last executing test programs:

31.713122023s ago: executing program 3 (id=597):
openat$nullb(0xffffffffffffff9c, 0x0, 0x4000000026002, 0x0)
syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4000c00)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x2, 0x0)
request_key(0x0, &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0)
syz_usb_connect(0x0, 0x34, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100002c464708c2153b003e66010203010902220001000000000904000001e3fe11000905000000000000000705936b90"], 0x0)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040e07480204"], 0xa)

30.742041808s ago: executing program 4 (id=600):
r0 = syz_open_dev$vim2m(&(0x7f0000000240), 0x236a, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000040)={0xf, 0x1, 0x3, "9611e6d6ffc888c51632000000000000000100", 0x3831354f})

30.108650544s ago: executing program 4 (id=602):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha256\x00'}, 0x58)
socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r4, 0x107, 0x14, &(0x7f0000000280)=0xfff, 0x4)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000))
accept4$packet(r3, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000002c0)=0x5e, 0x80800)
getpeername$packet(r3, &(0x7f0000000000)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r1, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r5, 0x29}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x1}], 0x1}}], 0x1, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{}, &(0x7f0000000080), &(0x7f00000000c0)}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000180)={0x1}, 0x4)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x3, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r8)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r9, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001240)=@newqdisc={0x2c, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20040000}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=@gettclass={0x24, 0x2a, 0x200, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, r9, {0x10, 0xfff1}, {0x5, 0x1}, {0x8, 0x6}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000400), 0x4)
accept4(r0, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000200)="ad00"/16, 0x10)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000600)=""/152, 0x98}], 0x1)

29.056674843s ago: executing program 4 (id=605):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESOCT], 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)
chdir(&(0x7f0000000000)='./file0\x00')
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000000700000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$OBJ_PIN_PROG(0x6, &(0x7f00000000c0)=@generic={&(0x7f0000000bc0)='./file0\x00', r1}, 0x18)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000580)=@generic={&(0x7f0000000500)='./file0\x00'}, 0x18)
close_range(r0, 0xffffffffffffffff, 0x0)

27.784408549s ago: executing program 3 (id=607):
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f00000001c0)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1f, 0x2, &(0x7f0000001c40)=ANY=[@ANYBLOB], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x13}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000006"], 0x66)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0c000000040000000400000009"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000024c0), &(0x7f0000001280), 0xffffffff, r4, 0x0, 0x300}, 0x38)

27.669304919s ago: executing program 1 (id=609):
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
close(r0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xffffffffffffff1a, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000ab9ff0)={0x2, &(0x7f0000000000)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x6}]}, 0x10)
r2 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x0)
fchdir(r3)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x20)
open(&(0x7f0000000040)='./file0\x00', 0x551083, 0x28)
rmdir(&(0x7f0000000280)='./file0\x00')
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r0}})

26.734978707s ago: executing program 3 (id=611):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
r1 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000300), 0x40100001, 0x189002)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r2, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r2, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000180)=[0x0], 0x0, 0x0, 0x0, 0x15})
r3 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340)=[<r4=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$HIDIOCGFIELDINFO(0xffffffffffffffff, 0xc038480a, &(0x7f0000000240)={0x3, 0x0, 0x2, 0xff800000, 0x9, 0xe, 0x1, 0x4, 0x1, 0x6, 0x10, 0x0, 0x15d1, 0x6})
r5 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r5, 0xc05064a7, &(0x7f0000000a00)={&(0x7f0000000800)=[0x0], &(0x7f0000000840)=[{}, {}, {}, {}], &(0x7f0000024140)=[0x0, 0x0, 0x0], &(0x7f00000009c0), 0x42, 0x42, 0x1, 0x0, r4})
r6 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r6, 0x40000000af01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r6, 0x4008af03, &(0x7f0000000400))
ioctl$VHOST_SET_FEATURES(r6, 0x4008af00, &(0x7f00000001c0)=0x304008000)
ioctl$VHOST_NET_SET_BACKEND(r6, 0x4008af30, &(0x7f00000003c0)={0x1})
r7 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r7, 0xc04064a0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000380)=[<r8=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r7, 0xc05064a7, &(0x7f00000003c0)={&(0x7f00000059c0)=[0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, r8})
ioctl$DRM_IOCTL_MODE_SETCRTC(r1, 0xc06864a2, &(0x7f0000000580)={&(0x7f0000000240), 0x0, 0x0, 0x0, 0x3, 0x0, 0xffffffff, 0xfffff612, {0x1, 0x1, 0x3, 0x67, 0xf4b, 0x5, 0x2, 0x5, 0x412d, 0xe154, 0x1000, 0x7f, 0x6, 0x3, "fe1d00003413000000000020b42717e47f00"}})
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={0x14, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2}}, 0x14}}, 0x0)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)

26.122640622s ago: executing program 1 (id=612):
r0 = msgget$private(0x0, 0x200)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0xca000, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000c80)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53605f70000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc7f00000000000000814618e976832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c194f2ffffa1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6424923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f7d5959120dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff0000f5620000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823f215af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15453e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada133b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631def9f126c25ba4f37caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d3c23e80613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe656c9c46bffbe9dd03970800000000000000d372bdd60200c1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})
syz_usb_connect(0x5, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000fdc01a40f30c74933bbc000000010902"], 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
msgrcv(r0, &(0x7f0000000140)={0x0, ""/129}, 0x89, 0x0, 0xd2306fcba11ec7da)
r4 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r4, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f00000003c0)={0x9c9, 0x0, 0x0, 'queue0\x00', 0x200000})
bind$inet(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r6 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r7 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r7, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$BPF_GET_MAP_INFO(0x3, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000640)=ANY=[], 0x50)
r8 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
close_range(0xffffffffffffffff, r6, 0x2)
mkdir(0x0, 0x0)
mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, 0x0)

25.94951261s ago: executing program 3 (id=613):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000004c0)={@map, 0x9, 0x1, 0x800, 0x0, 0x0, 0x0, &(0x7f0000000400), &(0x7f0000000440)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0]}, 0x40)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000040000000000000000850000000e000000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
write(r3, &(0x7f0000000240)="14000000140005b7ffccca38b9000000060860eb", 0x14)

25.647115053s ago: executing program 0 (id=615):
socket$nl_netfilter(0x10, 0x3, 0xc)
connect$unix(0xffffffffffffffff, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=ANY=[@ANYBLOB="48000000100005ff00000000000000000000004a", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010062617461647600000400028008000a00", @ANYRES32=r2, @ANYBLOB="0a0001"], 0x48}, 0x1, 0x0, 0x0, 0x20004080}, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0)
syz_io_uring_setup(0x341a, &(0x7f0000000380)={0x0, 0x80fd, 0x10, 0x0, 0x2cf}, &(0x7f0000000300), &(0x7f00000002c0))
r4 = socket$key(0xf, 0x3, 0x2)
shutdown(r4, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000000)={0x0, 0x4}, &(0x7f00000000c0)=0x8)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000005c0)=ANY=[@ANYBLOB="b80000001300e99900000000fedbdf25fe800000dd00000000000000000000bbfe8000000000000000000000000000bb0000002f000040000a006010000000004d45e84062a143a2ddc112267abd6248f5e4d66f462032a6b7671cc8a755b10309b23e763f5af825a6f2eb26c8b2ba95286a10eb5099f1b0e6e5cf6ca14dd09f7cf311d531a59d2ce7f995ffeeb0e33e9300d7148692ec9dd6886d0a75aebc110b937fe7bca80c1f95c5b05dd3cadcedc004d87ea1cf7259433326b71cdf156aa9fa46ed819475b7ed40bb428e374181ee2a6921b6e8ad6fd8c17e50738b4d2856dafb48b657c4d829c48927fa1fc8a4fab9e9642e02480545bc5fd10846d7321645e7e998293aa0036200"/282, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000007f04000000000000030000000000000000000000000000000000000000000000ffffffffffffffff0000000000000000feffffffffffffff000000000000000000000000000000000000000000000000000000000000000004000000000000000101020000000000"], 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x4000844)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r6, &(0x7f0000000240)="8a", 0x1, 0x51, 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r7, &(0x7f0000019680)=""/102392, 0x18ff8)
r8 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r8, &(0x7f0000000480)={0xa, 0x0, 0x3c000, @loopback, 0x5}, 0x1c)
dup2(r8, r8)

