last executing test programs:

2m19.62835031s ago: executing program 0 (id=352):
syz_open_dev$dri(0x0, 0x1ff, 0x145080)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, 0x0, 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000002100)=ANY=[@ANYBLOB="b0000000000000001659ec0889419429aa5db97288b0f8a87ea8e66d9a8b"], 0xb0)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000140)=ANY=[@ANYBLOB="10"], 0x10)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000280)=ANY=[@ANYBLOB="a8"], 0xa8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
write$FUSE_OPEN(r2, &(0x7f0000000000)={0x20, 0x0, 0x0, {0x0, 0x8}}, 0x20)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000b80), 0x800001, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',posixacl'])

2m19.454195847s ago: executing program 0 (id=353):
r0 = syz_usb_connect$hid(0x3, 0x36, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000002c0)={'ip6tnl0\x00', &(0x7f00000001c0)={'ip6_vti0\x00', <r1=>0x0, 0x4, 0x5, 0x81, 0x6, 0x12, @loopback, @mcast1, 0x8, 0x7, 0xfffffffa, 0x3}})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)=@gettclass={0x24, 0x2a, 0x8, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, r1, {0x7, 0x10}, {0x0, 0xe}, {0xa, 0x8}}, ["", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x2040011}, 0x20)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f00000000c0)=ANY=[@ANYBLOB="000008000000080482"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x6, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'bond_slave_0\x00', <r3=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r2, r3}, 0x40)

2m18.782432146s ago: executing program 0 (id=358):
gettid()
prlimit64(0x0, 0xe, &(0x7f0000000580)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_emit_ethernet(0x56, &(0x7f00000003c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd6000000000200000fe80000000000000000000000000002cfe8000000000000000000000000000bb2f0200000000000004017f04010005020453c2"], 0x0)
syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
quotactl$Q_SYNC(0xffffffff80000101, 0x0, 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
getrlimit(0x9, &(0x7f00000000c0))
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000052c0), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, 0x0)
syz_open_pts(0xffffffffffffffff, 0x40)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r2, &(0x7f0000000000), 0x10)
setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f00000000c0), 0xf00)

2m15.812811929s ago: executing program 0 (id=364):
syz_open_dev$dri(0x0, 0x1ff, 0x145080)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, 0x0, 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000002100)=ANY=[@ANYBLOB="b0000000000000001659ec0889419429aa5db97288b0f8a87ea8e66d9a8b"], 0xb0)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000140)=ANY=[@ANYBLOB="10"], 0x10)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000280)=ANY=[@ANYBLOB="a8"], 0xa8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
write$FUSE_OPEN(r2, &(0x7f0000000000)={0x20, 0x0, 0x0, {0x0, 0x8}}, 0x20)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000b80), 0x800001, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',posixacl'])

2m15.704108904s ago: executing program 0 (id=367):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000001c0)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000340)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x1d, &(0x7f0000000000)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x35, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = syz_open_procfs(0x0, &(0x7f0000000680)='mountinfo\x00')
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup/syz1\x00', 0x200002, 0x0)
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000580)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004000000000000b32f01e6bb220b35768ddfdbf8ca65fc745fdd3669153462384fa93460300e"], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r7 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r7, 0x40086602, &(0x7f0000000040)=0x10)
mknod(&(0x7f0000000000)='./file0\x00', 0x8, 0x184)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000340)={r6, 0x20, &(0x7f0000000100)={0x0, 0x0, <r8=>0x0, 0x0}}, 0x10)
r9 = fsopen(&(0x7f0000000200)='cifs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r9, 0x1, &(0x7f0000000ac0)='gid', &(0x7f0000000440)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\Eb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80Y\xc2\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\xf8\xc9@h\x01\xf5\xcb\x88\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9a\x84\'\xa3\xf1\xd9<\xb9k', 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000000c0)=r8, 0x4f)
ioctl$DRM_IOCTL_GET_MAP(r4, 0xc0286404, &(0x7f0000000400)={&(0x7f0000854000/0x1000)=nil})
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000002c0)={r3, r5, 0x1c, 0x0, @val=@target_btf_id=r8}, 0x14)
lseek(r4, 0x10001, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r10 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
dup(r10)
r11 = syz_open_dev$I2C(&(0x7f0000000480), 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000003c0)='i2c_result\x00'}, 0x10)
ioctl$I2C_RDWR(r11, 0x707, &(0x7f00000001c0)={&(0x7f0000000a00)=[{0x9, 0x0, 0x0, 0x0}], 0x1})

2m14.72181362s ago: executing program 0 (id=372):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x9, @empty, 0x9}, 0x1c)
listen(r0, 0x3)
syz_emit_ethernet(0x4a, &(0x7f00000004c0)=ANY=[@ANYBLOB="aaaaaaaaaa902e000000000086dd600a843500140600fe80000000000000000000f3000000bbfe8000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5002000090780000"], 0x0)
syz_emit_ethernet(0xaa, &(0x7f0000000540)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd6000d60000740600fe8000000000000000000000000000bbfe8000000000000000000000000000aa00004e22a203117df2a377ede96ac886b3f2a1afb6"], 0x0)

1m59.532341315s ago: executing program 32 (id=372):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x9, @empty, 0x9}, 0x1c)
listen(r0, 0x3)
syz_emit_ethernet(0x4a, &(0x7f00000004c0)=ANY=[@ANYBLOB="aaaaaaaaaa902e000000000086dd600a843500140600fe80000000000000000000f3000000bbfe8000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5002000090780000"], 0x0)
syz_emit_ethernet(0xaa, &(0x7f0000000540)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd6000d60000740600fe8000000000000000000000000000bbfe8000000000000000000000000000aa00004e22a203117df2a377ede96ac886b3f2a1afb6"], 0x0)

7.357377133s ago: executing program 2 (id=1005):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d6c2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x4, 0x0, 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xffffffff)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f0000000140)={0x0})
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
socket$nl_sock_diag(0x10, 0x3, 0x4)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000000)='nv\x00', 0x3)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/fs/cgroup', 0x0, 0x0)
getdents(r2, 0x0, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$vim2m(&(0x7f0000000000), 0x3, 0x2)
socket(0x10, 0x80002, 0x0)

6.630918433s ago: executing program 2 (id=1009):
openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x109842, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0xfffc, 0x0, @loopback}, 0x1c)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0xc, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
r2 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet_sctp(r2, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000100)='a', 0x1}], 0x1, 0x0, 0x0, 0x44}], 0x1, 0x0)
setsockopt$inet_sctp_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f0000000180)={0x9, 0x20, 0x8f, 0xff, 0x0, 0x0, 0x0, 0xc, 0x2, 0x0, 0x0, 0x0, 0x4, 0x5}, 0xe)
sendmmsg$inet_sctp(r2, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="300000000000000084000000010000000000000004"], 0x30}], 0x1, 0x0)
ioctl$sock_inet_udp_SIOCINQ(r2, 0x541b, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

5.433606987s ago: executing program 2 (id=1014):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_PIT2(r1, 0x4020aeb2, &(0x7f0000000300)={[{0x3, 0x8000, 0xe0, 0xfc, 0x0, 0xb, 0x1, 0x1e, 0x10, 0x2, 0x0, 0x5, 0x400001}, {0x0, 0x5, 0x1, 0xff, 0x4, 0xb, 0x81, 0x0, 0x20, 0x5, 0xd, 0x4}, {0x7, 0x0, 0x0, 0x11, 0x5, 0x9, 0xf8, 0x2, 0xfd, 0x0, 0x0, 0x0, 0xe0ee}]})
unshare(0x6a040000)
r2 = socket$kcm(0x10, 0x2, 0x10)
r3 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000), 0x102, 0x0)
read$FUSE(r3, &(0x7f0000002500)={0x2020}, 0x2020)
r4 = socket$kcm(0x29, 0x5, 0x0)
setsockopt$kcm_KCM_RECV_DISABLE(r4, 0x119, 0x1, &(0x7f0000000000)=0x2, 0x4)
setsockopt$kcm_KCM_RECV_DISABLE(r4, 0x119, 0x1, &(0x7f0000000080)=0x9, 0x4)
writev(r3, &(0x7f0000000400)=[{&(0x7f0000000080)='7', 0x1}], 0x1)
r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000300)={0x3c, r7, 0x1, 0x70bd24, 0x25dfdbfd, {}, [@ETHTOOL_A_LINKINFO_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKINFO_PHYADDR={0x5, 0x3, 0x6}, @ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2400d841}, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x8, &(0x7f0000000180)=@framed={{0x18, 0x8}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r5}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f00000000c0)=r8, 0x4)
fsopen(&(0x7f00000003c0)='befs\x00', 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000de080000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000003200)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r9, 0x1000000, 0xe, 0x0, &(0x7f0000000000)="63eced8e46dc3f0adf3389f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

4.089928133s ago: executing program 3 (id=1022):
syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
r1 = epoll_create1(0x0)
syz_open_dev$dri(0x0, 0x0, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0xffffffffffffff2b, 0x0)
ioctl$RTC_AIE_ON(0xffffffffffffffff, 0x7001)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'pim6reg0\x00', 0x2})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cc, 0x308)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r2)
sendmsg$NLBL_CIPSOV4_C_ADD(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000400)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01000000000000000000010000000800010004000000040004984001497cfdf35b00280008800400078014000780080005000000000008000600ee0000000c0005800800050000000000fe9fbbcf54422f1054ee0736aaeb7f062855fd8ff65c2aa07e892d985c338b2dd4e368505249930d870e97d44f9fb49597a8abb6295f350c88dc8868156ee69ddfe9d8173e98092a922d73d46219a158e7155ba95b9e8bdf23e23cb3f94a1a89ea7dcc80e5595044f8085d30423998b87cbc4f8de36cc2b0160ed8930db72f47a50fb128981e2124daec8ea2066a178406f5a0c1798e9dedb3e6a4d63a202693f10507de5329d4f17df3632271d6f6a5d4e29d79773c4befe68f662c3884d5f60f2e54bf9bd6b5a899a6449704f58eb2b38431b55f0f35098ac57900c6b9c7ff6129c2760dc4693c73c79d06a1f16964f3bad53cea15596a3d56ea6b17f6a993"], 0x50}}, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040))
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, 0x0)

4.035082852s ago: executing program 4 (id=1023):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4800070010000305000000000000000000cf0000", @ANYRES32=0x0, @ANYBLOB="03000000000000002000128008000100677265001400028008000600ac1414aa08000700e0"], 0x48}}, 0x0)

3.906275439s ago: executing program 4 (id=1024):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'macvlan0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000900)={0x0, 0xfffe, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="2c000000130001c3000000000000000000000800", @ANYRES32=r2, @ANYBLOB="0000d400000000000a000100003b"], 0x2c}}, 0x0)

3.817720999s ago: executing program 4 (id=1025):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xf}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x6, 0x3, 0xc06a2f6, 0x1, 0x7}, 0x6, 0x0, 0xa, 0x4, 0x6, 0x8, 0x18, 0x9, 0x3, 0x4, {0x0, 0x2, 0x9, 0x800, 0x8704, 0x27000000}}}}]}, 0x78}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newtfilter={0x90, 0x2c, 0xd2b, 0x800, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x9}, {}, {0x7, 0xf}}, [@filter_kind_options=@f_u32={{0x8}, {0x64, 0x2, [@TCA_U32_SEL={0x44, 0x5, {0xe, 0x1, 0x3, 0x1, 0x4, 0x2, 0xe, 0xfffffffa, [{0x200, 0x500, 0x3, 0xe}, {0x6783, 0x2, 0x8001, 0x10}, {0x0, 0x53, 0xa9, 0x3}]}}, @TCA_U32_CLASSID={0x8, 0x1, {0x1, 0xa}}, @TCA_U32_INDEV={0x14, 0x8, 'veth0_to_batadv\x00'}]}}]}, 0x90}}, 0x24044094)

3.712078347s ago: executing program 2 (id=1026):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000f00)={0x24, r1, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_FAMILY={0x6, 0xb, 0x2}, @NLBL_MGMT_A_PROTOCOL={0x8, 0x2, 0x5}]}, 0x24}}, 0x0)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NFC_CMD_LLC_GET_PARAMS(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x40, r2, 0x400, 0x70bd28, 0x25dfdbfe, {}, [@NFC_ATTR_FIRMWARE_NAME={0x6, 0x14, '!,'}, @NFC_ATTR_FIRMWARE_NAME={0x6, 0x14, '%]'}, @NFC_ATTR_FIRMWARE_NAME={0x8, 0x14, '\'@:*'}, @NFC_ATTR_FIRMWARE_NAME={0x11, 0x14, '@\\)\xce\\@:#(},/$'}]}, 0x40}}, 0x8000)

3.681164769s ago: executing program 4 (id=1027):
r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000040)="12966ddb065268f3aa257503b99238c581161099ff411d7dbafbfff232519a91929c93f27dd309af151fbe8f320f88f5cc283da8d587e63cea5836b5ec88ad3d8fcc52ff90968b3323ac9aa143de108d91", 0x51)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000000c0)={0x0, &(0x7f0000000140)})
syz_open_procfs(0xffffffffffffffff, 0x0)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_CM_ID_GET(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB="10000000151401"], 0x10}}, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f00000001c0))
syz_usb_connect(0x2, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="120110019bde521023398a71d7d80102030109022400010509401909047b07022d51d5980905eb0220000202050905040600"], 0x0)
setsockopt$packet_int(r1, 0x107, 0x13, &(0x7f0000000100), 0x4)
setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r0, 0x28, 0x2, &(0x7f0000000140), 0x8)

3.519771953s ago: executing program 5 (id=1028):
gettid()
prlimit64(0x0, 0xe, &(0x7f0000000580)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_emit_ethernet(0x56, &(0x7f00000003c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd6000000000200000fe80000000000000000000000000002cfe8000000000000000000000000000bb2f0200000000000004017f04010005020453c2"], 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
getrlimit(0x9, &(0x7f00000000c0))
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, 0x0)
syz_open_pts(0xffffffffffffffff, 0x40)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000300)={'vxcan1\x00', <r2=>0x0})
bind$can_raw(r1, &(0x7f0000000000)={0x1d, r2}, 0x10)
setsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, &(0x7f00000000c0), 0xf00)

3.519197377s ago: executing program 2 (id=1030):
prlimit64(0x0, 0xf, &(0x7f0000000140)={0xb, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/tty/ldiscs\x00', 0x0, 0x0)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_LINK_PRI(r0, &(0x7f0000000400)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000003c0)={0x0}, 0x1, 0x0, 0x0, 0x40080c4}, 0x20000000)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
symlink(0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f000038e000/0x4000)=nil, 0x4000, 0xb635773f05ebbee6, 0x50, r0, 0xffffc000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[], 0x7c}}, 0x4000)
sendmsg$NFT_BATCH(r4, 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x8041, 0x0)
write$dsp(r5, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
ioctl$SNDCTL_DSP_SYNC(r5, 0x5001, 0x0)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$SNDCTL_DSP_SYNC(r5, 0x5001, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000480)={r0, 0x58, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r7=>0x0}}, 0xfffffffffffffe0e)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000300), 0xc, &(0x7f0000000680)={&(0x7f0000000600)=@getchain={0x64, 0x66, 0x400, 0x70bd26, 0x25dfdbfd, {0x0, 0x0, 0x0, r7, {0x3, 0xc}, {0x0, 0x7}, {0x3, 0xfff2}}, [{0x8, 0xb, 0x2}, {0x8, 0xb, 0x6}, {0x8, 0xb, 0x1000}, {0x8}, {0x8, 0xb, 0x4}, {0x8, 0xb, 0xffffff81}, {0x8, 0xb, 0x326}, {0x8, 0xb, 0xb}]}, 0x64}, 0x1, 0x0, 0x0, 0x2805}, 0x40400c0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x6, 0x0, 0x8100, 0x0, {0x1, 0x10}, {0xd}, {0xe, 0x10}}, [@TCA_RATE={0x6}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x11, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1}}, {0x6, 0x1b, [0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x4080}, 0x0)

2.623691176s ago: executing program 1 (id=1031):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_AUTHENTICATE(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000001c0)={0x34, r2, 0x1, 0x70bd2a, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_SSID={0x4}, @NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0x5}]}, 0x34}, 0x1, 0x0, 0x0, 0x10000}, 0x800)
sendmsg$IPSET_CMD_HEADER(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x2c, 0xc, 0x6, 0x101, 0x0, 0x0, {0x3}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x10000}, 0x20000000)

2.455349706s ago: executing program 1 (id=1032):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d6c2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x4, 0x0, 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xffffffff)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f0000000140)={0x0})
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
socket$nl_sock_diag(0x10, 0x3, 0x4)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000000)='nv\x00', 0x3)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/fs/cgroup', 0x0, 0x0)
getdents(r2, 0x0, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)

2.436354786s ago: executing program 2 (id=1033):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/psched\x00')
pread64(r0, &(0x7f00000002c0)=""/163, 0xa3, 0x0)
sendmsg$key(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="9100d70025bd166037daa5beab411a00ac1e01010000000000000000004787333a800000001200"/62], 0x38}}, 0x8004)
r1 = openat$cgroup_ro(r0, &(0x7f00000003c0)='cgroup.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
futex_waitv(&(0x7f0000002e40)=[{0xed9, 0x0}], 0x1, 0x0, &(0x7f0000000800), 0x1)
unshare(0x40000000)
syz_usb_connect(0x0, 0x36, 0x0, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'ecryptfs', 0x20, 'trusted:', 'syz', 0x20, 0x20000096c}, 0x2e, 0x0)
r3 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffa)
r4 = socket(0x10, 0x3, 0x0)
r5 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000000)=@newqdisc={0x44, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_codel={{0xa}, {0x14, 0x2, [@TCA_CODEL_LIMIT={0x8, 0x2, 0xa2}, @TCA_CODEL_CE_THRESHOLD={0x7, 0x5, 0x8}]}}]}, 0x44}}, 0x0)
prctl$PR_SET_IO_FLUSHER(0x39, 0x1)
add_key(&(0x7f0000000180)='cifs.spnego\x00', &(0x7f00000000c0)={'syz', 0x2}, &(0x7f0000000300)="f6edd5e2b5636ef4183dc49e930d67a23fcd0dfe264cbffc9e7c308b46b8236238960b8ee451c8fe054c8db75ec0bc5e7b08f0ba2340c728dd8f8da97c2178bd55d09abdca4ff6e1833f347aa09991c39b4f46710e10fbd1b80d4c777f84d2ae622aa90730bc5ad91724a1f3589c9953ae9044e6f11b8a63986d208d8864e4d0bdc22a", 0x83, r3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x4e23, @rand_addr=0x64010102}]}, &(0x7f00000002c0)=0x10)

2.402458069s ago: executing program 5 (id=1034):
r0 = syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000000)={0x0, &(0x7f00000001c0)=[<r1=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f0000001480)={0x0, 0x0, r1, <r2=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r0, 0xc06864ce, &(0x7f0000000300)={r2, 0x0, 0x9, 0xfffffffd, 0x0, [<r3=>0x0], [0x9, 0x0, 0x0, 0x8], [0x2, 0x0, 0x100, 0xd], [0x1000000000000, 0xab6, 0xfffffffffffffffd, 0x80000000]})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000080)={r3, 0x0, <r4=>0xffffffffffffffff})
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1000004, 0x13, r4, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x60ff, 0x4)

2.278545032s ago: executing program 1 (id=1035):
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000002100)=ANY=[@ANYBLOB="b0000000000000001659ec0889419429aa5db97288b0f8a87ea8e66d9a8b"], 0xb0)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000140)=ANY=[@ANYBLOB="10"], 0x10)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000280)=ANY=[], 0xa8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
write$FUSE_OPEN(r2, &(0x7f0000000000)={0x20, 0x0, 0x0, {0x0, 0x8}}, 0x20)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000b80), 0x800001, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',posixacl'])

2.255945777s ago: executing program 5 (id=1036):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_PIT2(r1, 0x4020aeb2, &(0x7f0000000300)={[{0x3, 0x8000, 0xe0, 0xfc, 0x0, 0xb, 0x1, 0x1e, 0x10, 0x2, 0x0, 0x5, 0x400001}, {0x0, 0x5, 0x1, 0xff, 0x4, 0xb, 0x81, 0x0, 0x20, 0x5, 0xd, 0x4}, {0x7, 0x0, 0x0, 0x11, 0x5, 0x9, 0xf8, 0x2, 0xfd, 0x0, 0x0, 0x0, 0xe0ee}]})
unshare(0x6a040000)
r2 = socket$kcm(0x10, 0x2, 0x10)
r3 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000), 0x102, 0x0)
read$FUSE(r3, &(0x7f0000002500)={0x2020}, 0x2020)
r4 = socket$kcm(0x29, 0x5, 0x0)
setsockopt$kcm_KCM_RECV_DISABLE(r4, 0x119, 0x1, &(0x7f0000000000)=0x2, 0x4)
setsockopt$kcm_KCM_RECV_DISABLE(r4, 0x119, 0x1, &(0x7f0000000080)=0x9, 0x4)
writev(r3, &(0x7f0000000400)=[{&(0x7f0000000080)='7', 0x1}], 0x1)
r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000300)={0x3c, r7, 0x1, 0x70bd24, 0x25dfdbfd, {}, [@ETHTOOL_A_LINKINFO_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKINFO_PHYADDR={0x5, 0x3, 0x6}, @ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2400d841}, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x8, &(0x7f0000000180)=@framed={{0x18, 0x8}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r5}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f00000000c0)=r8, 0x4)
fsopen(&(0x7f00000003c0)='befs\x00', 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000de080000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000003200)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r9, 0x1000000, 0xe, 0x0, &(0x7f0000000000)="63eced8e46dc3f0adf3389f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

2.141065636s ago: executing program 3 (id=1037):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xf}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x6, 0x3, 0xc06a2f6, 0x1, 0x7}, 0x6, 0x0, 0xa, 0x4, 0x6, 0x8, 0x18, 0x9, 0x3, 0x4, {0x0, 0x2, 0x9, 0x800, 0x8704, 0x27000000}}}}]}, 0x78}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newtfilter={0x90, 0x2c, 0xd2b, 0x800, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x9}, {}, {0x7, 0xf}}, [@filter_kind_options=@f_u32={{0x8}, {0x64, 0x2, [@TCA_U32_SEL={0x44, 0x5, {0xe, 0x1, 0x3, 0x1, 0x4, 0x2, 0xe, 0xfffffffa, [{0x200, 0x500, 0x3, 0xe}, {0x6783, 0x2, 0x8001, 0x10}, {0x0, 0x53, 0xa9, 0x3}]}}, @TCA_U32_CLASSID={0x8, 0x1, {0x1, 0xa}}, @TCA_U32_INDEV={0x14, 0x8, 'veth0_to_batadv\x00'}]}}]}, 0x90}}, 0x24044094)

