, 0x4004880)
r9 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/resume', 0x169a82, 0x109)
sendfile(r9, r9, 0x0, 0xb)
socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setattr(0x0, 0x0, 0x0)
r10 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$inet_udp_int(r10, 0x11, 0x0, 0x0, &(0x7f0000000040))

1.835801133s ago: executing program 3 (id=2590):
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
syz_open_dev$vim2m(&(0x7f0000000040), 0x40003, 0x2)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000009c0)={0x0, 0x0, 0x0, &(0x7f0000000200), 0x2, r0}, 0x38)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44810}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000004c00)=""/102392, 0x18ff8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000800000095"], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x100}, 0x94)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$fou(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$FOU_CMD_GET(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={0x0}, 0x1, 0x0, 0x0, 0x40}, 0x4008080)

1.766487803s ago: executing program 1 (id=2591):
r0 = syz_open_dev$vbi(&(0x7f0000000180), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00'})
openat$tun(0xffffffffffffff9c, 0x0, 0x220800, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x87}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0)
write$proc_mixer(r3, &(0x7f00000003c0)=ANY=[@ANYBLOB='ALTPCM '], 0xf7)
r4 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0)
dup3(r4, r3, 0x0)
connect$inet6(r2, &(0x7f0000000140)={0xa, 0x4e24, 0x9, @dev={0xfe, 0x80, '\x00', 0xa}}, 0x1c)
r5 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x101080)
ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r5, 0x80dc5521, 0xfffffffffffffffe)
creat(&(0x7f0000000100)='./file0\x00', 0x1e6)
connect$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(0xffffffffffffffff, &(0x7f0000007fc0), 0x800001d, 0x0)
getpid()
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0x8a5, 0x93, 0x1, 0x1, 0xd59f80, 0x19ef, 0x6, 0xffff, 0x6, 0x4, 0x27ff, 0x2800, 0x42, 0xbb6, 0x19, 0x8, {0x8, 0x802}, 0xd0, 0x7}})

1.262281622s ago: executing program 0 (id=2592):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x804, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x0, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0xffffffffffffff97, 0x0, &(0x7f0000000400)=[@increfs], 0x32, 0x0, 0x0})
dup3(r1, r0, 0x0)
r2 = socket$kcm(0xa, 0x1, 0x106)
setsockopt$sock_attach_bpf(r2, 0x29, 0x4b, 0x0, 0x4)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a, 0x4})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire={0x40046305, 0x1000}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000580)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000440)={@flat=@weak_handle={0x77682a85, 0x101}, @flat=@binder={0x73622a85, 0xa, 0x1}, @flat=@binder={0x73622a85, 0x1000}}, &(0x7f0000000240)={0x0, 0x18, 0x30}}, 0x1000}], 0x0, 0x0, 0x0})
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd}, 0x94)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000004c0), 0x0, 0x50)
quotactl_fd$Q_SYNC(0xffffffffffffffff, 0xffffffff80000100, 0x0, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, 0x0, 0x0)
move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0, 0x0)
socket$inet6(0xa, 0x2, 0x0)
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0xb635773f04ebbeed, 0x4010, 0xffffffffffffffff, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
io_setup(0x8, &(0x7f00000002c0)=<r6=>0x0)
r7 = openat$sysfs(0xffffff9c, &(0x7f00000037c0)='/sys/kernel/notes', 0x0, 0x1b8)
io_submit(r6, 0x1, &(0x7f0000000140)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, r7, 0x0, 0x0, 0x0, 0x0, 0x0, r7}])
socket(0x2, 0xa, 0x0)

987.613818ms ago: executing program 3 (id=2593):
openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x2d41, 0xd5)
syz_emit_ethernet(0x28e, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0xc)
socket$kcm(0x10, 0x3, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2b}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b00010062726964676500001800028005001900840000000c001e"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x4008050)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r4, 0x3)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
socket$netlink(0x10, 0x3, 0x4)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r3, &(0x7f00000021c0)={0x2020}, 0x2020)

687.236386ms ago: executing program 1 (id=2594):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
ioctl$FBIOGET_VSCREENINFO(0xffffffffffffffff, 0x4600, &(0x7f0000000680))
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x50, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000200)={0xffffffffffffffff, &(0x7f0000000180), 0x0}, 0x20)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000040), 0x100, 0x0)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r2, 0x0, 0x12, 0x0, 0x0)
sendto$inet(r2, &(0x7f0000000000)="f461c5bbd75c3583", 0x8, 0x0, &(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10)
recvmmsg(r2, &(0x7f000000e280), 0x58a, 0x42, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
socket$nl_generic(0x10, 0x3, 0x10)

579.358816ms ago: executing program 0 (id=2595):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0x8, &(0x7f0000000000)={0xa, 0x8b}, 0x0)
ioctl$SG_GET_SG_TABLESIZE(0xffffffffffffffff, 0x227f, 0x0)
r0 = gettid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sched_setaffinity(r0, 0x8, &(0x7f00000002c0)=0x1000000000002)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$inet(0x2, 0x2, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_group_source_req(r3, 0x0, 0x2e, &(0x7f0000000340)={0x3, {{0x2, 0x0, @multicast1}}, {{0x2, 0x0, @loopback}}}, 0x108)
write$tcp_congestion(0xffffffffffffffff, &(0x7f0000000340)='hybla\x00', 0xfffffee6)
getsockopt$inet_buf(r3, 0x0, 0x30, &(0x7f0000000340)=""/225, &(0x7f0000000180)=0xe1)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r4 = socket$netlink(0x10, 0x3, 0x0)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000380)}], 0x1)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', 0x0, 0x100144d, &(0x7f0000000200)=ANY=[@ANYBLOB, @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000040000,u', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(0xffffffffffffffff, &(0x7f00000021c0)={0x2020, 0x0, <r5=>0x0}, 0x67a)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000001dc0)={0x50, 0xfffffffffffffffe, r5, {0x7, 0x2b, 0x3, 0xb04c842, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}}, 0x50)
statx(0xffffffffffffff9c, &(0x7f0000000640)='./file0/file1\x00', 0x1000, 0x100, 0x0)
msgsnd(0x0, 0xfffffffffffffffc, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)

81.786773ms ago: executing program 3 (id=2596):
socket$netlink(0x10, 0x3, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
mmap$binder(&(0x7f0000265000/0x4000)=nil, 0x4000, 0x1, 0x11, 0xffffffffffffffff, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102392, 0x18ff8)
r1 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000080)={'veth0_to_team\x00', &(0x7f0000000000)=@ethtool_cmd={0x2c, 0x6, 0x4, 0x0, 0x0, 0x0, 0x6, 0x0, 0xff, 0x0, 0x9}})
r2 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, 0x0)
r3 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'bond_slave_0\x00'})
r4 = getpid()
r5 = syz_pidfd_open(r4, 0x0)
setns(r5, 0x24020000)
mount$9p_xen(0x0, &(0x7f0000000300)='.\x00', 0x0, 0x44000, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="400000001400b5952cbd7000ffdbdf250a180000", @ANYRESOCT, @ANYRES32=r3], 0x40}, 0x1, 0x0, 0x0, 0x2000c015}, 0x40844)
r6 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r6, 0x0, 0x0)
bind$unix(r6, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000280), 0x109101, 0x0)
syslog(0x3, 0xffffffffffffffff, 0x1000000)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000180)='rootcontext', &(0x7f0000000040)='E\xe1\x85\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
setpriority(0x0, 0x0, 0x2a14b58)

17.609775ms ago: executing program 4 (id=2597):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x24c01, 0x0)
ioctl$DRM_IOCTL_GET_CLIENT(r1, 0xc0046686, &(0x7f0000000d40))
ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r1, 0xc1105518, &(0x7f00000007c0)={{0x7, 0x0, 0xa000, 0x7, 'syz0\x00'}, 0x2, 0x1, 0x63dc, r0, 0x3, 0x80, 'syz0\x00', &(0x7f0000000680)=['prio\x00', ']}\x00', '!-\x00'], 0xb})
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="0900000037aa6207c18e028a154c156581bc04000000e27f0000010000000000fff9cba1f31c37cf2f71f5f33389", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/25], 0x50)
symlinkat(&(0x7f0000000200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffff9c, &(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
setxattr$trusted_overlay_upper(&(0x7f0000000480)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000040), 0x0, 0x0, 0x3)
r2 = socket$packet(0x11, 0x2, 0x300)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x48, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, 0x0, {0x0, 0x2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x8}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x4004001}, 0x20004000)
sendmsg$nl_route_sched(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=@newtfilter={0x24, 0x2a, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x8, 0xfff1}, {0xfff1, 0x2}, {0xb, 0xffe0}}}, 0x24}, 0x1, 0x0, 0x0, 0x24044801}, 0x20000000)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000040)={0x2, 0x6}, 0x4)
setsockopt$packet_fanout_data(r2, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000180)=[{0x28, 0x0, 0x0, 0xfffff038}, {0x40, 0x0, 0x0, 0x80000001}, {0x6}]}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000ff0f000005"], 0x50)
syz_emit_ethernet(0xbe, &(0x7f0000000000)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x32, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@initiation={0x1, 0x4, "d57e190d001e6e1d16c1711bbd8adbf65bd846957b378a02340c68117aa1b390", "b0b4170e157cddfb9792c8e37bafb99e319950347e93f4d34870ee24c0ea06d56270e45c8d3e7d708161ba81dd33c54b", "01acae6f69ea1443db8d53af54944d4894a87f20c65bfb8e0c8cfb67", {"38f5e54b3dc7c070b4d66f0f9565df74", "d2653a13d554fee0e7be27c873db314d"}}}}}}}, 0x0)

0s ago: executing program 0 (id=2598):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, 0x0, &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r0, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
r4 = open(&(0x7f0000000100)='./bus\x00', 0x0, 0x0)
truncate(&(0x7f0000000040)='./bus\x00', 0x9472)
lsetxattr$security_ima(&(0x7f00000002c0)='./bus\x00', &(0x7f0000000180), &(0x7f0000000240)=ANY=[@ANYBLOB='f4'], 0x2, 0x0)
dup3(r4, r3, 0x0)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r1, 0x8108551b, &(0x7f0000000500)={0x40, 0x3, "35218967b83fbdf68b2fda5da188b2dbc98b13ba49328fc9d2b0bdaaac3458cc3a2bee73719dfbc8aa2511d3a33997e0366253a6ae25896e581669b5adc2aa774ed62219418f8194046c6c9de234182116b74b223e713f4c88f496fe6d6f3e196be841d1390ed24b3f9e9a26ed0cfe46004582f90e85279b36c42db5b6492518f11961857024b8e0eaa402dda312201fd2d8a9eed59c9dbaef54eb2d2b990e5413a68d7da2f57b8a21d6b43cc1d5017ba860bbad31eb0ce9bc2a07f920abefb52ed5f4fcf3ae433457891942de3905c406a516d3e88cdbee98fcc63ef07060d82c4cf36a2a64cd9d25d87ff2c8c28ed19aa4ce5fd5aa6aca93e1b8c77bdf7c0a"})
finit_module(r4, 0x0, 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$TCSETAW(r5, 0x5407, &(0x7f0000000180)={0x0, 0xf, 0xc, 0x1000, 0x4, "5a1c966bcd4b7448"})
write$UHID_INPUT(r5, &(0x7f0000001040)={0x9, {"a2e3ad21ed0d09f90e3d090987f70e06d038e7ff7fc6e5539b0d5b0e8b099b3f36006c090890e0878f0e1ac6e7f89b334d959b639a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d074a0936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0a6193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000400000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617679314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec230911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918c91243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac5a4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4b333bd5bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3be3b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ce0700c7e658828163e2d25c4aa348561f927eff7f3aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f05004b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d486046b2c0e2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee6157eb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de225727aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d78749a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29c60acebdbe8ddbd75c2f998d8a57f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95ff80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8870b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513007000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae8489d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60299473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d946a2daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810300000000000000a12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf000000800000000007b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae0e797e8bd1f4108b7807fb36207685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ad50dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b9048017848416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1db44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b00f1000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de9c0587c2cb5fe36d7d3e5db21b013b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cf4b23329072e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06810002000000000000957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f3e90d5943dbc10360a1a49700d1dfbf66d69f6fbafe1e83cdde8bb0d872a02238926407a4eddd5d0fc5a752f900000000000000100", 0x35e}}, 0x1006)
r6 = socket$phonet_pipe(0x23, 0x5, 0x2)
setsockopt$PNPIPE_HANDLE(r6, 0x113, 0x3, 0x0, 0x0)
connect$phonet_pipe(r6, &(0x7f0000002200)={0x23, 0x0, 0x0, 0x1d}, 0x10)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x6)
bpf$LINK_GET_NEXT_ID(0x1f, 0x0, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_TEST(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x2c, 0xb, 0x6, 0x201, 0x0, 0x0, {0x5, 0x0, 0x7}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x4}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4800}, 0x4800)
r8 = socket$phonet(0x23, 0x2, 0x1)
recvmmsg(r8, &(0x7f0000001440)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x40000000, 0x0)
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

kernel console output (not intermixed with test programs):

: found a 'TerraTec NOXON DAB Stick' in warm state
[  725.773168][T16105] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2114'.
[  725.927025][    T9] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  725.943792][T12672] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  725.945018][    T9] usb 2-1: USB disconnect, device number 28
[  726.014379][T16137] FAULT_INJECTION: forcing a failure.
[  726.014379][T16137] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  726.028483][T16137] CPU: 0 UID: 0 PID: 16137 Comm: syz.4.2117 Not tainted syzkaller #0 PREEMPT(full) 
[  726.028506][T16137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  726.028515][T16137] Call Trace:
[  726.028522][T16137]  <TASK>
[  726.028528][T16137]  dump_stack_lvl+0x16c/0x1f0
[  726.028558][T16137]  should_fail_ex+0x512/0x640
[  726.028588][T16137]  _copy_to_user+0x32/0xd0
[  726.028617][T16137]  simple_read_from_buffer+0xcb/0x170
[  726.028645][T16137]  proc_fail_nth_read+0x197/0x240
[  726.028665][T16137]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  726.028685][T16137]  ? rw_verify_area+0xcf/0x6c0
[  726.028709][T16137]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  726.028728][T16137]  vfs_read+0x1e1/0xcf0
[  726.028757][T16137]  ? __pfx___mutex_lock+0x10/0x10
[  726.028782][T16137]  ? __pfx_vfs_read+0x10/0x10
[  726.028815][T16137]  ? __fget_files+0x20e/0x3c0
[  726.028839][T16137]  ksys_read+0x12a/0x250
[  726.028854][T16137]  ? __pfx_ksys_read+0x10/0x10
[  726.028877][T16137]  do_syscall_64+0xcd/0xfa0
[  726.028903][T16137]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  726.028918][T16137] RIP: 0033:0x7ff94858d8dc
[  726.028932][T16137] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  726.028961][T16137] RSP: 002b:00007ff949360030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  726.028982][T16137] RAX: ffffffffffffffda RBX: 00007ff9487e6180 RCX: 00007ff94858d8dc
[  726.028993][T16137] RDX: 000000000000000f RSI: 00007ff9493600a0 RDI: 0000000000000008
[  726.029003][T16137] RBP: 00007ff949360090 R08: 0000000000000000 R09: 0000000000000000
[  726.029013][T16137] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  726.029023][T16137] R13: 00007ff9487e6218 R14: 00007ff9487e6180 R15: 00007fff4e5c9318
[  726.029046][T16137]  </TASK>
[  726.580339][T16153] 9pnet_fd: Insufficient options for proto=fd
[  726.786802][ T5952] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  726.807212][ T5952] asix 1-1:0.0: probe with driver asix failed with error -71
[  726.921675][ T5952] usb 1-1: USB disconnect, device number 40
[  727.881305][    T9] usb 3-1: USB disconnect, device number 38
[  728.202979][T16201] netlink: 'syz.3.2126': attribute type 30 has an invalid length.
[  728.281280][T16202] 9pnet_fd: p9_fd_create_unix (16202): address too long: ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  729.020357][   T10] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  729.369714][   T10] usb 5-1: Using ep0 maxpacket: 16
[  729.377213][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  729.383264][ T5894] usb 3-1: new full-speed USB device number 39 using dummy_hcd
[  729.398110][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  729.421693][   T10] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  729.449597][   T10] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  729.469717][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  729.483465][   T10] usb 5-1: config 0 descriptor??