25.580611504s ago: executing program 4 (id=616):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x891018, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0\x00', 0x0, 0x38a5c2e, 0x0)
connect$netrom(0xffffffffffffffff, &(0x7f0000000300)={{0x6, @null}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default, @bcast, @bcast, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast]}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x6, &(0x7f00000003c0)=0xbcf)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0xd, 0x0, 0x0, &(0x7f0000000000)='GPL\x00'}, 0x94)
request_key(&(0x7f0000001000)='dns_resolver\x00', &(0x7f0000001040)={'syz', 0x2}, &(0x7f0000001080)='\x00', 0x0)
request_key(&(0x7f00000010c0)='dns_resolver\x00', &(0x7f0000001100)={'syz', 0x2}, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
r4 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r4, &(0x7f0000000300)={{0x6, @rose}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}]}, 0x48)
io_uring_setup(0xf46, &(0x7f0000000180)={0x0, 0xfffffb})
socket$inet_smc(0x2b, 0x1, 0x0)

25.452389183s ago: executing program 2 (id=617):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
r1 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000300), 0x40100001, 0x189002)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r2, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r2, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r3=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r1, 0xc02064b6, &(0x7f00000002c0)={r3, <r4=>0x0, <r5=>0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000180)=[0x0], 0x0, 0x0, 0x0, 0x15})
r6 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340)=[<r7=>0x0], 0x0, 0x0, 0x0, 0x1})
r8 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r8, 0xc05064a7, &(0x7f0000000a00)={&(0x7f0000000800)=[0x0], &(0x7f0000000840)=[{}, {}, {}, {}], &(0x7f0000024140)=[0x0, 0x0, 0x0], &(0x7f00000009c0), 0x42, 0x42, 0x1, 0x0, r7})
r9 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r9, 0x40000000af01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r9, 0x4008af03, &(0x7f0000000400))
ioctl$VHOST_SET_FEATURES(r9, 0x4008af00, &(0x7f00000001c0)=0x304008000)
ioctl$VHOST_NET_SET_BACKEND(r9, 0x4008af30, &(0x7f00000003c0)={0x1})
r10 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r10, 0xc04064a0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000380)=[0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_SETCRTC(r1, 0xc06864a2, &(0x7f0000000580)={&(0x7f0000000240), 0x0, r4, r5, 0x3, 0x0, 0xffffffff, 0xfffff612, {0x1, 0x1, 0x3, 0x67, 0xf4b, 0x5, 0x2, 0x5, 0x412d, 0xe154, 0x1000, 0x7f, 0x6, 0x3, "fe1d00003413000000000020b42717e47f00"}})
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)

23.70080933s ago: executing program 0 (id=618):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
r1 = syz_open_dev$dri(&(0x7f0000000300), 0x40100001, 0x189002)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANE(0xffffffffffffffff, 0xc02064b6, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000180)=[0x0], 0x0, 0x0, 0x0, 0x15})
r2 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340)=[<r3=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$HIDIOCGFIELDINFO(0xffffffffffffffff, 0xc038480a, &(0x7f0000000240)={0x3, 0x0, 0x2, 0xff800000, 0x9, 0xe, 0x1, 0x4, 0x1, 0x6, 0x10, 0x0, 0x15d1, 0x6})
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r4, 0xc05064a7, &(0x7f0000000a00)={&(0x7f0000000800)=[0x0], &(0x7f0000000840)=[{}, {}, {}, {}], &(0x7f0000024140)=[0x0, 0x0, 0x0], &(0x7f00000009c0), 0x42, 0x42, 0x1, 0x0, r3})
r5 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r5, 0x40000000af01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r5, 0x4008af03, &(0x7f0000000400))
ioctl$VHOST_SET_FEATURES(r5, 0x4008af00, &(0x7f00000001c0)=0x304008000)

23.650313375s ago: executing program 2 (id=619):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r2}, 0x10)
mount$fuse(0x0, &(0x7f0000002880)='.\x00', &(0x7f00000028c0), 0x0, &(0x7f0000000180)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x1000}})
mount$fuse(0x0, &(0x7f0000002880)='.\x00', &(0x7f00000028c0), 0x0, &(0x7f0000000080)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}})
fcntl$getown(r0, 0x9)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000b40)={'wlan0\x00', <r3=>0x0})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x30, r4, 0x1, 0x70bd29, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_FLAGS={0x8, 0x11, 0x0, 0x1, [@NL80211_STA_FLAG_ASSOCIATED={0x4}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x400c0}, 0x4)
acct(&(0x7f0000000040)='./file0\x00')
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r5, 0xaf01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
r7 = open$dir(0x0, 0x8000, 0x8)
syz_open_dev$loop(0x0, 0x10000, 0x10d480)
renameat2(0xffffffffffffffff, 0x0, r7, 0x0, 0x7)
r8 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r9 = signalfd4(0xffffffffffffffff, &(0x7f0000001a80), 0x8, 0x0)
r10 = syz_io_uring_setup(0x39, &(0x7f00000000c0)={0x0, 0xe7b7, 0x3501, 0x0, 0xffffffff}, &(0x7f0000000240), &(0x7f0000001880))
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r10, 0x21, &(0x7f0000000440)=r9, 0x1)
write$RDMA_USER_CM_CMD_CREATE_ID(r8, 0x0, 0x0)
ioctl$VHOST_SET_LOG_FD(r5, 0x4004af07, &(0x7f0000000240))

22.797700305s ago: executing program 2 (id=620):
pipe(&(0x7f0000019480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000500)=[{&(0x7f00000000c0)="dc", 0x1}], 0x1, 0x3)
close(r1)
r2 = socket(0x10, 0x3, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@empty, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in=@multicast1, 0x0, 0x2b}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffffd}}, 0xe8)
r4 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r4, 0x1, 0x8, 0x0, 0x0)
sendmsg$key(r4, 0x0, 0x0)
sendmsg$key(r4, 0x0, 0x0)
sendmsg$key(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)={0x2, 0x13, 0xfb, 0x5, 0x2, 0x0, 0x70bd28, 0xeedc}, 0x10}}, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x34f}, 0x0, &(0x7f0000000080)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000240)=0xffffffff, 0x0, 0x4)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(0x0, r5, 0x0)
bind$netlink(r2, &(0x7f0000177ff4)={0x10, 0x0, 0x1}, 0xc)
connect$netlink(r2, &(0x7f00000005c0)=@proc={0x10, 0x0, 0x1}, 0xc)
splice(r0, 0x0, r1, 0x0, 0x10500, 0x0)