2.134297771s ago: executing program 1 (id=1038):
prlimit64(0x0, 0xe, &(0x7f0000000580)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f0000000080)={0x0, 0x304000, 0x800, 0x0, 0x4}, 0x20)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x5d032, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, 0x0)
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, 0x0)
r2 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
ioctl$KVM_SET_NESTED_STATE(r5, 0x4080aebf, &(0x7f0000005700)={{0x0, 0x0, 0x80, {0x100000, 0xeeee8000}}, "cb31455c9e9d288a70a2a6bb8068fd95dd041cf5b177a3bffe992dfbbdf959487337b92336ce1de32e7695c411c0bf9f852d2d71192f33001fd51f5b396a55cb98699a09d21648c4cb30d9d7e3e397c7a3c041c76c72385a46c48c5302848c3696facce956952c2a85822ddf20434ccee5806294ed563ff3a972cddf6ef16ddace933d8a5adea40cd3ad40c9873c29368838e815ff59723519154856b2d5cd9cd79a97af85a08dada1175817886e5f9e7aa3dca783a44c667a4806826570ec6acb57d65efc313a384e11fb633dee17ee600145f2cb3103384606140021be766fcb7fa029f0513bbb466177ca1068192550bbf4e6f5694aec747a16e27688a988fa595bca1761b8e88a7dbcaeaf97a8b7b53058b1faf880dd6f1b6eb4c7beb0582b4007f1a67db1352407adbe1456bf762c94fd825b9419d74f63cdeb6c6976de1890d773f0c8088d2bd48a838cf5b87f5ddf926352960fb978874b0f175acfa55ddfe84de3fc9f75b58bf7a35f33d3c43ed5e3224e92751fa1b43f94f64b681163ef1360a3f3bb7403afc67a188b2104b45c5814aaa9e218552498bf85f4b221d9acc32a331f5f8c109cc9f335ff4e418ab30b54b99d5376cd928c431fc8211fcbaf64716afdc4b6d0417e04d5723e4675d282b36bef3a3a19e855029ec7c33830a6df19332b63e9d8a0f22d96ac230c67657a4e7f7afab91dc0ce751b68980e5a4f6d9d6d9b98802ba9d8576640eea61b8c308a1745df61560e56108bececa3016d93246fdc8b768634e8319b1ffde103c07378f8f4927baba05e992a4b5af0958a7e495e7ce53f7917451d15a963ca14f5cdc4563775688b6533a4b97e0f84b0a33c30077b20805c1f42cc7815efada97ad59ac486bc9e0ee386b49cb97b47fbf8f919f06c75a49636795054b5ebee3e91602c90d7f4db49220affe56d56b96e4f662b2bf36dae482ffc7ba21cbc55e21b73309d6b7aa5509defcb77c236e43b579c61eae5c8d8f8fa71ad876b96069f2e4352c8aaf16e299d21edf5434c0cd9b25cdc9210fb0de759b1dd3fc7fe4c7118bbde72a5617dff21f7a5036448fba7fe41aaee0c289cd076d757e47b0713b236f6f141ba0112c9312b3ec853aabafdf1eb2cbb517d2d7352725f557214d27d9a340af0128fc960a4ea64c933b0d8dd226b6e024471aaac8a7074b2a8695ab990fabba5bf315d246fbfe4260f1fffe54814e33b6235c5b4095437298858909bcbd40a8a286d1bedb06b7b1775bce0a5bca19b0a5c2fa8dbf87b55ae0a43c5086422e5bacb94047e150451f5996420b0d4a697f59decb49900b2b9c13aade536933e14d672c21a35cb68572c3de02f3147414eff4b8674b91f7aebf35f056a8d388f67f8ef7cfaf6b28fe745831ef41def1839791647016932c70685752851327f1837d2f1e9d8f93443eefed2317119c8152ca451a5d3aeb253fb484283f52e5db9f61f059ad3c217a860ee0571d254483501b00699208c7fa5571cf58b9715c954115bc2db0af28361938bb95ced7370c8cbb6141ef62fdbf369dfc4eccd98ab9886d79a52cbf91a27dd0f4b29940492e860fb94654dea54fad6290570760e3b59a0cf28053732472dc313b5fedfc583fc702a880971dc61286370aaf167810455cce7654dc4325a41d9d1944abcdc4d81378f1e96a8f94cd95b886a01f086e379601504219d57d531ba34e1ba0905785fb629c61f6b940a652cdee9dbef12b7fcde087b92816db3386a5769049ba00788e31de4ddbb8b56de1fbe3a5e671728effda7cfd0b650cf5df2faf22470812efbbb548e47cbf36c64e05a7877820f08948ceedb35e12a4a143ee0101a7bf0a00a4062b50c39020669700adf739a6f75352a45fd1373d3e85c3867170373f0c7a794d8590f4c22ae62d438ec365b0f6a15cb2ffe0fc6f57185e1760761bd4370027c01dfad0502f00b6898115df3c530d0b0b4a64e623fd580b528a733e4c881cf5843a975a97f92a7833527887c79fa8eec82b9526a15c6c5f2972083ce8aec735810580ffa4ea2cef4823aee044dd70927f7c07bba18b930006aa86ae7399ac6b4c24bc9d6a6ab0c5b428d7255d4d983eadf97e10c1b00867da29ac981acb453073a37236e7ae808e7759b2e0cffc3ec43afb1e95cd090a7d4b9225a0e3cbebfe49b93846ab603891e2da7d85a04bf42d12d16a97c965bc4911d3ba7a9ca505794d8744fef00a436089de67aa8b480070230dfb002eb91edaff428d4908a87afae418dff7ca59aefe1ad8f6935f309fe7985c2310881659c60a66a5e50242497ba1cd5d2bd79496ccd23f9fd901afc6622829cb3701caa50f96e09e3b23bfa3181b74ec7dae2e42c9caab43e49ae1d922a1a1eb3682de026323d9215fcec42c54401a1af81450830a4b784ed1c7922734bf3632409147680dd3fabcef296353705bb5c0e650e12905a05db1e7923923a96ddc783fc1ed46e2010416c37d9d149ad73e808bd6e4464f62893024a8501803b6c88fc55c8bbc1da7cbf580b5a81fb7c61455ae3a8aaec303fba12e0f2b51ed5e8bd31db40e8bdbd00e7b1ddd364766c974d813d86fc88a27bf82bba60c62e5f0f6af6bda3390f8e72a2811baf3d6325e70d9a3b59cab1abe95290ecb87985567e1243504c038de9d4d100ea64eec45208cd8d2474e646f7d81eed6d59b8b0859552b6fc088d874cde3e75ee30243dc9d88ed5b577851a5bd9e2a453287025777fcac19ac33e1c94b4ad272f1055b16b842a6bd6168fb45f1f74ed2467020df5431068a5f2cbeaa6ac1841308c7c9f752aa06927f91fdf18ef9d9e942367e5ecac0abf4d3b8fc7b80238c0e7faf2ea7d3f5271028fc558a44799bde63168becc67c5531e843336fb16ab618d37f95a91937b824bf896b044146bc3a5e264a8f23ddd00729cd9aa56d9a9a24b7ab96ae021b193d8874d03ff4b723d86b7564e550378599c3e0c7a2b3d447ad76eb4cd699733d970a5ab218429a1af81df9c8013d6d16a6bcb019f6ace4461cdaa785d20ea027cfa53d521bb91ad2c04aaa6c0f268b14924803977633280c7b7beb14c88fae542b7a13e96253259e7296e37276da88891c14664340e84ae732edbd71e67047e476735b220ca231de31a380ece372db632ec3cb3ef5ac97ec41148febd2acb15cde1ee5e990ea0aaa95c2df39e2111dd1185d14a194e22d34fda8f54e99d3a73e5a231682c726d40816e048c1d059bf3bb9ee2b5f895365d95aa28f6adbf6e16469926b4d8ee7f04c7dbafaa444df5b88596c17874f0efe35e5ada1a69634f4b430f852d33b032f823c5deb54f47a7a4adb1adf56d5440b7a917580004c13e0b36c8e0a203a2be3f8fffd9efef3af19389a12c67859d4381ac0a02da18e25931b41216b731de25e1245482c84d45de1cddbce2109322a3428bff692012573fe9efd02109dbf35c5d3a287dec105cf3f1a2e50100cc08c7b4759766d25d0f7b42c3ea8bf8101e61159a2ba7602e9c7947cf936ac39bf59b24084709fd61d704bbdba7d282aac778b7ec1dcaf984527c8112d56e75ab774d1598d9816abc77b0e693880beca5f330c626774ab5cb6967fb0ea8e14efce120947092c3b6f8a22f07cad22e971418092481fcad36ecf0cfd6bc3864115b8507c13554584f1f6fee5ee07eb6a091638d8e7781c1c006166e0f987f9f4de535e9f3df1db8c9328e9a19a73c76059ab4edfe9eda7f16cc6b869229bafb179d194e20ccc6f9338183b673de8138ddab9a0907278f6eaacc55bf59a450ebc10e0b88c82d9f0deca86ff771f46509250fde94e0c94256b77616d099862ddc9b341838d634a9dc4b55a88fcc6248901135f6aa76365433e7e534e0e5ae8eec2a63df62c3e244a40481189ff54122698c7e2da2c829b2eec9efc9894ee05be04ae6dd48406eaace17827e38bf38b414059aded0343e0711a8d864ff41a8d9ed40fb2aa1a3f4014f691cd0e8af62445a021820ff03afa8a192ee255862f306851df1de96ce36cafb6a60b7069db7aa96fd1ffb2fb01e6247f770304dffe4b1c8d0eeb336dd6806d6ab5d418953b1cae7cbbf53766b61e4aad5cfce8255b78af26f9bd11283a9c7d12cd63b82cd2b506fd4061d1e16fc7c713d80763c3b0aa0faadcd9b7d676101aad80e1ca00369297e1f714003ab8d0b545c335014a522a25a767950963ef821425b79b521076166d0df3ef358c7d60d99cc85463c186e8faf16af79785680382e4cc93f6594f8c4461e0988c08717640df24a5f357db22432fcae21702dc792d201212fb3791e0164bb3d433a8268ec96df73766fdba42965e00e619246cba5d96eb853a7c22c34d2fe5e5d3f3ccf9c627d069517b743cd07f6f7b444074bb9a50269f2e03309c58930e56a9583eb00c37fbcdd391972261f41756c10c8899fcd036e2017e088ef9e6ec31f795d55b3bba214c53c98fc9318e4ade0e7e6fd259aa277fed54c27e5210787a5f6937f56fdbe1da5113f059061ca590ddf536a55cb91ac6ed41cb9c0418b115b29f5e823c1b0ee7c2b3982087763545b34e2c945d587ebce69bbe299a7f52b674f351977370fc700474bc15d7e6ef98c14258ecf401a4f3bba1a9aa76c5ab0b8819fe6efe3fba1899909e5e48554299150ee272451b56142d12ae2bb4942db430239701d494917f2c939a6fb9d98d4751a6f2c4537ec870342d223343a9bd7b8d8c99aff8cbfa298395551185f35dec120228073a1e496a58b59d9ac5986249a7c6db9398395cbf341c08ee910700e2daa042dba1846fef59c72ce872bba2046a14fcf9a47a5686d62bfba76309a9865c26e5fa41dd872fc749fdc57953105ace4978f9eb788c8d061c853ad0313e51e732c5d7bc05e752443c8e99b8e81c688befdb5b14c3cc2f96eb8ce8290303e483992fcbece1ff278d0dc036ad437b6cbc695c7741ba4556e242146d40843c73deaf8fceba40e4a4acd739b3031848b17a210a1ff0dc1908b77c4bb94543af52e1fe2a090c8f217428d02336303f7952c3ddefa7c81850676e7f4cc3d32c3937281fa5ab279c3fe39f92ba077dadb8c2c3df17cc511bd33c41cb161d24aea154f0f5902c94b56fe072d321a983668bd9f4838878e66ec44cb233d7d0ca908a794c844ff8b3ba4c57f6c5fc2f3a54db448b013f0c4998bbc6ed0409b3368391cb28c6df4a909fff90f308ff38c758ff7d8a2920bc221236d89b3b76de44e8ce649b32f5135a0217ba9036a8edddee97d7ba15f2c21fb7d3cae3eb6ef09dd03eed650489c83b5ba5dd9daf7a86cf0544fb8a58e46b860e3e42e10cd6f1c4f81179eb2c3ba611793a32abb4c0768db90e8bdd1694efaa9c2b45c89d203fdfb8b926b6a0d666d91b93065a83184fc2065961f2308056241b66f427c0f0aabc75852c90f0624cf036d537032ca8d73325d2ae2a79a7292c240c34584bb881fe5d468a051cbc0bde061f9eddfb758cd2dfba296eef549e5c4ede097111216a0ec60f90e8d6f5dd843c82e15f505f8c74e854ba9cd386249d552978eb8135a5f8c79c3ceb8dd5828b0218ffe40f375d6cf3ff2f47c276c8169ab98336582a852c1535018fb2306aca6b8c9f9e38d64c66a722762b76c69d4ca6c14bd6992549e4eec17287fce194467f972d9200c3d1ac4fd4a8f2620e2e4281d28c099946ed90789ba122705326390d3e058ceed24044e542efb36416272eadf6304f30efa0b7bc1ae5be92fe50e591ee6f725726e917ec113506920beb2aa53b39f1d76b31500", "cfb220c7d481332f3f1f8079dfe27e23185fd67a407358db7892789f96b7fa9b14daa48617a10d8a91b820ecbaa470ec0bb1f3cbce7f70ec70b19a4cad082229c2788f8611d7dc306d9a45761a97828c36ed87ebde5d4a3e1609c1422a8ae2f7cca428ebdb0dd38b90b9598a353b18a600bf35a369e6e3e5abb0a1c5c0c0e48e014e7ef1b7d768b3c5657f1adfbb7ff2985082b16c99eb83ec3660990dcf1106efa6b7f8a4798fec811c2c85faec0235c83b7093b3d02367421abc40a554e0b0d7fc1bcaece4222c594f8d20e368fe625ca433c75486fe5c94103cd17291349ee12b877602936688666f82ecd8f4f83d50bb1650e08b96cd25ad147c4c956c98649806a3736d072c8d97c6e3a46a7c18535df8d828b86662400d8e9cc861fa1dd5dc193892d3168396c499e07b279fb76c7e289f2fd955691363bc1de74536dc571817615c88b0d594a136966c129e424ccb7ef1c7c7461eac7ca5f03d72ea4c9c3d1156ee4cb1bb70e097357588b5c49f6716bbae1bd118104b42786f09a3b9f7cb80f383cadfd0c462096ff2bb637b7cf79764b6a4b7ffc5d87c1f063fb48e7f08ad5af534c70079f12f28e8921abbd4280801cdf6101ea494768b1274afd0eea5939843d56022a83590920fe446d52dfe699c33977d5592dbf7e0e236b8175d7faae06e0c50f7402174023ce4b996564e945c416fa823f2f9c3213ac50b20bd1fd55bb8d9fe70ee31ea2f404ae0fcbf857bebcc9196c8c622059fea2e248e4058905b69fb98be312d3193ea1d8ff653173e8c4ad8c81d77a5bea45b3cd6fba19b6336f94ec04c8f86d24e9ca959874577d7ca0baf3c4ff30b554bc3ccc06df46d925373fbf7863e2cf684d3bc9603ab72b851ca4728294de87f2dec6f23ca9e43ed2e5cbba662d13137fc1ce0f6ae6aeb974f72f4b750825fafb67715e425f40c7da83b92d4249a0a4e96b789cceb7b07f38cb83f72dd093a345ab3cb8ae760fc14e40ea182a0d7fe1facc62a1ab0902349fd7e27bb0cd349fb5053f4734823abf020739b4b43bb11f5d69b61295068df31177959903c2ea1bb82d24eeaa93d0d4738d5d15b2a401e7ebe0d3cfbd45b2db2882cdb41408aaa710c3e20fbb7f9da4f68d0eebeef175442e807e9908132731fe5e268582dcf6dffa4251ebb7121db8e412089fa9d8af9919799547a26b6b8eb44c28f1ce5f9a3021fe30841be204c1b4b3813dccae6baeef9b53fe413cbec46bb0cd95d3793cdc9bfe6cdd96ce0c4aa4a25e1cbbeeee6c9fa558b279048c7e31d07b125bac68d4e1f4253bd4dc7824cf3d722c94cf2b8f61bc8155731f072fd447082b181a13ffb8c08a1d568298c5de2d969fae2bea070a9e2688f294e76b8c200dfb993ec19778eb56ae3127c1116ccc85ef8806fdcb9ee0cb66ff03fbb0fa6c52b9b101b3830fc1650efa859163a264b4059092e5dc9a415ec09bfd1460f142fe5ef00beb6aa9032bd0de97aefc6f65e8cfeea761b3d8174caf528b6627682ff4d4450cb0f34251fc000ed01dd538ef13260984f44703b89dfb511bfb538d0b1c8aded964e1bcc5ca57437468b14a31ec0000a17e4d24369c40500449c37e7dccedba3eceb59d827dace246b5c48afb6a5988e64c560b3dc76c32d831f51cdbc5cfc4364ac8b25372b87c92bacfedc6bc8feb44098dbebc89cda03c59e4c58a31372bd574704b9e788834b9f83c6703f6709efad97c4ce499ea580dae1de282a019247cb3dce5c1906322e6d3ca5157ea6428bc42416936fac194efe136089c07faf7adf1e923003f1dc63fcbc634b389a4f351a6acee785e23c6bb04ca2f265be1e634362eb5bf86fce896dbc2a1db6b286c7ffde6370bb4d6e9e0cc3ec451e1a99d134726c9075e71319d3a683e91e4b900061c0e6d086481069cd32f4cde7816f8e3a0ac6428a7488f31f06ee0da10df3ed0c150d29085879d064f914407f60018bb588735663647bfeda930407d69abef3f72fd461c2b85b00988b412a180fd267fc646a86d297e7e40912607157b6fa873df6442579b1523d8117f0c06c87adf75843b8bff30a5bfb4fe1e9846b7fdd58774641baf9cc9c4e38e53ed24a9d9e9dbc7657aa9b220a8545852b0409f5c0812e953823e841967bf55059acc7a4600818134359e72cfae0d04a0738ac8acca433d6395a455b22cdd6f901d4cdea1cf17415f7d7895a4b65f80d2f7c5c60a0dc04b40c9ae5ffc922e074a82afd704673e1766d19db9f60eab0238fb4a3169a08aded607847e5d752d4e24c4914b95bac3892bcfc2076f16a7f07583f0d418b9dec03afdb2e93335a392e1b1ef2910eb2a4b6a63fe61641f3c02bef73cd7e4a77a6f30ae821598c3160511603541bea89022b54f321c2a55cdeeb19335d78a821ab6ca0f36588a9a79a41e2123905a491d658c2a1caeee998c995bb0f816c92c5dc2b862183f80b9f9786c9c5524723c944d11f6894c7f008ab8194f577e22c03631d2a33205f508ea49653e7600639242dbaba704f700ac227f32dc575c559a0a1f4fe0cf6c22fbf7e1ca2ab4b1e4724e8379021e3c9a7c1509c6a413bd7d9c98938e440762eda2546d636597defa86c1ad31126a1182d365f858927d140fb0a97f80adcc5f4ed5efe11ac503453917a263f1d64692348d30f382e85e464ef7616067a42df5de1a1b622fabefe2ca4ceffa4801f7a02fdef40644cd1d079590d900727628d54b44db7ac700d8d664f7eeae43a354fe51b4c49e8fcda3c322b738ed2b800b5cc06e22c72af2a67ee7bc8ae894e841f2cf2b0a7e381caf944bf4e91ded63b6f82f7474e4f81e986fff7e5339b8e9f60103a1af81833e120f0c88893ecabac044a4a2867cda4fdcb084459a00507aa9e5a8e761a72df3322a1ae8cd918b4994c23bdb1e459b4f21651bd7fa067a00e2a2877bf6b29f289ed8018e0a78f6fb4ded9749640e0e37f6381b320ab72da404f3d70d60152f6fa6738932387b83250cb3148141edb52f109bfd4bda8054959db01f4c550609a63c08cf01ecd110cfc6f0055638c0dde039d2ac2daafe59e561f9f08a8830c3f661e4325de63e98f4a4216ec3b83fd200201ed3f647147611424286ffc6c4a8aca64a6874743242d4feeaa9153de06e51c512d9cab7ae712c6424069f3e5db4ddebe9b48b5f6caa741162edf97674d2368e03a387f798151a4b9b9fa9e3a5838a343133158364a9fe3bb4b9a3c464c0c54a4c64ca774ad200925ac6bf59508c10a8574afde9b821741af43ec64cedc13aa220b39772195283506dfe899dd6a7b37eb21f154056a2df3564ef2bb918a928651de88c3613b84e7960bddd7b46b1304deb30f57b6fe5a3b4788629e91bcc245e748b3387f52da4bb094782326dcfde0827e2d674e41bb375247d349cade9c704e5431785009b0e53f1b45c70b237c9432e07e4c7a8464ed11608a3d2184338dd9e6f6ef4b3d751e979667b6a3953c89aff4eead7a978071a912b3de21a85a5849c57933cf53cd74a610f3e60f699766fbc7e0bb8a891a429c77bb6f3b6f9f8eb0b1bd9588ef2ce98fdf0a0838e4b0bed807d8b673093c717feec8d697e32542274887d039db7a2daed5d52c8e9767443229f8003c5d67e907376ea2f393484fa70deee159cb56f8d097b8fe2736e95f540137e20725f0940a8d049068ead4c46bb3771a671bb00de88931e03445a55868de0c220db05cbda9f996d5fe7c1070efe5e718fed4d4cb4ecacad3d6b643bc0ffe9a71b720ba7b5adbbdefe29106ef6a6ffe4547f5d02bec312147df0abe80efb2d5e598fc7c8b268e58b59e0d75728e9a18126f013c963ddc92d251405f857fe3a5cbacf443be7772975b7bf4f6d7ed6f80dfcc47a88c6d19120942adb5385be6ef3c0d7e396bcac5affc8f9276d6cd1a0b069aed72a98cde8ea7aabe6cc091b19efcfaf9368dfeb3087a05a42e3b893dae5ffeb72e6ac06e995a2a75ea0b5f7876247bb4c38cf3f0153f1f7473b522f1c440b632270e2b1d654d3a5ae16cb788482760d34ca79c8951b29c628e21029715683a3e6f8f77c5d89ecdae37e0190f79c4c1dbc9d0160e359cd6c94d6662ed53bb01a83374ff593c823acc59241b11f020902069fc0054a9b26cb320bef4fb1f8cc5bd8ae76eb029afab731b9876bc4e8708a8315512823cff1f9375d284ce66e53d4efad6c76d17bb532fc938b8f80c13ce86b5ba3e540164bc5a5d47cd321c241d8740f453ef95bd3878d578561ad6ce20877ffbd44062dce8df1d048d8d5e4045be647886108cbb1f0b26a8b74b66858afedb830a161bb02bde4c46a688a0ea3a7018ce24666aab0f422ede2f78ea29f77e28d87c744cba0285ce33d0d9ac45774829699de6d725a9b6db6e7d03ad4ec9d075c386e68ca0bcd9e9911d741ed0168cbddb87a7918a964d206629da4e887277b0ef7d3f9c7082f3f15f29a0dfb39f3b0877a5ec3ac4343e0d808f5aee8f1869923aab6dfc1016821c013109f34aece6183994b853d0e9561375c02cdd26b1b5511ade44637044c4ebddb190f173969a0ca4cf5d42153763a0b91da0110ae7a25204850927d81b00176d4568a3d444d8029bd010df784e3f673fe855601ec4f1b26b2df58841e6a65f0db66373f63cc14a8b07dfc52ac9957eb542d05ed687c79519609de96df18b63cb294b534ddf7d2e8f41bcc1e5a006191c4db057b6709f0a96f18e7e8f67b8be2a19c015b9c4b0b3f42e4de366b71f8da8888809473c3c7a02a1158e375f29997a43bc7118ca4d1abb8f8f21972fc589aaa3d73a4d40a1e1705e169ac6e56cff50d89fc45b6863c8fc67bb2b5939a7f33072539ba4c24077be5711ba368bf7efd4897931531d388eb5c2e56bef337777150dd59518652145c9594e110e41d2615196c6b197916c88cc2814e13a3a922b4ecb044bf31cc90e0bfe0ce07de29188bbcb0ec1a12b509f52582fbb948c3cbe0c6964f46991cec0704bfac08aec6ad8ddfc36dc68c7f547c5ee6af4a8d55c79e3dc1c49b045379811f81e9a185a92cd37ae4ee32c5d3c82d36d6202a6c84fd231fe467071d42072827fd77afa5d757e6f37247f783ef09bdfd7536b666e84bc4bb878005b7829293a04ba090272dec844f4ef0e934617c08518bdc6b915ac6f3f03e4a6ab88e21c3f21f93b31d95ea3b9228e0031cb69795de5abd19c4cb4a0cf2984e53ca391cc66e33ee0d510151670331fa264753704fea5e4b1760f74890c49a74a47e0da13155c5470013d53dea0f05b5e088f1511c209f5be940232318af2757951d399e32eb862d915784713baa8ba93645caf04ba78fa3cf600ff92b9c5be58ad87438a340bac00a5ea9fb17e39478ba61fe36335e48d8c5a0b25f024cbd2ec7f217d0f260951da396dc13a2a74cd90df4b52db686e3b34d27cfa4cebd7bf59cbcfaf4007dc943a1da6e0bd1799a21ab449d7bb42935e50c839c5b567c59742436af15bc8d46095520dcd9273ae2b6f3c1cc2b4311ac9e5d297f0940b1552c5955adb302022022bb7457978998b56328629b7725dfbe3dedb37f37af0697a4471d1d6ff6bec633a38540adeba903f3eaaec5785fbb3c6a598f49dbd9ff93c67dea1ef39a614331b119fa8efccc8bac01595fb95a2a57eec9fc6c6fe82782aa89ea971866fd9a3bca4010182092ab6d1e2b49b964be9e3bb13bd6b77850e435f55a5d46e5bcb3330c7edefd31c33f61275e51600"})
ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f00000000c0)={&(0x7f0000c83000/0x2000)=nil, &(0x7f0000d08000/0x3000)=nil, 0x2000, 0x1})
r6 = syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0)
dup3(r2, r6, 0x0)
ioctl$MON_IOCX_MFETCH(r6, 0xc0109207, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1})
r7 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r7, &(0x7f00008a5ff0)={0x2, 0x0, @loopback}, 0x10)
bind$inet(r7, &(0x7f00000001c0)={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(r9, 0x4048aec9, 0x0)
ioctl$UFFDIO_CONTINUE(r1, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})