[  729.600205][ T5894] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  729.611990][ T5894] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  729.664009][ T5894] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  729.683923][ T5894] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  729.719285][ T5894] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  729.728936][ T5894] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  729.745538][ T5894] usb 3-1: Manufacturer: syz
[  729.758182][ T5894] usb 3-1: config 0 descriptor??
[  729.917410][   T30] audit: type=1400 audit(2000000190.010:901): avc:  denied  { accept } for  pid=16210 comm="syz.4.2128" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  730.302378][   T10] usbhid 5-1:0.0: can't add hid device: -71
[  730.322940][   T10] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  730.349866][   T30] audit: type=1326 audit(2000000190.370:902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16179 comm="syz.1.2124" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f738658eec9 code=0x7fc00000
[  730.364516][   T10] usb 5-1: USB disconnect, device number 30
[  730.519731][ T5894] rc_core: IR keymap rc-hauppauge not found
[  730.525693][ T5894] Registered IR keymap rc-empty
[  730.532736][ T5894] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  730.580775][ T5894] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  730.601343][ T5894] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[  730.622574][ T5894] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input72
[  730.631571][T16253] FAULT_INJECTION: forcing a failure.
[  730.631571][T16253] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  730.653819][T16253] CPU: 0 UID: 0 PID: 16253 Comm: syz.1.2135 Not tainted syzkaller #0 PREEMPT(full) 
[  730.653841][T16253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  730.653851][T16253] Call Trace:
[  730.653857][T16253]  <TASK>
[  730.653864][T16253]  dump_stack_lvl+0x16c/0x1f0
[  730.653893][T16253]  should_fail_ex+0x512/0x640
[  730.653922][T16253]  _copy_from_user+0x2e/0xd0
[  730.653950][T16253]  copy_msghdr_from_user+0x98/0x160
[  730.653983][T16253]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  730.654019][T16253]  ___sys_sendmsg+0xfe/0x1d0
[  730.654045][T16253]  ? __pfx____sys_sendmsg+0x10/0x10
[  730.654099][T16253]  __sys_sendmsg+0x16d/0x220
[  730.654124][T16253]  ? __pfx___sys_sendmsg+0x10/0x10
[  730.654165][T16253]  do_syscall_64+0xcd/0xfa0
[  730.654190][T16253]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  730.654206][T16253] RIP: 0033:0x7f738658eec9
[  730.654218][T16253] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  730.654233][T16253] RSP: 002b:00007f73873c0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  730.654249][T16253] RAX: ffffffffffffffda RBX: 00007f73867e5fa0 RCX: 00007f738658eec9
[  730.654260][T16253] RDX: 0000000000005000 RSI: 0000200000002000 RDI: 0000000000000004
[  730.654269][T16253] RBP: 00007f73873c0090 R08: 0000000000000000 R09: 0000000000000000
[  730.654279][T16253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  730.654289][T16253] R13: 00007f73867e6038 R14: 00007f73867e5fa0 R15: 00007ffe56f1cc08
[  730.654312][T16253]  </TASK>
[  730.656300][ T5894] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  731.270121][ T5894] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  731.290395][ T5894] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  732.283934][T16271] tracefs: Invalid gid '0x00000000ffffffff'
[  733.382601][ T5894] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  733.411079][ T5894] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  733.445224][ T5894] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  733.489806][ T5894] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  733.510175][ T5894] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  733.540413][ T5894] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  733.559927][ T5894] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  733.579778][ T5894] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  733.602191][T16286] netlink: 'syz.3.2141': attribute type 2 has an invalid length.
[  733.610334][T16286] netlink: 'syz.3.2141': attribute type 1 has an invalid length.
[  733.624636][ T5894] mceusb 3-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  733.639770][ T5894] mceusb 3-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  733.724763][ T5894] usb 3-1: USB disconnect, device number 39
[  734.069740][T12700] usb 4-1: new high-speed USB device number 47 using dummy_hcd
[  734.933067][T16319] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  734.941299][T16319] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  734.949737][T16319] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  734.957479][T16319] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  735.839735][T12672] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  736.689856][T12672] usb 5-1: Using ep0 maxpacket: 16
[  736.860317][T12672] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  736.900908][T12672] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  736.924464][T12672] usb 5-1: New USB device found, idVendor=1044, idProduct=7a4d, bcdDevice= 0.00
[  737.541582][T12672] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  737.603727][   T30] audit: type=1400 audit(2000000197.690:903): avc:  denied  { create } for  pid=16342 comm="syz.2.2154" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  737.630425][T12672] usb 5-1: config 0 descriptor??
[  737.640157][   T30] audit: type=1400 audit(2000000197.700:904): avc:  denied  { setopt } for  pid=16342 comm="syz.2.2154" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  737.817806][T12672] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  737.960438][T12672] usb 5-1: USB disconnect, device number 31
[  738.191146][T16370] FAULT_INJECTION: forcing a failure.
[  738.191146][T16370] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  738.593940][T16370] CPU: 0 UID: 0 PID: 16370 Comm: syz.0.2157 Not tainted syzkaller #0 PREEMPT(full) 
[  738.593967][T16370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  738.593977][T16370] Call Trace:
[  738.593983][T16370]  <TASK>
[  738.593989][T16370]  dump_stack_lvl+0x16c/0x1f0
[  738.594020][T16370]  should_fail_ex+0x512/0x640
[  738.594050][T16370]  _copy_to_user+0x32/0xd0
[  738.594085][T16370]  simple_read_from_buffer+0xcb/0x170
[  738.594114][T16370]  proc_fail_nth_read+0x197/0x240
[  738.594134][T16370]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  738.594156][T16370]  ? rw_verify_area+0xcf/0x6c0
[  738.594180][T16370]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  738.594199][T16370]  vfs_read+0x1e1/0xcf0
[  738.594228][T16370]  ? __pfx___mutex_lock+0x10/0x10
[  738.594255][T16370]  ? __pfx_vfs_read+0x10/0x10
[  738.594284][T16370]  ? __fget_files+0x20e/0x3c0
[  738.594308][T16370]  ksys_read+0x12a/0x250
[  738.594322][T16370]  ? __pfx_ksys_read+0x10/0x10
[  738.594341][T16370]  ? fdget+0x187/0x210
[  738.594361][T16370]  do_syscall_64+0xcd/0xfa0
[  738.594388][T16370]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  738.594406][T16370] RIP: 0033:0x7f702458d8dc
[  738.594420][T16370] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  738.594435][T16370] RSP: 002b:00007f7025462030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  738.594451][T16370] RAX: ffffffffffffffda RBX: 00007f70247e6090 RCX: 00007f702458d8dc
[  738.594462][T16370] RDX: 000000000000000f RSI: 00007f70254620a0 RDI: 0000000000000003
[  738.594472][T16370] RBP: 00007f7025462090 R08: 0000000000000000 R09: 0000000000000000
[  738.594482][T16370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  738.594492][T16370] R13: 00007f70247e6128 R14: 00007f70247e6090 R15: 00007ffd97a4e428
[  738.594517][T16370]  </TASK>
[  739.019776][T12700] usb 4-1: new full-speed USB device number 48 using dummy_hcd
[  739.265884][T12700] usb 4-1: unable to get BOS descriptor or descriptor too short
[  739.285556][T12700] usb 4-1: unable to read config index 0 descriptor/start: -71
[  739.432751][T12700] usb 4-1: can't read configurations, error -71
[  739.677771][T12700] usb usb4-port1: attempt power cycle
[  739.963291][T16395] F2FS-fs (loop9): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  739.971133][T16395] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock
[  739.979729][T16395] F2FS-fs (loop9): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  739.987464][T16395] F2FS-fs (loop9): Can't find valid F2FS filesystem in 2th superblock
[  741.405546][T16405] netlink: 3 bytes leftover after parsing attributes in process `syz.3.2163'.
[  741.415492][   T30] audit: type=1400 audit(2000000201.490:905): avc:  denied  { append } for  pid=16404 comm="syz.3.2163" name="ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  741.526209][   T30] audit: type=1400 audit(2000000201.570:906): avc:  denied  { getopt } for  pid=16404 comm="syz.3.2163" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  741.643370][T16425] FAULT_INJECTION: forcing a failure.
[  741.643370][T16425] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  741.676439][T16425] CPU: 1 UID: 0 PID: 16425 Comm: syz.2.2167 Not tainted syzkaller #0 PREEMPT(full) 
[  741.676462][T16425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  741.676473][T16425] Call Trace:
[  741.676479][T16425]  <TASK>
[  741.676486][T16425]  dump_stack_lvl+0x16c/0x1f0
[  741.676514][T16425]  should_fail_ex+0x512/0x640
[  741.676543][T16425]  _copy_to_user+0x32/0xd0
[  741.676571][T16425]  simple_read_from_buffer+0xcb/0x170
[  741.676597][T16425]  proc_fail_nth_read+0x197/0x240
[  741.676617][T16425]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  741.676637][T16425]  ? rw_verify_area+0xcf/0x6c0
[  741.676659][T16425]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  741.676677][T16425]  vfs_read+0x1e1/0xcf0
[  741.676706][T16425]  ? __pfx___mutex_lock+0x10/0x10
[  741.676731][T16425]  ? __pfx_vfs_read+0x10/0x10
[  741.676770][T16425]  ? __fget_files+0x20e/0x3c0
[  741.676794][T16425]  ksys_read+0x12a/0x250
[  741.676808][T16425]  ? __pfx_ksys_read+0x10/0x10
[  741.676831][T16425]  do_syscall_64+0xcd/0xfa0
[  741.676857][T16425]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  741.676874][T16425] RIP: 0033:0x7fd3f918d8dc
[  741.676888][T16425] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  741.676903][T16425] RSP: 002b:00007fd3fa100030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  741.676920][T16425] RAX: ffffffffffffffda RBX: 00007fd3f93e5fa0 RCX: 00007fd3f918d8dc
[  741.676931][T16425] RDX: 000000000000000f RSI: 00007fd3fa1000a0 RDI: 0000000000000004
[  741.676940][T16425] RBP: 00007fd3fa100090 R08: 0000000000000000 R09: 0000000000000000
[  741.676950][T16425] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  741.676960][T16425] R13: 00007fd3f93e6038 R14: 00007fd3f93e5fa0 R15: 00007ffe5ad3d458
[  741.676985][T16425]  </TASK>
[  741.677820][T16430] netlink: 'syz.0.2166': attribute type 30 has an invalid length.
[  741.930263][ T5947] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  742.148921][ T5947] usb 5-1: Using ep0 maxpacket: 16
[  742.186721][ T5947] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD7, changing to 0x87
[  742.270629][ T5947] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  742.282523][ T5947] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x87 has invalid wMaxPacketSize 0
[  742.300359][ T5947] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  742.434965][ T5947] usb 5-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89
[  742.466775][ T5947] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  742.688409][ T5947] usb 5-1: Product: syz
[  742.729537][ T5947] usb 5-1: Manufacturer: syz
[  742.752488][ T5947] usb 5-1: SerialNumber: syz
[  742.780913][ T5947] usb 5-1: config 0 descriptor??
[  742.938807][ T5947] appledisplay 5-1:0.0: Submitting URB failed
[  743.023544][ T5947] appledisplay 5-1:0.0: probe with driver appledisplay failed with error -5
[  743.237376][T16421] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2165'.
[  743.299992][   T30] audit: type=1400 audit(2000000203.320:907): avc:  denied  { setopt } for  pid=16419 comm="syz.4.2165" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  743.470637][T16466] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2174'.
[  743.998908][T16473] FAULT_INJECTION: forcing a failure.
[  743.998908][T16473] name failslab, interval 1, probability 0, space 0, times 0
[  744.017772][T16473] CPU: 0 UID: 0 PID: 16473 Comm: syz.3.2177 Not tainted syzkaller #0 PREEMPT(full) 
[  744.017799][T16473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  744.017809][T16473] Call Trace:
[  744.017815][T16473]  <TASK>
[  744.017823][T16473]  dump_stack_lvl+0x16c/0x1f0
[  744.017852][T16473]  should_fail_ex+0x512/0x640
[  744.017877][T16473]  ? fs_reclaim_acquire+0xae/0x150
[  744.017898][T16473]  should_failslab+0xc2/0x120
[  744.017918][T16473]  __kmalloc_noprof+0xdd/0x880
[  744.017941][T16473]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  744.017965][T16473]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  744.017982][T16473]  tomoyo_realpath_from_path+0xc2/0x6e0
[  744.018001][T16473]  ? tomoyo_profile+0x47/0x60
[  744.018025][T16473]  tomoyo_path_number_perm+0x245/0x580
[  744.018049][T16473]  ? tomoyo_path_number_perm+0x237/0x580
[  744.018076][T16473]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  744.018103][T16473]  ? find_held_lock+0x2b/0x80
[  744.018146][T16473]  ? find_held_lock+0x2b/0x80
[  744.018166][T16473]  ? hook_file_ioctl_common+0x145/0x410
[  744.018193][T16473]  ? __fget_files+0x20e/0x3c0
[  744.018214][T16473]  security_file_ioctl+0x9b/0x240
[  744.018233][T16473]  __x64_sys_ioctl+0xb7/0x210
[  744.018257][T16473]  do_syscall_64+0xcd/0xfa0
[  744.018283][T16473]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  744.018301][T16473] RIP: 0033:0x7f2b9a18eec9
[  744.018316][T16473] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  744.018332][T16473] RSP: 002b:00007f2b9afee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  744.018352][T16473] RAX: ffffffffffffffda RBX: 00007f2b9a3e5fa0 RCX: 00007f2b9a18eec9
[  744.018363][T16473] RDX: 0000000000000000 RSI: 00000000400448ca RDI: 0000000000000005
[  744.018373][T16473] RBP: 00007f2b9afee090 R08: 0000000000000000 R09: 0000000000000000
[  744.018383][T16473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  744.018392][T16473] R13: 00007f2b9a3e6038 R14: 00007f2b9a3e5fa0 R15: 00007fff9f170dc8
[  744.018417][T16473]  </TASK>
[  744.018488][T16473] ERROR: Out of memory at tomoyo_realpath_from_path.
[  744.240421][ T5947] usb 5-1: USB disconnect, device number 32
[  745.318411][   T30] audit: type=1400 audit(2000000205.410:908): avc:  denied  { mount } for  pid=16482 comm="syz.3.2178" name="/" dev="9p" ino=268435458 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  745.365365][T16500] binder: 16497:16500 unknown command 0
[  745.376759][T16500] binder: 16497:16500 ioctl c0306201 200000000080 returned -22
[  745.539144][T16504] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  745.589743][ T5947] usb 4-1: new full-speed USB device number 50 using dummy_hcd
[  745.590448][T16504] syzkaller0: entered promiscuous mode
[  745.603445][T16504] syzkaller0: entered allmulticast mode
[  745.666093][T16504] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  745.691944][T16509] 9pnet_fd: p9_fd_create_unix (16509): address too long: ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  745.765090][ T5947] usb 4-1: config 0 interface 0 altsetting 1 endpoint 0x7 has invalid wMaxPacketSize 0
[  745.959727][   T10] usb 1-1: new full-speed USB device number 41 using dummy_hcd
[  746.030915][ T5947] usb 4-1: config 0 interface 0 altsetting 1 has an endpoint descriptor with address 0x6E, changing to 0xE
[  746.106826][ T5947] usb 4-1: config 0 interface 0 altsetting 1 endpoint 0xE has an invalid bInterval 0, changing to 10
[  746.123349][   T10] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  746.133698][ T5947] usb 4-1: config 0 interface 0 altsetting 1 endpoint 0xE has invalid wMaxPacketSize 0
[  746.135819][   T10] usb 1-1: too many endpoints for config 0 interface 0 altsetting 90: 145, using maximum allowed: 30
[  746.153247][ T5947] usb 4-1: config 0 interface 0 has no altsetting 0
[  746.164544][ T5947] usb 4-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[  746.173889][ T5947] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  746.182425][ T5947] usb 4-1: Product: syz
[  746.186696][ T5947] usb 4-1: Manufacturer: syz
[  746.191504][ T5947] usb 4-1: SerialNumber: syz
[  746.249857][   T10] usb 1-1: config 0 interface 0 altsetting 90 has 0 endpoint descriptors, different from the interface descriptor's value: 145
[  746.285899][ T5947] usb 4-1: config 0 descriptor??
[  746.292303][   T10] usb 1-1: config 0 interface 0 has no altsetting 0
[  746.301206][   T10] usb 1-1: New USB device found, idVendor=041e, idProduct=3100, bcdDevice= 0.00
[  746.311122][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  746.335184][   T10] usb 1-1: config 0 descriptor??