22.576641159s ago: executing program 2 (id=621):
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f00000001c0)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1f, 0x2, &(0x7f0000001c40)=ANY=[@ANYBLOB="85000000a8"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x13}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000006"], 0x66)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0c000000040000000400000009"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000024c0), &(0x7f0000001280), 0xffffffff, r4, 0x0, 0x300}, 0x38)

22.524124025s ago: executing program 0 (id=622):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000440)=@deltaction={0x28, 0x31, 0x101, 0x4, 0x0, {}, [@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x14}, 0x0)

22.324426095s ago: executing program 4 (id=623):
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
close(r0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xffffffffffffff1a, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000ab9ff0)={0x2, &(0x7f0000000000)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x6}]}, 0x10)
r2 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x0)
fchdir(r3)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x20)
open(&(0x7f0000000040)='./file0\x00', 0x551083, 0x28)
rmdir(&(0x7f0000000280)='./file0\x00')
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r0}})

21.899143198s ago: executing program 1 (id=624):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
r1 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000300), 0x40100001, 0x189002)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r2, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r2, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000180)=[0x0], 0x0, 0x0, 0x0, 0x15})
r3 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340)=[<r4=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$HIDIOCGFIELDINFO(0xffffffffffffffff, 0xc038480a, &(0x7f0000000240)={0x3, 0x0, 0x2, 0xff800000, 0x9, 0xe, 0x1, 0x4, 0x1, 0x6, 0x10, 0x0, 0x15d1, 0x6})
r5 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r5, 0xc05064a7, &(0x7f0000000a00)={&(0x7f0000000800)=[0x0], &(0x7f0000000840)=[{}, {}, {}, {}], &(0x7f0000024140)=[0x0, 0x0, 0x0], &(0x7f00000009c0), 0x42, 0x42, 0x1, 0x0, r4})
r6 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r6, 0x40000000af01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r6, 0x4008af03, &(0x7f0000000400))
ioctl$VHOST_SET_FEATURES(r6, 0x4008af00, &(0x7f00000001c0)=0x304008000)
ioctl$VHOST_NET_SET_BACKEND(r6, 0x4008af30, &(0x7f00000003c0)={0x1})
r7 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r7, 0xc04064a0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000380)=[<r8=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r7, 0xc05064a7, &(0x7f00000003c0)={&(0x7f00000059c0)=[0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, r8})
ioctl$DRM_IOCTL_MODE_SETCRTC(r1, 0xc06864a2, &(0x7f0000000580)={&(0x7f0000000240), 0x0, 0x0, 0x0, 0x3, 0x0, 0xffffffff, 0xfffff612, {0x1, 0x1, 0x3, 0x67, 0xf4b, 0x5, 0x2, 0x5, 0x412d, 0xe154, 0x1000, 0x7f, 0x6, 0x3, "fe1d00003413000000000020b42717e47f00"}})
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={0x14, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2}}, 0x14}}, 0x0)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)

21.819950384s ago: executing program 0 (id=625):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), 0xffffffffffffffff)
mprotect(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0)
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000000)={0xc, 0x0, <r1=>0x0})
ioctl$TIOCSIG(0xffffffffffffffff, 0x40045436, 0x3c)
socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_setup(0x952, &(0x7f0000000400)={0x0, 0x537, 0x2, 0x1, 0x3d5}, &(0x7f0000000040), &(0x7f0000000240))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = dup2(0xffffffffffffffff, r2)
r4 = syz_io_uring_setup(0x5988, &(0x7f00000005c0)={0x0, 0xfec4, 0x8, 0x1, 0x2d3}, &(0x7f00000000c0)=<r5=>0x0, &(0x7f0000000180))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000e40)=@newlink={0x48, 0x10, 0x403, 0xffffffff, 0x25dfdbff, {0x0, 0x0, 0x3, 0x0, 0xa000, 0x830}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_ADDRESS={0xa, 0x1, @remote}]}, 0x48}}, 0x0)
sendmsg$ETHTOOL_MSG_WOL_GET(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYRES16=r7, @ANYBLOB="0100b11b700000feffff1a000000180001801400020064756d6d7930"], 0x2c}}, 0x0)
io_uring_enter(r4, 0x75fa, 0xe475, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r3, 0x84, 0x13, &(0x7f0000000380)={0x0, 0xfffffc85}, &(0x7f00000003c0)=0x8)
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r0, 0x3ba0, &(0x7f0000000440)={0x48, 0x1, r1, 0x0, 0x0, 0x8000000})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000140)={0x28, 0x6, r1, 0x0, &(0x7f0000ff6000/0xa000)=nil, 0xa000})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r0, 0x3ba0, &(0x7f00000000c0)={0x48, 0x2, r1})
socket$nl_generic(0x10, 0x3, 0x10)

21.560973586s ago: executing program 2 (id=626):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
syz_open_dev$dri(&(0x7f0000000300), 0x40100001, 0x189002)
ioctl$DRM_IOCTL_MODE_GETPLANE(0xffffffffffffffff, 0xc02064b6, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$HIDIOCGFIELDINFO(0xffffffffffffffff, 0xc038480a, &(0x7f0000000240)={0x3, 0x0, 0x2, 0xff800000, 0x9, 0xe, 0x1, 0x4, 0x1, 0x6, 0x10, 0x0, 0x15d1, 0x6})
r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r1, 0xc05064a7, &(0x7f0000000a00)={&(0x7f0000000800)=[0x0], &(0x7f0000000840)=[{}, {}, {}, {}], &(0x7f0000024140)=[0x0, 0x0, 0x0], &(0x7f00000009c0), 0x42, 0x42, 0x1})
r2 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r2, 0x40000000af01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000400))

20.62939266s ago: executing program 1 (id=627):
socket$inet6(0xa, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000240)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000022780)=@newlink={0x30, 0x10, 0x49920d862a92153b, 0xc, 0x0, {0x0, 0x0, 0x0, 0x0, 0x90c1}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @gtp={{0x8}, {0x4}}}]}, 0x30}}, 0x48010)
write$char_usb(0xffffffffffffffff, &(0x7f0000000140)="7412246b9648730fd7cad851a834d04c7a164faa319b5ecb", 0x18)
socket$nl_route(0x10, 0x3, 0x0)
r4 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0)
ioctl$FS_IOC_SETFLAGS(r4, 0x40046f41, &(0x7f0000000440)=0x1f)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

20.516721141s ago: executing program 3 (id=628):
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x5c9})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x1})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0))
read$dsp(0xffffffffffffffff, 0x0, 0x0)
syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0)
io_uring_register$IORING_REGISTER_CLOCK(0xffffffffffffffff, 0x1d, 0x0, 0x0)
r2 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00', 0x0)
r3 = gettid()
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f0000000340), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = userfaultfd(0x80000)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffc000/0x3000)=nil, 0x3000}, 0x1})
syz_memcpy_off$KVM_EXIT_HYPERCALL(0x0, 0x20, &(0x7f0000000180)="5e73663bf4082f7c6cbecbf09d6dd7be5a06dfd64563f329c16f799d1836bfc45a7badc8faed24bb77c848723a43602d1fe0d236c062e105ec77ffd00fb243c3111dda42112650cc", 0x0, 0xfe2a)
ioctl$UFFDIO_COPY(r5, 0xc028aa03, &(0x7f0000000140)={&(0x7f0000ffc000/0x1000)=nil, &(0x7f0000c90000/0x4000)=nil, 0x1000})
tkill(r3, 0xb)
bind$alg(r1, &(0x7f0000000600)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(aes)\x00'}, 0x58)
accept4(r1, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0x5867, 0x10, 0xfffffffa, 0x24d}, &(0x7f00000006c0)=<r6=>0x0, &(0x7f00000001c0))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f00000002c0)=0xfffffffc, 0x0, 0x4)