1.975210581s ago: executing program 1 (id=1039):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000000}}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x0, @in=@empty, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x3}]}]}, 0xfc}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000380)={0x0, 0x2f00, &(0x7f0000000340)={&(0x7f0000000640)=@migrate={0xec, 0x21, 0x1, 0x0, 0x0, {{@in6=@private2, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0xa}}, [@migrate={0x9c, 0x11, [{@in=@dev={0xac, 0x14, 0x14, 0xc}, @in6=@private0={0xfc, 0x0, '\x00', 0x1}, @in6=@private2, @in6=@local, 0xff, 0x1, 0x0, 0x2, 0x2, 0xa}, {@in6=@ipv4={'\x00', '\xff\xff', @loopback}, @in6=@private2, @in=@rand_addr=0x64010102, @in6=@private2, 0x3c, 0x0, 0x0, 0x0, 0x8, 0x2}]}]}, 0xec}}, 0x0)

1.963254748s ago: executing program 3 (id=1040):
openat$audio(0xffffffffffffff9c, 0x0, 0x801, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x2000000000000036, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000001000000850000000e000000850000000500000095"], &(0x7f0000000180)='syzkaller\x00', 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x18)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x19a) (async)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) (async)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async, rerun: 64)
sendmsg(r3, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) (rerun: 64)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0) (async, rerun: 64)
socket$inet6_sctp(0xa, 0x801, 0x84) (rerun: 64)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = syz_open_dev$media(&(0x7f00000006c0), 0x4007, 0x0)
ioctl$MEDIA_IOC_REQUEST_ALLOC(r4, 0x80047c05, &(0x7f0000000940)) (async)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
syz_80211_inject_frame(&(0x7f0000000000), 0x0, 0x3bb) (async)
r6 = dup(r5)
socket$nl_route(0x10, 0x3, 0x0) (async)
r7 = socket$alg(0x26, 0x5, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x6)
ioctl$KVM_SET_MSRS(r10, 0x4008ae89, 0x0)
bind$alg(r7, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_sha384\x00'}, 0x58) (async)
setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, 0x0, 0x0) (async)
ioctl$KVM_SET_CPUID2(r6, 0xc008ae09, &(0x7f0000000240)=ANY=[@ANYBLOB="01000000000000000100000004000000060000000100000004000000080000000800"/45])
r11 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_int(r11, &(0x7f0000000040)='cpu.idle\x00', 0x2, 0x0)

1.851753327s ago: executing program 1 (id=1041):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x2, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x1}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usb_connect(0x2, 0x9a2, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000d0241710d8050a81b892000000010902900902000000000904"], 0x0)
r2 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
ioctl$I2C_RDWR(r2, 0x707, &(0x7f0000000040)={&(0x7f0000003840)=[{0xfff, 0x2210, 0x0, 0x0}, {0x7500, 0x4200, 0x0, 0x0}], 0x2})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r4, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000002c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010840002000000000000b00000008000300", @ANYRES32=r5, @ANYBLOB="20005080110001004abee339084eee85d1264a000000008005000200020000004bef2ca677b25cff009733c708ea462e9a518d1a8fd1590e3b3c7d63f3c8dd5bc9c27a75a58eba14e2fcf17a9483a8891a087e1cdb093e9abe7bb5138eea082f58111a71ec59fb02e722a13740a5a072a55c172b8d615c913fd19406339f8c92aa4c966fd38105fe26d524a52b69104817c768730f696ba67db24ad85f2b015b5155b778e6a0bb1b3cedb5147b41e7635afe5d26fac33902466867bec3"], 0x3c}, 0x1, 0x0, 0x0, 0x8002}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f00000000c0)={0x1ff, 0x1, 0x10000, 0x2000, &(0x7f000093f000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000040)={0x1, 0x0, 0x6000, 0x2000, &(0x7f0000fa2000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, 0x0)
r8 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r8, 0x6, 0x0, 0x0, 0x0)
fsmount(r8, 0x1, 0x0)
r9 = syz_open_dev$audion(&(0x7f0000000140), 0xc13, 0x6000)
openat$cgroup_subtree(r9, &(0x7f0000000180), 0x2, 0x0)
fcntl$setlease(r7, 0x400, 0x1)

1.438046781s ago: executing program 4 (id=1042):
r0 = socket$inet6_dccp(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xe0000000}, 0x1c)

1.374717641s ago: executing program 3 (id=1043):
prlimit64(0x0, 0xf, &(0x7f0000000140)={0xb, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/tty/ldiscs\x00', 0x0, 0x0)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_LINK_PRI(r0, &(0x7f0000000400)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000003c0)={0x0}, 0x1, 0x0, 0x0, 0x40080c4}, 0x20000000)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
symlink(0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f000038e000/0x4000)=nil, 0x4000, 0xb635773f05ebbee6, 0x50, r0, 0xffffc000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[], 0x7c}}, 0x4000)
sendmsg$NFT_BATCH(r4, 0x0, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x8041, 0x0)
write$dsp(r5, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
ioctl$SNDCTL_DSP_SYNC(r5, 0x5001, 0x0)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$SNDCTL_DSP_SYNC(r5, 0x5001, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000480)={r0, 0x58, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r7=>0x0}}, 0xfffffffffffffe0e)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f0000000300), 0xc, &(0x7f0000000680)={&(0x7f0000000600)=@getchain={0x64, 0x66, 0x400, 0x70bd26, 0x25dfdbfd, {0x0, 0x0, 0x0, r7, {0x3, 0xc}, {0x0, 0x7}, {0x3, 0xfff2}}, [{0x8, 0xb, 0x2}, {0x8, 0xb, 0x6}, {0x8, 0xb, 0x1000}, {0x8}, {0x8, 0xb, 0x4}, {0x8, 0xb, 0xffffff81}, {0x8, 0xb, 0x326}, {0x8, 0xb, 0xb}]}, 0x64}, 0x1, 0x0, 0x0, 0x2805}, 0x40400c0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x6, 0x0, 0x8100, 0x0, {0x1, 0x10}, {0xd}, {0xe, 0x10}}, [@TCA_RATE={0x6}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x11, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x1}}, {0x6, 0x1b, [0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x4080}, 0x0)

1.254569932s ago: executing program 5 (id=1044):
syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r0 = socket$inet6(0xa, 0x80002, 0x0)
syz_open_dev$cec(&(0x7f0000000680), 0x0, 0x0)
readv(r0, &(0x7f00000002c0)=[{&(0x7f0000000100)=""/67, 0x43}, {&(0x7f0000000040)=""/1, 0x1}, {&(0x7f0000000180)=""/89, 0x59}, {&(0x7f0000000240)=""/122, 0x7a}], 0x4)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000500)=ANY=[@ANYBLOB="44010000100013070000000000000000fe8000000000000000000000000000aa0a0101010000000000000000000000000000000000000000000000000075e854aa740706adbf17000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="e00000010000000000000000000000000000000032000000fe8000000000000000000000000000bb00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c0008000800080000070000"], 0x144}}, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pselect6(0x40, &(0x7f0000000000)={0x2, 0x9000000000000000, 0x8000000000000000, 0x6, 0x0, 0x0, 0x0, 0x10000000}, 0x0, &(0x7f00000000c0)={0x3ff, 0x0, 0x0, 0x8, 0x0, 0x0, 0x2, 0x7}, 0x0, 0x0)

574.9279ms ago: executing program 4 (id=1045):
syz_open_dev$sndpcmc(0x0, 0x2, 0x200080)
r0 = syz_open_dev$midi(&(0x7f0000000080), 0x3, 0x182001)
ioctl$FS_IOC_GETFSLABEL(r0, 0x81009431, &(0x7f0000000500))
unshare(0x6a040000)
r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$dri(&(0x7f00000002c0), 0x2, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000440)=[0x0], 0x0, 0x0, 0x0, 0x1})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
io_setup(0x3, &(0x7f0000000180)=<r4=>0x0)
io_submit(r4, 0x1, &(0x7f0000000800)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x0}])
r5 = dup(r3)
write$6lowpan_enable(r5, &(0x7f0000000000)='0', 0xfffffd2c)
r6 = syz_io_uring_setup(0x1a70, &(0x7f0000000300)={0x0, 0x1fffff}, &(0x7f0000000180)=<r7=>0x0, &(0x7f00000001c0)=<r8=>0x0)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x149282, 0x10)
syz_io_uring_submit(r7, r8, &(0x7f0000000140)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r3})
io_uring_enter(r6, 0x2def, 0x4000, 0x0, 0x0, 0x0)
r9 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x1d2)
fcntl$setlease(r9, 0x400, 0x0)
truncate(&(0x7f0000000040)='./file0\x00', 0x0)
r10 = socket(0x11, 0x80a, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r10)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r9, 0xc0189374, &(0x7f0000000280)={{0x1, 0x1, 0x18, <r11=>r1, {0x6}}, './file0\x00'})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r12=>0xffffffffffffffff})
sendmmsg$unix(r12, &(0x7f0000000000), 0x400000000000041, 0x0)
sendmmsg$unix(r10, &(0x7f00000003c0)=[{{&(0x7f0000000200)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f00000000c0), 0x0, &(0x7f0000000380)=[@rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, r3, r11, r5, r5, r12]}}], 0x28, 0x800}}], 0x1, 0x800)
close_range(r1, 0xffffffffffffffff, 0x0)

470.296073ms ago: executing program 3 (id=1046):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000340)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0xf83, 0x2}, 0x1c)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'xfrm0\x00', <r2=>0x0})
sendto$packet(r1, &(0x7f0000000380)=' ', 0x1, 0x20008801, &(0x7f0000000100)={0x11, 0x88a8, r2, 0x1, 0x0, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3d}}, 0x13)

253.467288ms ago: executing program 3 (id=1047):
syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
r1 = epoll_create1(0x0)
syz_open_dev$dri(0x0, 0x0, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0xffffffffffffff2b, 0x0)
ioctl$RTC_AIE_ON(0xffffffffffffffff, 0x7001)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'pim6reg0\x00', 0x2})
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cc, 0x308)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r2)
sendmsg$NLBL_CIPSOV4_C_ADD(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000400)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01000000000000000000010000000800010004000000040004984001497cfdf35b00280008800400078014000780080005000000000008000600ee0000000c0005800800050000000000fe9fbbcf54422f1054ee0736aaeb7f062855fd8ff65c2aa07e892d985c338b2dd4e368505249930d870e97d44f9fb49597a8abb6295f350c88dc8868156ee69ddfe9d8173e98092a922d73d46219a158e7155ba95b9e8bdf23e23cb3f94a1a89ea7dcc80e5595044f8085d30423998b87cbc4f8de36cc2b0160ed8930db72f47a50fb128981e2124daec8ea2066a178406f5a0c1798e9dedb3e6a4d63a202693f10507de5329d4f17df3632271d6f6a5d4e29d79773c4befe68f662c3884d5f60f2e54bf9bd6b5a899a6449704f58eb2b38431b55f0f35098ac57900c6b9c7ff6129c2760dc4693c73c79d06a1f16964f3bad53cea15596a3d56ea6b17f6a993"], 0x50}}, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040))
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, 0x0)

154.279826ms ago: executing program 5 (id=1048):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newqdisc={0x3c, 0x24, 0xf0b, 0x3, 0x25dfdc00, {0x60, 0x0, 0x0, 0x0, {0xfff3, 0x6a9f0eede9332711}, {0x2, 0xffff}, {0xfff3, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_DIFFSERV_MODE={0x8, 0x3, 0x4}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x44045}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0xff00, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e"], 0x50}}, 0x4000000)

0s ago: executing program 5 (id=1049):
r0 = socket$inet6(0xa, 0x6, 0x0)
mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r1}, &(0x7f0000000380), &(0x7f00000003c0)=r2}, 0x20) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r1}, &(0x7f0000000380), &(0x7f00000003c0)=r2}, 0x20)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
listen(r0, 0x101)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
getrlimit(0x8, 0x0) (async)
getrlimit(0x8, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) (async)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
mq_notify(0xffffffffffffffff, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$afs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={[{@dyn}]})
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00') (async)
chdir(&(0x7f0000000140)='./bus\x00')
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
lseek(r4, 0x7fff, 0x0) (async)
lseek(r4, 0x7fff, 0x0)
getdents(r4, 0x0, 0x58)
memfd_create(0x0, 0x4) (async)
memfd_create(0x0, 0x4)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001f500000000000000000000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a310000000088000000060a010400000000000000000100000008000b400000000060000480280001800e000100636f6e6e6c696d69740000001400028008000140000006e508000240000000003400018008000100636d7000280002800800024000000001140003800400010009000100efbb17b799000000080001400000000e0900010073797a30"], 0xfc}}, 0x0)
socket$inet_dccp(0x2, 0x6, 0x0)

kernel console output (not intermixed with test programs):