[  746.548414][T16504] tipc: Resetting bearer <eth:syzkaller0>
[  746.556202][T16503] tipc: Resetting bearer <eth:syzkaller0>
[  746.563341][   T10] usb 1-1: string descriptor 0 read error: -71
[  746.571143][    T9] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[  746.616552][   T10] usb 1-1: USB disconnect, device number 41
[  746.643758][T16503] tipc: Disabling bearer <eth:syzkaller0>
[  746.707888][ T5947] usb 4-1: USB disconnect, device number 50
[  746.729721][    T9] usb 3-1: Using ep0 maxpacket: 8
[  746.738569][    T9] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  746.748076][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  746.752795][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  746.758617][    T9] usb 3-1: config 0 descriptor??
[  746.763572][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  747.140799][    T9] asix 3-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random
[  747.402496][T16557] F2FS-fs (loop9): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  747.410906][T16557] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock
[  747.419467][T16557] F2FS-fs (loop9): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  747.427644][T16557] F2FS-fs (loop9): Can't find valid F2FS filesystem in 2th superblock
[  747.764385][T16559] FAULT_INJECTION: forcing a failure.
[  747.764385][T16559] name failslab, interval 1, probability 0, space 0, times 0
[  747.770815][   T30] audit: type=1400 audit(2000000207.860:909): avc:  denied  { unmount } for  pid=5810 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  747.777672][T16559] CPU: 0 UID: 0 PID: 16559 Comm: syz.0.2189 Not tainted syzkaller #0 PREEMPT(full) 
[  747.777690][T16559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  747.777702][T16559] Call Trace:
[  747.777708][T16559]  <TASK>
[  747.777714][T16559]  dump_stack_lvl+0x16c/0x1f0
[  747.777738][T16559]  should_fail_ex+0x512/0x640
[  747.777759][T16559]  ? fs_reclaim_acquire+0xae/0x150
[  747.777777][T16559]  should_failslab+0xc2/0x120
[  747.777799][T16559]  __kmalloc_noprof+0xdd/0x880
[  747.777819][T16559]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  747.777840][T16559]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  747.777855][T16559]  tomoyo_realpath_from_path+0xc2/0x6e0
[  747.777872][T16559]  ? tomoyo_profile+0x47/0x60
[  747.777892][T16559]  tomoyo_path_number_perm+0x245/0x580
[  747.777913][T16559]  ? tomoyo_path_number_perm+0x237/0x580
[  747.777936][T16559]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  747.777959][T16559]  ? find_held_lock+0x2b/0x80
[  747.777997][T16559]  ? find_held_lock+0x2b/0x80
[  747.778014][T16559]  ? hook_file_ioctl_common+0x145/0x410
[  747.778038][T16559]  ? __fget_files+0x20e/0x3c0
[  747.778057][T16559]  security_file_ioctl+0x9b/0x240
[  747.778073][T16559]  __x64_sys_ioctl+0xb7/0x210
[  747.778095][T16559]  do_syscall_64+0xcd/0xfa0
[  747.778118][T16559]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  747.778133][T16559] RIP: 0033:0x7f702458eec9
[  747.778145][T16559] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  747.778159][T16559] RSP: 002b:00007f7025483038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  747.778174][T16559] RAX: ffffffffffffffda RBX: 00007f70247e5fa0 RCX: 00007f702458eec9
[  747.778184][T16559] RDX: 00002000000001c0 RSI: 000000004020940d RDI: 0000000000000003
[  747.778192][T16559] RBP: 00007f7025483090 R08: 0000000000000000 R09: 0000000000000000
[  747.778201][T16559] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  747.778210][T16559] R13: 00007f70247e6038 R14: 00007f70247e5fa0 R15: 00007ffd97a4e428
[  747.778233][T16559]  </TASK>
[  747.778254][T16559] ERROR: Out of memory at tomoyo_realpath_from_path.
[  747.826532][T16561] FAULT_INJECTION: forcing a failure.
[  747.826532][T16561] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  748.025818][T16561] CPU: 1 UID: 0 PID: 16561 Comm: syz.1.2190 Not tainted syzkaller #0 PREEMPT(full) 
[  748.025850][T16561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  748.025860][T16561] Call Trace:
[  748.025867][T16561]  <TASK>
[  748.025873][T16561]  dump_stack_lvl+0x16c/0x1f0
[  748.025903][T16561]  should_fail_ex+0x512/0x640
[  748.025932][T16561]  _copy_from_user+0x2e/0xd0
[  748.025958][T16561]  do_sock_getsockopt+0x3ca/0x440
[  748.025979][T16561]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  748.025995][T16561]  ? __fget_files+0x204/0x3c0
[  748.026024][T16561]  __sys_getsockopt+0x12f/0x260
[  748.026058][T16561]  __x64_sys_getsockopt+0xbd/0x160
[  748.026080][T16561]  ? do_syscall_64+0x91/0xfa0
[  748.026103][T16561]  ? lockdep_hardirqs_on+0x7c/0x110
[  748.026127][T16561]  do_syscall_64+0xcd/0xfa0
[  748.026152][T16561]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  748.026170][T16561] RIP: 0033:0x7f738658eec9
[  748.026184][T16561] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  748.026199][T16561] RSP: 002b:00007f73873c0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  748.026216][T16561] RAX: ffffffffffffffda RBX: 00007f73867e5fa0 RCX: 00007f738658eec9
[  748.026227][T16561] RDX: 0000000000000073 RSI: 0000000000000084 RDI: 0000000000000003
[  748.026237][T16561] RBP: 00007f73873c0090 R08: 0000200000000400 R09: 0000000000000000
[  748.026248][T16561] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[  748.026258][T16561] R13: 00007f73867e6038 R14: 00007f73867e5fa0 R15: 00007ffe56f1cc08
[  748.026282][T16561]  </TASK>
[  749.396199][T16592] 9pnet_fd: p9_fd_create_unix (16592): address too long: ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  749.699808][ T5820] usb 1-1: new low-speed USB device number 42 using dummy_hcd
[  750.081323][    T9] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  750.097536][    T9] asix 3-1:0.0: probe with driver asix failed with error -71
[  750.147551][    T9] usb 3-1: USB disconnect, device number 40
[  750.221729][ T5820] usb 1-1: device descriptor read/64, error -71
[  750.489896][ T5820] usb 1-1: new low-speed USB device number 43 using dummy_hcd
[  750.629895][ T5820] usb 1-1: device descriptor read/64, error -71
[  750.742192][ T5820] usb usb1-port1: attempt power cycle
[  751.099810][ T5820] usb 1-1: new low-speed USB device number 44 using dummy_hcd
[  751.131294][ T5820] usb 1-1: device descriptor read/8, error -71
[  751.625991][   T10] usb 2-1: new full-speed USB device number 29 using dummy_hcd
[  751.659738][ T5820] usb 1-1: new low-speed USB device number 45 using dummy_hcd
[  751.771526][T16640] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2208'.
[  751.845434][   T10] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  751.888391][T16641] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2208'.
[  752.090060][ T5820] usb 1-1: device descriptor read/8, error -71
[  752.171959][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  752.182000][   T10] usb 2-1: Product: syz
[  752.186217][   T10] usb 2-1: Manufacturer: syz
[  752.220629][ T5820] usb usb1-port1: unable to enumerate USB device
[  752.245530][   T10] usb 2-1: SerialNumber: syz
[  752.288672][   T10] usb 2-1: config 0 descriptor??
[  752.587111][   T10] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  753.144990][T16670] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2207'.
[  753.199004][ T5820] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  753.540921][ T5820] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  753.553083][ T5820] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  753.571029][   T10] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  753.582169][   T10] usb 2-1: USB disconnect, device number 29
[  753.588260][ T5820] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  753.607855][ T5820] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  753.617459][ T5820] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  753.725026][ T5820] usb 5-1: config 0 descriptor??
[  754.252438][T16649] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  754.261501][T16649] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  754.290380][ T5820] usbhid 5-1:0.0: can't add hid device: -71
[  755.013057][   T30] audit: type=1400 audit(2000000214.420:910): avc:  denied  { read } for  pid=16694 comm="syz.1.2217" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  755.054738][ T5820] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  755.072493][ T5820] usb 5-1: USB disconnect, device number 33
[  755.702466][ T5947] usb 2-1: new full-speed USB device number 30 using dummy_hcd
[  755.713238][   T30] audit: type=1326 audit(2000000215.790:911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16656 comm="syz.0.2212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f702458eec9 code=0x7fc00000
[  755.863350][ T5947] usb 2-1: config 0 has an invalid interface number: 202 but max is 0
[  755.872677][ T5947] usb 2-1: config 0 has no interface number 0
[  755.888116][ T5947] usb 2-1: config 0 interface 202 has no altsetting 0
[  755.902382][ T5947] usb 2-1: New USB device found, idVendor=1a0a, idProduct=0108, bcdDevice=fe.93
[  755.905085][    T9] kernel write not supported for file /radio3 (pid: 9 comm: kworker/0:0)
[  755.916547][ T5947] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  755.975274][ T5947] usb 2-1: Product: syz
[  755.979446][ T5947] usb 2-1: Manufacturer: syz
[  755.984731][ T5947] usb 2-1: SerialNumber: syz
[  755.990969][ T5947] usb 2-1: config 0 descriptor??
[  756.003666][ T5947] usb_ehset_test 2-1:0.202: probe with driver usb_ehset_test failed with error -32
[  756.109764][ T5820] usb 1-1: new high-speed USB device number 46 using dummy_hcd
[  756.192190][T12672] kernel write not supported for file /radio7 (pid: 12672 comm: kworker/1:1)
[  756.278291][ T5820] usb 1-1: device descriptor read/64, error -71
[  756.285636][ T5947] usb 4-1: new high-speed USB device number 51 using dummy_hcd
[  756.322246][T12672] usb 2-1: USB disconnect, device number 30
[  756.470105][ T5947] usb 4-1: Using ep0 maxpacket: 8
[  756.477062][ T5947] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  756.487789][ T5947] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  756.500475][ T5947] usb 4-1: config 0 descriptor??
[  756.540054][ T5820] usb 1-1: new high-speed USB device number 47 using dummy_hcd
[  756.689739][ T5820] usb 1-1: device descriptor read/64, error -71
[  756.929249][ T5947] asix 4-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random
[  757.041500][ T5820] usb usb1-port1: attempt power cycle
[  757.419698][ T5820] usb 1-1: new high-speed USB device number 48 using dummy_hcd
[  757.441945][ T5820] usb 1-1: device descriptor read/8, error -71
[  757.699829][ T5820] usb 1-1: new high-speed USB device number 49 using dummy_hcd
[  757.775658][ T5820] usb 1-1: device descriptor read/8, error -71
[  757.900901][ T5820] usb usb1-port1: unable to enumerate USB device
[  758.209704][ T5820] usb 2-1: new full-speed USB device number 31 using dummy_hcd
[  758.363232][ T5820] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  758.372455][ T5820] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  758.382065][ T5820] usb 2-1: Product: syz
[  758.386239][ T5820] usb 2-1: Manufacturer: syz
[  758.391864][ T5820] usb 2-1: SerialNumber: syz
[  758.399097][ T5820] usb 2-1: config 0 descriptor??
[  758.606787][ T5820] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  759.101803][ T5947] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  759.123432][T16792] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2227'.
[  759.140899][ T5947] asix 4-1:0.0: probe with driver asix failed with error -71
[  759.173761][ T5947] usb 4-1: USB disconnect, device number 51
[  759.205106][ T5820] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  759.241226][ T5820] usb 2-1: USB disconnect, device number 31
[  759.475165][T16808] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2233'.
[  759.545374][T16809] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2233'.
[  759.554579][T16809] netlink: 43 bytes leftover after parsing attributes in process `syz.2.2233'.
[  759.564349][T16809] netlink: 'syz.2.2233': attribute type 6 has an invalid length.
[  759.567364][T16808] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  759.662563][T16809] netlink: 43 bytes leftover after parsing attributes in process `syz.2.2233'.
[  760.236375][T16808] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  761.204865][T16808] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  761.322389][T16808] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  761.831913][   T12] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  761.871645][   T12] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  761.928596][   T12] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  761.938434][   T12] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  762.490300][   T10] usb 4-1: new high-speed USB device number 52 using dummy_hcd
[  762.672418][   T10] usb 4-1: config 0 has an invalid interface number: 117 but max is 0
[  762.681988][   T10] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  762.694263][   T10] usb 4-1: config 0 has no interface number 0
[  762.708063][   T10] usb 4-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  762.739582][   T10] usb 4-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  762.833597][   T10] usb 4-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0
[  762.860440][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  762.868667][   T10] usb 4-1: Product: syz
[  762.873793][   T10] usb 4-1: Manufacturer: syz
[  762.878492][   T10] usb 4-1: SerialNumber: syz
[  762.888528][   T10] usb 4-1: config 0 descriptor??
[  763.092870][T16882] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2245'.
[  763.180502][    T9] usb 3-1: new full-speed USB device number 41 using dummy_hcd
[  763.255813][   T30] audit: type=1326 audit(2000000223.344:912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16822 comm="syz.0.2236" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f702458eec9 code=0x7fc00000
[  763.367173][    T9] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  763.376508][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  763.403272][    T9] usb 3-1: Product: syz
[  763.411962][    T9] usb 3-1: Manufacturer: syz
[  763.423280][    T9] usb 3-1: SerialNumber: syz
[  763.442668][    T9] usb 3-1: config 0 descriptor??
[  763.514202][   T10] input: syz syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.117/input/input73
[  763.919217][    T9] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  764.189716][ T5894] usb 5-1: new low-speed USB device number 34 using dummy_hcd
[  764.505580][T16877] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2244'.
[  764.690442][ T5894] usb 5-1: unable to get BOS descriptor or descriptor too short
[  764.699457][ T5894] usb 5-1: unable to read config index 0 descriptor/start: -71
[  764.709795][ T5894] usb 5-1: can't read configurations, error -71
[  765.002309][T12672] usb 4-1: USB disconnect, device number 52
[  765.144565][    T9] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -110
[  767.165163][ T5894] usb 3-1: USB disconnect, device number 41
[  767.266817][T16972] F2FS-fs (loop9): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  767.274900][T16972] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock
[  767.283483][T16972] F2FS-fs (loop9): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  767.291926][T16972] F2FS-fs (loop9): Can't find valid F2FS filesystem in 2th superblock
[  769.206807][T16987] FAULT_INJECTION: forcing a failure.
[  769.206807][T16987] name failslab, interval 1, probability 0, space 0, times 0
[  769.234761][T16987] CPU: 0 UID: 0 PID: 16987 Comm: syz.1.2263 Not tainted syzkaller #0 PREEMPT(full) 
[  769.234779][T16987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  769.234785][T16987] Call Trace:
[  769.234789][T16987]  <TASK>
[  769.234793][T16987]  dump_stack_lvl+0x16c/0x1f0
[  769.234813][T16987]  should_fail_ex+0x512/0x640
[  769.234828][T16987]  ? fs_reclaim_acquire+0xae/0x150
[  769.234842][T16987]  should_failslab+0xc2/0x120
[  769.234855][T16987]  __kmalloc_noprof+0xdd/0x880
[  769.234870][T16987]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  769.234884][T16987]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  769.234895][T16987]  tomoyo_realpath_from_path+0xc2/0x6e0
[  769.234907][T16987]  ? tomoyo_profile+0x47/0x60
[  769.234921][T16987]  tomoyo_path_number_perm+0x245/0x580
[  769.234936][T16987]  ? tomoyo_path_number_perm+0x237/0x580
[  769.234953][T16987]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  769.234969][T16987]  ? find_held_lock+0x2b/0x80
[  769.234994][T16987]  ? find_held_lock+0x2b/0x80
[  769.235006][T16987]  ? hook_file_ioctl_common+0x145/0x410
[  769.235023][T16987]  ? __fget_files+0x20e/0x3c0
[  769.235035][T16987]  security_file_ioctl+0x9b/0x240
[  769.235047][T16987]  __x64_sys_ioctl+0xb7/0x210
[  769.235063][T16987]  do_syscall_64+0xcd/0xfa0
[  769.235079][T16987]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  769.235090][T16987] RIP: 0033:0x7f738658eec9
[  769.235099][T16987] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  769.235109][T16987] RSP: 002b:00007f73873c0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  769.235120][T16987] RAX: ffffffffffffffda RBX: 00007f73867e5fa0 RCX: 00007f738658eec9
[  769.235126][T16987] RDX: 00002000000000c0 RSI: 00000000c0049364 RDI: 0000000000000003
[  769.235133][T16987] RBP: 00007f73873c0090 R08: 0000000000000000 R09: 0000000000000000
[  769.235139][T16987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  769.235145][T16987] R13: 00007f73867e6038 R14: 00007f73867e5fa0 R15: 00007ffe56f1cc08
[  769.235159][T16987]  </TASK>
[  769.235164][T16987] ERROR: Out of memory at tomoyo_realpath_from_path.