20.074257666s ago: executing program 4 (id=629):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
r1 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000300), 0x40100001, 0x189002)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r2, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r2, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r3=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r1, 0xc02064b6, &(0x7f00000002c0)={r3, <r4=>0x0, <r5=>0x0, 0x0, 0x0, 0x0, 0x0})
r6 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340)=[<r7=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$HIDIOCGFIELDINFO(0xffffffffffffffff, 0xc038480a, &(0x7f0000000240)={0x3, 0x0, 0x2, 0xff800000, 0x9, 0xe, 0x1, 0x4, 0x1, 0x6, 0x10, 0x0, 0x15d1, 0x6})
r8 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r8, 0xc05064a7, &(0x7f0000000a00)={&(0x7f0000000800)=[0x0], &(0x7f0000000840)=[{}, {}, {}, {}], &(0x7f0000024140)=[0x0, 0x0, 0x0], &(0x7f00000009c0), 0x42, 0x42, 0x1, 0x0, r7})
r9 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r9, 0x40000000af01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r9, 0x4008af03, &(0x7f0000000400))
ioctl$VHOST_SET_FEATURES(r9, 0x4008af00, &(0x7f00000001c0)=0x304008000)
ioctl$VHOST_NET_SET_BACKEND(r9, 0x4008af30, &(0x7f00000003c0)={0x1})
r10 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r10, 0xc04064a0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000380)=[<r11=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r10, 0xc05064a7, &(0x7f00000003c0)={&(0x7f00000059c0)=[0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, r11})
ioctl$DRM_IOCTL_MODE_SETCRTC(r1, 0xc06864a2, &(0x7f0000000580)={&(0x7f0000000240), 0x0, r4, r5, 0x3, 0x0, 0xffffffff, 0xfffff612, {0x1, 0x1, 0x3, 0x67, 0xf4b, 0x5, 0x2, 0x5, 0x412d, 0xe154, 0x1000, 0x7f, 0x6, 0x3, "fe1d00003413000000000020b42717e47f00"}})
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r12, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={0x14, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2}}, 0x14}}, 0x0)
r13 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r13, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)

18.465508874s ago: executing program 32 (id=629):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
r1 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000300), 0x40100001, 0x189002)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r2, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r2, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r3=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r1, 0xc02064b6, &(0x7f00000002c0)={r3, <r4=>0x0, <r5=>0x0, 0x0, 0x0, 0x0, 0x0})
r6 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340)=[<r7=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$HIDIOCGFIELDINFO(0xffffffffffffffff, 0xc038480a, &(0x7f0000000240)={0x3, 0x0, 0x2, 0xff800000, 0x9, 0xe, 0x1, 0x4, 0x1, 0x6, 0x10, 0x0, 0x15d1, 0x6})
r8 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r8, 0xc05064a7, &(0x7f0000000a00)={&(0x7f0000000800)=[0x0], &(0x7f0000000840)=[{}, {}, {}, {}], &(0x7f0000024140)=[0x0, 0x0, 0x0], &(0x7f00000009c0), 0x42, 0x42, 0x1, 0x0, r7})
r9 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r9, 0x40000000af01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r9, 0x4008af03, &(0x7f0000000400))
ioctl$VHOST_SET_FEATURES(r9, 0x4008af00, &(0x7f00000001c0)=0x304008000)
ioctl$VHOST_NET_SET_BACKEND(r9, 0x4008af30, &(0x7f00000003c0)={0x1})
r10 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r10, 0xc04064a0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000380)=[<r11=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r10, 0xc05064a7, &(0x7f00000003c0)={&(0x7f00000059c0)=[0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, r11})
ioctl$DRM_IOCTL_MODE_SETCRTC(r1, 0xc06864a2, &(0x7f0000000580)={&(0x7f0000000240), 0x0, r4, r5, 0x3, 0x0, 0xffffffff, 0xfffff612, {0x1, 0x1, 0x3, 0x67, 0xf4b, 0x5, 0x2, 0x5, 0x412d, 0xe154, 0x1000, 0x7f, 0x6, 0x3, "fe1d00003413000000000020b42717e47f00"}})
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r12, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)={0x14, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2}}, 0x14}}, 0x0)
r13 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r13, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)

18.459223656s ago: executing program 0 (id=631):
pipe(&(0x7f0000019480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000500)=[{&(0x7f00000000c0)="dc", 0x1}], 0x1, 0x3)
close(r1)
r2 = socket(0x10, 0x3, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@empty, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in=@multicast1, 0x0, 0x2b}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffffd}}, 0xe8)
r4 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r4, 0x1, 0x8, 0x0, 0x0)
sendmsg$key(r4, 0x0, 0x0)
sendmsg$key(r4, 0x0, 0x0)
sendmsg$key(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)={0x2, 0x13, 0xfb, 0x5, 0x2, 0x0, 0x70bd28, 0xeedc}, 0x10}}, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x34f}, 0x0, &(0x7f0000000080)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000240)=0xffffffff, 0x0, 0x4)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(0x0, r5, 0x0)
bind$netlink(r2, &(0x7f0000177ff4)={0x10, 0x0, 0x1}, 0xc)
connect$netlink(r2, &(0x7f00000005c0)=@proc={0x10, 0x0, 0x1}, 0xc)
splice(r0, 0x0, r1, 0x0, 0x10500, 0x0)

18.45816033s ago: executing program 1 (id=632):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x13, 0x0, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x20, 0x4, &(0x7f0000000900)=ANY=[@ANYBLOB="18000000010000000000000000"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x4004885)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000004c00)=""/102392, 0x18ff8)
r4 = socket(0x23, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x4)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x89901)
move_mount(r5, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x40d)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x3, 0xb, &(0x7f0000000f00)=ANY=[@ANYBLOB="18020000010000000000000000000000180100002020692500000000002020207b1af8ff00000000bfa100000000000007010000faffffffb70200000800ffffb70300000000000085000000b000000095"], &(0x7f00000000c0)='GPL\x00'}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=<r6=>0xffffffffffffffff, @ANYBLOB='\x00'/25], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x13, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000900000000000000000018110000", @ANYRES32, @ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f0000000380)={'ip6tnl0\x00', &(0x7f0000000300)={'syztnl2\x00', <r7=>0x0, 0x2f, 0x1, 0x3, 0x9, 0x20, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xc}}, @dev={0xfe, 0x80, '\x00', 0x3c}, 0x80, 0x7, 0x897f, 0x7b34}})
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000004c0)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r2, &(0x7f00000005c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB, @ANYRES32=r8, @ANYBLOB="0c009900aef70000270000002c0050801100010013187d0c0174b335e33cb01af1000000040004000d00040082055886037aa2bc6e000000080037000200000011000700c418e9ffa395e9d16c87eb71980000000800370001000000"], 0x78}, 0x1, 0x0, 0x0, 0x800}, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', r7, @fallback, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='tlb_flush\x00', r9}, 0x10)
move_mount(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x220)
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r4, 0x84, 0xa, &(0x7f0000000240)={0x5, 0x1ff, 0x8004, 0x7, 0x101, 0x10000, 0x28bb, 0x7fff}, &(0x7f0000000280)=0x20)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="24000000200001030000000040000000020000000200000466d95b060000000008001800"], 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x4044004)