[  174.947824][ T7639] CPU: 1 UID: 0 PID: 7639 Comm: syz.4.472 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) 
[  174.947846][ T7639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  174.947855][ T7639] Call Trace:
[  174.947861][ T7639]  <TASK>
[  174.947867][ T7639]  dump_stack_lvl+0x16c/0x1f0
[  174.947892][ T7639]  should_fail_ex+0x512/0x640
[  174.947911][ T7639]  _copy_from_iter+0x2a4/0x15b0
[  174.947930][ T7639]  ? kernel_fpu_begin_mask+0x17f/0x2a0
[  174.947955][ T7639]  ? __pfx_kernel_fpu_begin_mask+0x10/0x10
[  174.947979][ T7639]  ? __pfx__copy_from_iter+0x10/0x10
[  174.947995][ T7639]  ? do_raw_spin_lock+0x12c/0x2b0
[  174.948011][ T7639]  ? find_held_lock+0x2b/0x80
[  174.948028][ T7639]  ? rcu_is_watching+0x12/0xc0
[  174.948043][ T7639]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  174.948059][ T7639]  write_pool_user+0xe8/0x2f0
[  174.948074][ T7639]  ? __pfx_write_pool_user+0x10/0x10
[  174.948091][ T7639]  ? import_ubuf+0x1b6/0x220
[  174.948105][ T7639]  random_ioctl+0x2ce/0x4a0
[  174.948117][ T7639]  ? __pfx_random_ioctl+0x10/0x10
[  174.948131][ T7639]  ? selinux_file_ioctl+0x180/0x270
[  174.948150][ T7639]  ? selinux_file_ioctl+0xb4/0x270
[  174.948169][ T7639]  ? __pfx_random_ioctl+0x10/0x10
[  174.948182][ T7639]  __x64_sys_ioctl+0x190/0x200
[  174.948201][ T7639]  do_syscall_64+0xcd/0x260
[  174.948219][ T7639]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  174.948231][ T7639] RIP: 0033:0x7fc01958d169
[  174.948242][ T7639] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  174.948254][ T7639] RSP: 002b:00007fc01a453038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  174.948266][ T7639] RAX: ffffffffffffffda RBX: 00007fc0197a5fa0 RCX: 00007fc01958d169
[  174.948274][ T7639] RDX: 0000200000000200 RSI: 0000000040085203 RDI: 0000000000000003
[  174.948282][ T7639] RBP: 00007fc01a453090 R08: 0000000000000000 R09: 0000000000000000
[  174.948290][ T7639] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  174.948297][ T7639] R13: 0000000000000000 R14: 00007fc0197a5fa0 R15: 00007ffee3efd268
[  174.948313][ T7639]  </TASK>
[  174.953689][    T9] usb 2-1: device descriptor read/8, error -71
[  175.109205][    C0] vkms_vblank_simulate: vblank timer overrun
[  175.221811][ T5835] usb 3-1: Using ep0 maxpacket: 16
[  175.234184][ T5835] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  175.244611][ T5835] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  175.268470][ T5835] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  175.279955][ T5835] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  175.306323][ T5835] usb 3-1: Product: syz
[  175.316425][ T5835] usb 3-1: Manufacturer: syz
[  175.322812][ T5835] usb 3-1: SerialNumber: syz
[  175.432473][ T7454] veth0_vlan: entered promiscuous mode
[  175.441358][ T7655] netlink: 48 bytes leftover after parsing attributes in process `syz.3.473'.
[  175.451598][    T9] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  175.468733][ T7454] veth1_vlan: entered promiscuous mode
[  175.494854][    T9] usb 2-1: device descriptor read/8, error -71
[  175.558788][ T5835] usb 3-1: 0:2 : does not exist
[  175.573193][ T7454] veth0_macvtap: entered promiscuous mode
[  175.590284][ T5835] usb 3-1: 5:0: failed to get current value for ch 0 (-22)
[  175.613578][    T9] usb usb2-port1: unable to enumerate USB device
[  175.623178][ T7454] veth1_macvtap: entered promiscuous mode
[  175.649182][ T5835] usb 3-1: USB disconnect, device number 13
[  175.665067][ T7454] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  175.683624][ T7454] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  175.695599][ T7454] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  175.706191][ T7454] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  175.726286][ T7454] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  175.748579][ T7454] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  175.776782][ T7454] batman_adv: batadv0: Interface activated: batadv_slave_0
[  175.798959][ T7454] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  175.821204][ T7454] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  175.845698][ T7454] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  175.856925][ T5827] udevd[5827]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  175.885862][ T7454] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  175.905688][ T7454] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  175.927593][ T7454] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  175.964843][ T7454] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  175.986331][ T7454] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  176.009157][ T7454] batman_adv: batadv0: Interface activated: batadv_slave_1
[  176.057302][ T7454] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  176.090512][ T7454] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  176.105859][ T7454] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  176.145088][ T7454] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  176.996880][   T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  177.020503][   T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  177.167758][   T61] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  177.198515][   T61] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  177.306065][   T30] audit: type=1400 audit(1743755278.885:436): avc:  denied  { mounton } for  pid=7454 comm="syz-executor" path="/root/syzkaller.iEoGAA/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  177.332652][    C0] vkms_vblank_simulate: vblank timer overrun
[  177.393807][   T30] audit: type=1400 audit(1743755279.035:437): avc:  denied  { mount } for  pid=7454 comm="syz-executor" name="/" dev="gadgetfs" ino=6546 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  177.419610][ T7693] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7693 comm=syz.2.480
[  177.508197][ T7691] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7691 comm=syz.3.481
[  177.967211][   T30] audit: type=1400 audit(1743755279.615:438): avc:  denied  { sys_chroot } for  pid=7720 comm="dhcpcd" capability=18  scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1
[  178.007490][   T30] audit: type=1400 audit(1743755279.615:439): avc:  denied  { setgid } for  pid=7720 comm="dhcpcd" capability=6  scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=capability permissive=1
[  178.033402][   T30] audit: type=1400 audit(1743755279.615:440): avc:  denied  { setrlimit } for  pid=7720 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=process permissive=1
[  178.233895][ T5874] kernel read not supported for file /dsp (pid: 5874 comm: kworker/1:3)
[  178.250456][ T5835] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  178.250595][  T972] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  178.272318][ T7738] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  178.410554][  T972] usb 2-1: Using ep0 maxpacket: 16
[  178.420732][ T5835] usb 5-1: device descriptor read/64, error -71
[  178.425373][  T972] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  178.439255][  T972] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  178.467000][  T972] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  178.478453][  T972] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  178.493687][ T7746] bond0: entered promiscuous mode
[  178.498779][ T7746] bond_slave_0: entered promiscuous mode
[  178.504582][ T7746] bond_slave_1: entered promiscuous mode
[  178.658001][  T972] usb 2-1: Product: syz
[  178.665453][  T972] usb 2-1: Manufacturer: syz
[  178.670223][  T972] usb 2-1: SerialNumber: syz
[  178.753502][ T5835] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  178.887309][ T7719] netlink: 'syz.1.485': attribute type 27 has an invalid length.
[  178.900468][ T5835] usb 5-1: device descriptor read/64, error -71
[  179.011280][ T5835] usb usb5-port1: attempt power cycle
[  179.077968][ T7719] bridge0: port 2(bridge_slave_1) entered disabled state
[  179.086590][ T7719] bridge0: port 1(bridge_slave_0) entered disabled state
[  179.165787][ T7719] bond0: left promiscuous mode
[  179.179333][ T7719] bond_slave_0: left promiscuous mode
[  179.227110][ T7719] bond_slave_1: left promiscuous mode
[  179.370503][ T5835] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  179.380598][   T24] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  179.385773][ T7719] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  179.426037][ T5835] usb 5-1: device descriptor read/8, error -71
[  179.499099][ T7778] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7778 comm=syz.5.494
[  179.530719][   T24] usb 4-1: Using ep0 maxpacket: 32
[  179.594490][   T24] usb 4-1: config 0 interface 0 altsetting 3 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  179.639582][ T7719] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  179.713507][   T24] usb 4-1: config 0 interface 0 altsetting 3 endpoint 0x81 has invalid wMaxPacketSize 0
[  179.840339][   T24] usb 4-1: config 0 interface 0 has no altsetting 0
[  179.859486][   T24] usb 4-1: New USB device found, idVendor=048d, idProduct=8595, bcdDevice= 0.00
[  179.871606][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  179.896804][   T24] usb 4-1: config 0 descriptor??
[  179.915514][ T7719] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  179.926199][ T7719] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  179.938062][ T7719] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  179.947081][ T7719] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  179.972194][ T5835] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  180.001030][ T5835] usb 5-1: device descriptor read/8, error -71
[  180.052444][ T7760] 8021q: adding VLAN 0 to HW filter on device bond0
[  180.065321][ T7760] 8021q: adding VLAN 0 to HW filter on device team0
[  180.075954][ T7760] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  180.112783][ T5835] usb usb5-port1: unable to enumerate USB device
[  180.138224][  T972] usb 2-1: 0:2 : does not exist
[  180.150917][  T972] usb 2-1: unit 6 not found!
[  180.182876][  T972] usb 2-1: USB disconnect, device number 14
[  180.337070][   T24] itetech 0003:048D:8595.0006: hidraw0: USB HID v8.00 Device [HID 048d:8595] on usb-dummy_hcd.3-1/input0
[  180.337679][ T7785] netlink: 12 bytes leftover after parsing attributes in process `syz.2.496'.
[  180.533636][ T7771] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  180.567392][ T7771] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  180.606551][ T7771] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  180.664378][ T7771] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  180.699514][ T7805] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  180.924808][ T7812] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7812 comm=syz.5.498
[  181.163033][   T30] audit: type=1400 audit(1743755282.755:441): avc:  denied  { ioctl } for  pid=7821 comm="syz.4.503" path="socket:[15942]" dev="sockfs" ino=15942 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  181.281418][ T7824] bond0: entered promiscuous mode
[  181.286877][ T7824] bond_slave_0: entered promiscuous mode
[  181.292714][ T7824] bond_slave_1: entered promiscuous mode
[  181.730671][ T5876] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  181.890104][ T7840] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7840 comm=syz.5.507
[  182.302428][ T5876] usb 3-1: Using ep0 maxpacket: 32
[  182.327536][ T5876] usb 3-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[  182.340846][ T5876] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  182.349078][ T5876] usb 3-1: Product: syz
[  182.355694][ T5876] usb 3-1: Manufacturer: syz
[  182.371498][   T24] usb 4-1: USB disconnect, device number 18
[  182.382505][ T5876] usb 3-1: SerialNumber: syz
[  182.413924][ T5876] usb 3-1: config 0 descriptor??
[  182.446636][ T5876] gspca_main: stk1135-2.14.0 probing 174f:6a31
[  182.817775][   T30] audit: type=1400 audit(1743755284.455:442): avc:  denied  { getopt } for  pid=7833 comm="syz.2.505" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  183.040206][   T30] audit: type=1400 audit(1743755284.535:443): avc:  denied  { write } for  pid=7833 comm="syz.2.505" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  183.489294][   T30] audit: type=1400 audit(1743755284.545:444): avc:  denied  { setopt } for  pid=7833 comm="syz.2.505" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  183.553467][ T5876] gspca_stk1135: reg_w 0x0 err -110
[  183.559743][ T5876] gspca_stk1135: serial bus timeout: status=0x00
[  183.580690][ T5876] gspca_stk1135: Sensor write failed
[  183.586022][ T5876] gspca_stk1135: serial bus timeout: status=0x00
[  183.612835][ T5876] gspca_stk1135: Sensor write failed
[  183.619990][ T5876] gspca_stk1135: serial bus timeout: status=0x00
[  183.629130][ T5876] gspca_stk1135: Sensor read failed
[  183.635227][ T5876] gspca_stk1135: serial bus timeout: status=0x00
[  183.641813][ T5876] gspca_stk1135: Sensor read failed
[  183.647059][ T5876] gspca_stk1135: Detected sensor type unknown (0x0)
[  183.653957][ T5876] gspca_stk1135: serial bus timeout: status=0x00
[  183.660331][ T5876] gspca_stk1135: Sensor read failed
[  183.665778][ T5876] gspca_stk1135: serial bus timeout: status=0x00
[  183.672445][ T5876] gspca_stk1135: Sensor read failed
[  183.688755][ T5876] gspca_stk1135: serial bus timeout: status=0x00
[  183.699944][ T5876] gspca_stk1135: Sensor write failed
[  183.708176][ T5876] gspca_stk1135: serial bus timeout: status=0x00
[  183.714759][ T5876] gspca_stk1135: Sensor write failed
[  183.720198][ T5876] stk1135 3-1:0.0: probe with driver stk1135 failed with error -110
[  184.099555][ T7846] netlink: 12 bytes leftover after parsing attributes in process `syz.3.509'.
[  184.418590][ T7874] netlink: 4 bytes leftover after parsing attributes in process `syz.1.516'.
[  184.427733][ T7874] netlink: 4 bytes leftover after parsing attributes in process `syz.1.516'.
[  184.436556][ T7874] netlink: 4 bytes leftover after parsing attributes in process `syz.1.516'.
[  184.445324][ T7874] netlink: 49 bytes leftover after parsing attributes in process `syz.1.516'.
[  184.479382][ T7877] ieee802154 phy0 wpan0: encryption failed: -22
[  184.489048][ T5910] kernel read not supported for file /dsp (pid: 5910 comm: kworker/0:7)
[  184.512377][ T7878] ieee802154 phy0 wpan0: encryption failed: -22
[  184.565810][  T972] usb 3-1: USB disconnect, device number 14
[  184.636071][ T7882] netlink: 256 bytes leftover after parsing attributes in process `syz.1.518'.
[  184.718639][ T7883] overlayfs: cannot append lower layer
[  184.904392][ T7892] xt_NFQUEUE: number of total queues is 0
[  184.912202][   T30] audit: type=1800 audit(1743755286.565:445): pid=7892 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.1.522" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  184.934714][   T30] audit: type=1400 audit(1743755286.585:446): avc:  denied  { bind } for  pid=7889 comm="syz.3.523" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  184.959532][   T30] audit: type=1400 audit(1743755286.595:447): avc:  denied  { listen } for  pid=7889 comm="syz.3.523" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  184.991315][   T30] audit: type=1400 audit(1743755286.595:448): avc:  denied  { nlmsg_write } for  pid=7889 comm="syz.3.523" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  185.826892][ T5839] Bluetooth: hci4: command 0x0406 tx timeout
[  185.827613][   T54] Bluetooth: hci0: command 0x0406 tx timeout
[  185.833831][ T5839] Bluetooth: hci1: command 0x0406 tx timeout
[  185.938415][ T7909] netlink: 4 bytes leftover after parsing attributes in process `syz.3.529'.
[  185.947312][ T7909] netlink: 4 bytes leftover after parsing attributes in process `syz.3.529'.
[  185.956133][ T7909] netlink: 4 bytes leftover after parsing attributes in process `syz.3.529'.
[  185.964916][ T7909] netlink: 49 bytes leftover after parsing attributes in process `syz.3.529'.
[  186.070473][   T30] audit: type=1400 audit(1743755287.715:449): avc:  denied  { getopt } for  pid=7915 comm="syz.4.530" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  186.144672][   T30] audit: type=1400 audit(1743755287.715:450): avc:  denied  { bind } for  pid=7915 comm="syz.4.530" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  186.202186][   T30] audit: type=1400 audit(1743755287.715:451): avc:  denied  { write } for  pid=7915 comm="syz.4.530" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  186.221821][   T30] audit: type=1400 audit(1743755287.825:452): avc:  denied  { setopt } for  pid=7921 comm="syz.5.533" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  186.480484][  T972] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  186.652750][  T972] usb 6-1: too many configurations: 9, using maximum allowed: 8
[  186.662448][ T5835] kernel read not supported for file /dsp (pid: 5835 comm: kworker/0:4)
[  186.665435][  T972] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  186.712818][  T972] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  186.743819][  T972] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  186.763211][  T972] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  186.790280][  T972] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  186.804298][  T972] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  186.829698][  T972] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  186.845571][ T7948] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7948 comm=syz.3.541
[  186.880202][  T972] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  186.897260][  T972] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  186.908876][  T972] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  187.045136][  T972] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  187.061978][ T1153] Bluetooth: Error in BCSP hdr checksum
[  187.069687][  T972] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  187.084883][  T972] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  187.095756][  T972] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  187.110620][ T5876] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  187.134651][  T972] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  187.145627][  T972] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 9
[  187.168940][  T972] usb 6-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  187.179328][  T972] usb 6-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  187.189824][  T972] usb 6-1: Product: syz
[  187.194786][  T972] usb 6-1: Manufacturer: syz
[  187.199757][  T972] usb 6-1: SerialNumber: syz
[  187.280477][ T5876] usb 4-1: Using ep0 maxpacket: 32
[  187.304273][ T5876] usb 4-1: unable to get BOS descriptor or descriptor too short
[  187.315094][  T972] usb 6-1: config 0 descriptor??
[  187.339624][ T5876] usb 4-1: config 0 has an invalid interface number: 143 but max is 0
[  187.340300][   T36] Bluetooth: Error in BCSP hdr checksum
[  187.383304][  T972] yurex 6-1:0.0: Could not find endpoints
[  187.411361][ T5876] usb 4-1: config 0 has no interface number 0
[  187.475384][ T5876] usb 4-1: config 0 interface 143 altsetting 77 endpoint 0x5 has invalid maxpacket 1024, setting to 64
[  187.535637][ T5876] usb 4-1: config 0 interface 143 has no altsetting 0
[  187.553518][ T5876] usb 4-1: New USB device found, idVendor=13b1, idProduct=0041, bcdDevice=b0.69
[  187.563209][ T5876] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  187.580513][ T5876] usb 4-1: Product: syz
[  187.595108][ T4363] Bluetooth: Error in BCSP hdr checksum
[  187.610014][  T972] usb 6-1: USB disconnect, device number 2
[  187.625359][ T5876] usb 4-1: Manufacturer: syz
[  187.648425][ T5876] usb 4-1: SerialNumber: syz
[  187.683365][ T5876] r8152-cfgselector 4-1: Unknown version 0x0000
[  187.703093][ T5876] r8152-cfgselector 4-1: config 0 descriptor??
[  187.733243][ T5876] r8152 4-1:0.143: Expected endpoints are not found
[  187.852171][   T52] Bluetooth: Error in BCSP hdr checksum
[  188.072836][   T30] audit: type=1400 audit(1743755289.635:453): avc:  denied  { connect } for  pid=7957 comm="syz.2.544" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  188.115548][ T5910] r8152-cfgselector 4-1: USB disconnect, device number 19
[  188.409711][ T7977] afs: Bad value for 'flock'
[  188.416114][   T30] audit: type=1400 audit(1743755290.065:454): avc:  denied  { watch } for  pid=7976 comm="syz.5.547" path="/13/file0" dev="tmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  188.448257][   T30] audit: type=1400 audit(1743755290.065:455): avc:  denied  { watch_sb watch_reads } for  pid=7976 comm="syz.5.547" path="/13/file0" dev="tmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  188.540460][  T972] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  188.657697][   T30] audit: type=1400 audit(1743755290.305:456): avc:  denied  { connect } for  pid=7991 comm="syz.4.549" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  188.700439][  T972] usb 3-1: Using ep0 maxpacket: 32
[  188.706970][  T972] usb 3-1: config 0 has an invalid interface number: 12 but max is 0
[  188.720771][  T972] usb 3-1: config 0 has no interface number 0
[  188.726864][  T972] usb 3-1: config 0 interface 12 has no altsetting 0
[  188.752354][  T972] usb 3-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  188.761639][  T972] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  188.769624][  T972] usb 3-1: Product: syz
[  188.780639][  T972] usb 3-1: Manufacturer: syz
[  188.785249][  T972] usb 3-1: SerialNumber: syz
[  188.792465][  T972] usb 3-1: config 0 descriptor??
[  188.803233][  T972] f81534 3-1:0.12: required endpoints missing
[  188.851323][ T5828] Bluetooth: hci2: command 0x1003 tx timeout
[  188.851449][ T5139] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  190.393448][ T8031] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8031 comm=syz.5.558
[  190.783782][  T972] usb 3-1: USB disconnect, device number 15
[  191.183748][ T5910] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  191.330574][ T5910] usb 4-1: device descriptor read/64, error -71
[  191.431692][   T30] audit: type=1400 audit(1743755293.085:457): avc:  denied  { shutdown } for  pid=8078 comm="syz.1.571" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  191.760625][ T5910] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  191.918761][ T8085] __nla_validate_parse: 2 callbacks suppressed
[  191.918771][ T8085] netlink: 48 bytes leftover after parsing attributes in process `syz.5.570'.
[  191.940947][ T5910] usb 4-1: device descriptor read/64, error -71
[  192.066652][ T5910] usb usb4-port1: attempt power cycle
[  192.472065][ T5910] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  192.538553][ T5910] usb 4-1: device descriptor read/8, error -71
[  192.859334][ T5910] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  193.350143][ T5910] usb 4-1: device descriptor read/8, error -71
[  193.480742][ T5910] usb usb4-port1: unable to enumerate USB device
[  193.683001][ T5876] usb 6-1: new full-speed USB device number 3 using dummy_hcd
[  193.825993][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  193.835680][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  193.929316][ T5876] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  193.966783][ T5876] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2
[  194.099546][ T5876] usb 6-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  194.109076][ T5876] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  194.126686][ T8137] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8137 comm=syz.1.580
[  194.140056][ T5876] usb 6-1: config 0 descriptor??
[  194.171850][ T5876] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  194.262918][ T8138] wg1 speed is unknown, defaulting to 1000