[  770.398916][T17007] tracefs: Invalid gid '0x00000000ffffffff'
[  770.448904][T17011] FAULT_INJECTION: forcing a failure.
[  770.448904][T17011] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  770.464123][T17011] CPU: 1 UID: 0 PID: 17011 Comm: syz.2.2268 Not tainted syzkaller #0 PREEMPT(full) 
[  770.464148][T17011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  770.464158][T17011] Call Trace:
[  770.464164][T17011]  <TASK>
[  770.464171][T17011]  dump_stack_lvl+0x16c/0x1f0
[  770.464200][T17011]  should_fail_ex+0x512/0x640
[  770.464228][T17011]  _copy_from_iter+0x29f/0x1720
[  770.464260][T17011]  ? __pfx__copy_from_iter+0x10/0x10
[  770.464283][T17011]  ? __lock_acquire+0xb97/0x1ce0
[  770.464301][T17011]  ? _parse_integer_limit+0x17f/0x1d0
[  770.464317][T17011]  ? _kstrtoull+0x145/0x200
[  770.464330][T17011]  tun_get_user+0x26d/0x3cc0
[  770.464345][T17011]  ? __lock_acquire+0x62e/0x1ce0
[  770.464363][T17011]  ? __pfx_tun_get_user+0x10/0x10
[  770.464375][T17011]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  770.464391][T17011]  ? find_held_lock+0x2b/0x80
[  770.464404][T17011]  ? tun_get+0x191/0x370
[  770.464416][T17011]  tun_chr_write_iter+0xdc/0x210
[  770.464428][T17011]  vfs_write+0x7d3/0x11d0
[  770.464439][T17011]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  770.464451][T17011]  ? __pfx_vfs_write+0x10/0x10
[  770.464459][T17011]  ? find_held_lock+0x2b/0x80
[  770.464480][T17011]  ksys_write+0x12a/0x250
[  770.464489][T17011]  ? __pfx_ksys_write+0x10/0x10
[  770.464502][T17011]  do_syscall_64+0xcd/0xfa0
[  770.464519][T17011]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  770.464530][T17011] RIP: 0033:0x7fd3f918eec9
[  770.464539][T17011] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  770.464550][T17011] RSP: 002b:00007fd3fa100038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  770.464560][T17011] RAX: ffffffffffffffda RBX: 00007fd3f93e5fa0 RCX: 00007fd3f918eec9
[  770.464567][T17011] RDX: 000000000000110a RSI: 0000200000000240 RDI: 0000000000000003
[  770.464573][T17011] RBP: 00007fd3fa100090 R08: 0000000000000000 R09: 0000000000000000
[  770.464579][T17011] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  770.464585][T17011] R13: 00007fd3f93e6038 R14: 00007fd3f93e5fa0 R15: 00007ffe5ad3d458
[  770.464599][T17011]  </TASK>
[  770.730339][    T9] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  770.899942][    T9] usb 5-1: Using ep0 maxpacket: 32
[  770.906744][    T9] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  770.919021][    T9] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  770.972483][    T9] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  771.091780][    T9] usb 5-1: Product: syz
[  771.107461][    T9] usb 5-1: Manufacturer: syz
[  771.121459][    T9] usb 5-1: SerialNumber: syz
[  771.160672][    T9] usb 5-1: config 0 descriptor??
[  771.538758][T17007] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  772.013763][T17036] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2273'.
[  772.087505][T12672] usb 5-1: USB disconnect, device number 36
[  772.509052][T17056] FAULT_INJECTION: forcing a failure.
[  772.509052][T17056] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  772.523734][T17056] CPU: 1 UID: 0 PID: 17056 Comm: syz.2.2277 Not tainted syzkaller #0 PREEMPT(full) 
[  772.523759][T17056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  772.523768][T17056] Call Trace:
[  772.523774][T17056]  <TASK>
[  772.523782][T17056]  dump_stack_lvl+0x16c/0x1f0
[  772.523811][T17056]  should_fail_ex+0x512/0x640
[  772.523837][T17056]  _copy_to_iter+0x29f/0x1710
[  772.523849][T17056]  ? do_raw_spin_lock+0x12c/0x2b0
[  772.523862][T17056]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  772.523874][T17056]  ? __pfx__copy_to_iter+0x10/0x10
[  772.523884][T17056]  ? find_held_lock+0x2b/0x80
[  772.523898][T17056]  ? rcu_is_watching+0x12/0xc0
[  772.523911][T17056]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  772.523927][T17056]  vhost_chr_read_iter+0x60e/0x6c0
[  772.523946][T17056]  ? __pfx_vhost_chr_read_iter+0x10/0x10
[  772.523961][T17056]  ? avc_policy_seqno+0x9/0x20
[  772.523974][T17056]  ? selinux_file_permission+0x126/0x660
[  772.523984][T17056]  ? __pfx_autoremove_wake_function+0x10/0x10
[  772.523999][T17056]  ? bpf_lsm_file_permission+0x9/0x10
[  772.524010][T17056]  ? security_file_permission+0x71/0x210
[  772.524022][T17056]  ? rw_verify_area+0xcf/0x6c0
[  772.524038][T17056]  vfs_read+0x8bf/0xcf0
[  772.524056][T17056]  ? __pfx_vfs_read+0x10/0x10
[  772.524070][T17056]  ? find_held_lock+0x2b/0x80
[  772.524091][T17056]  ksys_read+0x12a/0x250
[  772.524100][T17056]  ? __pfx_ksys_read+0x10/0x10
[  772.524113][T17056]  do_syscall_64+0xcd/0xfa0
[  772.524129][T17056]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  772.524140][T17056] RIP: 0033:0x7fd3f918eec9
[  772.524149][T17056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  772.524159][T17056] RSP: 002b:00007fd3fa100038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  772.524170][T17056] RAX: ffffffffffffffda RBX: 00007fd3f93e5fa0 RCX: 00007fd3f918eec9
[  772.524177][T17056] RDX: 0000000000002020 RSI: 0000200000004d80 RDI: 0000000000000003
[  772.524183][T17056] RBP: 00007fd3fa100090 R08: 0000000000000000 R09: 0000000000000000
[  772.524189][T17056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  772.524195][T17056] R13: 00007fd3f93e6038 R14: 00007fd3f93e5fa0 R15: 00007ffe5ad3d458
[  772.524209][T17056]  </TASK>
[  772.745013][    T9] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  772.927622][    T9] usb 2-1: Using ep0 maxpacket: 32
[  772.947524][    T9] usb 2-1: config 0 has an invalid interface number: 196 but max is 0
[  772.957922][    T9] usb 2-1: config 0 has no interface number 0
[  772.972281][    T9] usb 2-1: config 0 interface 196 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 528
[  773.629076][    T9] usb 2-1: config 0 interface 196 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  773.640704][    T9] usb 2-1: config 0 interface 196 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  773.650980][    T9] usb 2-1: config 0 interface 196 has no altsetting 0
[  773.765587][    T9] usb 2-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a
[  773.765804][T17069] netlink: 'syz.3.2280': attribute type 30 has an invalid length.
[  773.774855][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  774.157923][    T9] usb 2-1: Product: syz
[  774.162710][    T9] usb 2-1: Manufacturer: syz
[  774.167365][    T9] usb 2-1: SerialNumber: syz
[  774.175224][    T9] usb 2-1: config 0 descriptor??
[  774.416651][T17090] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2285'.
[  774.660757][T17086] FAULT_INJECTION: forcing a failure.
[  774.660757][T17086] name failslab, interval 1, probability 0, space 0, times 0
[  774.685323][T17086] CPU: 1 UID: 0 PID: 17086 Comm: syz.3.2284 Not tainted syzkaller #0 PREEMPT(full) 
[  774.685347][T17086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  774.685357][T17086] Call Trace:
[  774.685363][T17086]  <TASK>
[  774.685370][T17086]  dump_stack_lvl+0x16c/0x1f0
[  774.685398][T17086]  should_fail_ex+0x512/0x640
[  774.685420][T17086]  ? kmem_cache_alloc_noprof+0x62/0x6e0
[  774.685444][T17086]  should_failslab+0xc2/0x120
[  774.685462][T17086]  kmem_cache_alloc_noprof+0x75/0x6e0
[  774.685484][T17086]  ? getname_flags.part.0+0x4c/0x550
[  774.685508][T17086]  ? getname_flags.part.0+0x4c/0x550
[  774.685528][T17086]  getname_flags.part.0+0x4c/0x550
[  774.685552][T17086]  getname_flags+0x93/0xf0
[  774.685575][T17086]  do_sys_openat2+0xb8/0x1d0
[  774.685594][T17086]  ? __pfx_do_sys_openat2+0x10/0x10
[  774.685615][T17086]  ? __fget_files+0x20e/0x3c0
[  774.685641][T17086]  __x64_sys_openat+0x174/0x210
[  774.685661][T17086]  ? __pfx___x64_sys_openat+0x10/0x10
[  774.685679][T17086]  ? ksys_write+0x1ac/0x250
[  774.685702][T17086]  do_syscall_64+0xcd/0xfa0
[  774.685726][T17086]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  774.685742][T17086] RIP: 0033:0x7f2b9a18eec9
[  774.685755][T17086] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  774.685770][T17086] RSP: 002b:00007f2b9afee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  774.685786][T17086] RAX: ffffffffffffffda RBX: 00007f2b9a3e5fa0 RCX: 00007f2b9a18eec9
[  774.685797][T17086] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  774.685807][T17086] RBP: 00007f2b9afee090 R08: 0000000000000000 R09: 0000000000000000
[  774.685816][T17086] R10: 0000000000000026 R11: 0000000000000246 R12: 0000000000000001
[  774.685826][T17086] R13: 00007f2b9a3e6038 R14: 00007f2b9a3e5fa0 R15: 00007fff9f170dc8
[  774.685849][T17086]  </TASK>
[  774.989394][    T9] ipheth 2-1:0.196: ipheth_get_macaddr: usb_control_msg: short packet: 0 bytes
[  775.025032][    T9] ipheth 2-1:0.196: probe with driver ipheth failed with error -22
[  775.273344][T12677] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[  775.331711][    T9] usb 2-1: USB disconnect, device number 32
[  775.572616][T12677] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  775.593110][T12677] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xA has an invalid bInterval 0, changing to 7
[  775.636548][T12677] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  775.646463][T12677] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  775.654749][T12677] usb 3-1: Product: syz
[  775.658945][T12677] usb 3-1: Manufacturer: syz
[  775.663795][T12677] usb 3-1: SerialNumber: syz
[  775.677420][T12677] usb 3-1: config 0 descriptor??
[  776.281198][T12677] usb 3-1: USB disconnect, device number 42
[  777.291735][T17164] netlink: 'syz.0.2294': attribute type 30 has an invalid length.
[  777.991949][   T30] audit: type=1400 audit(2000000237.684:913): avc:  denied  { ioctl } for  pid=17173 comm="syz.4.2297" path="socket:[45439]" dev="sockfs" ino=45439 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  778.376906][T17176] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2298'.
[  778.958570][T17205] snd_dummy snd_dummy.0: control 6:65278:0:syz0:-259 is already present
[  778.988868][T17210] tracefs: Invalid gid '0x00000000ffffffff'
[  779.069916][ T5894] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[  779.449825][T12672] usb 1-1: new high-speed USB device number 50 using dummy_hcd
[  779.457477][ T5820] usb 4-1: new full-speed USB device number 53 using dummy_hcd
[  779.480977][ T5894] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  779.493401][ T5894] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  779.524937][ T5894] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  779.536037][ T5894] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  779.544278][ T5894] usb 3-1: SerialNumber: syz
[  779.621936][ T5820] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  779.632413][T12672] usb 1-1: Using ep0 maxpacket: 32
[  779.638257][ T5820] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  779.650480][ T5820] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  779.650614][T12672] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  779.670781][ T5820] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  779.688914][T12672] usb 1-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  779.698907][ T5820] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  779.708188][T12672] usb 1-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  779.718394][T12672] usb 1-1: Product: syz
[  779.722805][ T5820] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  779.731160][T12672] usb 1-1: Manufacturer: syz
[  779.735800][ T5820] usb 4-1: Manufacturer: syz
[  779.740755][T12672] usb 1-1: SerialNumber: syz
[  779.751070][ T5820] usb 4-1: config 0 descriptor??
[  779.757233][T12672] usb 1-1: config 0 descriptor??
[  779.768284][T17210] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[  779.785689][ T5894] usb 3-1: 0:2 : does not exist
[  779.820474][ T5894] usb 3-1: USB disconnect, device number 43
[  779.829839][ T5947] usb 2-1: new full-speed USB device number 33 using dummy_hcd
[  779.992995][T12672] usb 1-1: USB disconnect, device number 50
[  780.003449][ T5947] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  780.029674][ T5947] usb 2-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  780.052498][ T5947] usb 2-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0
[  780.063795][ T5947] usb 2-1: config 0 interface 0 has no altsetting 0
[  780.070611][ T5947] usb 2-1: New USB device found, idVendor=1b1c, idProduct=1b29, bcdDevice= 0.00
[  780.079970][ T5947] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  780.090810][ T5947] usb 2-1: config 0 descriptor??
[  780.110019][ T5820] rc_core: IR keymap rc-hauppauge not found
[  780.115923][ T5820] Registered IR keymap rc-empty
[  780.121336][ T5820] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  780.139764][ T5820] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  780.161496][ T5820] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[  780.174987][ T5820] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input74
[  780.189040][ T5820] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  780.190026][T12677] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  780.209757][ T5820] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  780.239707][ T5820] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  780.265590][ T5820] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  780.289860][ T5820] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  780.309767][ T5820] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  780.339916][ T5820] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  780.369788][ T5820] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  780.389756][ T5820] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  780.461625][T12677] usb 5-1: Using ep0 maxpacket: 16
[  780.473622][T12677] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  780.484487][ T5820] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  780.485858][T12677] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  780.502404][T12677] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  780.511017][T12677] usb 5-1: Product: syz
[  780.515227][T12677] usb 5-1: Manufacturer: syz
[  780.520039][T12677] usb 5-1: SerialNumber: syz
[  780.525707][T17276] netlink: 'syz.2.2309': attribute type 30 has an invalid length.
[  780.554685][T12677] usb 5-1: config 0 descriptor??
[  780.565014][T12677] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  780.582761][T12677] em28xx 5-1:0.0: DVB interface 0 found: bulk
[  780.591466][ T5820] mceusb 4-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  780.621884][ T5820] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  780.819997][T12677] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[  780.895152][T12677] em28xx 5-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  780.904582][T12677] em28xx 5-1:0.0: board has no eeprom
[  780.929901][ T5820] usb 1-1: new high-speed USB device number 51 using dummy_hcd
[  780.968672][T17250] em28xx 5-1:0.0: reading from i2c device at 0x8 failed (error=-5)
[  780.980141][T12677] em28xx 5-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  780.988088][T12677] em28xx 5-1:0.0: dvb set to bulk mode.
[  780.994269][   T10] em28xx 5-1:0.0: Binding DVB extension
[  781.007412][T12677] usb 5-1: USB disconnect, device number 37
[  781.016965][T12677] em28xx 5-1:0.0: Disconnecting em28xx
[  781.040490][   T10] em28xx 5-1:0.0: Registering input extension
[  781.047583][T12677] em28xx 5-1:0.0: Closing input extension
[  781.060829][ T5820] usb 1-1: device descriptor read/64, error -71
[  781.334974][ T5820] usb 1-1: new high-speed USB device number 52 using dummy_hcd
[  781.809774][ T5820] usb 1-1: device descriptor read/64, error -71
[  782.014044][ T5820] usb usb1-port1: attempt power cycle
[  782.182050][   T10] usb 4-1: USB disconnect, device number 53
[  782.442578][ T5820] usb 1-1: new high-speed USB device number 53 using dummy_hcd
[  782.470217][ T5820] usb 1-1: device descriptor read/8, error -71
[  782.749918][ T5820] usb 1-1: new high-speed USB device number 54 using dummy_hcd
[  783.191327][ T5820] usb 1-1: device descriptor read/8, error -71
[  783.215640][T12677] em28xx 5-1:0.0: Freeing device
[  783.218278][ T5947] usbhid 2-1:0.0: can't add hid device: -71
[  783.242702][ T5947] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  783.260866][ T5947] usb 2-1: USB disconnect, device number 33
[  783.310058][ T5820] usb usb1-port1: unable to enumerate USB device
[  783.763144][T17378] FAULT_INJECTION: forcing a failure.