18.457661922s ago: executing program 2 (id=633):
close(0xffffffffffffffff)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000700)={{{@in6=@ipv4={""/10, ""/2, @empty}, @in6=@dev}}, {{@in=@multicast2}}}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x4, 0x8001, 0x0, 0xb49, 0x200000000002, 0x7, 0x8, 0x3}, 0x0)
r0 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_usb_connect(0x5, 0x164, 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000080)=0x80000003)
r1 = dup2(r0, r0)
read$FUSE(r1, &(0x7f00000063c0)={0x2020}, 0x2020) (fail_nth: 6)

17.546741606s ago: executing program 3 (id=634):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f00000000c0), 0xa0201, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000080)=0x8000)
r1 = socket$inet6(0xa, 0x2, 0x0)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000140)={'batadv_slave_1\x00', <r3=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000080)={@mcast1, 0xb, r3})
r4 = openat$dsp1(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
read$dsp(r4, &(0x7f0000003200)=""/4096, 0x1000)
write$dsp(r0, &(0x7f0000002200)="44e211a385424bf02640ba0d3a219de1033222bea86d14dc6bc540f652f0873cec4d2b540364b6e4ff506bf40b976a8485725d9cfab14bb4c91a5fd888b8b983ef960999942529696b90b853c1f1a3b01af9b0cdc6a605c13de44b58eaf66b597768a5a9bccdb34c1aa1c48b2484cf0f1d68f8b5c1d9f6179459a466a2e865c2a66274717ef95f59fcf4d5b05c4540a35bb64a8fab9af3ad51f3c648121e933ea77809f3901ca59ed3e990ff80d87a814eb6fb68e3305fd9420d4a163ad5654ce60386346b6d1154ecef0f4a782c4459c0a8ca7278655e6f806c4bc2e870000bfcb1346232b0ccce39ee18152165cf3f85e87ae23c4113586cf300b39d7589b28372e554f7d748b618bca2a4298d82864e0d8212f4fbd80fd854691ccac21279bb85aacac8a3301ad2ece3d6061dbcc63e4af0fefc68fab6e5319f6d9e6a2708e41e60b2673d62ec952bae35b854fe7e87bc78e2d1a56cc383e5a1783ce35eaa20868d97eb1198ecae2d6375d7cd6992883aa3bbbdcb93b92b6eca3d6cde5baa92a6adda4540d5fce6d4772e5711b3744210587c05833966b300da0a378787ad06e9d5cba6e569b14c013b8428dad38eb6d2bc547615dac42aca90ac891e6db4d1dd029fe628170433f9229a286a814d39afd5a019db11c185b72c34e01ea5e82a5008a059e6791c9b807c4aab4e9807a5a7896a4c5bfa42f15284c1481618461ce3501cf24a722e74923d01bd7d586eec5d5ccba03eee1c8fc83bc5d73675a11eaaebdcd25fb806155f5e669ed8af3267b214f7d23cf8600ab7e909e7347783b94f235ea797d2c1bd83c7f499c04532f2b63a55b336fa9e5305a4a22cdde74360995ffd241c9592043df3dc99dac462dd43443604ffed04b1ee23b6665e0955e0b38fa71f73af930a9762d6d4d762e11df043a78b90f49f1645acffe61094a20b4caaeca22feca5f66c549cfcda38a1a7b6b79b71aba7a696975a257a94344bf65b7b79212a61f465ee55b530582e8b1dc993c379dd40ab5dd860c5828e2c27afae20539978340db55a68897920c1019e75e0b43b4c93cb1061c98f683f8d407fae9b1a87f2f9cd2b8252059ac39766fc174c344c5224b43bbea978d722c93e727292c738b293da0b9f12b4f11c8f354ae91d644131ce3873612146d79fe3ace49c1446a79e0a324f23cc0b6fb673fc6c34315fa0baf03fb5bd36656a2272c9a4d80a312dfbec125af5aacd2faf633650e3ab54f9fd2c6ee76d5abd9fac547fe7880d0dd9341ac0f095c529d3232447a0d1b28c101a2a95c4a9040041fbdf47ff7da3abe4ee7d8acac57b6553e58f1c5f832e7b920ef3708b98e4917f5b855928344da2ad0a9755d3f90d31f3e427bc869a163844b5e38c62302cc2938b03c132caa4d8044ed92680d406b7d635026f38082b26d6d3dfe80e8f659f1101cec8ea74418699a4fedfcd4ce6f2693cce43123c03122f61b62497bc2fdc2307786943feb7325d645657ae5e58d1e2587003ed4712aba34973199238d3f3d29704ba86538a764abb4d69b9efabcd956fa688536e0661a2a2e0fc84d3e4152187fd90dfbd5023aa12e964d1f3bff4e2c2915f2600a3ab701b177bda95ba8203a45182e03cc07db3b20342cd45d4f8954edebb32fb7fdf49d1952477da9ead5d4ba6de96c42f5923e3dce7188b9e9ec1862dd2fd39d256e1de8cd0906f67a8423b29f0b5bf81539828a1f8ae7e747e6b43bd639c6d6a52a29a0e4944f6b07390fc390770154135acf448ed23c507009af66d20b175723069f8eef06c2cd3edc86bd80ebbe2f5cd56c379d655632b62794aa3757ea10fb232414a9477277261879e88c49e8eb5253c91551c13ed725f3551939533d7c131109d10b4300e24db600f8020b10e9aac24d8572873fac24d149398a3306707c5c3de875eca837e140d23b02637ef888d539b6f0c7fd6d97fd8b9edf9a82bf19d75cec625237a6b9716ac0003d1b8c8db5d04f5231bed4aac9e93da9b6bfea002af81eb77a3ef8cab9878fac2574742277e5403e44844e50e64d1471213c724cf14142291a44ff108c1334fd2aa086aff52cdf1e7c53a3c9757a6717ad360137a50c4968865083c132abfc3a5eba97a4387bd5affdf091f8396b443dad822a15150d68a0d9728c548fb793e6c9d5420561fe683b8b5e89227d357873891e95d87db4a33056f3af5aabdffa3cbaacc44bdbcca971d8e84586545ae5b0e5eb5c7fada201db84c3faf06eb3812c560d7b0c680e9c4908837c5fb10627eb828dc34718004c066b8d999d34fe25b831771eda169c2bd54aab176e851db66c2623a01b8ef09c006c9aeb2fc87502231f75f5e4e01cc2674847c4c4eef86afee4ae3646b25d11d885befe01c43a34d60eff675eabefceba4664fbc211b3f014e315ea8e4c95f5088b82c590695616127cf63ebcee2fd78f3856443d3cb529376d34db3db1a6949cb7c80bc403ba92952b694dec72c540763ce3901d262087bf5a16a89c4151ce2d2d97eb77dce3d93d99e087bc5352cbda39935c686cf294c3ba66fab0135acb713281c90d562fc473df7133df5af7d42e183e4b860ee7b624038141ee757cb14db143