[  194.269224][ T8138] wg1 speed is unknown, defaulting to 1000
[  194.278930][ T8138] wg1 speed is unknown, defaulting to 1000
[  194.300418][ T8138] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  194.347068][ T8138] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  194.613441][ T8138] wg1 speed is unknown, defaulting to 1000
[  194.620879][ T8138] wg1 speed is unknown, defaulting to 1000
[  194.627965][ T8138] wg1 speed is unknown, defaulting to 1000
[  194.635127][ T8138] wg1 speed is unknown, defaulting to 1000
[  194.642284][ T8138] wg1 speed is unknown, defaulting to 1000
[  194.667745][ T5876] dvb-usb: bulk message failed: -22 (3/0)
[  194.677286][ T5876] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  194.687358][ T5876] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  194.702843][ T5876] usb 6-1: media controller created
[  194.724835][ T5876] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  194.765693][   T30] audit: type=1400 audit(1743755296.415:458): avc:  denied  { write } for  pid=5180 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  194.894296][ T5876] dvb-usb: bulk message failed: -22 (6/0)
[  194.902619][ T5876] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  194.907319][ T8116] dvb-usb: bulk message failed: -22 (2/0)
[  194.947972][   T30] audit: type=1400 audit(1743755296.415:459): avc:  denied  { remove_name } for  pid=5180 comm="syslogd" name="messages" dev="tmpfs" ino=7 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  194.980822][ T5876] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb6/6-1/input/input13
[  195.092143][   T30] audit: type=1400 audit(1743755296.415:460): avc:  denied  { add_name } for  pid=5180 comm="syslogd" name="messages.0" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  195.128452][ T5876] dvb-usb: schedule remote query interval to 150 msecs.
[  195.277766][ T5876] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  195.352915][   T30] audit: type=1400 audit(1743755296.915:461): avc:  denied  { mount } for  pid=8109 comm="syz.5.577" name="/" dev="ramfs" ino=17113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  195.488147][ T5876] dvb-usb: bulk message failed: -22 (1/0)
[  195.504669][ T5876] dvb-usb: error while querying for an remote control event.
[  195.671446][ T5876] dvb-usb: bulk message failed: -22 (1/0)
[  195.713869][ T5876] dvb-usb: error while querying for an remote control event.
[  195.890519][ T5876] dvb-usb: bulk message failed: -22 (1/0)
[  195.897966][ T5876] dvb-usb: error while querying for an remote control event.
[  196.328049][ T5910] usb 5-1: new full-speed USB device number 13 using dummy_hcd
[  196.355472][  T972] dvb-usb: bulk message failed: -22 (1/0)
[  196.361445][  T972] dvb-usb: error while querying for an remote control event.
[  196.491863][ T5910] usb 5-1: config 36 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  196.525906][ T5910] usb 5-1: config 36 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  196.540963][ T5876] dvb-usb: bulk message failed: -22 (1/0)
[  196.554338][ T5876] dvb-usb: error while querying for an remote control event.
[  196.563244][ T5910] usb 5-1: New USB device found, idVendor=6993, idProduct=b001, bcdDevice=3d.29
[  196.594579][ T5910] usb 5-1: New USB device strings: Mfr=244, Product=0, SerialNumber=16
[  196.620447][ T5910] usb 5-1: Manufacturer: syz
[  196.625071][ T5910] usb 5-1: SerialNumber: syz
[  196.727924][   T92] usb 6-1: USB disconnect, device number 3
[  196.748520][  T972] dvb-usb: bulk message failed: -22 (1/0)
[  196.769834][  T972] dvb-usb: error while querying for an remote control event.
[  196.914769][ T8190] bond0: entered promiscuous mode
[  196.919826][ T8190] bond_slave_0: entered promiscuous mode
[  196.925793][ T8190] bond_slave_1: entered promiscuous mode
[  197.053204][ T8163] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  197.054480][   T92] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  197.181195][ T8163] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  197.224946][ T5910] usbhid 5-1:36.0: couldn't find an input interrupt endpoint
[  197.282530][ T5910] usb 5-1: USB disconnect, device number 13
[  197.528953][   T30] audit: type=1400 audit(1743755299.175:462): avc:  denied  { connect } for  pid=8204 comm="syz.3.593" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  197.815059][ T8217] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8217 comm=syz.3.594
[  198.496552][   T30] audit: type=1400 audit(1743755300.145:463): avc:  denied  { allowed } for  pid=8228 comm="syz.4.598" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  198.534246][   T30] audit: type=1400 audit(1743755300.165:464): avc:  denied  { sqpoll } for  pid=8228 comm="syz.4.598" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  198.574368][ T8231] netlink: 'syz.5.592': attribute type 5 has an invalid length.
[  198.638660][   T30] audit: type=1400 audit(1743755300.185:465): avc:  denied  { getopt } for  pid=8228 comm="syz.4.598" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  199.034380][ T8244] netlink: 60 bytes leftover after parsing attributes in process `syz.4.600'.
[  199.470536][  T972] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  199.633296][   T92] kernel read not supported for file /dsp (pid: 92 comm: kworker/0:2)
[  199.634280][  T972] usb 2-1: Using ep0 maxpacket: 16
[  199.666415][  T972] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD7, changing to 0x87
[  199.688871][  T972] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  199.710241][  T972] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x87 has invalid wMaxPacketSize 0
[  199.746768][  T972] usb 2-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89
[  199.760117][  T972] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  199.778803][  T972] usb 2-1: Product: syz
[  199.783510][  T972] usb 2-1: Manufacturer: syz
[  199.788217][  T972] usb 2-1: SerialNumber: syz
[  199.871010][  T972] usb 2-1: config 0 descriptor??
[  199.955725][  T972] appledisplay 2-1:0.0: Submitting URB failed
[  199.984071][  T972] appledisplay 2-1:0.0: probe with driver appledisplay failed with error -5
[  200.162037][   T30] audit: type=1400 audit(1743755301.815:466): avc:  denied  { getopt } for  pid=8254 comm="syz.1.603" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  200.343034][  T972] usb 2-1: USB disconnect, device number 15
[  201.559645][ T8310] netlink: 60 bytes leftover after parsing attributes in process `syz.5.615'.
[  201.790532][   T92] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  201.930482][  T972] usb 6-1: new full-speed USB device number 4 using dummy_hcd
[  201.964340][   T92] usb 2-1: no configurations
[  201.970760][   T92] usb 2-1: can't read configurations, error -22
[  202.000736][    T9] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  202.092159][  T972] usb 6-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  202.110447][  T972] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  202.110613][   T92] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  202.133369][  T972] usb 6-1: config 0 descriptor??
[  202.174003][    T9] usb 3-1: Using ep0 maxpacket: 16
[  202.190839][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  202.206113][    T9] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  202.215353][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  202.226328][    T9] usb 3-1: Product: syz
[  202.231914][    T9] usb 3-1: Manufacturer: syz
[  202.236649][    T9] usb 3-1: SerialNumber: syz
[  202.245247][ T8335] wg1 speed is unknown, defaulting to 1000
[  202.253470][    T9] usb 3-1: config 0 descriptor??
[  202.266069][    T9] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  202.285903][   T92] usb 2-1: no configurations
[  202.290748][   T92] usb 2-1: can't read configurations, error -22
[  202.297091][    T9] em28xx 3-1:0.0: DVB interface 0 found: bulk
[  202.309690][   T92] usb usb2-port1: attempt power cycle
[  202.352116][  T972] [drm] vendor descriptor length:e0 data:00 00 00 00 00 00 00 00 00 00 00
[  202.504991][  T972] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[  202.540288][  T972] [drm:udl_init] *ERROR* Selecting channel failed
[  202.568943][  T972] [drm] Initialized udl 0.0.1 for 6-1:0.0 on minor 2
[  202.577435][  T972] [drm] Initialized udl on minor 2
[  202.578707][ T8336] wg1 speed is unknown, defaulting to 1000
[  202.593167][  T972] udl 6-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  202.608309][  T972] udl 6-1:0.0: [drm] Cannot find any crtc or sizes
[  202.630282][ T5876] udl 6-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  202.640224][ T5876] udl 6-1:0.0: [drm] Cannot find any crtc or sizes
[  202.653193][  T972] usb 6-1: USB disconnect, device number 4
[  202.661137][   T92] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  202.695404][   T92] usb 2-1: no configurations
[  202.709945][   T92] usb 2-1: can't read configurations, error -22
[  202.860672][   T92] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  202.924663][    T9] em28xx 3-1:0.0: unknown em28xx chip ID (0)
[  202.942232][   T92] usb 2-1: no configurations
[  202.946908][   T92] usb 2-1: can't read configurations, error -22
[  202.983035][   T92] usb usb2-port1: unable to enumerate USB device
[  203.567232][   T30] audit: type=1400 audit(1743755305.215:467): avc:  denied  { ioctl } for  pid=8346 comm="syz.4.626" path="/dev/input/mice" dev="devtmpfs" ino=916 ioctlcmd=0x5412 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  203.634380][   T30] audit: type=1400 audit(1743755305.265:468): avc:  denied  { setopt } for  pid=8320 comm="syz.2.618" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  203.682646][    T9] em28xx 3-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  203.717596][    T9] em28xx 3-1:0.0: board has no eeprom
[  203.736331][ T8353] netlink: 60 bytes leftover after parsing attributes in process `syz.5.627'.
[  203.790522][    T9] em28xx 3-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  203.807712][    T9] em28xx 3-1:0.0: dvb set to bulk mode.
[  203.814658][   T92] em28xx 3-1:0.0: Binding DVB extension
[  203.853667][    T9] usb 3-1: USB disconnect, device number 16
[  203.883446][   T92] em28xx 3-1:0.0: Registering input extension
[  203.895676][    T9] em28xx 3-1:0.0: Disconnecting em28xx
[  203.907363][    T9] em28xx 3-1:0.0: Closing input extension
[  203.966520][    T9] em28xx 3-1:0.0: Freeing device
[  204.008452][   T30] audit: type=1400 audit(1743755305.655:469): avc:  denied  { mount } for  pid=8359 comm="syz.4.630" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  204.076907][   T30] audit: type=1400 audit(1743755305.725:470): avc:  denied  { unmount } for  pid=5821 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  204.966443][ T8374] syzkaller0: entered promiscuous mode
[  204.972037][ T8374] syzkaller0: entered allmulticast mode
[  205.007993][ T8372] netlink: 'syz.3.632': attribute type 16 has an invalid length.
[  205.015811][ T8372] netlink: 'syz.3.632': attribute type 17 has an invalid length.
[  205.030877][ T8372] 8021q: adding VLAN 0 to HW filter on device bond0
[  205.061798][ T8372] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  205.093246][   T30] audit: type=1400 audit(1743755306.745:471): avc:  denied  { bind } for  pid=8370 comm="syz.2.633" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  205.197133][ T8379] syz.1.635 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  206.663316][ T8386] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode
[  206.749969][ T8404] FAULT_INJECTION: forcing a failure.
[  206.749969][ T8404] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  206.797505][ T8404] CPU: 0 UID: 0 PID: 8404 Comm: syz.3.640 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) 
[  206.797532][ T8404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  206.797538][ T8404] Call Trace:
[  206.797542][ T8404]  <TASK>
[  206.797546][ T8404]  dump_stack_lvl+0x16c/0x1f0
[  206.797563][ T8404]  should_fail_ex+0x512/0x640
[  206.797576][ T8404]  _copy_to_user+0x32/0xd0
[  206.797588][ T8404]  rng_dev_read+0x1ea/0x810
[  206.797600][ T8404]  ? __pfx_virtio_read+0x10/0x10
[  206.797610][ T8404]  ? __pfx_rng_dev_read+0x10/0x10
[  206.797621][ T8404]  ? bpf_lsm_file_permission+0x9/0x10
[  206.797636][ T8404]  ? security_file_permission+0x71/0x210
[  206.797652][ T8404]  ? rw_verify_area+0xcf/0x680
[  206.797666][ T8404]  ? __pfx_rng_dev_read+0x10/0x10
[  206.797675][ T8404]  vfs_readv+0x6bc/0x8a0
[  206.797688][ T8404]  ? get_pid_task+0x106/0x250
[  206.797702][ T8404]  ? __pfx_vfs_readv+0x10/0x10
[  206.797716][ T8404]  ? find_held_lock+0x2b/0x80
[  206.797736][ T8404]  ? __fget_files+0x20e/0x3c0
[  206.797751][ T8404]  ? do_preadv+0x1af/0x270
[  206.797764][ T8404]  do_preadv+0x1af/0x270
[  206.797778][ T8404]  ? __pfx_do_preadv+0x10/0x10
[  206.797791][ T8404]  ? rcu_is_watching+0x12/0xc0
[  206.797807][ T8404]  do_syscall_64+0xcd/0x260
[  206.797820][ T8404]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  206.797830][ T8404] RIP: 0033:0x7f7aac58d169
[  206.797839][ T8404] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  206.797848][ T8404] RSP: 002b:00007f7aad44b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  206.797858][ T8404] RAX: ffffffffffffffda RBX: 00007f7aac7a5fa0 RCX: 00007f7aac58d169
[  206.797864][ T8404] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000007
[  206.797870][ T8404] RBP: 00007f7aad44b090 R08: 0000000000000000 R09: 0000000000000000
[  206.797876][ T8404] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  206.797881][ T8404] R13: 0000000000000000 R14: 00007f7aac7a5fa0 R15: 00007ffc7d007c18
[  206.797893][ T8404]  </TASK>
[  207.003277][    C0] vkms_vblank_simulate: vblank timer overrun
[  207.040628][ T8397] rdma_rxe: rxe_newlink: failed to add syz_tun
[  207.734617][ T8415] netlink: 48 bytes leftover after parsing attributes in process `syz.2.641'.
[  208.007694][ T8427] fuse: Bad value for 'fd'
[  208.085092][ T8429] netlink: 'syz.1.647': attribute type 1 has an invalid length.
[  208.134429][ T8429] bond1: entered promiscuous mode
[  208.140670][ T8429] 8021q: adding VLAN 0 to HW filter on device bond1
[  208.205933][ T8431] bond1: (slave bridge1): making interface the new active one
[  208.224936][ T8431] bridge1: entered promiscuous mode
[  208.234947][ T8431] bond1: (slave bridge1): Enslaving as an active interface with an up link
[  208.606554][ T8448] netlink: 4 bytes leftover after parsing attributes in process `syz.5.651'.
[  208.615587][ T8448] netlink: 4 bytes leftover after parsing attributes in process `syz.5.651'.
[  208.625984][ T8448] netlink: 4 bytes leftover after parsing attributes in process `syz.5.651'.
[  208.636196][ T8448] netlink: 49 bytes leftover after parsing attributes in process `syz.5.651'.
[  208.718514][  T972] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  208.798440][   T30] audit: type=1400 audit(1743755310.435:472): avc:  denied  { setopt } for  pid=8446 comm="syz.1.653" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  209.053844][  T972] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  209.068289][   T30] audit: type=1400 audit(1743755310.725:473): avc:  denied  { ioctl } for  pid=8452 comm="syz.4.655" path="/dev/sg0" dev="devtmpfs" ino=725 ioctlcmd=0x2284 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  209.105318][  T972] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  209.134661][  T972] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  209.173729][  T972] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  209.197445][  T972] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  209.210797][  T972] usb 3-1: config 0 descriptor??
[  209.270806][ T8438] wg1 speed is unknown, defaulting to 1000
[  209.786108][ T5835] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  209.883056][  T972] plantronics 0003:047F:FFFF.0007: No inputs registered, leaving
[  209.907643][  T972] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  210.462874][ T5835] usb 2-1: Using ep0 maxpacket: 8
[  210.479055][ T5835] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  210.528736][ T5835] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[  210.546168][ T5835] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  210.557849][ T5835] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  210.569303][ T5835] usb 2-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  210.778801][ T5835] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  210.855289][ T5835] hub 2-1:1.0: bad descriptor, ignoring hub
[  210.861599][ T5835] hub 2-1:1.0: probe with driver hub failed with error -5
[  210.913589][   T30] audit: type=1400 audit(1743755312.565:474): avc:  denied  { unmount } for  pid=5831 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  210.973031][ T5835] cdc_wdm 2-1:1.0: skipping garbage
[  210.978263][ T5835] cdc_wdm 2-1:1.0: skipping garbage
[  211.215727][ T5835] cdc_wdm 2-1:1.0: cdc-wdm1: USB WDM device
[  211.239740][ T5835] cdc_wdm 2-1:1.0: Unknown control protocol
[  211.351338][ T5835] usb 2-1: USB disconnect, device number 20
[  211.461228][  T972] usb 3-1: USB disconnect, device number 17
[  212.150238][ T8495] netlink: 48 bytes leftover after parsing attributes in process `syz.5.660'.
[  212.187434][ T8496] syzkaller0: entered promiscuous mode
[  212.268184][ T5835] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  212.274846][ T8496] syzkaller0: entered allmulticast mode
[  212.427183][ T5835] usb 2-1: Using ep0 maxpacket: 8
[  212.444432][ T5835] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  212.481107][ T5835] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[  212.490029][ T5835] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  212.513844][ T5835] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  212.525795][ T5835] usb 2-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  212.539134][ T5835] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  212.591405][ T5835] usb 2-1: can't set config #1, error -71
[  212.608658][ T5835] usb 2-1: USB disconnect, device number 21
[  212.631926][ T8511] 9pnet_fd: Insufficient options for proto=fd
[  212.643720][    T9] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  212.749359][ T8515] FAULT_INJECTION: forcing a failure.
[  212.749359][ T8515] name failslab, interval 1, probability 0, space 0, times 0
[  212.762487][ T8515] CPU: 1 UID: 0 PID: 8515 Comm: syz.2.670 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) 
[  212.762510][ T8515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  212.762520][ T8515] Call Trace:
[  212.762526][ T8515]  <TASK>
[  212.762532][ T8515]  dump_stack_lvl+0x16c/0x1f0
[  212.762556][ T8515]  should_fail_ex+0x512/0x640
[  212.762573][ T8515]  ? __kmalloc_noprof+0xbf/0x510
[  212.762592][ T8515]  ? lsm_blob_alloc+0x68/0x90
[  212.762607][ T8515]  should_failslab+0xc2/0x120
[  212.762626][ T8515]  __kmalloc_noprof+0xd2/0x510
[  212.762643][ T8515]  ? down_write_nested+0x151/0x210
[  212.762665][ T8515]  lsm_blob_alloc+0x68/0x90
[  212.762681][ T8515]  security_sb_alloc+0x28/0x230
[  212.762700][ T8515]  alloc_super+0x23d/0xbd0
[  212.762736][ T8515]  sget_fc+0x116/0xc20
[  212.762751][ T8515]  ? __pfx_set_anon_super_fc+0x10/0x10
[  212.762775][ T8515]  ? __pfx_proc_fill_super+0x10/0x10
[  212.762795][ T8515]  get_tree_nodev+0x28/0x190
[  212.762812][ T8515]  vfs_get_tree+0x8b/0x340
[  212.762833][ T8515]  path_mount+0x14d4/0x1f30
[  212.762854][ T8515]  ? kmem_cache_free+0x2d4/0x4d0
[  212.762869][ T8515]  ? __pfx_path_mount+0x10/0x10
[  212.762891][ T8515]  ? putname+0x154/0x1a0
[  212.762913][ T8515]  __x64_sys_mount+0x28d/0x310
[  212.762932][ T8515]  ? __pfx___x64_sys_mount+0x10/0x10
[  212.762958][ T8515]  do_syscall_64+0xcd/0x260
[  212.762979][ T8515]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.762996][ T8515] RIP: 0033:0x7f759898d169
[  212.763009][ T8515] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  212.763025][ T8515] RSP: 002b:00007f759985f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  212.763040][ T8515] RAX: ffffffffffffffda RBX: 00007f7598ba6160 RCX: 00007f759898d169
[  212.763050][ T8515] RDX: 0000200000000080 RSI: 0000200000000180 RDI: 0000000000000000
[  212.763060][ T8515] RBP: 00007f759985f090 R08: 0000000000000000 R09: 0000000000000000
[  212.763070][ T8515] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  212.763079][ T8515] R13: 0000000000000000 R14: 00007f7598ba6160 R15: 00007ffcc64cefc8
[  212.763101][ T8515]  </TASK>
[  212.765356][  T972] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  212.980441][    T9] usb 4-1: Using ep0 maxpacket: 32
[  212.997191][    T9] usb 4-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7
[  213.063119][ T8518] netlink: 4 bytes leftover after parsing attributes in process `syz.5.672'.
[  213.088945][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  213.101500][    T9] usb 4-1: config 0 descriptor??
[  213.140559][  T972] usb 5-1: Using ep0 maxpacket: 8
[  213.142637][    T9] gspca_main: sq930x-2.14.0 probing 041e:403c
[  213.146987][  T972] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  213.280759][  T972] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  213.399103][  T972] usb 5-1: New USB device found, idVendor=0000, idProduct=0000, bcdDevice= 0.00
[  213.435369][  T972] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  213.459941][  T972] usb 5-1: config 0 descriptor??
[  213.482359][  T972] gspca_main: spca501-2.14.0 probing 0000:0000
[  213.688864][ T8520] mkiss: ax0: crc mode is auto.
[  213.701364][    T9] gspca_sq930x: reg_r 001f failed -110
[  213.709189][    T9] sq930x 4-1:0.0: probe with driver sq930x failed with error -110
[  213.887815][  T972] gspca_spca501: reg write: error -71
[  213.895149][  T972] spca501 5-1:0.0: Reg write failed for 0x02,0xa048,0x00
[  214.016053][  T972] spca501 5-1:0.0: probe with driver spca501 failed with error -22
[  214.107427][  T972] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  214.241054][  T972] usb 5-1: USB disconnect, device number 14
[  214.593073][ T8556] x_tables: ip_tables: ah match: only valid for protocol 51
[  214.625897][   T30] audit: type=1400 audit(1743755316.275:475): avc:  denied  { append } for  pid=8558 comm="syz.4.677" name="urandom" dev="devtmpfs" ino=9 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1
[  214.766958][ T8562] netlink: 4 bytes leftover after parsing attributes in process `syz.5.678'.
[  214.777049][ T8562] netlink: 4 bytes leftover after parsing attributes in process `syz.5.678'.
[  214.786048][ T8562] netlink: 4 bytes leftover after parsing attributes in process `syz.5.678'.
[  214.795868][ T8562] netlink: 49 bytes leftover after parsing attributes in process `syz.5.678'.
[  215.136122][  T972] usb 4-1: USB disconnect, device number 24
[  215.710578][ T5874] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  215.910575][ T5874] usb 4-1: Using ep0 maxpacket: 8
[  215.988150][ T5874] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  216.040548][ T5874] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  216.091566][ T5874] usb 4-1: config 0 descriptor??
[  216.361111][ T5835] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  216.390225][ T8593] netlink: 4 bytes leftover after parsing attributes in process `syz.5.689'.
[  216.399405][ T8593] netlink: 4 bytes leftover after parsing attributes in process `syz.5.689'.
[  216.409566][ T8593] netlink: 4 bytes leftover after parsing attributes in process `syz.5.689'.
[  216.418768][ T8593] netlink: 49 bytes leftover after parsing attributes in process `syz.5.689'.
[  216.650440][ T5835] usb 2-1: Using ep0 maxpacket: 8
[  216.661580][ T5835] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  216.695832][ T5835] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  216.729417][ T5835] usb 2-1: New USB device found, idVendor=0000, idProduct=0000, bcdDevice= 0.00