[  783.763144][T17378] name failslab, interval 1, probability 0, space 0, times 0
[  783.777379][T17378] CPU: 0 UID: 0 PID: 17378 Comm: syz.2.2318 Not tainted syzkaller #0 PREEMPT(full) 
[  783.777400][T17378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  783.777410][T17378] Call Trace:
[  783.777416][T17378]  <TASK>
[  783.777422][T17378]  dump_stack_lvl+0x16c/0x1f0
[  783.777451][T17378]  should_fail_ex+0x512/0x640
[  783.777483][T17378]  ? fs_reclaim_acquire+0xae/0x150
[  783.777505][T17378]  should_failslab+0xc2/0x120
[  783.777524][T17378]  __kmalloc_noprof+0xdd/0x880
[  783.777548][T17378]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  783.777573][T17378]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  783.777590][T17378]  tomoyo_realpath_from_path+0xc2/0x6e0
[  783.777610][T17378]  ? tomoyo_profile+0x47/0x60
[  783.777632][T17378]  tomoyo_path_number_perm+0x245/0x580
[  783.777655][T17378]  ? tomoyo_path_number_perm+0x237/0x580
[  783.777685][T17378]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  783.777735][T17378]  ? find_held_lock+0x2b/0x80
[  783.777755][T17378]  ? hook_file_ioctl_common+0x145/0x410
[  783.777781][T17378]  ? __fget_files+0x20e/0x3c0
[  783.777800][T17378]  security_file_ioctl+0x9b/0x240
[  783.777817][T17378]  __x64_sys_ioctl+0xb7/0x210
[  783.777840][T17378]  do_syscall_64+0xcd/0xfa0
[  783.777865][T17378]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  783.777882][T17378] RIP: 0033:0x7fd3f918eec9
[  783.777897][T17378] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  783.777912][T17378] RSP: 002b:00007fd3fa100038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  783.777930][T17378] RAX: ffffffffffffffda RBX: 00007fd3f93e5fa0 RCX: 00007fd3f918eec9
[  783.777941][T17378] RDX: 0000200000000080 RSI: 00000000c0506107 RDI: 0000000000000003
[  783.777951][T17378] RBP: 00007fd3fa100090 R08: 0000000000000000 R09: 0000000000000000
[  783.777962][T17378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  783.777972][T17378] R13: 00007fd3f93e6038 R14: 00007fd3f93e5fa0 R15: 00007ffe5ad3d458
[  783.777997][T17378]  </TASK>
[  783.779090][T17378] ERROR: Out of memory at tomoyo_realpath_from_path.
[  784.284024][T17389] FAULT_INJECTION: forcing a failure.
[  784.284024][T17389] name failslab, interval 1, probability 0, space 0, times 0
[  784.403165][T17389] CPU: 1 UID: 0 PID: 17389 Comm: syz.2.2321 Not tainted syzkaller #0 PREEMPT(full) 
[  784.403191][T17389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  784.403200][T17389] Call Trace:
[  784.403206][T17389]  <TASK>
[  784.403212][T17389]  dump_stack_lvl+0x16c/0x1f0
[  784.403240][T17389]  should_fail_ex+0x512/0x640
[  784.403262][T17389]  ? __kmalloc_noprof+0xca/0x880
[  784.403287][T17389]  should_failslab+0xc2/0x120
[  784.403306][T17389]  __kmalloc_noprof+0xdd/0x880
[  784.403328][T17389]  ? __pfx____ratelimit+0x10/0x10
[  784.403350][T17389]  ? devkmsg_write+0x13a/0x3d0
[  784.403377][T17389]  ? devkmsg_write+0x13a/0x3d0
[  784.403397][T17389]  devkmsg_write+0x13a/0x3d0
[  784.403420][T17389]  ? __pfx_devkmsg_write+0x10/0x10
[  784.403443][T17389]  ? __lock_acquire+0x62e/0x1ce0
[  784.403479][T17389]  do_iter_readv_writev+0x662/0x9e0
[  784.403505][T17389]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  784.403528][T17389]  ? __import_iovec+0x1dd/0x650
[  784.403543][T17389]  ? avc_policy_seqno+0x9/0x20
[  784.403563][T17389]  ? selinux_file_permission+0x126/0x660
[  784.403583][T17389]  ? bpf_lsm_file_permission+0x9/0x10
[  784.403600][T17389]  ? security_file_permission+0x71/0x210
[  784.403620][T17389]  ? rw_verify_area+0xcf/0x6c0
[  784.403646][T17389]  vfs_writev+0x35f/0xde0
[  784.403674][T17389]  ? __lock_acquire+0x62e/0x1ce0
[  784.403703][T17389]  ? __pfx_vfs_writev+0x10/0x10
[  784.403746][T17389]  ? __fget_files+0x20e/0x3c0
[  784.403770][T17389]  ? do_writev+0x132/0x340
[  784.403792][T17389]  do_writev+0x132/0x340
[  784.403816][T17389]  ? __pfx_do_writev+0x10/0x10
[  784.403844][T17389]  ? rcu_is_watching+0x12/0xc0
[  784.403869][T17389]  do_syscall_64+0xcd/0xfa0
[  784.403896][T17389]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  784.403913][T17389] RIP: 0033:0x7fd3f918eec9
[  784.403928][T17389] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  784.403944][T17389] RSP: 002b:00007fd3fa100038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  784.403962][T17389] RAX: ffffffffffffffda RBX: 00007fd3f93e5fa0 RCX: 00007fd3f918eec9
[  784.403974][T17389] RDX: 0000000000000001 RSI: 0000200000000780 RDI: 0000000000000004
[  784.403984][T17389] RBP: 00007fd3fa100090 R08: 0000000000000000 R09: 0000000000000000
[  784.403994][T17389] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  784.404004][T17389] R13: 00007fd3f93e6038 R14: 00007fd3f93e5fa0 R15: 00007ffe5ad3d458
[  784.404030][T17389]  </TASK>
[  784.827694][T17395] FAULT_INJECTION: forcing a failure.
[  784.827694][T17395] name failslab, interval 1, probability 0, space 0, times 0
[  784.897309][T17395] CPU: 0 UID: 0 PID: 17395 Comm: syz.2.2322 Not tainted syzkaller #0 PREEMPT(full) 
[  784.897332][T17395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  784.897339][T17395] Call Trace:
[  784.897344][T17395]  <TASK>
[  784.897349][T17395]  dump_stack_lvl+0x16c/0x1f0
[  784.897368][T17395]  should_fail_ex+0x512/0x640
[  784.897386][T17395]  should_failslab+0xc2/0x120
[  784.897400][T17395]  __kmalloc_noprof+0xdd/0x880
[  784.897415][T17395]  ? sock_kmalloc+0x111/0x170
[  784.897428][T17395]  ? sock_kmalloc+0x111/0x170
[  784.897437][T17395]  sock_kmalloc+0x111/0x170
[  784.897450][T17395]  ipv6_renew_options+0x328/0xb50
[  784.897465][T17395]  ? __pfx_ipv6_renew_options+0x10/0x10
[  784.897482][T17395]  do_ipv6_setsockopt+0x1e1d/0x44b0
[  784.897497][T17395]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[  784.897507][T17395]  ? avc_has_perm_noaudit+0x117/0x3b0
[  784.897523][T17395]  ? avc_has_perm_noaudit+0x149/0x3b0
[  784.897538][T17395]  ? avc_has_perm+0x144/0x1f0
[  784.897551][T17395]  ? __pfx_avc_has_perm+0x10/0x10
[  784.897564][T17395]  ? get_pid_task+0x106/0x250
[  784.897575][T17395]  ? proc_fail_nth_write+0x9f/0x220
[  784.897592][T17395]  ? sock_has_perm+0x259/0x2f0
[  784.897606][T17395]  ? __pfx_sock_has_perm+0x10/0x10
[  784.897620][T17395]  ? selinux_netlbl_socket_setsockopt+0x183/0x470
[  784.897633][T17395]  ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10
[  784.897647][T17395]  ? ipv6_setsockopt+0xcb/0x170
[  784.897657][T17395]  ipv6_setsockopt+0xcb/0x170
[  784.897669][T17395]  udpv6_setsockopt+0x7d/0xd0
[  784.897682][T17395]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  784.897694][T17395]  do_sock_setsockopt+0xf3/0x1d0
[  784.897707][T17395]  __sys_setsockopt+0x1a0/0x230
[  784.897724][T17395]  __x64_sys_setsockopt+0xbd/0x160
[  784.897738][T17395]  ? syscall_trace_enter+0xee/0x240
[  784.897750][T17395]  do_syscall_64+0xcd/0xfa0
[  784.897766][T17395]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  784.897777][T17395] RIP: 0033:0x7fd3f918eec9
[  784.897785][T17395] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  784.897795][T17395] RSP: 002b:00007fd3fa100038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  784.897806][T17395] RAX: ffffffffffffffda RBX: 00007fd3f93e5fa0 RCX: 00007fd3f918eec9
[  784.897813][T17395] RDX: 0000000000000039 RSI: 0000000000000029 RDI: 0000000000000005
[  784.897819][T17395] RBP: 00007fd3fa100090 R08: 0000000000000000 R09: 0000000000000000
[  784.897825][T17395] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  784.897831][T17395] R13: 00007fd3f93e6038 R14: 00007fd3f93e5fa0 R15: 00007ffe5ad3d458
[  784.897845][T17395]  </TASK>
[  785.583841][T17406] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2324'.
[  785.775031][   T30] audit: type=1400 audit(2000000245.864:914): avc:  denied  { bind } for  pid=17412 comm="syz.1.2327" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  787.809852][T17437] FAULT_INJECTION: forcing a failure.
[  787.809852][T17437] name failslab, interval 1, probability 0, space 0, times 0
[  787.823127][T17437] CPU: 0 UID: 0 PID: 17437 Comm: syz.4.2331 Not tainted syzkaller #0 PREEMPT(full) 
[  787.823141][T17437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  787.823148][T17437] Call Trace:
[  787.823153][T17437]  <TASK>
[  787.823157][T17437]  dump_stack_lvl+0x16c/0x1f0
[  787.823178][T17437]  should_fail_ex+0x512/0x640
[  787.823194][T17437]  ? __kmalloc_noprof+0xca/0x880
[  787.823210][T17437]  should_failslab+0xc2/0x120
[  787.823222][T17437]  __kmalloc_noprof+0xdd/0x880
[  787.823236][T17437]  ? kernfs_fop_write_iter+0x237/0x570
[  787.823249][T17437]  ? kernfs_fop_write_iter+0x237/0x570
[  787.823259][T17437]  kernfs_fop_write_iter+0x237/0x570
[  787.823270][T17437]  vfs_write+0x7d3/0x11d0
[  787.823282][T17437]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[  787.823292][T17437]  ? __pfx___mutex_lock+0x10/0x10
[  787.823308][T17437]  ? __pfx_vfs_write+0x10/0x10
[  787.823326][T17437]  ksys_write+0x12a/0x250
[  787.823336][T17437]  ? __pfx_ksys_write+0x10/0x10
[  787.823349][T17437]  do_syscall_64+0xcd/0xfa0
[  787.823365][T17437]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  787.823376][T17437] RIP: 0033:0x7ff94858eec9
[  787.823385][T17437] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  787.823396][T17437] RSP: 002b:00007ff949381038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  787.823406][T17437] RAX: ffffffffffffffda RBX: 00007ff9487e6090 RCX: 00007ff94858eec9
[  787.823412][T17437] RDX: 0000000000000007 RSI: 0000200000000040 RDI: 0000000000000007
[  787.823425][T17437] RBP: 00007ff949381090 R08: 0000000000000000 R09: 0000000000000000
[  787.823432][T17437] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  787.823437][T17437] R13: 00007ff9487e6128 R14: 00007ff9487e6090 R15: 00007fff4e5c9318
[  787.823452][T17437]  </TASK>
[  787.999679][T12672] usb 2-1: new full-speed USB device number 34 using dummy_hcd
[  788.064767][ T5947] usb 1-1: new full-speed USB device number 55 using dummy_hcd
[  788.322136][ T5947] usb 1-1: config 150 has an invalid interface number: 204 but max is 2
[  788.330961][ T5947] usb 1-1: config 150 has 2 interfaces, different from the descriptor's value: 3
[  788.344425][ T5947] usb 1-1: config 150 has no interface number 0
[  788.351414][ T5947] usb 1-1: config 150 interface 204 has no altsetting 0
[  788.365862][ T5947] usb 1-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb
[  788.378285][T12672] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  788.395880][ T5947] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  788.406161][T12672] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  788.420564][ T5947] usb 1-1: Product: syz
[  788.428615][T12672] usb 2-1: Product: syz
[  788.434929][ T5947] usb 1-1: Manufacturer: syz
[  788.441783][T12672] usb 2-1: Manufacturer: syz
[  788.448501][ T5947] usb 1-1: SerialNumber: syz
[  788.455315][T12672] usb 2-1: SerialNumber: syz
[  788.478729][T12672] usb 2-1: config 0 descriptor??
[  788.674135][ T5947] xr_serial 1-1:150.204: skipping garbage
[  788.680488][ T5947] xr_serial 1-1:150.204: xr_serial converter detected
[  788.702365][T12672] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  788.715093][T17470] FAULT_INJECTION: forcing a failure.
[  788.715093][T17470] name failslab, interval 1, probability 0, space 0, times 0
[  788.738915][T17470] CPU: 0 UID: 0 PID: 17470 Comm: syz.2.2338 Not tainted syzkaller #0 PREEMPT(full) 
[  788.738941][T17470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  788.738951][T17470] Call Trace:
[  788.738957][T17470]  <TASK>
[  788.738965][T17470]  dump_stack_lvl+0x16c/0x1f0
[  788.738994][T17470]  should_fail_ex+0x512/0x640
[  788.739019][T17470]  ? kmem_cache_alloc_noprof+0x62/0x6e0
[  788.739046][T17470]  should_failslab+0xc2/0x120
[  788.739067][T17470]  kmem_cache_alloc_noprof+0x75/0x6e0
[  788.739091][T17470]  ? getname_flags.part.0+0x4c/0x550
[  788.739119][T17470]  ? getname_flags.part.0+0x4c/0x550
[  788.739140][T17470]  getname_flags.part.0+0x4c/0x550
[  788.739165][T17470]  getname_flags+0x93/0xf0
[  788.739191][T17470]  do_sys_openat2+0xb8/0x1d0
[  788.739212][T17470]  ? __pfx_do_sys_openat2+0x10/0x10
[  788.739234][T17470]  ? __fget_files+0x20e/0x3c0
[  788.739257][T17470]  __x64_sys_creat+0xcc/0x120
[  788.739279][T17470]  ? __pfx___x64_sys_creat+0x10/0x10
[  788.739299][T17470]  ? __pfx_ksys_write+0x10/0x10
[  788.739317][T17470]  ? rcu_is_watching+0x12/0xc0
[  788.739338][T17470]  ? do_syscall_64+0x91/0xfa0
[  788.739363][T17470]  do_syscall_64+0xcd/0xfa0
[  788.739389][T17470]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  788.739406][T17470] RIP: 0033:0x7fd3f918eec9
[  788.739420][T17470] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  788.739442][T17470] RSP: 002b:00007fd3fa0df038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[  788.739458][T17470] RAX: ffffffffffffffda RBX: 00007fd3f93e6090 RCX: 00007fd3f918eec9
[  788.739469][T17470] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000180
[  788.739479][T17470] RBP: 00007fd3fa0df090 R08: 0000000000000000 R09: 0000000000000000
[  788.739489][T17470] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  788.739499][T17470] R13: 00007fd3f93e6128 R14: 00007fd3f93e6090 R15: 00007ffe5ad3d458
[  788.739524][T17470]  </TASK>
[  789.266780][T17480] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2333'.