ef8e8617eb6cb24a0eb73ef230e417d543f4afc5858c43ad20819bf6eda31bd5c258e66e9703a9b1daa8b34f9db16cae43b131ef258da25272320e2b357357b1d12fd87d9a00551185f3d494426d3f33b0ee84e1ae65508b9916fec12805783a857ac5d70a661fce59088437cf991821d3cf5b0db477dc8f6bb38c8455bb628e563ca45cb65383db9ecfc80386cd05f92ab32bf825a0953c101609ca8239b6ef1fb5a7fcc55642f9b2911df108d64b8c72c5bd31645955056968d4917cbab525ae5994b5dcbd33de392081819012a16be8c1b4f164fa6a1c2d88fd957bd62f28a3e87ba1ffcf644116ffdcf26937d4e64b4e87bd4771b9e0a8d8eba4605a8eac0f8e320b1204eeab358a5a5b2caf3e534c28f9da5598fedc5f13b4a7930a569439c3bc43ac5f5195a29280042278f194f84f8e5ee210223f8a486d568fe4a51bf8ef813c1bd02a669e4e0ea79d1e6bad48257ace2e7feba18123a5e67fd7212a341f92061df472db87f1158b0a2088e48a3680edc29ce3d3156108c04e3b16a1cf18cd70c5f5eeeb59824fb869906679eceb4a6ab8ec8733e72db06403f357e128e3383e2b35269b20f032cc21da717ba3febe02fba9f4893074ee2fd98e85499e36ffe2077348bc541548a34bc32fa0f7c00d84cabfd31e5c75b6769a1ba5770c5217cb03d1f0a8c91ba8d524b42c7365e09d94d95cf43f7ec896718f210fd0ba4ef91a5262daf7cd2bae3c2aad3e2eb925bec9ca7c1b874776dc28784a3719cb191cc317ff897698b2667081cc9db30c96c6510766b65c55c5fd4b8564faca924e6f52c2b181561ee5403184a822f0a207d747602f616c5513cabfe55e525b2bce4d662ae0b9ea68c015d6ca87bc752ed3e527826191a36d23e8032e15f65b3d60a517f16c4ece8bc8b09681bad96a5300f7e30e6848612d67ad853bc1523799c568e46b1dfe0d37cbc202c1332718cfadd4d6938bc0bfb21fc15ad19a0506f669d5c8790b685d81c4acbdb8e1b06918e934b459e3f2b46fe0999e6eae4185edac1cb3e85e8b61de24794d339014c03a285a3d7ba91e00bed2d63b0edb933c290ddd62fb1c56b6d08cb99f47dabd72a667805d63a7784450a1bd1af6dfc2ec785ddb8b86fe4a44a7c8f86c4b19a61fdb701a81bd720bb70f8657e256b0f531ab7848b6206ba7cd4c32b866735a4b46091a0bb6c47c923a3efa99a09c0344228ed412f94c4eca96e6bf6ee75f23a1ae8415a892ff19bd190e1d67b8e1212be638eb179176e4074435ed381a7c2faaee9acbcf873823abd906e92f308b36c6c259e43d13b328ded6bf3c1f4a93a76e9a6d0483875456cf8f30eda231d9f26d6b3861a3f2db165758b0d7aacb7b5a8e9f4d775798556cee8dbe8a94fae8df837f71d66a0aaa48df5c36afa9033ec5283e713806d5a07f82729f9e888d309b713db36256757292443f00f1af08058057373ae710d90cefa5872bbeac931ddd145ba9a64997c0bc53cc59a954f8ee2670caac75e2a63b5a1ca6ca6e3f9287f080b271f34b2e63be2ad4c2b85b7c9683245b12491d221314ab2685e2a44787733af58502245e19af646f65dd26b44dda320d583d9ddd6567d6021dc2d7d731963d6cc790d8b082889045cb749de9857ee4388d0f3c2ef83d405d0a2328bd7f76fa4d3d0a2e8238c979babe572ab3e8ae2768ca212bad33249523fa89fc0498f5f29a68aa7aae681e41284f46b47cc996679c4f1d9936647cb9b47ca8dac8e161b5cc0ff29f48f4a42b6a567f1116a5c239e67069b96862e2ba0cb3d424d4c4810cc1f3da1c61f39e7cca3e519159c057a440db9838f9f14351f64ec24c70a21a874da100af89d4753d274bd87c6574de363d44ee5aa37bb360b3acf347b3a72fac5e66c939daf4c6cbfacb43ab73229cc0badacc30b6c771bee9a7a8e36a5839cf5d68ffac084e69cb7bb34f71fc2244e5d16d056f97f581e3c50112e81d8410b6aa6b33b924cbafbc8dcb163f22f0e7b618ecd22296328e3fafdc2366e49a7ab08fa0d5b55c8aaffa8c9fc2899c07cabcf35748b0f30edb03a8a55807b6c73cd0b64cdd1a77ec0dcb8be359715b284a9476a0013d69c825274f45b6ffa59df58ca07756af102a6bb0efa1b4b356f89c504097cf79c76ca07d325375bfac4d7c8483cabd8d7c9141c96948c32ec87c231b69d6776160b8b31dada7e0837b4c2dc2ecb28f9b0400589c12cde99dc7db30a9d4c4f8a904f6b2f2fba1d0c36544f84db803bef904ec5b1f976345f67688df6e2d866d9eda4a87395b8953c0dc1e93ca742d2141b3591bb0bfdb56a0f8eabf710a3479d8b8f7e3f0e73a6fd29fc946909f77a6ad3044495e4d6e661bc633f4eb63204dd9f47ee85676ec0aa8b713819a280c27f086445d62f258379ffd77ced5d2c8cdf7d87135d6806f340a111f42b042058b96daa2633a6975dc0c5580f93a38e3daba8fdfb21fd94ebb30a2e165a75c1788c1cfe2687af2c3d3908514722e19afb385a74d6ac8cb12ca6232cde2e99d4ac651b280e65b3b897e39984a64d55eb4f65ab0912675c3f334d7c7ce6ecd84044125d98ef9eb6cf46c5d5d01b3ba01fa4bb5ff70ba1d18cba8b28f3980fca9c75441ada9122d497ac2e779277edece11bd175bf79657c37b982acb078591520792cf8278b75177ad1aad8133b2e4a61c561b42f6ab11ff8227d75303720d121ad3f3ad2e350b4cbfb6c5476e0f73e58dd25a18f3b50d0b30a629b2f5e053422c5a18decb3ad311ca978dcb53d44c64f43ceec7f803370a9b4b91e837371c4ed274d636423cb189cfe1302c6605142d5765239c6c86384b7c6de980764793956cacff762f8c4feaef7dee318a977e942e3a2ef45e220857162ac83b0fd4f1deef6510005737e7588dac6679fd8ae630d60bb9509d848f00939134f0c52b2b122bcf7e46ce5ca2592d649ff00252e57d9541bafdfeb6492113f401eb428e543168a96bd06b31a9becd8f0fbb2b89d19479411bbe4e265480cf2a6f34e5bc02a98b9f29b8adc10f9096aa5096fe12ef67d9690388459664f9583095f9bef69f9725a76a2bab82cdefe92fefa283ad56c21ab3e8ea602130ad2d831c0a4fbbb7779476e74674034c6051272ca292540de9bfcb34536604865c759b639c6f1e58699635e037d3a8c", 0x1000)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r5, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000580)=ANY=[@ANYBLOB="640000000008010800000000000000000100000006000240000400000600024000f900000900010073797a310000000005000300880000001c0004"], 0x64}, 0x1, 0x0, 0x0, 0x8000}, 0x40004)