[  216.738991][ T5835] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  216.756517][ T5835] usb 2-1: config 0 descriptor??
[  216.766283][ T5835] gspca_main: spca501-2.14.0 probing 0000:0000
[  216.832255][ T5874] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[  216.849582][ T5874] asix 4-1:0.0: probe with driver asix failed with error -61
[  217.521900][ T5835] gspca_spca501: reg write: error -110
[  217.528775][ T5835] spca501 2-1:0.0: Reg write failed for 0x02,0xa048,0x00
[  217.549815][ T5835] spca501 2-1:0.0: probe with driver spca501 failed with error -22
[  217.567266][ T5835] usb 2-1: USB disconnect, device number 22
[  217.652223][   T92] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  217.697465][ T8609] netlink: 4 bytes leftover after parsing attributes in process `syz.5.692'.
[  217.833891][   T92] usb 3-1: device descriptor read/64, error -71
[  217.972593][ T8611] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(14)
[  217.979211][ T8611] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  217.998560][ T8611] vhci_hcd vhci_hcd.0: Device attached
[  218.027587][ T8615] vhci_hcd vhci_hcd.0: pdev(3) rhport(1) sockfd(16)
[  218.034199][ T8615] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  218.048964][ T8615] vhci_hcd vhci_hcd.0: Device attached
[  218.065769][ T8611] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  218.077646][ T8611] vhci_hcd vhci_hcd.0: pdev(3) rhport(3) sockfd(20)
[  218.084251][ T8611] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  218.098617][ T8611] vhci_hcd vhci_hcd.0: Device attached
[  218.116484][   T92] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  218.143385][ T8611] vhci_hcd vhci_hcd.0: pdev(3) rhport(4) sockfd(23)
[  218.150014][ T8611] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  218.170565][    T9] vhci_hcd: vhci_device speed not set
[  218.207709][ T8611] vhci_hcd vhci_hcd.0: Device attached
[  218.265676][   T92] usb 3-1: device descriptor read/64, error -71
[  218.272038][    T9] usb 39-1: new full-speed USB device number 2 using vhci_hcd
[  218.325174][   T30] audit: type=1400 audit(1743755319.935:476): avc:  denied  { create } for  pid=8620 comm="syz.5.693" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  218.328348][ T8615] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  218.348837][ T8629] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  218.370725][ T8611] vhci_hcd vhci_hcd.0: pdev(3) rhport(5) sockfd(25)
[  218.377332][ T8611] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  218.390199][ T8611] vhci_hcd vhci_hcd.0: Device attached
[  218.437885][   T92] usb usb3-port1: attempt power cycle
[  218.566402][ T8633] netlink: 'syz.1.694': attribute type 16 has an invalid length.
[  218.586465][ T8633] netlink: 'syz.1.694': attribute type 17 has an invalid length.
[  218.622766][ T8633] 8021q: adding VLAN 0 to HW filter on device bond0
[  218.643180][ T8633] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  219.149320][   T92] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  219.180941][   T92] usb 3-1: device descriptor read/8, error -71
[  219.451630][ T8641] FAULT_INJECTION: forcing a failure.
[  219.451630][ T8641] name failslab, interval 1, probability 0, space 0, times 0
[  219.464429][ T8641] CPU: 1 UID: 0 PID: 8641 Comm: syz.5.696 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) 
[  219.464451][ T8641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  219.464460][ T8641] Call Trace:
[  219.464466][ T8641]  <TASK>
[  219.464472][ T8641]  dump_stack_lvl+0x16c/0x1f0
[  219.464496][ T8641]  should_fail_ex+0x512/0x640
[  219.464516][ T8641]  ? lsm_blob_alloc+0x68/0x90
[  219.464531][ T8641]  should_failslab+0xc2/0x120
[  219.464550][ T8641]  __kmalloc_noprof+0xd2/0x510
[  219.464568][ T8641]  ? down_write_nested+0x151/0x210
[  219.464590][ T8641]  lsm_blob_alloc+0x68/0x90
[  219.464606][ T8641]  security_sb_alloc+0x28/0x230
[  219.464626][ T8641]  alloc_super+0x23d/0xbd0
[  219.464657][ T8641]  sget_fc+0x116/0xc20
[  219.464671][ T8641]  ? __pfx_set_anon_super_fc+0x10/0x10
[  219.464695][ T8641]  ? __pfx_proc_fill_super+0x10/0x10
[  219.464716][ T8641]  get_tree_nodev+0x28/0x190
[  219.464732][ T8641]  vfs_get_tree+0x8b/0x340
[  219.464754][ T8641]  path_mount+0x14d4/0x1f30
[  219.464773][ T8641]  ? kmem_cache_free+0x2d4/0x4d0
[  219.464789][ T8641]  ? __pfx_path_mount+0x10/0x10
[  219.464810][ T8641]  ? putname+0x154/0x1a0
[  219.464832][ T8641]  __x64_sys_mount+0x28d/0x310
[  219.464851][ T8641]  ? __pfx___x64_sys_mount+0x10/0x10
[  219.464877][ T8641]  do_syscall_64+0xcd/0x260
[  219.464899][ T8641]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  219.464915][ T8641] RIP: 0033:0x7fce9db8d169
[  219.464933][ T8641] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  219.464948][ T8641] RSP: 002b:00007fce9ea59038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  219.464964][ T8641] RAX: ffffffffffffffda RBX: 00007fce9dda6160 RCX: 00007fce9db8d169
[  219.464974][ T8641] RDX: 0000200000000080 RSI: 0000200000000180 RDI: 0000000000000000
[  219.464984][ T8641] RBP: 00007fce9ea59090 R08: 0000000000000000 R09: 0000000000000000
[  219.464993][ T8641] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  219.465002][ T8641] R13: 0000000000000000 R14: 00007fce9dda6160 R15: 00007fffbdf79128
[  219.465023][ T8641]  </TASK>
[  219.604952][   T92] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  220.051513][ T8623] vhci_hcd: connection closed
[  220.052552][   T61] vhci_hcd: stop threads
[  220.054007][ T5910] usb 4-1: USB disconnect, device number 25
[  220.057320][   T61] vhci_hcd: release socket
[  220.072339][ T8612] vhci_hcd: connection reset by peer
[  220.079737][ T8627] vhci_hcd: connection closed
[  220.080434][   T92] usb 3-1: device descriptor read/8, error -71
[  220.100256][ T8616] vhci_hcd: connection closed
[  220.107524][   T61] vhci_hcd: disconnect device
[  220.124818][ T8618] vhci_hcd: connection closed
[  220.143978][   T61] vhci_hcd: stop threads
[  220.185032][   T61] vhci_hcd: release socket
[  220.217945][   T61] vhci_hcd: disconnect device
[  220.250621][   T61] vhci_hcd: stop threads
[  220.254898][   T61] vhci_hcd: release socket
[  220.271261][   T92] usb usb3-port1: unable to enumerate USB device
[  220.298335][ T8653] __nla_validate_parse: 3 callbacks suppressed
[  220.298351][ T8653] netlink: 20 bytes leftover after parsing attributes in process `syz.2.702'.
[  220.322917][   T61] vhci_hcd: disconnect device
[  220.350458][   T61] vhci_hcd: stop threads
[  220.354720][   T61] vhci_hcd: release socket
[  220.365940][   T61] vhci_hcd: disconnect device
[  220.377265][   T61] vhci_hcd: stop threads
[  220.389929][   T61] vhci_hcd: release socket
[  220.543343][   T61] vhci_hcd: disconnect device
[  220.674454][ T8662] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8662 comm=syz.4.703
[  221.169282][   T30] audit: type=1400 audit(1743755322.815:477): avc:  denied  { create } for  pid=8663 comm="syz.2.706" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  221.254436][ T8667] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8667 comm=syz.3.701
[  221.735208][ T5139] Bluetooth: hci3: command 0x0406 tx timeout
[  222.237268][ T8676] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8676 comm=syz.4.709
[  222.245480][   T30] audit: type=1400 audit(1743755323.885:478): avc:  denied  { mount } for  pid=8677 comm="syz.1.710" name="/" dev="autofs" ino=18992 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  222.271862][    C1] vkms_vblank_simulate: vblank timer overrun
[  222.433779][   T30] audit: type=1400 audit(1743755324.025:479): avc:  denied  { mount } for  pid=8680 comm="syz.3.711" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  222.720438][ T5874] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  222.889858][ T5874] usb 6-1: no configurations
[  222.899284][ T5874] usb 6-1: can't read configurations, error -22
[  223.040450][ T5874] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  223.053921][   T30] audit: type=1400 audit(1743755324.705:480): avc:  denied  { unmount } for  pid=5820 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  223.184498][ T8698] netlink: 60 bytes leftover after parsing attributes in process `syz.1.716'.
[  223.453982][ T5874] usb 6-1: no configurations
[  223.459113][ T5874] usb 6-1: can't read configurations, error -22
[  223.465786][ T5874] usb usb6-port1: attempt power cycle
[  223.483252][    T9] vhci_hcd: vhci_device speed not set
[  223.649089][ T8703] fuse: Bad value for 'fd'
[  223.951351][ T5874] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  224.011439][ T5874] usb 6-1: no configurations
[  224.016280][ T5874] usb 6-1: can't read configurations, error -22
[  224.088482][ T8694] wg1 speed is unknown, defaulting to 1000
[  224.155590][ T8708] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=5137 sclass=netlink_xfrm_socket pid=8708 comm=syz.1.719
[  224.186561][ T8708] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=5137 sclass=netlink_xfrm_socket pid=8708 comm=syz.1.719
[  224.214789][ T5874] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  224.237312][ T8708] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=5137 sclass=netlink_xfrm_socket pid=8708 comm=syz.1.719
[  224.254862][ T5874] usb 6-1: no configurations
[  224.259478][ T5874] usb 6-1: can't read configurations, error -22
[  224.286692][ T8708] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=5137 sclass=netlink_xfrm_socket pid=8708 comm=syz.1.719
[  224.306981][ T8708] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=5137 sclass=netlink_xfrm_socket pid=8708 comm=syz.1.719
[  224.308696][ T5874] usb usb6-port1: unable to enumerate USB device
[  224.331486][ T8708] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=5137 sclass=netlink_xfrm_socket pid=8708 comm=syz.1.719
[  224.535684][ T8708] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=5137 sclass=netlink_xfrm_socket pid=8708 comm=syz.1.719
[  225.218441][   T30] audit: type=1400 audit(1743755326.845:481): avc:  denied  { open } for  pid=8721 comm="syz.3.724" path="/dev/ptyqa" dev="devtmpfs" ino=129 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  225.326684][ T8729] netlink: 'syz.3.726': attribute type 1 has an invalid length.
[  225.552205][ T8733] ubi31: attaching mtd0
[  226.251986][ T8733] ubi31: scanning is finished
[  226.374719][ T8733] ubi31: empty MTD device detected
[  227.130647][   T30] audit: type=1400 audit(1743755328.755:482): avc:  denied  { mounton } for  pid=8739 comm="syz.3.729" path="/156/file0" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=file permissive=1
[  227.186718][ T8733] ubi31 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt31d", error -4
[  227.238287][   T30] audit: type=1400 audit(1743755328.865:483): avc:  denied  { unmount } for  pid=5831 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  228.050636][   T24] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  228.351445][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  228.406020][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  228.690742][   T24] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  228.699802][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  228.801246][   T24] usb 6-1: config 0 descriptor??
[  228.833635][   T30] audit: type=1400 audit(1743755330.475:484): avc:  denied  { setattr } for  pid=8770 comm="syz.3.737" path="socket:[20117]" dev="sockfs" ino=20117 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  229.277850][   T24] usbhid 6-1:0.0: can't add hid device: -71
[  229.290479][   T24] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  229.769790][   T24] usb 6-1: USB disconnect, device number 9
[  229.837002][ T8753] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci5/hci5:200/input16
[  230.070673][ T5910] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  230.210531][   T24] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  230.243244][ T5910] usb 3-1: Using ep0 maxpacket: 8
[  230.249798][ T5910] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  230.278892][ T5910] usb 3-1: New USB device found, idVendor=0000, idProduct=0000, bcdDevice= 0.00
[  230.289898][ T5910] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  230.329433][ T5910] usb 3-1: config 0 descriptor??
[  230.347365][ T5910] gspca_main: spca501-2.14.0 probing 0000:0000
[  230.380547][   T24] usb 6-1: Using ep0 maxpacket: 32
[  230.419494][ T8804] selinux_netlink_send: 58 callbacks suppressed
[  230.419510][ T8804] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8804 comm=syz.3.745
[  230.474364][   T24] usb 6-1: config index 0 descriptor too short (expected 36, got 27)
[  230.562431][   T24] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  230.702732][   T24] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40
[  230.787005][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  230.849638][   T24] usb 6-1: config 0 descriptor??
[  230.869181][   T24] ldusb 6-1:0.0: Interrupt in endpoint not found
[  230.883298][   T24] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[  230.929339][   T92] usb 6-1: USB disconnect, device number 10
[  231.040130][ T5910] gspca_spca501: reg write: error -71
[  231.055574][ T5910] spca501 3-1:0.0: Reg write failed for 0x02,0xa048,0x00
[  231.063998][ T5910] spca501 3-1:0.0: probe with driver spca501 failed with error -22
[  231.074592][ T5910] usb 3-1: USB disconnect, device number 22
[  232.504212][ T8830] xt_hashlimit: size too large, truncated to 1048576
[  234.084593][   T30] audit: type=1400 audit(1743755335.735:485): avc:  denied  { ioctl } for  pid=8853 comm="syz.2.759" path="socket:[20326]" dev="sockfs" ino=20326 ioctlcmd=0x7437 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  234.109233][    C0] vkms_vblank_simulate: vblank timer overrun
[  234.714695][ T8875] FAULT_INJECTION: forcing a failure.
[  234.714695][ T8875] name failslab, interval 1, probability 0, space 0, times 0
[  234.737395][ T8875] CPU: 1 UID: 0 PID: 8875 Comm: syz.5.765 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) 
[  234.737418][ T8875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  234.737428][ T8875] Call Trace:
[  234.737433][ T8875]  <TASK>
[  234.737439][ T8875]  dump_stack_lvl+0x16c/0x1f0
[  234.737463][ T8875]  should_fail_ex+0x512/0x640
[  234.737483][ T8875]  should_failslab+0xc2/0x120
[  234.737501][ T8875]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  234.737518][ T8875]  ? skb_clone+0x190/0x3f0
[  234.737541][ T8875]  skb_clone+0x190/0x3f0
[  234.737561][ T8875]  netlink_deliver_tap+0xabd/0xd30
[  234.737586][ T8875]  netlink_unicast+0x5df/0x7f0
[  234.737609][ T8875]  ? __pfx_netlink_unicast+0x10/0x10
[  234.737635][ T8875]  netlink_sendmsg+0x8d1/0xdd0
[  234.737665][ T8875]  ? __pfx_netlink_sendmsg+0x10/0x10
[  234.737695][ T8875]  sock_write_iter+0x4fc/0x5b0
[  234.737719][ T8875]  ? __pfx_sock_write_iter+0x10/0x10
[  234.737749][ T8875]  ? bpf_lsm_file_permission+0x9/0x10
[  234.737772][ T8875]  ? security_file_permission+0x71/0x210
[  234.737800][ T8875]  ? rw_verify_area+0xcf/0x680
[  234.737825][ T8875]  vfs_write+0x5ba/0x1180
[  234.737840][ T8875]  ? __pfx_sock_write_iter+0x10/0x10
[  234.737866][ T8875]  ? __pfx_vfs_write+0x10/0x10
[  234.737878][ T8875]  ? find_held_lock+0x2b/0x80
[  234.737913][ T8875]  ksys_write+0x205/0x240
[  234.737927][ T8875]  ? __pfx_ksys_write+0x10/0x10
[  234.737941][ T8875]  ? rcu_is_watching+0x12/0xc0
[  234.737968][ T8875]  do_syscall_64+0xcd/0x260
[  234.737990][ T8875]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.738006][ T8875] RIP: 0033:0x7fce9db8d169
[  234.738019][ T8875] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  234.738034][ T8875] RSP: 002b:00007fce9ea9b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  234.738050][ T8875] RAX: ffffffffffffffda RBX: 00007fce9dda5fa0 RCX: 00007fce9db8d169
[  234.738060][ T8875] RDX: 0000000000000024 RSI: 0000200000000000 RDI: 0000000000000005
[  234.738070][ T8875] RBP: 00007fce9ea9b090 R08: 0000000000000000 R09: 0000000000000000
[  234.738079][ T8875] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  234.738087][ T8875] R13: 0000000000000000 R14: 00007fce9dda5fa0 R15: 00007fffbdf79128
[  234.738109][ T8875]  </TASK>
[  235.078708][   T30] audit: type=1400 audit(1743755336.545:486): avc:  denied  { ioctl } for  pid=8858 comm="syz.4.762" path="socket:[20330]" dev="sockfs" ino=20330 ioctlcmd=0x89f1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  235.120550][   T24] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  235.177554][   T30] audit: type=1400 audit(1743755336.825:487): avc:  denied  { connect } for  pid=8881 comm="syz.5.767" lport=512 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  235.242549][   T30] audit: type=1326 audit(1743755336.895:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8881 comm="syz.5.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce9db8d169 code=0x7ffc0000
[  235.290793][   T24] usb 3-1: Using ep0 maxpacket: 8
[  235.297331][   T24] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  235.310598][   T30] audit: type=1326 audit(1743755336.895:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8881 comm="syz.5.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fce9db8d169 code=0x7ffc0000
[  235.340981][   T24] usb 3-1: New USB device found, idVendor=0000, idProduct=0000, bcdDevice= 0.00
[  235.350196][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  235.362239][   T30] audit: type=1326 audit(1743755336.895:490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8881 comm="syz.5.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce9db8d169 code=0x7ffc0000
[  235.386607][   T30] audit: type=1326 audit(1743755336.915:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8881 comm="syz.5.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce9db8d169 code=0x7ffc0000
[  235.411512][   T24] usb 3-1: config 0 descriptor??
[  235.419899][   T24] gspca_main: spca501-2.14.0 probing 0000:0000
[  235.427589][   T30] audit: type=1326 audit(1743755336.915:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8881 comm="syz.5.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=47 compat=0 ip=0x7fce9db8d169 code=0x7ffc0000
[  235.452726][   T30] audit: type=1400 audit(1743755336.915:493): avc:  denied  { read } for  pid=8881 comm="syz.5.767" laddr=fe80::aa lport=512 faddr=fe80::3b fport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  235.506830][   T30] audit: type=1326 audit(1743755336.915:494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8881 comm="syz.5.767" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce9db8d169 code=0x7ffc0000
[  235.823942][ T8896] wg1 speed is unknown, defaulting to 1000
[  235.830386][   T24] gspca_spca501: reg write: error -71
[  235.836143][   T24] spca501 3-1:0.0: Reg write failed for 0x02,0xa048,0x00
[  235.845885][   T24] spca501 3-1:0.0: probe with driver spca501 failed with error -22
[  235.870735][   T24] usb 3-1: USB disconnect, device number 23
[  237.692842][ T5828] Bluetooth: hci3: unexpected event for opcode 0x203c
[  237.875451][   T24] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  238.450534][   T24] usb 6-1: device descriptor read/64, error -71
[  238.593045][ T8951] netlink: 4 bytes leftover after parsing attributes in process `syz.3.788'.
[  238.602988][ T8951] netlink: 4 bytes leftover after parsing attributes in process `syz.3.788'.
[  238.612332][ T8951] netlink: 4 bytes leftover after parsing attributes in process `syz.3.788'.
[  238.621825][ T8951] netlink: 49 bytes leftover after parsing attributes in process `syz.3.788'.
[  238.742761][   T24] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  238.983084][   T24] usb 6-1: device descriptor read/64, error -71
[  239.093694][   T24] usb usb6-port1: attempt power cycle
[  239.570685][   T24] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  239.734429][   T24] usb 6-1: device descriptor read/8, error -71
[  240.001844][   T24] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  240.041308][   T24] usb 6-1: device descriptor read/8, error -71
[  240.190161][   T24] usb usb6-port1: unable to enumerate USB device
[  240.693502][ T8949] delete_channel: no stack
[  241.066751][   T30] kauditd_printk_skb: 17 callbacks suppressed
[  241.066766][   T30] audit: type=1326 audit(1743755342.715:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8987 comm="syz.1.799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f321278d169 code=0x7ffc0000
[  241.141626][   T30] audit: type=1326 audit(1743755342.755:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8987 comm="syz.1.799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f321278d169 code=0x7ffc0000
[  241.247729][   T30] audit: type=1326 audit(1743755342.755:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8987 comm="syz.1.799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f321278d169 code=0x7ffc0000
[  241.274737][   T30] audit: type=1326 audit(1743755342.755:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8987 comm="syz.1.799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f321278d169 code=0x7ffc0000
[  241.302461][   T30] audit: type=1326 audit(1743755342.755:516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8987 comm="syz.1.799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f321278d169 code=0x7ffc0000
[  241.374233][ T9000] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9000 comm=syz.4.796
[  241.390553][   T30] audit: type=1326 audit(1743755342.755:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8987 comm="syz.1.799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f321278d169 code=0x7ffc0000
[  241.415344][   T30] audit: type=1326 audit(1743755342.755:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8987 comm="syz.1.799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f321278d169 code=0x7ffc0000
[  241.439051][   T30] audit: type=1326 audit(1743755342.755:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8987 comm="syz.1.799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f321278d169 code=0x7ffc0000
[  241.462794][   T30] audit: type=1326 audit(1743755342.755:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8987 comm="syz.1.799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f321278d169 code=0x7ffc0000
[  241.486348][   T30] audit: type=1326 audit(1743755342.755:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8987 comm="syz.1.799" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f321278d169 code=0x7ffc0000
[  241.487707][ T5835] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  241.700677][ T5835] usb 6-1: device descriptor read/64, error -71
[  241.919793][ T9008] netlink: 20 bytes leftover after parsing attributes in process `syz.1.806'.
[  241.950536][ T5835] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  242.080535][ T5835] usb 6-1: device descriptor read/64, error -71
[  242.260659][   T24] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  242.439882][   T24] usb 3-1: config 0 has an invalid interface number: 47 but max is 0
[  242.508484][   T24] usb 3-1: config 0 has no interface number 0
[  242.551311][ T5835] usb usb6-port1: attempt power cycle
[  242.563259][   T24] usb 3-1: config 0 interface 47 has no altsetting 0
[  242.576274][   T24] usb 3-1: New USB device found, idVendor=1645, idProduct=0008, bcdDevice=cf.36
[  242.594917][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  242.614794][   T24] usb 3-1: config 0 descriptor??
[  243.270512][ T5835] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  243.321341][ T5835] usb 6-1: device descriptor read/8, error -71
[  243.738777][ T5835] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  244.178594][ T5835] usb 6-1: device descriptor read/8, error -71
[  244.316096][ T5835] usb usb6-port1: unable to enumerate USB device