[  789.313647][T12672] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  789.329334][T12672] usb 2-1: USB disconnect, device number 34
[  789.583827][ T5947] usb 1-1: xr_serial converter now attached to ttyUSB0
[  790.175681][ T5947] usb 1-1: USB disconnect, device number 55
[  790.185970][ T5947] xr_serial ttyUSB0: xr_serial converter now disconnected from ttyUSB0
[  790.191632][T17514] binder: 17510:17514 unknown command 0
[  790.217041][T17514] binder: 17510:17514 ioctl c0306201 200000000080 returned -22
[  790.227954][ T5947] xr_serial 1-1:150.204: device disconnected
[  790.719733][ T5947] usb 4-1: new high-speed USB device number 54 using dummy_hcd
[  790.889774][ T5947] usb 4-1: Using ep0 maxpacket: 32
[  790.903715][ T5947] usb 4-1: config index 0 descriptor too short (expected 35577, got 27)
[  790.952270][ T5947] usb 4-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  790.966563][ T5947] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 92
[  790.982679][ T5947] usb 4-1: config 1 has no interface number 0
[  791.070680][ T5947] usb 4-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  791.101400][ T5947] usb 4-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  791.117748][ T5947] usb 4-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  791.134556][ T5947] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  791.155538][ T5947] snd_usb_pod 4-1:1.1: Line 6 Pocket POD found
[  791.274525][T17556] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2350'.
[  791.640422][ T5947] snd_usb_pod 4-1:1.1: Line 6 Pocket POD now attached
[  792.280524][T17560] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  792.289385][T17560] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  792.536908][T12700] usb 4-1: USB disconnect, device number 54
[  792.587878][T17572] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  792.596072][T17572] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  792.605322][T17572] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  792.613126][T17572] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  792.691328][T12700] snd_usb_pod 4-1:1.1: Line 6 Pocket POD now disconnected
[  793.363879][T17587] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[  793.370410][T17587] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  793.404407][T17587] vhci_hcd vhci_hcd.0: Device attached
[  793.419199][T17593] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2355'.
[  794.453907][T17589] vhci_hcd: connection closed
[  794.474740][ T3553] vhci_hcd: stop threads
[  794.522310][ T5947] vhci_hcd: vhci_device speed not set
[  794.530828][ T3553] vhci_hcd: release socket
[  794.536658][ T3553] vhci_hcd: disconnect device
[  794.587267][T17600] FAULT_INJECTION: forcing a failure.
[  794.587267][T17600] name failslab, interval 1, probability 0, space 0, times 0
[  794.601622][T17600] CPU: 0 UID: 0 PID: 17600 Comm: syz.3.2357 Not tainted syzkaller #0 PREEMPT(full) 
[  794.601646][T17600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  794.601653][T17600] Call Trace:
[  794.601658][T17600]  <TASK>
[  794.601662][T17600]  dump_stack_lvl+0x16c/0x1f0
[  794.601682][T17600]  should_fail_ex+0x512/0x640
[  794.601697][T17600]  ? fs_reclaim_acquire+0xae/0x150
[  794.601711][T17600]  should_failslab+0xc2/0x120
[  794.601723][T17600]  __kmalloc_noprof+0xdd/0x880
[  794.601736][T17600]  ? find_held_lock+0x2b/0x80
[  794.601749][T17600]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  794.601764][T17600]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  794.601774][T17600]  tomoyo_realpath_from_path+0xc2/0x6e0
[  794.601787][T17600]  ? tomoyo_profile+0x47/0x60
[  794.601801][T17600]  tomoyo_path_number_perm+0x245/0x580
[  794.601816][T17600]  ? tomoyo_path_number_perm+0x237/0x580
[  794.601832][T17600]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  794.601862][T17600]  ? find_held_lock+0x2b/0x80
[  794.601874][T17600]  ? hook_file_ioctl_common+0x145/0x410
[  794.601890][T17600]  ? __fget_files+0x20e/0x3c0
[  794.601903][T17600]  security_file_ioctl+0x9b/0x240
[  794.601915][T17600]  __x64_sys_ioctl+0xb7/0x210
[  794.601931][T17600]  do_syscall_64+0xcd/0xfa0
[  794.601946][T17600]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  794.601957][T17600] RIP: 0033:0x7f2b9a18eec9
[  794.601966][T17600] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  794.601977][T17600] RSP: 002b:00007f2b9afcd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  794.601987][T17600] RAX: ffffffffffffffda RBX: 00007f2b9a3e6090 RCX: 00007f2b9a18eec9
[  794.601993][T17600] RDX: 0000000000000000 RSI: 000000000000af01 RDI: 0000000000000006
[  794.601999][T17600] RBP: 00007f2b9afcd090 R08: 0000000000000000 R09: 0000000000000000
[  794.602006][T17600] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  794.602012][T17600] R13: 00007f2b9a3e6128 R14: 00007f2b9a3e6090 R15: 00007fff9f170dc8
[  794.602026][T17600]  </TASK>
[  794.602086][T17600] ERROR: Out of memory at tomoyo_realpath_from_path.
[  794.639700][ T5947] usb 41-1: new full-speed USB device number 8 using vhci_hcd
[  794.888096][ T5947] usb 41-1: enqueue for inactive port 0
[  794.889956][T17601] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[  794.900137][T17601] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  794.911700][T17601] vhci_hcd vhci_hcd.0: Device attached
[  795.050393][T17603] vhci_hcd: connection closed
[  795.051918][ T5947] vhci_hcd: vhci_device speed not set
[  795.068388][ T1146] vhci_hcd: stop threads
[  795.116016][ T1146] vhci_hcd: release socket
[  795.185465][T12700] vhci_hcd: vhci_device speed not set
[  795.192619][ T1146] vhci_hcd: disconnect device
[  795.257126][T12700] usb 39-1: new low-speed USB device number 7 using vhci_hcd
[  795.258067][T17609] veth0: entered promiscuous mode
[  795.265157][T12700] usb 39-1: enqueue for inactive port 0
[  795.420899][T12700] vhci_hcd: vhci_device speed not set
[  795.777283][   T30] audit: type=1400 audit(2000000255.864:915): avc:  denied  { getopt } for  pid=17614 comm="syz.2.2360" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  795.952062][T17607] veth0: left promiscuous mode
[  798.267691][T12700] libceph: connect (1)[c::]:6789 error -101
[  798.273836][T12700] libceph: mon0 (1)[c::]:6789 connect error
[  798.282696][T12700] libceph: connect (1)[c::]:6789 error -101
[  798.288758][T12700] libceph: mon0 (1)[c::]:6789 connect error
[  798.294984][T17649] ceph: No mds server is up or the cluster is laggy
[  798.869710][T12677] usb 1-1: new high-speed USB device number 56 using dummy_hcd
[  799.099685][T12677] usb 1-1: Using ep0 maxpacket: 8
[  799.107548][T12677] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  799.117014][T12677] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  799.169478][T12677] usb 1-1: config 0 descriptor??
[  799.835884][T12677] asix 1-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random
[  800.280272][T12672] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  800.475086][T12672] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  800.567842][T12672] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  800.613043][T12672] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  800.650789][T12672] usb 2-1: config 0 descriptor??
[  800.670281][T12672] pwc: Askey VC010 type 2 USB webcam detected.
[  800.813468][T17728] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2382'.
[  800.865174][T12672] pwc: recv_control_msg error -32 req 02 val 2b00
[  800.876846][T12672] pwc: recv_control_msg error -32 req 02 val 2700
[  800.885211][T12672] pwc: recv_control_msg error -32 req 02 val 2c00
[  800.904155][T12672] pwc: recv_control_msg error -71 req 04 val 1000
[  800.920033][T12672] pwc: recv_control_msg error -71 req 04 val 1300
[  800.936966][T12672] pwc: recv_control_msg error -71 req 04 val 1400
[  800.949284][T12672] pwc: recv_control_msg error -71 req 02 val 2000
[  801.036606][ T5947] usb 4-1: new high-speed USB device number 55 using dummy_hcd
[  801.049991][T12672] pwc: recv_control_msg error -71 req 02 val 2100
[  801.059550][T12672] pwc: recv_control_msg error -71 req 04 val 1500
[  801.067245][T12672] pwc: recv_control_msg error -71 req 02 val 2500
[  801.077680][T12672] pwc: recv_control_msg error -71 req 02 val 2400
[  801.086444][T12672] pwc: recv_control_msg error -71 req 02 val 2600
[  801.093823][T12672] pwc: recv_control_msg error -71 req 02 val 2900
[  801.103773][T12672] pwc: recv_control_msg error -71 req 02 val 2800
[  801.111322][T12672] pwc: recv_control_msg error -71 req 04 val 1100
[  801.119947][T12672] pwc: recv_control_msg error -71 req 04 val 1200
[  801.134310][T12672] pwc: Registered as video103.
[  801.145684][T12672] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input76
[  801.182218][ T5947] usb 4-1: device descriptor read/64, error -71
[  801.262351][T12672] usb 2-1: USB disconnect, device number 35
[  801.541629][ T5947] usb 4-1: new high-speed USB device number 56 using dummy_hcd
[  801.699763][ T5947] usb 4-1: device descriptor read/64, error -71
[  801.734878][   T30] audit: type=1400 audit(2000000261.824:916): avc:  denied  { write } for  pid=17796 comm="syz.4.2385" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  801.755552][T12677] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  801.766822][T12677] asix 1-1:0.0: probe with driver asix failed with error -71
[  801.775712][   T30] audit: type=1400 audit(2000000261.824:917): avc:  denied  { ioctl } for  pid=17796 comm="syz.4.2385" path="socket:[46071]" dev="sockfs" ino=46071 ioctlcmd=0xf512 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  801.800390][    C1] vkms_vblank_simulate: vblank timer overrun
[  801.820127][T12677] usb 1-1: USB disconnect, device number 56
[  801.871203][ T5947] usb usb4-port1: attempt power cycle
[  802.030443][T12672] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  802.160557][T17811] netlink: 'syz.1.2386': attribute type 30 has an invalid length.
[  802.190175][T12672] usb 5-1: Using ep0 maxpacket: 8
[  802.196429][T12672] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  802.206610][T12672] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  802.217224][T12672] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  802.227374][T12672] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  802.240633][T12672] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  802.249746][ T5947] usb 4-1: new high-speed USB device number 57 using dummy_hcd
[  802.257368][T12672] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  802.290516][ T5947] usb 4-1: device descriptor read/8, error -71
[  802.528578][T12672] usb 5-1: usb_control_msg returned -32
[  802.536086][T12672] usbtmc 5-1:16.0: can't read capabilities
[  802.559901][ T5947] usb 4-1: new high-speed USB device number 58 using dummy_hcd
[  802.601676][ T5947] usb 4-1: device descriptor read/8, error -71
[  802.622292][T12677] usb 3-1: new low-speed USB device number 44 using dummy_hcd
[  802.709991][ T5947] usb usb4-port1: unable to enumerate USB device
[  802.779652][T12677] usb 3-1: Invalid ep0 maxpacket: 64
[  802.910118][T12677] usb 3-1: new low-speed USB device number 45 using dummy_hcd
[  803.059854][T12677] usb 3-1: Invalid ep0 maxpacket: 64
[  803.067741][T12677] usb usb3-port1: attempt power cycle
[  803.275407][T17841] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  803.490100][T12677] usb 3-1: new low-speed USB device number 46 using dummy_hcd
[  803.520954][T12677] usb 3-1: Invalid ep0 maxpacket: 64
[  803.566541][T17856] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2393'.
[  804.526021][T12677] usb 3-1: new low-speed USB device number 47 using dummy_hcd
[  804.564037][T17861] netlink: 4400 bytes leftover after parsing attributes in process `syz.0.2391'.
[  804.592984][T12677] usb 3-1: Invalid ep0 maxpacket: 64
[  804.605688][T17861] binder: 17846:17861 ioctl 4018620d 0 returned -22
[  804.612375][T12677] usb usb3-port1: unable to enumerate USB device
[  804.634678][T17872] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2394'.
[  804.809375][T12672] usb 5-1: USB disconnect, device number 38
[  804.863045][T17896] lo speed is unknown, defaulting to 1000
[  804.940077][ T5947] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[  804.966226][T17896] FAULT_INJECTION: forcing a failure.
[  804.966226][T17896] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  804.979938][T17896] CPU: 1 UID: 0 PID: 17896 Comm: syz.4.2397 Not tainted syzkaller #0 PREEMPT(full) 
[  804.979961][T17896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  804.979972][T17896] Call Trace:
[  804.979978][T17896]  <TASK>
[  804.979992][T17896]  dump_stack_lvl+0x16c/0x1f0
[  804.980023][T17896]  should_fail_ex+0x512/0x640
[  804.980053][T17896]  _copy_from_user+0x2e/0xd0
[  804.980081][T17896]  do_sock_getsockopt+0x3ca/0x440
[  804.980102][T17896]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  804.980119][T17896]  ? __fget_files+0x204/0x3c0
[  804.980148][T17896]  __sys_getsockopt+0x12f/0x260
[  804.980178][T17896]  __x64_sys_getsockopt+0xbd/0x160
[  804.980201][T17896]  ? do_syscall_64+0x91/0xfa0
[  804.980225][T17896]  ? lockdep_hardirqs_on+0x7c/0x110
[  804.980249][T17896]  do_syscall_64+0xcd/0xfa0
[  804.980275][T17896]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  804.980292][T17896] RIP: 0033:0x7ff94858eec9
[  804.980306][T17896] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  804.980322][T17896] RSP: 002b:00007ff9493a2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  804.980339][T17896] RAX: ffffffffffffffda RBX: 00007ff9487e5fa0 RCX: 00007ff94858eec9
[  804.980351][T17896] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 000000000000000a
[  804.980361][T17896] RBP: 00007ff9493a2090 R08: 0000200000000200 R09: 0000000000000000
[  804.980371][T17896] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001
[  804.980381][T17896] R13: 00007ff9487e6038 R14: 00007ff9487e5fa0 R15: 00007fff4e5c9318
[  804.980406][T17896]  </TASK>
[  805.089680][T12677] usb 1-1: new high-speed USB device number 57 using dummy_hcd
[  805.098090][    C1] vkms_vblank_simulate: vblank timer overrun
[  805.162624][    C1] vkms_vblank_simulate: vblank timer overrun
[  805.168588][    C1] hrtimer: interrupt took 178978774 ns
[  805.268595][    C1] vkms_vblank_simulate: vblank timer overrun
[  805.299918][ T5947] usb 2-1: Using ep0 maxpacket: 32
[  805.312844][ T5947] usb 2-1: config 0 has an invalid interface number: 151 but max is 0
[  805.321330][ T5947] usb 2-1: config 0 has no interface number 0
[  805.327698][ T5947] usb 2-1: config 0 interface 151 has no altsetting 0
[  805.352029][ T5947] usb 2-1: New USB device found, idVendor=2770, idProduct=9008, bcdDevice=d9.3e
[  805.352531][T12677] usb 1-1: config 252 has an invalid interface number: 163 but max is 0
[  805.361231][ T5947] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  805.361302][ T5947] usb 2-1: Product: syz
[  805.361349][ T5947] usb 2-1: Manufacturer: syz
[  805.361396][ T5947] usb 2-1: SerialNumber: syz
[  805.437296][T12677] usb 1-1: config 252 has no interface number 0
[  805.450791][ T5947] usb 2-1: config 0 descriptor??
[  805.451397][T12677] usb 1-1: config 252 interface 163 altsetting 1 endpoint 0x6 has invalid wMaxPacketSize 0
[  805.607348][T12677] usb 1-1: config 252 interface 163 altsetting 1 bulk endpoint 0x6 has invalid maxpacket 0
[  805.645742][T12677] usb 1-1: config 252 interface 163 altsetting 1 endpoint 0x8 has invalid maxpacket 1024, setting to 64
[  805.789960][T12677] usb 1-1: config 252 interface 163 has no altsetting 0
[  805.815092][T12677] usb 1-1: New USB device found, idVendor=0bfd, idProduct=000e, bcdDevice=c9.a8
[  805.827289][T12677] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  805.843554][T12677] usb 1-1: Product: syz
[  805.847998][T12677] usb 1-1: Manufacturer: syz
[  805.853824][T12677] usb 1-1: SerialNumber: syz
[  806.117803][T12677] kvaser_usb 1-1:252.163: error -ENODEV: Cannot get usb endpoint(s)
[  806.355684][T12677] usb 1-1: USB disconnect, device number 57
[  806.819883][T17966] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2404'.
[  806.823922][T17967] tracefs: Invalid gid '0x00000000ffffffff'
[  807.400434][T17982] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  807.541130][T17987] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2409'.
[  807.709761][T12677] usb 4-1: new high-speed USB device number 59 using dummy_hcd
[  808.065485][   T10] usb 2-1: USB disconnect, device number 36
[  808.131604][T12677] usb 4-1: Using ep0 maxpacket: 32
[  808.173659][T12677] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  808.185691][T12677] usb 4-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  808.192316][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  808.194810][T12677] usb 4-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  808.201162][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  808.220133][T12677] usb 4-1: Product: syz
[  808.374079][T12677] usb 4-1: Manufacturer: syz
[  808.378831][T12677] usb 4-1: SerialNumber: syz
[  808.550856][   T30] audit: type=1400 audit(2000000268.624:918): avc:  denied  { connect } for  pid=18011 comm="syz.1.2414" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  808.609346][T12677] usb 4-1: config 0 descriptor??
[  808.668337][T17967] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  808.926445][ T5947] usb 4-1: USB disconnect, device number 59
[  808.959696][T12700] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  809.119670][T12700] usb 5-1: Using ep0 maxpacket: 8
[  809.130851][T12700] usb 5-1: config 0 has an invalid interface number: 55 but max is 0
[  809.138925][T12700] usb 5-1: config 0 has no interface number 0
[  809.149164][T12700] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  809.177270][T12700] usb 5-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  809.288065][T12700] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  809.384388][T12700] usb 5-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  809.441587][T12700] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  809.459636][T12700] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  809.497452][T12700] usb 5-1: config 0 descriptor??
[  809.515179][T12700] ldusb 5-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  809.727616][T18024] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  810.173897][T18024] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  810.221650][ T5947] usb 5-1: USB disconnect, device number 39
[  810.230285][ T5947] ldusb 5-1:0.55: LD USB Device #0 now disconnected
[  811.571744][T18093] overlay: Unknown parameter 'func'
[  811.740245][ T5947] usb 2-1: new full-speed USB device number 37 using dummy_hcd
[  811.884663][   T30] audit: type=1400 audit(2000000271.974:919): avc:  denied  { execute } for  pid=18091 comm="syz.3.2427" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=46394 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  812.376384][ T5820] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[  812.383257][T18114] binder: 18108:18114 ioctl c0306201 0 returned -14
[  812.392817][ T5947] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  812.443069][ T5947] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  812.456029][ T5947] usb 2-1: Product: syz
[  812.460346][ T5947] usb 2-1: Manufacturer: syz
[  812.465182][ T5947] usb 2-1: SerialNumber: syz
[  812.475208][ T5947] usb 2-1: config 0 descriptor??
[  812.551544][ T5820] usb 5-1: Using ep0 maxpacket: 16
[  812.558672][ T5820] usb 5-1: unable to get BOS descriptor or descriptor too short
[  812.569259][ T5820] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  812.691937][ T5947] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  812.710263][ T5820] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  812.746998][ T5820] usb 5-1: Product: syz
[  812.777294][ T5820] usb 5-1: Manufacturer: syz
[  812.783619][ T5820] usb 5-1: SerialNumber: syz
[  812.925752][   T30] audit: type=1400 audit(2000000273.014:920): avc:  denied  { mounton } for  pid=18121 comm="syz.0.2433" path="/475/file1" dev="autofs" ino=47264 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=dir permissive=1
[  813.206048][ T5820] usb 5-1: 2:1 : UAC_AS_GENERAL descriptor not found
[  813.224455][ T5820] usb 5-1: USB disconnect, device number 40
[  813.787282][ T5952] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[  813.937071][T18163] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2425'.
[  813.953671][ T5947] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  813.963370][ T5952] usb 3-1: Using ep0 maxpacket: 32
[  813.970920][ T5952] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  813.998208][ T5952] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  814.008629][ T5952] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  814.078761][T12700] usb 2-1: USB disconnect, device number 37
[  814.098729][ T5952] usb 3-1: Product: syz
[  814.108822][ T5952] usb 3-1: Manufacturer: syz
[  814.118935][ T5952] usb 3-1: SerialNumber: syz
[  814.136097][ T5952] usb 3-1: config 0 descriptor??
[  814.146586][T18125] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  814.164689][   T30] audit: type=1400 audit(2000000274.254:921): avc:  denied  { unmount } for  pid=5809 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  814.358695][ T5820] usb 3-1: USB disconnect, device number 48
[  814.519736][ T5952] usb 4-1: new high-speed USB device number 60 using dummy_hcd
[  814.729861][ T5952] usb 4-1: Using ep0 maxpacket: 8
[  814.795648][T18182] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  814.943346][T18182] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  814.983688][ T5952] usb 4-1: unable to get BOS descriptor or descriptor too short
[  814.992804][ T5952] usb 4-1: unable to read config index 0 descriptor/start: -71
[  815.001965][ T5952] usb 4-1: can't read configurations, error -71
[  818.015589][T18267] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  818.100369][T12700] usb 1-1: new full-speed USB device number 58 using dummy_hcd
[  818.774848][T12700] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  818.785816][T12700] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  818.802425][T12700] usb 1-1: Product: syz
[  818.810436][T12700] usb 1-1: Manufacturer: syz
[  818.818585][T12700] usb 1-1: SerialNumber: syz
[  818.825280][T12700] usb 1-1: config 0 descriptor??
[  819.035349][T18279] cgroup: none used incorrectly
[  819.083601][T12700] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  819.613902][T18291] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2451'.
[  819.843174][T12700] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  819.902613][T12700] usb 1-1: USB disconnect, device number 58
[  820.106214][T18319] raw_sendmsg: syz.1.2463 forgot to set AF_INET. Fix it!
[  821.991127][   T30] audit: type=1400 audit(2000000281.794:922): avc:  denied  { create } for  pid=18360 comm="syz.2.2476" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  822.221612][   T30] audit: type=1400 audit(2000000281.834:923): avc:  denied  { ioctl } for  pid=18360 comm="syz.2.2476" path="socket:[47631]" dev="sockfs" ino=47631 ioctlcmd=0x89e1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  822.222417][T18372] FAULT_INJECTION: forcing a failure.
[  822.222417][T18372] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  822.349675][   T30] audit: type=1400 audit(2000000281.934:924): avc:  denied  { setopt } for  pid=18360 comm="syz.2.2476" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  822.358858][T18372] CPU: 0 UID: 0 PID: 18372 Comm: syz.3.2479 Not tainted syzkaller #0 PREEMPT(full) 
[  822.358880][T18372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  822.358889][T18372] Call Trace:
[  822.358894][T18372]  <TASK>
[  822.358900][T18372]  dump_stack_lvl+0x16c/0x1f0
[  822.358926][T18372]  should_fail_ex+0x512/0x640
[  822.358951][T18372]  _copy_from_user+0x2e/0xd0
[  822.358974][T18372]  wext_handle_ioctl+0xc2/0x2a0
[  822.358997][T18372]  ? __pfx_wext_handle_ioctl+0x10/0x10
[  822.359021][T18372]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  822.359042][T18372]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  822.359062][T18372]  sock_ioctl+0x3a1/0x6b0
[  822.359080][T18372]  ? __pfx_sock_ioctl+0x10/0x10
[  822.359095][T18372]  ? hook_file_ioctl_common+0x145/0x410
[  822.359119][T18372]  ? selinux_file_ioctl+0x180/0x270
[  822.359133][T18372]  ? selinux_file_ioctl+0xb4/0x270
[  822.359149][T18372]  ? __pfx_sock_ioctl+0x10/0x10
[  822.359166][T18372]  __x64_sys_ioctl+0x18b/0x210
[  822.359187][T18372]  do_syscall_64+0xcd/0xfa0
[  822.359209][T18372]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  822.359224][T18372] RIP: 0033:0x7f2b9a18eec9
[  822.359236][T18372] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  822.359250][T18372] RSP: 002b:00007f2b9afee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  822.359266][T18372] RAX: ffffffffffffffda RBX: 00007f2b9a3e5fa0 RCX: 00007f2b9a18eec9
[  822.359276][T18372] RDX: 0000200000000040 RSI: 0000000000008b2a RDI: 0000000000000003
[  822.359285][T18372] RBP: 00007f2b9afee090 R08: 0000000000000000 R09: 0000000000000000
[  822.359294][T18372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  822.359303][T18372] R13: 00007f2b9a3e6038 R14: 00007f2b9a3e5fa0 R15: 00007fff9f170dc8
[  822.359324][T18372]  </TASK>
[  822.829220][   T30] audit: type=1400 audit(2000000282.294:925): avc:  denied  { setopt } for  pid=18366 comm="syz.0.2478" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  822.870996][   T30] audit: type=1400 audit(2000000282.424:926): avc:  denied  { unmount } for  pid=5809 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  823.329716][   T30] audit: type=1326 audit(2000000283.354:927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18377 comm="syz.3.2482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b9a18eec9 code=0x7fc00000
[  823.385614][   T30] audit: type=1326 audit(2000000283.354:928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18377 comm="syz.3.2482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2b9a18eec9 code=0x7fc00000
[  823.421809][T18392] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2485'.
[  823.449670][   T30] audit: type=1326 audit(2000000283.354:929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18377 comm="syz.3.2482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b9a18eec9 code=0x7fc00000
[  823.494238][   T30] audit: type=1326 audit(2000000283.354:930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18377 comm="syz.3.2482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b9a18eec9 code=0x7fc00000
[  823.579025][   T30] audit: type=1326 audit(2000000283.374:931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18377 comm="syz.3.2482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2b9a18eec9 code=0x7fc00000
[  823.907055][T18410] FAULT_INJECTION: forcing a failure.
[  823.907055][T18410] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  823.923441][T18410] CPU: 0 UID: 0 PID: 18410 Comm: syz.3.2489 Not tainted syzkaller #0 PREEMPT(full) 
[  823.923465][T18410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  823.923474][T18410] Call Trace:
[  823.923480][T18410]  <TASK>
[  823.923487][T18410]  dump_stack_lvl+0x16c/0x1f0
[  823.923517][T18410]  should_fail_ex+0x512/0x640
[  823.923547][T18410]  _copy_to_user+0x32/0xd0
[  823.923575][T18410]  simple_read_from_buffer+0xcb/0x170
[  823.923603][T18410]  proc_fail_nth_read+0x197/0x240
[  823.923623][T18410]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  823.923644][T18410]  ? rw_verify_area+0xcf/0x6c0
[  823.923668][T18410]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  823.923687][T18410]  vfs_read+0x1e1/0xcf0
[  823.923721][T18410]  ? __pfx___mutex_lock+0x10/0x10
[  823.923743][T18410]  ? __pfx_vfs_read+0x10/0x10
[  823.923762][T18410]  ? __fget_files+0x20e/0x3c0
[  823.923776][T18410]  ksys_read+0x12a/0x250
[  823.923785][T18410]  ? __pfx_ksys_read+0x10/0x10
[  823.923798][T18410]  do_syscall_64+0xcd/0xfa0
[  823.923814][T18410]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  823.923825][T18410] RIP: 0033:0x7f2b9a18d8dc
[  823.923835][T18410] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  823.923845][T18410] RSP: 002b:00007f2b9afcd030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  823.923855][T18410] RAX: ffffffffffffffda RBX: 00007f2b9a3e6090 RCX: 00007f2b9a18d8dc
[  823.923862][T18410] RDX: 000000000000000f RSI: 00007f2b9afcd0a0 RDI: 0000000000000009
[  823.923868][T18410] RBP: 00007f2b9afcd090 R08: 0000000000000000 R09: 0000000000000000
[  823.923874][T18410] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  823.923880][T18410] R13: 00007f2b9a3e6128 R14: 00007f2b9a3e6090 R15: 00007fff9f170dc8
[  823.923894][T18410]  </TASK>
[  824.314483][T18413] netlink: 'syz.2.2486': attribute type 30 has an invalid length.
[  824.952534][T18415] kvm: emulating exchange as write
[  824.974326][T18415] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  826.405946][T18456] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2498'.
[  826.609913][ T5820] usb 4-1: new high-speed USB device number 62 using dummy_hcd
[  826.879820][ T5820] usb 4-1: Using ep0 maxpacket: 32
[  826.890443][ T5820] usb 4-1: config 0 has an invalid interface number: 51 but max is 0
[  826.900137][ T5820] usb 4-1: config 0 has no interface number 0
[  826.909126][ T5820] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  826.924543][ T5820] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  826.932839][ T5820] usb 4-1: Product: syz
[  826.938488][ T5820] usb 4-1: Manufacturer: syz
[  826.945023][ T5820] usb 4-1: SerialNumber: syz
[  826.964191][ T5820] usb 4-1: config 0 descriptor??
[  826.972903][ T5820] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  827.068494][T18475] lo speed is unknown, defaulting to 1000
[  827.232104][ T5820] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  827.255405][ T5820] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  827.685857][T18465] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  828.640130][    C1] usb 4-1: qt2_read_bulk_callback - non-zero urb status: -71
[  828.647860][ T5820] usb 4-1: USB disconnect, device number 62
[  828.655685][ T5820] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  828.832968][ T5820] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  828.860634][ T5820] quatech2 4-1:0.51: device disconnected
[  828.934510][T18536] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2504'.
[  828.938576][T18543] __vm_enough_memory: pid: 18543, comm: syz.4.2507, bytes: 21200345985024 not enough memory for the allocation
[  829.180234][T12700] usb 1-1: new high-speed USB device number 59 using dummy_hcd
[  829.220039][ T5952] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[  829.745491][ T5952] usb 2-1: Using ep0 maxpacket: 16
[  829.773571][ T5952] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  829.789109][ T5952] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  829.808958][ T5952] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  829.818178][ T5952] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  829.826281][ T5952] usb 2-1: Product: syz
[  829.829617][T12700] usb 1-1: Using ep0 maxpacket: 32
[  829.830919][ T5952] usb 2-1: Manufacturer: syz
[  829.837180][T12700] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  829.840230][ T5952] usb 2-1: SerialNumber: syz
[  829.842601][ T5952] usb 2-1: config 0 descriptor??
[  829.853018][T12700] usb 1-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  829.943633][ T5952] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  829.955427][ T5952] em28xx 2-1:0.0: Audio interface 0 found (Vendor Class)
[  829.985102][T12700] usb 1-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  830.000362][T12700] usb 1-1: Product: syz
[  830.004539][T12700] usb 1-1: Manufacturer: syz
[  830.023596][T12700] usb 1-1: SerialNumber: syz
[  830.044252][T12700] usb 1-1: config 0 descriptor??
[  830.120384][T18535] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  830.127624][T18566] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2510'.
[  830.165244][   T30] kauditd_printk_skb: 64 callbacks suppressed
[  830.165254][   T30] audit: type=1326 audit(2000000290.254:996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18534 comm="syz.1.2504" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f738658eec9 code=0x0
[  830.406846][T12700] usb 1-1: USB disconnect, device number 59
[  830.679165][ T5952] em28xx 2-1:0.0: chip ID is em2874
[  830.992455][T18591] trusted_key: syz.4.2513 sent an empty control message without MSG_MORE.
[  832.116217][ T5894] usb 2-1: USB disconnect, device number 38
[  832.179109][ T5894] em28xx 2-1:0.0: Disconnecting em28xx
[  832.416222][ T5894] em28xx 2-1:0.0: Freeing device
[  832.458555][T18613] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2518'.
[  834.199683][ T5894] usb 5-1: new high-speed USB device number 41 using dummy_hcd
[  834.360616][ T5820] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  834.390052][ T5894] usb 5-1: Using ep0 maxpacket: 32
[  834.410564][ T5894] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  834.457126][ T5894] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  834.478424][T18655] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2526'.
[  834.488450][ T5894] usb 5-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  834.498760][ T5894] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  834.589959][ T5894] usb 5-1: config 0 descriptor??
[  834.620002][ T5820] usb 2-1: Using ep0 maxpacket: 32
[  834.627296][ T5820] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  834.641280][ T5820] usb 2-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  834.650559][ T5820] usb 2-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  834.660002][ T5820] usb 2-1: Product: syz
[  834.665076][ T5820] usb 2-1: Manufacturer: syz
[  834.672343][ T5820] usb 2-1: SerialNumber: syz
[  834.714004][ T5820] usb 2-1: config 0 descriptor??
[  834.722422][T18640] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  834.936251][   T10] usb 2-1: USB disconnect, device number 39
[  835.017576][ T5894] ft260 0003:0403:6030.0011: unknown main item tag 0x7
[  835.224841][ T5894] ft260 0003:0403:6030.0011: chip code: 6424 8183
[  835.551960][ T5894] ft260 0003:0403:6030.0011: USB HID v0.00 Device [HID 0403:6030] on usb-dummy_hcd.4-1/input0
[  835.891090][ T5894] ft260 0003:0403:6030.0011: failed to retrieve status: -32, no wakeup
[  835.911417][ T5894] ft260 0003:0403:6030.0011: failed to retrieve status: -32
[  836.019789][ T5894] ft260 0003:0403:6030.0011: failed to reset I2C controller: -71
[  836.178843][ T5894] usb 5-1: USB disconnect, device number 41
[  836.568208][T18732] netlink: 'syz.3.2534': attribute type 30 has an invalid length.