[  244.575440][ T9049] xt_hashlimit: Unknown mode mask 2000, kernel too old?
[  244.658956][   T24] kaweth 3-1:0.47: Firmware present in device.
[  245.808829][   T92] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  245.947128][   T24] kaweth 3-1:0.47: Error reading configuration (-71), no net device created
[  245.975954][   T24] kaweth 3-1:0.47: probe with driver kaweth failed with error -5
[  245.994762][   T92] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  246.016631][   T24] usb 3-1: USB disconnect, device number 24
[  246.017033][   T92] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  246.055869][   T92] usb 6-1: New USB device found, idVendor=046d, idProduct=c343, bcdDevice= 0.00
[  246.080376][   T92] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  246.162395][   T92] usb 6-1: config 0 descriptor??
[  246.173311][ T5828] Bluetooth: hci4: unexpected event for opcode 0x5fc4
[  246.216966][ T9082] nbd: must specify a size in bytes for the device
[  246.489003][ T9085] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  246.654452][   T30] kauditd_printk_skb: 4 callbacks suppressed
[  246.654468][   T30] audit: type=1400 audit(1743755348.295:526): avc:  denied  { setopt } for  pid=9093 comm="syz.3.836" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  246.710919][   T30] audit: type=1400 audit(1743755348.295:527): avc:  denied  { ioctl } for  pid=9093 comm="syz.3.836" path="socket:[21788]" dev="sockfs" ino=21788 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  246.735329][    C1] vkms_vblank_simulate: vblank timer overrun
[  246.744956][   T92] logitech-hidpp-device 0003:046D:C343.0008: item 0 1 0 9 parsing failed
[  246.755578][   T92] logitech-hidpp-device 0003:046D:C343.0008: hidpp_probe:parse failed
[  246.775505][   T92] logitech-hidpp-device 0003:046D:C343.0008: probe with driver logitech-hidpp-device failed with error -22
[  246.830439][  T972] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  246.940615][   T24] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  246.950042][   T30] audit: type=1400 audit(1743755348.595:528): avc:  denied  { ioctl } for  pid=9057 comm="syz.5.821" path="socket:[21713]" dev="sockfs" ino=21713 ioctlcmd=0x8912 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  246.952620][   T92] usb 6-1: USB disconnect, device number 19
[  246.983494][ T5835] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  247.000464][  T972] usb 5-1: Using ep0 maxpacket: 32
[  247.007041][  T972] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  247.018613][  T972] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  247.029004][  T972] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  247.038194][  T972] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  247.047577][  T972] usb 5-1: config 0 descriptor??
[  247.090506][   T24] usb 3-1: Using ep0 maxpacket: 8
[  247.096968][   T24] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  247.107145][   T24] usb 3-1: New USB device found, idVendor=0000, idProduct=0000, bcdDevice= 0.00
[  247.116219][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  247.126957][   T24] usb 3-1: config 0 descriptor??
[  247.134346][   T24] gspca_main: spca501-2.14.0 probing 0000:0000
[  247.152368][ T5835] usb 4-1: Using ep0 maxpacket: 8
[  247.158746][ T5835] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  247.169130][ T5835] usb 4-1: New USB device found, idVendor=0000, idProduct=0000, bcdDevice= 0.00
[  247.178366][ T5835] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  247.196527][ T5835] usb 4-1: config 0 descriptor??
[  247.203942][ T5835] gspca_main: spca501-2.14.0 probing 0000:0000
[  247.564809][ T9109] netlink: 'syz.5.842': attribute type 1 has an invalid length.
[  247.598502][   T24] gspca_spca501: reg write: error -71
[  247.614685][ T5835] gspca_spca501: reg write: error -71
[  247.615482][  T972] savu 0003:1E7D:2D5A.0009: unknown main item tag 0x0
[  247.626905][   T24] spca501 3-1:0.0: Reg write failed for 0x02,0xa048,0x00
[  247.633985][ T5835] spca501 4-1:0.0: Reg write failed for 0x02,0xa048,0x00
[  247.638465][   T24] spca501 3-1:0.0: probe with driver spca501 failed with error -22
[  247.649372][  T972] savu 0003:1E7D:2D5A.0009: unknown main item tag 0x0
[  247.693082][   T24] usb 3-1: USB disconnect, device number 25
[  247.774754][  T972] savu 0003:1E7D:2D5A.0009: unknown main item tag 0x0
[  247.929999][  T972] savu 0003:1E7D:2D5A.0009: unknown main item tag 0x0
[  248.047583][  T972] savu 0003:1E7D:2D5A.0009: unknown main item tag 0x0
[  248.067805][ T5835] spca501 4-1:0.0: probe with driver spca501 failed with error -22
[  248.077887][ T5835] usb 4-1: USB disconnect, device number 26
[  248.089940][  T972] savu 0003:1E7D:2D5A.0009: unbalanced collection at end of report description
[  248.113380][  T972] savu 0003:1E7D:2D5A.0009: parse failed
[  248.139996][  T972] savu 0003:1E7D:2D5A.0009: probe with driver savu failed with error -22
[  248.161681][  T972] usb 5-1: USB disconnect, device number 15
[  248.203539][ T9115] overlayfs: missing 'workdir'
[  249.040723][ T9131] openvswitch: netlink: Missing key (keys=40, expected=200000)
[  249.168791][  T972] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  249.340491][  T972] usb 5-1: Using ep0 maxpacket: 32
[  249.567183][  T972] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[  249.616345][  T972] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  249.630419][ T5910] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  249.639643][  T972] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  249.652626][ T9137] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=9137 comm=syz.3.851
[  249.680488][  T972] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81
[  249.700633][  T972] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18
[  249.736718][  T972] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  249.780399][   T30] audit: type=1400 audit(1743755351.355:529): avc:  denied  { read write } for  pid=9148 comm="syz.2.854" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  249.805693][  T972] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  249.822349][ T5910] usb 6-1: Using ep0 maxpacket: 16
[  249.854502][  T972] usb 5-1: config 0 descriptor??
[  249.889988][   T30] audit: type=1400 audit(1743755351.355:530): avc:  denied  { open } for  pid=9148 comm="syz.2.854" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  250.299405][   T92] usb 5-1: USB disconnect, device number 16
[  250.320488][ T5835] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  250.334037][ T5828] Bluetooth: hci4: ACL packet for unknown connection handle 1481
[  250.361955][ T9136] wg1 speed is unknown, defaulting to 1000
[  250.484345][ T5835] usb 3-1: Using ep0 maxpacket: 8
[  250.492370][ T5835] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 7
[  250.510043][ T9128] SET target dimension over the limit!
[  250.512369][ T5835] usb 3-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[  250.530364][ T5835] usb 3-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[  250.542022][   T30] audit: type=1400 audit(1743755352.185:531): avc:  denied  { read write } for  pid=9125 comm="syz.4.848" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  250.584108][ T5835] usb 3-1: Product: syz
[  250.590701][ T5835] usb 3-1: Manufacturer: syz
[  250.600662][ T5835] usb 3-1: SerialNumber: syz
[  250.615628][   T30] audit: type=1400 audit(1743755352.185:532): avc:  denied  { open } for  pid=9125 comm="syz.4.848" path="/dev/autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  250.663538][   T30] audit: type=1400 audit(1743755352.265:533): avc:  denied  { write } for  pid=9164 comm="syz.1.860" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  250.866522][ T5835] usb 3-1: palm_os_3_probe - error -71 getting connection information
[  250.883895][ T5835] visor 3-1:1.0: probe with driver visor failed with error -71
[  250.916298][ T5910] usb 6-1: device descriptor read/all, error -71
[  250.925577][ T5835] usb 3-1: USB disconnect, device number 26
[  251.452495][ T9185] netlink: 212 bytes leftover after parsing attributes in process `syz.4.866'.
[  251.467957][ T9187] netlink: 'syz.2.867': attribute type 13 has an invalid length.
[  251.835546][ T9192] netlink: 12 bytes leftover after parsing attributes in process `syz.3.868'.
[  252.515306][ T9211] tipc: Can't bind to reserved service type 1
[  252.517109][   T30] audit: type=1400 audit(1743755354.165:534): avc:  denied  { bind } for  pid=9209 comm="syz.5.873" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  253.693613][ T9225] syz_tun: entered allmulticast mode
[  253.731401][ T9224] syz_tun: left allmulticast mode
[  253.840989][ T9206] wg1 speed is unknown, defaulting to 1000
[  254.001643][ T5874] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  254.160394][ T5874] usb 4-1: Using ep0 maxpacket: 32
[  254.177210][ T5874] usb 4-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  254.188252][ T5874] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  254.234086][ T5874] usb 4-1: config 0 descriptor??
[  254.263430][ T5874] gspca_main: sunplus-2.14.0 probing 041e:400b
[  254.507247][ T9239] FAULT_INJECTION: forcing a failure.
[  254.507247][ T9239] name failslab, interval 1, probability 0, space 0, times 0
[  254.520032][ T9239] CPU: 1 UID: 0 PID: 9239 Comm: syz.3.879 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) 
[  254.520053][ T9239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  254.520063][ T9239] Call Trace:
[  254.520069][ T9239]  <TASK>
[  254.520075][ T9239]  dump_stack_lvl+0x16c/0x1f0
[  254.520103][ T9239]  should_fail_ex+0x512/0x640
[  254.520120][ T9239]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  254.520139][ T9239]  should_failslab+0xc2/0x120
[  254.520157][ T9239]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  254.520174][ T9239]  ? rcu_is_watching+0x12/0xc0
[  254.520193][ T9239]  ? alloc_empty_file+0x55/0x1e0
[  254.520216][ T9239]  alloc_empty_file+0x55/0x1e0
[  254.520235][ T9239]  path_openat+0xe0/0x2d40
[  254.520250][ T9239]  ? __schedule+0x1186/0x5de0
[  254.520266][ T9239]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.520290][ T9239]  ? __pfx_path_openat+0x10/0x10
[  254.520312][ T9239]  do_filp_open+0x20b/0x470
[  254.520328][ T9239]  ? __pfx_do_filp_open+0x10/0x10
[  254.520359][ T9239]  ? alloc_fd+0x471/0x7d0
[  254.520382][ T9239]  do_sys_openat2+0x11b/0x1d0
[  254.520402][ T9239]  ? __pfx_do_sys_openat2+0x10/0x10
[  254.520423][ T9239]  ? __fget_files+0x20e/0x3c0
[  254.520437][ T9239]  ? file_seek_cur_needs_f_lock+0x170/0x190
[  254.520460][ T9239]  __x64_sys_openat+0x174/0x210
[  254.520486][ T9239]  ? __pfx___x64_sys_openat+0x10/0x10
[  254.520505][ T9239]  ? ksys_write+0x1b9/0x240
[  254.520529][ T9239]  do_syscall_64+0xcd/0x260
[  254.520551][ T9239]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.520567][ T9239] RIP: 0033:0x7f7aac58d169
[  254.520581][ T9239] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  254.520596][ T9239] RSP: 002b:00007f7aad42a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  254.520611][ T9239] RAX: ffffffffffffffda RBX: 00007f7aac7a6080 RCX: 00007f7aac58d169
[  254.520622][ T9239] RDX: 0000000000000001 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  254.520632][ T9239] RBP: 00007f7aad42a090 R08: 0000000000000000 R09: 0000000000000000
[  254.520641][ T9239] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  254.520650][ T9239] R13: 0000000000000000 R14: 00007f7aac7a6080 R15: 00007ffc7d007c18
[  254.520671][ T9239]  </TASK>
[  254.781007][ T5874] gspca_sunplus: reg_w_riv err -110
[  254.786756][ T5874] sunplus 4-1:0.0: probe with driver sunplus failed with error -110
[  255.064053][ T5910] usb 4-1: USB disconnect, device number 27
[  255.206211][ T9247] netlink: 'syz.4.885': attribute type 4 has an invalid length.
[  255.217997][ T9247] netlink: 12 bytes leftover after parsing attributes in process `syz.4.885'.
[  255.229634][ T9247] FAULT_INJECTION: forcing a failure.
[  255.229634][ T9247] name failslab, interval 1, probability 0, space 0, times 0
[  255.248796][ T9247] CPU: 1 UID: 0 PID: 9247 Comm: syz.4.885 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) 
[  255.248819][ T9247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  255.248829][ T9247] Call Trace:
[  255.248835][ T9247]  <TASK>
[  255.248842][ T9247]  dump_stack_lvl+0x16c/0x1f0
[  255.248865][ T9247]  should_fail_ex+0x512/0x640
[  255.248880][ T9247]  ? __kmalloc_noprof+0xbf/0x510
[  255.248898][ T9247]  ? nf_tables_newrule+0xbfd/0x28e0
[  255.248922][ T9247]  should_failslab+0xc2/0x120
[  255.248939][ T9247]  __kmalloc_noprof+0xd2/0x510
[  255.248953][ T9247]  ? nf_tables_newrule+0x8b0/0x28e0
[  255.248981][ T9247]  nf_tables_newrule+0xbfd/0x28e0
[  255.249013][ T9247]  ? __pfx_nf_tables_newrule+0x10/0x10
[  255.249044][ T9247]  ? __nla_parse+0x40/0x60
[  255.249069][ T9247]  nfnetlink_rcv_batch+0x1908/0x2350
[  255.249102][ T9247]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[  255.249125][ T9247]  ? find_held_lock+0x2b/0x80
[  255.249169][ T9247]  ? avc_has_perm_noaudit+0x149/0x3b0
[  255.249209][ T9247]  ? __nla_parse+0x40/0x60
[  255.249232][ T9247]  nfnetlink_rcv+0x3c1/0x430
[  255.249251][ T9247]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  255.249277][ T9247]  netlink_unicast+0x53a/0x7f0
[  255.249300][ T9247]  ? __pfx_netlink_unicast+0x10/0x10
[  255.249324][ T9247]  netlink_sendmsg+0x8d1/0xdd0
[  255.249346][ T9247]  ? __pfx_netlink_sendmsg+0x10/0x10
[  255.249373][ T9247]  ____sys_sendmsg+0xa95/0xc70
[  255.249394][ T9247]  ? copy_msghdr_from_user+0x10a/0x160
[  255.249412][ T9247]  ? __pfx_____sys_sendmsg+0x10/0x10
[  255.249443][ T9247]  ___sys_sendmsg+0x134/0x1d0
[  255.249462][ T9247]  ? __pfx____sys_sendmsg+0x10/0x10
[  255.249510][ T9247]  __sys_sendmsg+0x16d/0x220
[  255.249528][ T9247]  ? __pfx___sys_sendmsg+0x10/0x10
[  255.249551][ T9247]  ? rcu_is_watching+0x12/0xc0
[  255.249577][ T9247]  do_syscall_64+0xcd/0x260
[  255.249597][ T9247]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  255.249614][ T9247] RIP: 0033:0x7fc01958d169
[  255.249628][ T9247] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  255.249644][ T9247] RSP: 002b:00007fc01a453038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  255.249659][ T9247] RAX: ffffffffffffffda RBX: 00007fc0197a5fa0 RCX: 00007fc01958d169
[  255.249669][ T9247] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  255.249679][ T9247] RBP: 00007fc01a453090 R08: 0000000000000000 R09: 0000000000000000
[  255.249688][ T9247] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  255.249697][ T9247] R13: 0000000000000000 R14: 00007fc0197a5fa0 R15: 00007ffee3efd268
[  255.249717][ T9247]  </TASK>
[  255.510874][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  255.517260][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  255.671863][  T972] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  255.809836][   T30] audit: type=1400 audit(1743755357.455:535): avc:  denied  { read } for  pid=9256 comm="syz.3.889" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1
[  255.839201][  T972] usb 3-1: Using ep0 maxpacket: 32
[  255.847831][ T9260] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  255.858063][   T30] audit: type=1400 audit(1743755357.455:536): avc:  denied  { open } for  pid=9256 comm="syz.3.889" path="/199/file0" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1
[  255.868596][  T972] usb 3-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  255.910471][  T972] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  255.949658][  T972] usb 3-1: config 0 descriptor??
[  255.970171][  T972] gspca_main: sunplus-2.14.0 probing 041e:400b
[  256.490504][  T972] gspca_sunplus: reg_w_riv err -110
[  256.499689][  T972] sunplus 3-1:0.0: probe with driver sunplus failed with error -110
[  256.504723][ T9267] wg1 speed is unknown, defaulting to 1000
[  256.527765][  T972] usb 3-1: USB disconnect, device number 27
[  256.941111][ T5835] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  257.027828][ T9284] FAULT_INJECTION: forcing a failure.
[  257.027828][ T9284] name failslab, interval 1, probability 0, space 0, times 0
[  257.040699][ T9284] CPU: 0 UID: 0 PID: 9284 Comm: syz.5.897 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) 
[  257.040722][ T9284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  257.040733][ T9284] Call Trace:
[  257.040738][ T9284]  <TASK>
[  257.040745][ T9284]  dump_stack_lvl+0x16c/0x1f0
[  257.040770][ T9284]  should_fail_ex+0x512/0x640
[  257.040791][ T9284]  should_failslab+0xc2/0x120
[  257.040810][ T9284]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  257.040829][ T9284]  ? skb_clone+0x190/0x3f0
[  257.040850][ T9284]  skb_clone+0x190/0x3f0
[  257.040870][ T9284]  netlink_deliver_tap+0xabd/0xd30
[  257.040894][ T9284]  netlink_dump+0x638/0xd00
[  257.040917][ T9284]  ? __pfx_netlink_dump+0x10/0x10
[  257.040934][ T9284]  ? __rhashtable_lookup.constprop.0+0x3a5/0x760
[  257.040952][ T9284]  ? __netlink_dump_start+0x150/0x990
[  257.040980][ T9284]  ? netlink_lookup+0x258/0x520
[  257.040998][ T9284]  ? __pfx_netlink_lookup+0x10/0x10
[  257.041023][ T9284]  __netlink_dump_start+0x6d6/0x990
[  257.041044][ T9284]  ? __pfx_inet6_netconf_dump_devconf+0x10/0x10
[  257.041061][ T9284]  rtnetlink_rcv_msg+0xb3e/0xe90
[  257.041080][ T9284]  ? __pfx_inet6_netconf_dump_devconf+0x10/0x10
[  257.041098][ T9284]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  257.041117][ T9284]  ? __pfx_inet6_netconf_dump_devconf+0x10/0x10
[  257.041135][ T9284]  ? __lock_acquire+0xaa4/0x1ba0
[  257.041157][ T9284]  netlink_rcv_skb+0x16a/0x440
[  257.041177][ T9284]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  257.041198][ T9284]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  257.041217][ T9284]  ? find_held_lock+0x2b/0x80
[  257.041257][ T9284]  netlink_unicast+0x53a/0x7f0
[  257.041280][ T9284]  ? __pfx_netlink_unicast+0x10/0x10
[  257.041307][ T9284]  netlink_sendmsg+0x8d1/0xdd0
[  257.041331][ T9284]  ? __pfx_netlink_sendmsg+0x10/0x10
[  257.041360][ T9284]  sock_write_iter+0x4fc/0x5b0
[  257.041384][ T9284]  ? __pfx_sock_write_iter+0x10/0x10
[  257.041420][ T9284]  ? bpf_lsm_file_permission+0x9/0x10
[  257.041443][ T9284]  ? security_file_permission+0x71/0x210
[  257.041468][ T9284]  ? rw_verify_area+0xcf/0x680
[  257.041492][ T9284]  vfs_write+0x5ba/0x1180
[  257.041507][ T9284]  ? __pfx_sock_write_iter+0x10/0x10
[  257.041532][ T9284]  ? __pfx_vfs_write+0x10/0x10
[  257.041544][ T9284]  ? find_held_lock+0x2b/0x80
[  257.041579][ T9284]  ksys_write+0x205/0x240
[  257.041594][ T9284]  ? __pfx_ksys_write+0x10/0x10
[  257.041615][ T9284]  do_syscall_64+0xcd/0x260
[  257.041638][ T9284]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  257.041653][ T9284] RIP: 0033:0x7fce9db8d169
[  257.041667][ T9284] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  257.041681][ T9284] RSP: 002b:00007fce9ea59038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  257.041696][ T9284] RAX: ffffffffffffffda RBX: 00007fce9dda6160 RCX: 00007fce9db8d169
[  257.041706][ T9284] RDX: 0000000000000014 RSI: 0000200000000040 RDI: 0000000000000005
[  257.041716][ T9284] RBP: 00007fce9ea59090 R08: 0000000000000000 R09: 0000000000000000
[  257.041725][ T9284] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  257.041734][ T9284] R13: 0000000000000000 R14: 00007fce9dda6160 R15: 00007fffbdf79128
[  257.041755][ T9284]  </TASK>
[  257.402507][ T5835] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  257.439606][ T5835] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  257.449419][ T5835] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  257.463836][ T5835] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  257.475188][ T5835] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  257.491803][ T5835] usb 4-1: config 0 descriptor??
[  257.650697][ T9296] SELinux:  Context system_u:object_r:crond_var_run_t:s0 is not valid (left unmapped).
[  257.722548][   T30] audit: type=1400 audit(1743755359.375:537): avc:  denied  { relabelto } for  pid=9291 comm="syz.2.901" name="160" dev="tmpfs" ino=869 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:crond_var_run_t:s0"
[  257.781143][   T30] audit: type=1400 audit(1743755359.375:538): avc:  denied  { associate } for  pid=9291 comm="syz.2.901" name="160" dev="tmpfs" ino=869 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 srawcon="system_u:object_r:crond_var_run_t:s0"
[  258.078201][ T5835] plantronics 0003:047F:FFFF.000A: No inputs registered, leaving
[  258.092994][ T5835] plantronics 0003:047F:FFFF.000A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  258.131568][   T63] Bluetooth: hci2: Frame reassembly failed (-84)
[  258.325939][   T30] audit: type=1326 audit(1743755359.975:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9306 comm="syz.1.906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f321278d169 code=0x7ffc0000
[  258.377153][   T30] audit: type=1326 audit(1743755359.975:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9306 comm="syz.1.906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f321278d169 code=0x7ffc0000
[  258.401107][   T30] audit: type=1326 audit(1743755360.005:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9306 comm="syz.1.906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=133 compat=0 ip=0x7f321278d169 code=0x7ffc0000
[  258.428292][   T30] audit: type=1326 audit(1743755360.005:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9306 comm="syz.1.906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f321278d169 code=0x7ffc0000
[  258.478164][ T9310] ucma_write: process 631 (syz.3.894) changed security contexts after opening file descriptor, this is not allowed.
[  258.487655][   T30] audit: type=1326 audit(1743755360.005:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9306 comm="syz.1.906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f321278d169 code=0x7ffc0000
[  258.514432][   T30] audit: type=1326 audit(1743755360.015:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9306 comm="syz.1.906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=163 compat=0 ip=0x7f321278d169 code=0x7ffc0000
[  258.552352][   T30] audit: type=1326 audit(1743755360.115:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9306 comm="syz.1.906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f3212784127 code=0x7ffc0000
[  258.617460][   T30] audit: type=1326 audit(1743755360.115:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9306 comm="syz.1.906" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f3212729359 code=0x7ffc0000
[  258.678885][ T9315] netlink: 4 bytes leftover after parsing attributes in process `syz.5.907'.
[  258.687782][ T9315] netlink: 4 bytes leftover after parsing attributes in process `syz.5.907'.
[  258.696799][ T9315] netlink: 4 bytes leftover after parsing attributes in process `syz.5.907'.
[  258.706975][ T9315] netlink: 49 bytes leftover after parsing attributes in process `syz.5.907'.
[  259.795585][ T9330] wg1 speed is unknown, defaulting to 1000
[  259.802077][ T9336] SELinux:  Context system_u:object_r:setfiles_exec_t:s0 is not valid (left unmapped).
[  260.140418][ T5828] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  260.160726][  T972] usb 4-1: USB disconnect, device number 28
[  260.255090][ T9353] netlink: 28 bytes leftover after parsing attributes in process `syz.3.917'.
[  261.153174][   T92] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  261.209623][ T9363] can: request_module (can-proto-0) failed.
[  261.380486][   T92] usb 5-1: Using ep0 maxpacket: 32
[  262.442656][   T92] usb 5-1: config 4 has an invalid interface number: 8 but max is 0
[  262.453814][   T92] usb 5-1: config 4 has no interface number 0
[  262.459924][   T92] usb 5-1: config 4 interface 8 altsetting 1 endpoint 0x8A has invalid wMaxPacketSize 0
[  262.469768][   T92] usb 5-1: config 4 interface 8 altsetting 1 bulk endpoint 0x8A has invalid maxpacket 0
[  262.804071][   T30] kauditd_printk_skb: 21 callbacks suppressed
[  262.804081][   T30] audit: type=1400 audit(1743755364.455:568): avc:  denied  { unmount } for  pid=5831 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  262.844355][   T92] usb 5-1: config 4 interface 8 has no altsetting 0
[  262.863681][   T92] usb 5-1: New USB device found, idVendor=065a, idProduct=0009, bcdDevice=60.65
[  262.874606][   T92] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  262.893871][   T92] usb 5-1: Product: syz
[  262.908260][   T92] usb 5-1: Manufacturer: syz
[  262.921455][   T92] usb 5-1: SerialNumber: syz
[  263.153091][   T92] opticon 5-1:4.8: opticon converter detected
[  263.183824][   T92] usb 5-1: opticon converter now attached to ttyUSB0
[  263.219338][   T92] usb 5-1: USB disconnect, device number 17
[  263.264519][   T92] opticon ttyUSB0: opticon converter now disconnected from ttyUSB0
[  263.290916][   T92] opticon 5-1:4.8: device disconnected
[  263.967786][   T92] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  264.045196][ T9404] mac80211_hwsim hwsim10 
3
@0ÿ: renamed from wlan0
[  264.065563][ T9404] FAULT_INJECTION: forcing a failure.
[  264.065563][ T9404] name failslab, interval 1, probability 0, space 0, times 0
[  264.093133][ T9404] CPU: 0 UID: 0 PID: 9404 Comm: syz.4.934 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) 
[  264.093158][ T9404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  264.093164][ T9404] Call Trace:
[  264.093167][ T9404]  <TASK>
[  264.093171][ T9404]  dump_stack_lvl+0x16c/0x1f0
[  264.093187][ T9404]  should_fail_ex+0x512/0x640
[  264.093197][ T9404]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  264.093214][ T9404]  should_failslab+0xc2/0x120
[  264.093226][ T9404]  __kmalloc_cache_noprof+0x6a/0x3e0
[  264.093241][ T9404]  ? kobject_uevent_env+0x265/0x1870
[  264.093257][ T9404]  kobject_uevent_env+0x265/0x1870
[  264.093271][ T9404]  ? __pfx_dev_uevent_name+0x10/0x10
[  264.093288][ T9404]  ? kernfs_put+0x35/0x60
[  264.093302][ T9404]  kobject_rename+0x209/0x260
[  264.093316][ T9404]  ? __pfx_kobject_rename+0x10/0x10
[  264.093329][ T9404]  ? kernfs_put+0x35/0x60
[  264.093342][ T9404]  device_rename+0x130/0x230
[  264.093353][ T9404]  netif_change_name+0x27c/0x920
[  264.093368][ T9404]  ? __pfx_netif_change_name+0x10/0x10
[  264.093378][ T9404]  ? __mutex_trylock_common+0xe9/0x250
[  264.093390][ T9404]  ? __pfx___mutex_trylock_common+0x10/0x10
[  264.093399][ T9404]  ? full_name_hash+0xbc/0x110
[  264.093413][ T9404]  dev_change_name+0xb2/0x260
[  264.093426][ T9404]  dev_ifsioc+0xa42/0x1f70
[  264.093438][ T9404]  ? __pfx_dev_ifsioc+0x10/0x10
[  264.093448][ T9404]  ? __pfx___mutex_lock+0x10/0x10
[  264.093463][ T9404]  ? cap_capable+0xb3/0x250
[  264.093476][ T9404]  ? bpf_lsm_capable+0x9/0x10
[  264.093489][ T9404]  dev_ioctl+0x46f/0x10e0
[  264.093499][ T9404]  sock_do_ioctl+0x19d/0x280
[  264.093513][ T9404]  ? __pfx_sock_do_ioctl+0x10/0x10
[  264.093529][ T9404]  ? ioctl_has_perm.constprop.0.isra.0+0x2f4/0x450
[  264.093545][ T9404]  ? ioctl_has_perm.constprop.0.isra.0+0x2fe/0x450
[  264.093560][ T9404]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  264.093577][ T9404]  sock_ioctl+0x227/0x6b0
[  264.093591][ T9404]  ? __pfx_sock_ioctl+0x10/0x10
[  264.093604][ T9404]  ? hook_file_ioctl_common+0x145/0x410
[  264.093618][ T9404]  ? selinux_file_ioctl+0x180/0x270
[  264.093631][ T9404]  ? selinux_file_ioctl+0xb4/0x270
[  264.093646][ T9404]  ? __pfx_sock_ioctl+0x10/0x10
[  264.093660][ T9404]  __x64_sys_ioctl+0x190/0x200
[  264.093676][ T9404]  do_syscall_64+0xcd/0x260
[  264.093689][ T9404]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.093699][ T9404] RIP: 0033:0x7fc01958d169
[  264.093708][ T9404] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  264.093717][ T9404] RSP: 002b:00007fc01a453038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  264.093727][ T9404] RAX: ffffffffffffffda RBX: 00007fc0197a5fa0 RCX: 00007fc01958d169
[  264.093733][ T9404] RDX: 00002000000000c0 RSI: 0000000000008923 RDI: 0000000000000004
[  264.093739][ T9404] RBP: 00007fc01a453090 R08: 0000000000000000 R09: 0000000000000000
[  264.093744][ T9404] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  264.093749][ T9404] R13: 0000000000000000 R14: 00007fc0197a5fa0 R15: 00007ffee3efd268
[  264.093761][ T9404]  </TASK>
[  264.530764][   T24] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  264.672488][   T92] usb 4-1: Using ep0 maxpacket: 8
[  264.681113][   T92] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  264.691943][   T92] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  264.702822][   T92] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  264.715840][   T92] usb 4-1: New USB device found, idVendor=10c4, idProduct=8acf, bcdDevice= 0.00
[  264.724936][   T92] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  264.750022][   T92] usb 4-1: config 0 descriptor??
[  264.832104][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  264.902088][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  264.926369][   T24] usb 3-1: New USB device found, idVendor=046d, idProduct=c343, bcdDevice= 0.00
[  264.938621][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  264.988066][   T24] usb 3-1: config 0 descriptor??
[  265.308031][   T92] hid-u2fzero 0003:10C4:8ACF.000B: unknown main item tag 0x0
[  265.357142][   T30] audit: type=1400 audit(1743755367.005:569): avc:  denied  { bind } for  pid=9413 comm="syz.4.938" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  265.666322][   T24] logitech-hidpp-device 0003:046D:C343.000C: item 0 1 0 9 parsing failed
[  265.799417][   T24] logitech-hidpp-device 0003:046D:C343.000C: hidpp_probe:parse failed
[  265.965949][   T92] hid-u2fzero 0003:10C4:8ACF.000B: unknown main item tag 0x0
[  265.974081][   T92] hid-u2fzero 0003:10C4:8ACF.000B: unknown main item tag 0x0
[  265.981529][   T92] hid-u2fzero 0003:10C4:8ACF.000B: unknown main item tag 0x0
[  265.984872][   T24] logitech-hidpp-device 0003:046D:C343.000C: probe with driver logitech-hidpp-device failed with error -22
[  265.989001][   T92] hid-u2fzero 0003:10C4:8ACF.000B: unknown main item tag 0x0
[  266.023211][   T92] hid-u2fzero 0003:10C4:8ACF.000B: hidraw0: USB HID v0.00 Device [HID 10c4:8acf] on usb-dummy_hcd.3-1/input0
[  266.037376][   T92] hid-u2fzero 0003:10C4:8ACF.000B: U2F Zero LED initialised
[  266.044850][   T92] hid-u2fzero 0003:10C4:8ACF.000B: U2F Zero RNG initialised
[  266.057147][   T92] usb 4-1: USB disconnect, device number 29
[  266.078945][   T24] usb 3-1: USB disconnect, device number 28
[  266.507894][ T9436] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  266.623424][ T9443] fuse: Bad value for 'group_id'
[  266.628469][ T9443] fuse: Bad value for 'group_id'
[  266.637035][   T30] audit: type=1400 audit(1743755368.285:570): avc:  denied  { setattr } for  pid=9442 comm="syz.2.944" path="/dev/dlm-control" dev="devtmpfs" ino=94 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  266.729330][   T30] audit: type=1400 audit(1743755368.375:571): avc:  denied  { read } for  pid=9442 comm="syz.2.944" name="file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  266.770792][   T30] audit: type=1400 audit(1743755368.375:572): avc:  denied  { open } for  pid=9442 comm="syz.2.944" path="/167/file0/file0" dev="fuse" ino=0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  267.476482][ T9448] can: request_module (can-proto-5) failed.
[  267.596918][   T30] audit: type=1400 audit(1743755369.245:573): avc:  denied  { append } for  pid=9452 comm="syz.3.946" name="sg0" dev="devtmpfs" ino=725 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  268.087505][   T30] audit: type=1400 audit(1743755369.715:574): avc:  denied  { setattr } for  pid=9459 comm="syz.2.949" name="video37" dev="devtmpfs" ino=1050 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  268.310470][   T24] usb 6-1: new full-speed USB device number 22 using dummy_hcd
[  268.660432][   T24] usb 6-1: config 0 has an invalid descriptor of length 1, skipping remainder of the config
[  268.678316][   T24] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  268.700863][   T24] usb 6-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  268.710024][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  268.730077][ T9476] netlink: 16 bytes leftover after parsing attributes in process `syz.3.955'.
[  268.730248][   T24] usb 6-1: config 0 descriptor??
[  268.752663][ T9476] netlink: 16 bytes leftover after parsing attributes in process `syz.3.955'.
[  268.769731][   T24] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[  268.824946][ T9468] wg1 speed is unknown, defaulting to 1000
[  268.914451][   T30] audit: type=1400 audit(1743755370.555:575): avc:  denied  { listen } for  pid=9480 comm="syz.3.958" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  268.988743][   T30] audit: type=1400 audit(1743755370.585:576): avc:  denied  { write } for  pid=9480 comm="syz.3.958" name="/" dev="9p" ino=17889801302421081418 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  269.081735][   T30] audit: type=1400 audit(1743755370.605:577): avc:  denied  { add_name } for  pid=9480 comm="syz.3.958" name="hugetlb.2MB.usage_in_bytes" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  269.151353][   T30] audit: type=1400 audit(1743755370.605:578): avc:  denied  { create } for  pid=9480 comm="syz.3.958" name="hugetlb.2MB.usage_in_bytes" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  269.219149][   T30] audit: type=1400 audit(1743755370.605:579): avc:  denied  { associate } for  pid=9480 comm="syz.3.958" name="hugetlb.2MB.usage_in_bytes" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  269.786444][ T9510] netlink: 28 bytes leftover after parsing attributes in process `syz.1.966'.
[  270.058617][ T9516] fuse: Unknown parameter '0xffffffffffffffff0000000000000000000000000000000000000000'
[  270.165252][   T30] audit: type=1400 audit(1743755371.805:580): avc:  denied  { bind } for  pid=9517 comm="syz.4.969" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  271.271133][  T972] usb 6-1: USB disconnect, device number 22
[  272.648116][ T9549] netlink: 8 bytes leftover after parsing attributes in process `syz.4.978'.
[  272.657444][ T9549] netlink: 12 bytes leftover after parsing attributes in process `syz.4.978'.
[  272.668609][ T9549] netlink: 'syz.4.978': attribute type 5 has an invalid length.
[  273.120011][ T9558] netlink: 44 bytes leftover after parsing attributes in process `syz.3.980'.
[  273.207508][ T9558] bridge0: port 2(bridge_slave_1) entered disabled state
[  273.215689][ T9558] bridge0: port 1(bridge_slave_0) entered disabled state
[  273.359553][ T9538] wg1 speed is unknown, defaulting to 1000
[  273.657998][ T9566] netlink: 4 bytes leftover after parsing attributes in process `syz.2.983'.
[  273.667078][ T9566] netlink: 4 bytes leftover after parsing attributes in process `syz.2.983'.
[  273.676020][ T9566] netlink: 4 bytes leftover after parsing attributes in process `syz.2.983'.
[  273.684904][ T9566] netlink: 49 bytes leftover after parsing attributes in process `syz.2.983'.
[  273.814911][   T30] audit: type=1400 audit(1743755375.465:581): avc:  denied  { read } for  pid=9570 comm="syz.1.985" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  273.835881][ T9571] openvswitch: netlink: Message has 736 unknown bytes.
[  273.981828][ T9581] netlink: 'syz.3.988': attribute type 1 has an invalid length.
[  274.117652][ T9581] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  274.189296][   T52] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  274.251583][ T9588] 8021q: adding VLAN 0 to HW filter on device bond1
[  274.412569][   T52] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  274.449620][ T9590] veth3: entered promiscuous mode
[  274.462535][ T9590] bond1: (slave veth3): Enslaving as a backup interface with a down link
[  274.536450][ T9588] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  274.940928][ T5874] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  275.280711][ T5874] usb 5-1: Using ep0 maxpacket: 8
[  275.303780][ T5874] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  275.325408][ T5874] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF9, changing to 0x89
[  275.341261][   T30] audit: type=1400 audit(1743755376.975:582): avc:  denied  { bind } for  pid=9608 comm="syz.5.995" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  275.384551][ T5874] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  275.406577][ T5874] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 59391, setting to 1024
[  275.437136][ T5874] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  275.475604][ T5874] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  275.501755][ T5874] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  275.504469][ T9617] bond0: left promiscuous mode
[  275.524989][ T9617] bond_slave_0: left promiscuous mode
[  275.533096][ T9617] bond_slave_1: left promiscuous mode
[  275.533662][ T5874] usb 5-1: New USB device found, idVendor=0bc7, idProduct=0008, bcdDevice=4f.c8
[  275.539598][ T9617] bond1: left promiscuous mode
[  275.551435][ T5874] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  275.556999][ T9617] bridge1: left promiscuous mode
[  275.567993][ T5874] usb 5-1: Product: syz
[  275.580784][ T5874] usb 5-1: Manufacturer: syz
[  275.586194][ T5874] usb 5-1: SerialNumber: syz
[  275.597400][ T5874] usb 5-1: config 0 descriptor??
[  275.616203][ T9597] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  275.630042][ T5874] ati_remote 5-1:0.0: Initializing ati_remote hardware failed.
[  275.640049][ T5874] ati_remote 5-1:0.0: probe with driver ati_remote failed with error -5
[  275.693764][ T9620] mmap: syz.5.999 (9620): VmData 37613568 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data.
[  275.707301][ T5828] Bluetooth: hci5: Malformed LE Event: 0x02
[  275.907596][ T9623] wg1 speed is unknown, defaulting to 1000
[  275.945158][ T9629] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  275.953961][ T9629] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  275.971582][ T9597] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  275.983613][ T9597] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  276.106524][ T5874] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[  276.200977][ T9597] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  276.341345][ T9597] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  276.445181][ T5874] usb 6-1: config 0 has an invalid interface number: 255 but max is 0
[  276.470216][ T5874] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  276.485709][ T5874] usb 6-1: config 0 has no interface number 0
[  276.522890][ T5874] usb 6-1: config 0 interface 255 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  276.867787][ T5874] usb 6-1: New USB device found, idVendor=10cf, idProduct=8065, bcdDevice=91.79
[  276.890348][ T5874] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  276.985830][ T5874] usb 6-1: Product: syz
[  276.991262][ T5874] usb 6-1: Manufacturer: syz
[  276.995862][ T5874] usb 6-1: SerialNumber: syz
[  277.007812][ T5874] usb 6-1: config 0 descriptor??
[  277.025439][ T5874] vmk80xx 6-1:0.255: driver 'vmk80xx' failed to auto-configure device.
[  277.324071][ T5828] Bluetooth: hci5: unexpected Set CIG Parameters response data
[  277.371708][ T5835] usb 5-1: USB disconnect, device number 18
[  277.758644][   T24] usb 6-1: USB disconnect, device number 23
[  278.588759][ T9675] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9675 comm=syz.1.1015
[  279.495868][ T9666] wg1 speed is unknown, defaulting to 1000
[  279.700570][   T24] usb 6-1: new high-speed USB device number 24 using dummy_hcd
[  279.882134][   T24] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  279.903332][   T24] usb 6-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  279.912521][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  279.931102][   T24] usb 6-1: config 0 descriptor??
[  279.939563][   T24] pwc: Askey VC010 type 2 USB webcam detected.
[  280.085787][ T9701] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1022'.
[  280.140846][   T24] pwc: recv_control_msg error -32 req 02 val 2b00
[  280.157175][   T24] pwc: recv_control_msg error -71 req 02 val 2700
[  280.175821][   T24] pwc: recv_control_msg error -71 req 02 val 2c00
[  280.193957][   T24] pwc: recv_control_msg error -71 req 04 val 1000
[  280.247468][   T24] pwc: recv_control_msg error -71 req 04 val 1300
[  280.309107][   T24] pwc: recv_control_msg error -71 req 04 val 1400
[  280.362424][   T24] pwc: recv_control_msg error -71 req 02 val 2000
[  280.365449][ T5910] usb 5-1: new full-speed USB device number 19 using dummy_hcd
[  280.487059][   T24] pwc: recv_control_msg error -71 req 02 val 2100
[  280.495610][   T24] pwc: recv_control_msg error -71 req 04 val 1500
[  280.504413][   T24] pwc: recv_control_msg error -71 req 02 val 2500
[  280.520696][   T24] pwc: recv_control_msg error -71 req 02 val 2400
[  280.529876][   T24] pwc: recv_control_msg error -71 req 02 val 2600
[  280.994111][ T5910] usb 5-1: config 5 has an invalid interface number: 123 but max is 0
[  281.033597][   T24] pwc: recv_control_msg error -71 req 02 val 2900
[  281.044499][ T5910] usb 5-1: config 5 has no interface number 0
[  281.076465][   T24] pwc: recv_control_msg error -71 req 02 val 2800
[  281.077161][ T5910] usb 5-1: config 5 interface 123 altsetting 7 has an endpoint descriptor with address 0xEB, changing to 0x8B
[  281.150383][ T5910] usb 5-1: config 5 interface 123 altsetting 7 endpoint 0x4 has invalid wMaxPacketSize 0
[  281.184264][   T24] pwc: recv_control_msg error -71 req 04 val 1100
[  281.189304][ T5910] usb 5-1: config 5 interface 123 has no altsetting 0
[  281.268334][   T24] pwc: recv_control_msg error -71 req 04 val 1200
[  281.269888][ T5910] usb 5-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=d8.d7
[  281.284585][ T5910] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  281.293896][   T24] pwc: Registered as video103.
[  281.320366][ T5910] usb 5-1: Product: syz
[  281.324600][ T5910] usb 5-1: Manufacturer: syz
[  281.356170][ T5910] usb 5-1: SerialNumber: syz
[  281.357451][   T24] input: PWC snapshot button as /devices/platform/dummy_hcd.5/usb6/6-1/input/input18
[  281.414425][ T5828] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[  281.424048][ T5828] Bluetooth: hci5: Injecting HCI hardware error event
[  281.428772][   T24] usb 6-1: USB disconnect, device number 24
[  281.432648][ T5828] Bluetooth: hci5: hardware error 0x00
[  281.480271][ T9731] netlink: 'syz.2.1033': attribute type 5 has an invalid length.
[  281.670055][ T5910] ni6501 5-1:5.123: driver 'ni6501' failed to auto-configure device.
[  281.702287][ T5910] usb 5-1: USB disconnect, device number 19
[  281.766571][ T9741] RDS: rds_bind could not find a transport for ::ffff:172.30.1.2, load rds_tcp or rds_rdma?
[  281.988582][ T9727] wg1 speed is unknown, defaulting to 1000
[  282.324034][ T9736] wg1 speed is unknown, defaulting to 1000
[  282.658869][ T9764] netlink: 84 bytes leftover after parsing attributes in process `syz.5.1044'.
[  283.516428][ T9767] wg1 speed is unknown, defaulting to 1000
[  283.650372][ T5828] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[  283.695248][ T9777] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1048'.
[  283.704340][ T9777] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1048'.
[  283.918573][ T9781] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  284.011947][ T9781] BUG: sleeping function called from invalid context at ./include/linux/sched/mm.h:321
[  284.021847][ T9781] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 9781, name: syz.5.1049
[  284.030980][ T9781] preempt_count: 0, expected: 0
[  284.036620][ T9781] RCU nest depth: 1, expected: 0
[  284.041652][ T9781] 4 locks held by syz.5.1049/9781:
[  284.046768][ T9781]  #0: ffff88807851ab78 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2a2/0x370
[  284.057156][ T9781]  #1: ffff888061b15de8 (&ovl_i_mutex_dir_key[depth]){++++}-{4:4}, at: wrap_directory_iterator+0x54/0xe0
[  284.068557][ T9781]  #2: ffff88804a260148 (&type->i_mutex_dir_key#10){.+.+}-{4:4}, at: iterate_dir+0x18b/0xb40
[  284.078957][ T9781]  #3: ffffffff8e3c1580 (rcu_read_lock){....}-{1:3}, at: afs_dynroot_readdir+0x619/0xf50
[  284.088980][ T9781] CPU: 0 UID: 0 PID: 9781 Comm: syz.5.1049 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(full) 
[  284.089000][ T9781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  284.089008][ T9781] Call Trace:
[  284.089013][ T9781]  <TASK>
[  284.089017][ T9781]  dump_stack_lvl+0x16c/0x1f0
[  284.089032][ T9781]  __might_resched+0x3c0/0x5e0
[  284.089046][ T9781]  ? find_held_lock+0x2b/0x80
[  284.089058][ T9781]  ? __pfx___might_resched+0x10/0x10
[  284.089074][ T9781]  ? ovl_cache_entry_new+0x3d/0x730
[  284.089089][ T9781]  __kmalloc_noprof+0x386/0x510
[  284.089104][ T9781]  ovl_cache_entry_new+0x3d/0x730
[  284.089119][ T9781]  ovl_fill_merge+0x2c1/0xa90
[  284.089134][ T9781]  afs_dynroot_readdir+0x9bb/0xf50
[  284.089147][ T9781]  ? __pfx_ovl_fill_merge+0x10/0x10
[  284.089162][ T9781]  ? __pfx_afs_dynroot_readdir+0x10/0x10
[  284.089175][ T9781]  ? selinux_file_permission+0x11f/0x580
[  284.089193][ T9781]  iterate_dir+0x293/0xb40
[  284.089210][ T9781]  ovl_dir_read_merged+0x3ef/0x5d0
[  284.089223][ T9781]  ? __pfx_ovl_dir_read_merged+0x10/0x10
[  284.089238][ T9781]  ? __pfx_ovl_fill_merge+0x10/0x10
[  284.089256][ T9781]  ? kasan_save_track+0x14/0x30
[  284.089267][ T9781]  ovl_iterate+0x86c/0xe40
[  284.089281][ T9781]  ? __pfx_down_read_killable+0x10/0x10
[  284.089297][ T9781]  ? __pfx_ovl_iterate+0x10/0x10
[  284.089309][ T9781]  wrap_directory_iterator+0x9f/0xe0
[  284.089324][ T9781]  iterate_dir+0x293/0xb40
[  284.089340][ T9781]  __x64_sys_getdents+0x14d/0x2c0
[  284.089354][ T9781]  ? __x64_sys_futex+0x1e9/0x4c0
[  284.089369][ T9781]  ? __pfx___x64_sys_getdents+0x10/0x10
[  284.089383][ T9781]  ? xfd_validate_state+0x5d/0x180
[  284.089393][ T9781]  ? __pfx_filldir+0x10/0x10
[  284.089407][ T9781]  ? rcu_is_watching+0x12/0xc0
[  284.089423][ T9781]  do_syscall_64+0xcd/0x260
[  284.089437][ T9781]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  284.089447][ T9781] RIP: 0033:0x7fce9db8d169
[  284.089456][ T9781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  284.089465][ T9781] RSP: 002b:00007fce9ea7a038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e
[  284.089474][ T9781] RAX: ffffffffffffffda RBX: 00007fce9dda6080 RCX: 00007fce9db8d169
[  284.089480][ T9781] RDX: 0000000000000058 RSI: 0000000000000000 RDI: 0000000000000008
[  284.089486][ T9781] RBP: 00007fce9dc0e2a0 R08: 0000000000000000 R09: 0000000000000000
[  284.089492][ T9781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  284.089497][ T9781] R13: 0000000000000000 R14: 00007fce9dda6080 R15: 00007fffbdf79128
[  284.089510][ T9781]  </TASK>
[  284.343763][    C0] vkms_vblank_simulate: vblank timer overrun
[  284.466064][   T30] audit: type=1400 audit(1743755386.105:583): avc:  denied  { unmount } for  pid=7454 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  284.635006][ T9784] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1047'.
[  285.974247][   T30] audit: type=1400 audit(1743755387.625:584): avc:  denied  { egress } for  pid=15 comm="ksoftirqd/0" saddr=fe80::1c daddr=ff02::2 netif=teql0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=1
[  285.997459][    C0] vkms_vblank_simulate: vblank timer overrun
[  286.003707][   T30] audit: type=1400 audit(1743755387.625:585): avc:  denied  { sendto } for  pid=15 comm="ksoftirqd/0" saddr=fe80::1c daddr=ff02::2 netif=teql0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1