[  836.917022][T18754] 9pnet_fd: p9_fd_create_unix (18754): address too long: ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  837.639366][T18755] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2538'.
[  837.975815][T18765] 9pnet_fd: p9_fd_create_unix (18765): address too long: ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  838.771836][T18795] bond0: entered promiscuous mode
[  838.891606][T18796] netlink: 88 bytes leftover after parsing attributes in process `syz.0.2546'.
[  839.056876][T18795] bond_slave_0: entered promiscuous mode
[  839.100969][T18795] bond_slave_1: entered promiscuous mode
[  839.195119][T18795] batadv0: entered promiscuous mode
[  839.459755][T18795] hsr1: entered allmulticast mode
[  839.465668][T18795] bond0: entered allmulticast mode
[  839.471223][T18795] bond_slave_0: entered allmulticast mode
[  839.496174][T18795] bond_slave_1: entered allmulticast mode
[  839.512148][T18795] batadv0: entered allmulticast mode
[  839.545820][T18795] 8021q: adding VLAN 0 to HW filter on device hsr1
[  839.604113][T18795] bond0: left promiscuous mode
[  839.611184][T18795] bond_slave_0: left promiscuous mode
[  839.616748][T18795] bond_slave_1: left promiscuous mode
[  839.716208][T18795] batadv0: left promiscuous mode
[  839.970974][T12700] usb 4-1: new low-speed USB device number 63 using dummy_hcd
[  840.131453][T12700] usb 4-1: config 0 has an invalid interface number: 55 but max is 0
[  840.139787][T12700] usb 4-1: config 0 has no interface number 0
[  840.145882][T12700] usb 4-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  840.158084][T12700] usb 4-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[  840.174160][T12700] usb 4-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  840.201996][T12700] usb 4-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  840.218857][T12700] usb 4-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[  840.229790][   T10] usb 5-1: new high-speed USB device number 42 using dummy_hcd
[  840.255916][T12700] usb 4-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  840.269280][T12700] usb 4-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  840.279359][T12700] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  840.283510][ T3553] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  840.310099][T12700] usb 4-1: config 0 descriptor??
[  840.317433][T18809] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  840.325623][T18809] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  840.337279][T12700] ldusb 4-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  840.400867][ T3553] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  840.414812][   T10] usb 5-1: config index 0 descriptor too short (expected 23569, got 27)
[  840.426084][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  840.444497][   T10] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  840.522849][   T10] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  840.542575][ T3553] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  840.654839][   T10] usb 5-1: Manufacturer: syz
[  840.670734][   T10] usb 5-1: config 0 descriptor??
[  840.695875][ T3553] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  841.181126][   T10] rc_core: IR keymap rc-hauppauge not found
[  841.194089][   T10] Registered IR keymap rc-empty
[  841.242724][   T10] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  841.323184][   T10] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input78
[  841.836659][ T3553] bridge_slave_1: left allmulticast mode
[  841.840952][ T5894] usb 5-1: USB disconnect, device number 42
[  841.857863][ T3553] bridge_slave_1: left promiscuous mode
[  841.876561][ T3553] bridge0: port 2(bridge_slave_1) entered disabled state
[  841.923079][ T3553] bridge_slave_0: left allmulticast mode
[  841.938828][ T3553] bridge_slave_0: left promiscuous mode
[  841.973869][ T3553] bridge0: port 1(bridge_slave_0) entered disabled state
[  842.051721][T14947] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  842.063431][T14947] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  842.071898][T14947] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  842.088944][T14947] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  842.099020][T14947] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  842.124325][ T5823] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  842.135599][ T5823] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  842.144225][ T5823] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  842.153241][ T5823] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  842.160881][ T5823] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  842.176853][   T30] audit: type=1400 audit(2000000302.264:997): avc:  denied  { mounton } for  pid=18891 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  842.520787][ T3553] bridge0 (unregistering): left promiscuous mode
[  843.297843][ T3553] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  843.313957][ T3553] bond_slave_0: left allmulticast mode
[  843.358992][ T3553] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  843.372714][ T3553] bond_slave_1: left allmulticast mode
[  843.379008][ T3553] bond0 (unregistering): Released all slaves
[  843.411585][ T3553] bond1 (unregistering): Released all slaves
[  843.487641][T12700] usb 4-1: USB disconnect, device number 63
[  843.502815][T12700] ldusb 4-1:0.55: LD USB Device #0 now disconnected
[  843.694354][ T3553] tipc: Left network mode
[  843.695232][T18891] lo speed is unknown, defaulting to 1000
[  844.203691][ T5823] Bluetooth: hci2: command tx timeout
[  844.667301][T18971] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1538 sclass=netlink_route_socket pid=18971 comm=syz.0.2568
[  844.691787][T18980] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2569'.
[  845.877620][T18891] chnl_net:caif_netlink_parms(): no params data found
[  846.358640][ T5823] Bluetooth: hci2: command tx timeout
[  847.990791][ T3553] hsr_slave_0: left promiscuous mode
[  848.401765][ T3553] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  848.419750][ T5823] Bluetooth: hci2: command tx timeout
[  848.420197][ T3553] batman_adv: batadv0: Removing interface: batadv_slave_0
[  848.438501][ T3553] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  848.453399][ T3553] batman_adv: batadv0: Removing interface: batadv_slave_1
[  848.548139][ T3553] veth1_macvtap: left promiscuous mode
[  848.563597][ T3553] veth0_macvtap: left promiscuous mode
[  848.601763][ T3553] veth1_vlan: left promiscuous mode
[  848.622777][ T3553] veth0_vlan: left promiscuous mode
[  849.595720][T19154] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2581'.
[  849.613493][T19154] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2581'.
[  850.354193][T19159] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2583'.
[  850.546768][ T5823] Bluetooth: hci2: command tx timeout
[  850.987554][T19165] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2585'.
[  851.004742][ T3553] team0 (unregistering): Port device team_slave_1 removed
[  851.033955][ T3553] team0 (unregistering): Port device team_slave_0 removed
[  851.229689][T12677] usb 1-1: new high-speed USB device number 60 using dummy_hcd
[  851.317460][T18891] bridge0: port 1(bridge_slave_0) entered blocking state
[  851.324829][T18891] bridge0: port 1(bridge_slave_0) entered disabled state
[  851.332745][T18891] bridge_slave_0: entered allmulticast mode
[  851.339436][T18891] bridge_slave_0: entered promiscuous mode
[  851.365158][T18891] bridge0: port 2(bridge_slave_1) entered blocking state
[  851.380958][T12677] usb 1-1: Using ep0 maxpacket: 32
[  851.404486][T12677] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  851.410062][T18891] bridge0: port 2(bridge_slave_1) entered disabled state
[  851.427440][T12677] usb 1-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  851.443635][T12677] usb 1-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  851.443680][T18891] bridge_slave_1: entered allmulticast mode
[  851.457354][T12677] usb 1-1: Product: syz
[  851.463973][T12677] usb 1-1: Manufacturer: syz
[  851.480550][T12677] usb 1-1: SerialNumber: syz
[  851.640638][T18891] bridge_slave_1: entered promiscuous mode
[  851.646935][T12677] usb 1-1: config 0 descriptor??
[  851.732915][T19163] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  852.275522][T12677] usb 1-1: USB disconnect, device number 60
[  852.364294][T18891] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  852.416875][T18891] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  853.332510][T19270] binder: 19266:19270 ioctl c0306201 200000000080 returned -14
[  853.351600][T18891] team0: Port device team_slave_0 added
[  853.380848][T18891] team0: Port device team_slave_1 added
[  853.396990][T19271] netlink: 'syz.3.2593': attribute type 30 has an invalid length.
[  853.460285][T18891] batman_adv: batadv0: Adding interface: batadv_slave_0
[  853.469334][T18891] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  853.544316][T18891] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  853.563109][T18891] batman_adv: batadv0: Adding interface: batadv_slave_1
[  853.580633][T18891] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  853.629418][T18891] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  854.303612][ T3553] ------------[ cut here ]------------
[  854.309080][ T3553] WARNING: CPU: 1 PID: 3553 at net/xfrm/xfrm_state.c:3306 xfrm_state_fini+0x289/0x310
[  854.318660][ T3553] Modules linked in:
[  854.323136][ T3553] CPU: 1 UID: 0 PID: 3553 Comm: kworker/u8:7 Not tainted syzkaller #0 PREEMPT(full) 
[  854.332891][ T3553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  854.343656][ T3553] Workqueue: netns cleanup_net
[  854.348432][ T3553] RIP: 0010:xfrm_state_fini+0x289/0x310
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  854.354315][ T3553] Code: bb f7 90 0f 0b 90 e9 e7 fe ff ff e8 11 bf bb f7 90 0f 0b 90 e9 39 ff ff ff e8 03 bf bb f7 90 0f 0b 90 eb 8a e8 f8 be bb f7 90 <0f> 0b 90 e9 d5 fd ff ff e8 0a 33 24 f8 e9 f8 fd ff ff e8 30 33 24
[  854.374173][ T3553] RSP: 0018:ffffc9000cb17a90 EFLAGS: 00010293
[  854.380529][ T3553] RAX: 0000000000000000 RBX: ffff888022330000 RCX: fffff52001962f23
[  854.388480][ T3553] RDX: ffff888032742480 RSI: ffffffff8a00b598 RDI: ffff888032742904
[  854.394029][T18891] hsr_slave_0: entered promiscuous mode
[  854.396471][ T3553] RBP: ffff8880223314c0 R08: 0000000000000001 R09: 0000000000000000
[  854.404069][T18891] hsr_slave_1: entered promiscuous mode
[  854.410205][ T3553] R10: 0000000000000001 R11: 0000000000000000 R12: ffffc9000cb17bd8
[  854.423735][ T3553] R13: dffffc0000000000 R14: fffffbfff2057bb8 R15: ffffffff902bdda0
[  854.431872][ T3553] FS:  0000000000000000(0000) GS:ffff888124adf000(0000) knlGS:0000000000000000
[  854.441035][ T3553] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  854.447621][ T3553] CR2: 00007f702445f350 CR3: 00000000565a0000 CR4: 00000000003526f0
[  854.455798][ T3553] Call Trace:
[  854.459052][ T3553]  <TASK>
[  854.461969][ T3553]  ? __pfx_xfrm_net_exit+0x10/0x10
[  854.467063][ T3553]  xfrm_net_exit+0x2d/0x70
[  854.471493][ T3553]  ops_undo_list+0x2eb/0xab0
[  854.476062][ T3553]  ? __pfx_ops_undo_list+0x10/0x10
[  854.481501][ T3553]  ? cleanup_net+0x347/0x8b0
[  854.486085][ T3553]  ? idr_destroy+0x62/0x2e0
[  854.490602][ T3553]  cleanup_net+0x41b/0x8b0
[  854.494990][ T3553]  ? __pfx_cleanup_net+0x10/0x10
[  854.499914][ T3553]  ? rcu_is_watching+0x12/0xc0
[  854.504654][ T3553]  process_one_work+0x9cf/0x1b70
[  854.509591][ T3553]  ? __pfx_process_one_work+0x10/0x10
[  854.514952][ T3553]  ? assign_work+0x1a0/0x250
[  854.519513][ T3553]  worker_thread+0x6c8/0xf10
[  854.524283][ T3553]  ? __pfx_worker_thread+0x10/0x10
[  854.529365][ T3553]  kthread+0x3c2/0x780
[  854.533694][ T3553]  ? __pfx_kthread+0x10/0x10
[  854.538282][ T3553]  ? rcu_is_watching+0x12/0xc0
[  854.543149][ T3553]  ? __pfx_kthread+0x10/0x10
[  854.547711][ T3553]  ret_from_fork+0x672/0x7d0
[  854.552461][ T3553]  ? __pfx_kthread+0x10/0x10
[  854.557019][ T3553]  ret_from_fork_asm+0x1a/0x30
[  854.561785][ T3553]  </TASK>
[  854.564779][ T3553] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  854.572044][ T3553] CPU: 1 UID: 0 PID: 3553 Comm: kworker/u8:7 Not tainted syzkaller #0 PREEMPT(full) 
[  854.581466][ T3553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  854.591491][ T3553] Workqueue: netns cleanup_net
[  854.596229][ T3553] Call Trace:
[  854.599480][ T3553]  <TASK>
[  854.602387][ T3553]  dump_stack_lvl+0x3d/0x1f0
[  854.606966][ T3553]  vpanic+0x640/0x6f0
[  854.610922][ T3553]  ? xfrm_state_fini+0x289/0x310
[  854.615831][ T3553]  panic+0xca/0xd0
[  854.619559][ T3553]  ? __pfx_panic+0x10/0x10
[  854.623983][ T3553]  ? check_panic_on_warn+0x1f/0xb0
[  854.629062][ T3553]  check_panic_on_warn+0xab/0xb0
[  854.633985][ T3553]  __warn+0xf6/0x3c0
[  854.637851][ T3553]  ? xfrm_state_fini+0x289/0x310
[  854.642762][ T3553]  report_bug+0x3c3/0x580
[  854.647065][ T3553]  ? xfrm_state_fini+0x289/0x310
[  854.651971][ T3553]  handle_bug+0x184/0x210
[  854.656269][ T3553]  exc_invalid_op+0x17/0x50
[  854.660739][ T3553]  asm_exc_invalid_op+0x1a/0x20
[  854.665560][ T3553] RIP: 0010:xfrm_state_fini+0x289/0x310
[  854.671075][ T3553] Code: bb f7 90 0f 0b 90 e9 e7 fe ff ff e8 11 bf bb f7 90 0f 0b 90 e9 39 ff ff ff e8 03 bf bb f7 90 0f 0b 90 eb 8a e8 f8 be bb f7 90 <0f> 0b 90 e9 d5 fd ff ff e8 0a 33 24 f8 e9 f8 fd ff ff e8 30 33 24
[  854.690651][ T3553] RSP: 0018:ffffc9000cb17a90 EFLAGS: 00010293
[  854.696696][ T3553] RAX: 0000000000000000 RBX: ffff888022330000 RCX: fffff52001962f23
[  854.704635][ T3553] RDX: ffff888032742480 RSI: ffffffff8a00b598 RDI: ffff888032742904
[  854.712576][ T3553] RBP: ffff8880223314c0 R08: 0000000000000001 R09: 0000000000000000
[  854.720518][ T3553] R10: 0000000000000001 R11: 0000000000000000 R12: ffffc9000cb17bd8
[  854.728458][ T3553] R13: dffffc0000000000 R14: fffffbfff2057bb8 R15: ffffffff902bdda0
[  854.736405][ T3553]  ? xfrm_state_fini+0x288/0x310
[  854.741324][ T3553]  ? __pfx_xfrm_net_exit+0x10/0x10
[  854.746420][ T3553]  xfrm_net_exit+0x2d/0x70
[  854.750813][ T3553]  ops_undo_list+0x2eb/0xab0
[  854.755386][ T3553]  ? __pfx_ops_undo_list+0x10/0x10
[  854.760476][ T3553]  ? cleanup_net+0x347/0x8b0
[  854.765039][ T3553]  ? idr_destroy+0x62/0x2e0
[  854.769520][ T3553]  cleanup_net+0x41b/0x8b0
[  854.773911][ T3553]  ? __pfx_cleanup_net+0x10/0x10
[  854.778819][ T3553]  ? rcu_is_watching+0x12/0xc0
[  854.783568][ T3553]  process_one_work+0x9cf/0x1b70
[  854.788483][ T3553]  ? __pfx_process_one_work+0x10/0x10
[  854.793828][ T3553]  ? assign_work+0x1a0/0x250
[  854.798389][ T3553]  worker_thread+0x6c8/0xf10
[  854.802960][ T3553]  ? __pfx_worker_thread+0x10/0x10
[  854.808040][ T3553]  kthread+0x3c2/0x780
[  854.812078][ T3553]  ? __pfx_kthread+0x10/0x10
[  854.816635][ T3553]  ? rcu_is_watching+0x12/0xc0
[  854.821372][ T3553]  ? __pfx_kthread+0x10/0x10
[  854.825932][ T3553]  ret_from_fork+0x672/0x7d0
[  854.830489][ T3553]  ? __pfx_kthread+0x10/0x10
[  854.835046][ T3553]  ret_from_fork_asm+0x1a/0x30
[  854.839798][ T3553]  </TASK>
[  854.842987][ T3553] Kernel Offset: disabled
[  854.847283][ T3553] Rebooting in 86400 seconds..