17.447172831s ago: executing program 0 (id=635):
syz_io_uring_setup(0x10f, &(0x7f0000000140)={0x0, 0xfec9, 0x10000, 0x0, 0xa}, 0x0, 0x0)
r0 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @remote}, 0x10, 0x0}, 0x240048c1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0) (async)
sched_setscheduler(0x0, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002340)={&(0x7f0000003700)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c0000000400000002000000020000060400000002000000f02400000e00000102f9000000005f"], 0x0, 0x38, 0x0, 0x9, 0x3}, 0x28)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0) (async)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x3e, &(0x7f0000000100)=r2, 0x4)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0xeafbff3, &(0x7f0000000000)=[{&(0x7f0000000300)="b8", 0xfffffdef}], 0x1, 0x0, 0x0, 0x10000000}, 0x52cc) (async)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0xeafbff3, &(0x7f0000000000)=[{&(0x7f0000000300)="b8", 0xfffffdef}], 0x1, 0x0, 0x0, 0x10000000}, 0x52cc)

0s ago: executing program 1 (id=636):
ioprio_set$pid(0x2, 0x0, 0x2007)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone(0x101f, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = syz_usb_connect$cdc_ecm(0x5, 0x5a, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000402505a1a4400001020301090248000101570040090400000002060000052406000005240000000d240f0100080000000000000004240200090581031000000000090582"], 0x0)
syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e"], 0x0)
r1 = syz_usb_connect(0x0, 0x4a, &(0x7f00000001c0)=ANY=[@ANYRESDEC=r0], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r1, 0x82, 0xc38, &(0x7f0000000080)=ANY=[])
ioctl$EVIOCGMASK(0xffffffffffffffff, 0x80104592, 0x0)

kernel console output (not intermixed with test programs):

ysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  107.689535][   T30] audit: type=1400 audit(1752093193.579:252): avc:  denied  { setopt } for  pid=6391 comm="syz.1.117" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  107.710755][ T5911] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  107.719796][ T5911] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  107.750029][ T5911] usb 5-1: Product: syz
[  107.766457][ T5911] usb 5-1: Manufacturer: syz
[  107.771166][   T30] audit: type=1400 audit(1752093193.579:253): avc:  denied  { write } for  pid=6391 comm="syz.1.117" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  107.790585][ T5911] usb 5-1: SerialNumber: syz
[  107.811830][ T5911] usb 5-1: config 0 descriptor??
[  107.820837][ T5911] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  107.834700][ T5911] em28xx 5-1:0.0: DVB interface 0 found: bulk
[  107.903316][   T30] audit: type=1400 audit(1752093194.129:254): avc:  denied  { watch } for  pid=6395 comm="syz.2.119" path="/29/file0" dev="tmpfs" ino=171 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  107.949928][   T30] audit: type=1400 audit(1752093194.149:255): avc:  denied  { mounton } for  pid=6395 comm="syz.2.119" path="/29/file0" dev="tmpfs" ino=171 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  108.372085][ T5911] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[  108.619760][   T30] audit: type=1400 audit(1752093194.759:256): avc:  denied  { kexec_image_load } for  pid=6400 comm="syz.1.120" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[  108.706254][ T5911] em28xx 5-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  108.861674][ T5911] em28xx 5-1:0.0: board has no eeprom
[  110.338500][ T5911] em28xx 5-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  110.358724][ T5911] em28xx 5-1:0.0: dvb set to bulk mode.
[  110.365575][ T5889] em28xx 5-1:0.0: Binding DVB extension
[  110.366218][   T30] audit: type=1400 audit(1752093196.209:257): avc:  denied  { write } for  pid=6411 comm="syz.1.123" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  110.391247][    C1] vkms_vblank_simulate: vblank timer overrun
[  110.408141][   T30] audit: type=1400 audit(1752093196.209:258): avc:  denied  { nlmsg_write } for  pid=6411 comm="syz.1.123" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  110.415778][ T6414] binder: BINDER_SET_CONTEXT_MGR already set
[  110.449794][   T30] audit: type=1400 audit(1752093196.219:259): avc:  denied  { setopt } for  pid=6411 comm="syz.1.123" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  110.471544][ T6414] binder: 6413:6414 ioctl 4018620d 200000000040 returned -16
[  110.487845][ T5911] usb 5-1: USB disconnect, device number 6
[  110.501784][ T5911] em28xx 5-1:0.0: Disconnecting em28xx
[  110.534923][   T30] audit: type=1400 audit(1752093196.639:260): avc:  denied  { read } for  pid=6413 comm="syz.3.124" name="binder0" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  110.540773][ T5889] em28xx 5-1:0.0: Registering input extension
[  110.557533][    C1] vkms_vblank_simulate: vblank timer overrun
[  110.570814][ T5911] em28xx 5-1:0.0: Closing input extension
[  111.087553][ T5911] em28xx 5-1:0.0: Freeing device
[  112.188823][ T6438] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  112.376002][ T6433] overlayfs: failed to resolve './file0': -2
[  113.147122][   T30] kauditd_printk_skb: 5 callbacks suppressed
[  113.147136][   T30] audit: type=1400 audit(1752093199.369:266): avc:  denied  { create } for  pid=6442 comm="syz.2.130" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  114.204639][ T5911] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  114.658901][   T30] audit: type=1400 audit(1752093199.399:267): avc:  denied  { setopt } for  pid=6442 comm="syz.2.130" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  114.703120][   T30] audit: type=1400 audit(1752093199.429:268): avc:  denied  { mount } for  pid=6446 comm="syz.2.132" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  114.740196][   T30] audit: type=1400 audit(1752093199.969:269): avc:  denied  { accept } for  pid=6446 comm="syz.2.132" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  114.800573][ T5911] usb 1-1: Using ep0 maxpacket: 8
[  114.807352][ T5911] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  114.848042][ T5911] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  114.850535][   T30] audit: type=1400 audit(1752093200.949:270): avc:  denied  { unmount } for  pid=5830 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  114.969423][ T5911] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  115.154804][ T5911] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  115.301474][ T5911] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  115.353365][ T5911] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  115.666175][ T5911] usb 1-1: GET_CAPABILITIES returned 0
[  115.673782][ T5911] usbtmc 1-1:16.0: can't read capabilities
[  115.692318][   T30] audit: type=1400 audit(1752093201.909:271): avc:  denied  { create } for  pid=6457 comm="syz.4.136" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  115.754868][   T30] audit: type=1400 audit(1752093201.939:272): avc:  denied  { ioctl } for  pid=6457 comm="syz.4.136" path="socket:[9599]" dev="sockfs" ino=9599 ioctlcmd=0x89e1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  115.779222][    C1] vkms_vblank_simulate: vblank timer overrun
[  115.940020][ T6463] FAULT_INJECTION: forcing a failure.
[  115.940020][ T6463] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  115.953286][ T6463] CPU: 0 UID: 0 PID: 6463 Comm: syz.1.137 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full) 
[  115.953308][ T6463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  115.953316][ T6463] Call Trace:
[  115.953320][ T6463]  <TASK>
[  115.953323][ T6463]  dump_stack_lvl+0x16c/0x1f0
[  115.953342][ T6463]  should_fail_ex+0x512/0x640
[  115.953358][ T6463]  _copy_from_user+0x2e/0xd0
[  115.953373][ T6463]  ____sys_sendmsg+0x607/0xc70
[  115.953385][ T6463]  ? __pfx_____sys_sendmsg+0x10/0x10
[  115.953397][ T6463]  ? __pfx__kstrtoull+0x10/0x10
[  115.953411][ T6463]  ___sys_sendmsg+0x134/0x1d0
[  115.953426][ T6463]  ? __pfx____sys_sendmsg+0x10/0x10
[  115.953446][ T6463]  ? find_held_lock+0x2b/0x80
[  115.953481][ T6463]  __sys_sendmmsg+0x200/0x420
[  115.953502][ T6463]  ? __pfx___sys_sendmmsg+0x10/0x10
[  115.953520][ T6463]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  115.953546][ T6463]  ? fput+0x70/0xf0
[  115.953555][ T6463]  ? ksys_write+0x1ac/0x250
[  115.953568][ T6463]  ? __pfx_ksys_write+0x10/0x10
[  115.953583][ T6463]  __x64_sys_sendmmsg+0x9c/0x100
[  115.953596][ T6463]  ? lockdep_hardirqs_on+0x7c/0x110
[  115.953610][ T6463]  do_syscall_64+0xcd/0x4c0
[  115.953625][ T6463]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.953636][ T6463] RIP: 0033:0x7f5ec138e929
[  115.953644][ T6463] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  115.953653][ T6463] RSP: 002b:00007f5ec2246038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  115.953663][ T6463] RAX: ffffffffffffffda RBX: 00007f5ec15b6080 RCX: 00007f5ec138e929
[  115.953669][ T6463] RDX: 0000000000000001 RSI: 0000200000000080 RDI: 0000000000000005
[  115.953675][ T6463] RBP: 00007f5ec2246090 R08: 0000000000000000 R09: 0000000000000000
[  115.953680][ T6463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  115.953686][ T6463] R13: 0000000000000000 R14: 00007f5ec15b6080 R15: 00007fff1be78028
[  115.953698][ T6463]  </TASK>
[  116.391518][   T30] audit: type=1400 audit(1752093201.949:273): avc:  denied  { read } for  pid=6454 comm="syz.2.135" name="sg0" dev="devtmpfs" ino=756 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  116.448771][ T6464] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  116.481738][ T6464] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  116.490043][ T5910] usb 3-1: new full-speed USB device number 4 using dummy_hcd
[  116.528409][   T30] audit: type=1400 audit(1752093201.949:274): avc:  denied  { open } for  pid=6454 comm="syz.2.135" path="/dev/sg0" dev="devtmpfs" ino=756 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  116.592639][   T30] audit: type=1400 audit(1752093201.979:276): avc:  denied  { write } for  pid=6457 comm="syz.4.136" name="fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  116.654780][ T5910] usb 3-1: device descriptor read/64, error -71
[  116.707977][ T5911] usb 1-1: USB disconnect, device number 8
[  116.910021][ T5910] usb 3-1: new full-speed USB device number 5 using dummy_hcd
[  117.530062][ T5910] usb 3-1: device descriptor read/64, error -71
[  117.671842][ T5910] usb usb3-port1: attempt power cycle
[  117.855204][ T6483] netlink: 'syz.1.141': attribute type 29 has an invalid length.
[  117.900558][ T6483] netlink: 'syz.1.141': attribute type 3 has an invalid length.
[  117.926037][ T6483] netlink: 76 bytes leftover after parsing attributes in process `syz.1.141'.
[  118.170784][ T5910] usb 3-1: new full-speed USB device number 6 using dummy_hcd
[  118.321688][ T5910] usb 3-1: device descriptor read/8, error -71
[  120.406684][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  120.406726][   T30] audit: type=1400 audit(1752093206.619:278): avc:  denied  { bind } for  pid=6501 comm="syz.3.146" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  120.435501][ T6503] syz.3.146 uses obsolete (PF_INET,SOCK_PACKET)
[  121.185220][   T30] audit: type=1400 audit(1752093207.409:279): avc:  denied  { connect } for  pid=6512 comm="syz.4.149" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  121.207945][   T30] audit: type=1400 audit(1752093207.409:280): avc:  denied  { write } for  pid=6512 comm="syz.4.149" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  121.266165][ T6512] delete_channel: no stack
[  121.684298][ T6495] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  122.451838][   T30] audit: type=1400 audit(1752093208.669:281): avc:  denied  { mount } for  pid=6531 comm="syz.1.155" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  122.481206][ T6532] 9pnet_fd: Insufficient options for proto=fd
[  122.658079][   T30] audit: type=1400 audit(1752093208.709:282): avc:  denied  { mounton } for  pid=6531 comm="syz.1.155" path="/30/file0" dev="tmpfs" ino=178 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1
[  123.875649][ T6542] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  125.892629][ T6551] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  127.175696][ T6565] FAULT_INJECTION: forcing a failure.
[  127.175696][ T6565] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  127.204806][ T6565] CPU: 1 UID: 0 PID: 6565 Comm: syz.3.163 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full) 
[  127.204832][ T6565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  127.204842][ T6565] Call Trace:
[  127.204847][ T6565]  <TASK>
[  127.204854][ T6565]  dump_stack_lvl+0x16c/0x1f0
[  127.204883][ T6565]  should_fail_ex+0x512/0x640
[  127.204910][ T6565]  _copy_to_user+0x32/0xd0
[  127.204936][ T6565]  simple_read_from_buffer+0xcb/0x170
[  127.204960][ T6565]  proc_fail_nth_read+0x197/0x270
[  127.204982][ T6565]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  127.205005][ T6565]  ? rw_verify_area+0xcf/0x680
[  127.205023][ T6565]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  127.205044][ T6565]  vfs_read+0x1e4/0xc60
[  127.205069][ T6565]  ? __pfx___mutex_lock+0x10/0x10
[  127.205093][ T6565]  ? __pfx_vfs_read+0x10/0x10
[  127.205120][ T6565]  ? __fget_files+0x20e/0x3c0
[  127.205150][ T6565]  ksys_read+0x12a/0x250
[  127.205170][ T6565]  ? __pfx_ksys_read+0x10/0x10
[  127.205199][ T6565]  do_syscall_64+0xcd/0x4c0
[  127.205224][ T6565]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.205241][ T6565] RIP: 0033:0x7f6c83b8d33c
[  127.205255][ T6565] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  127.205270][ T6565] RSP: 002b:00007f6c849e6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  127.205287][ T6565] RAX: ffffffffffffffda RBX: 00007f6c83db5fa0 RCX: 00007f6c83b8d33c
[  127.205298][ T6565] RDX: 000000000000000f RSI: 00007f6c849e60a0 RDI: 0000000000000004
[  127.205307][ T6565] RBP: 00007f6c849e6090 R08: 0000000000000000 R09: 0000000000000000
[  127.205317][ T6565] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[  127.205326][ T6565] R13: 0000000000000000 R14: 00007f6c83db5fa0 R15: 00007fff9be79bc8
[  127.205350][ T6565]  </TASK>
[  127.797512][   T30] audit: type=1400 audit(1752093213.969:283): avc:  denied  { bind } for  pid=6570 comm="syz.3.166" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  128.177833][   T30] audit: type=1400 audit(1752093213.989:284): avc:  denied  { write } for  pid=6570 comm="syz.3.166" path="socket:[9916]" dev="sockfs" ino=9916 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  128.201258][    C0] vkms_vblank_simulate: vblank timer overrun
[  130.498339][   T30] audit: type=1400 audit(1752093216.709:285): avc:  denied  { read write } for  pid=6597 comm="syz.4.174" name="swradio9" dev="devtmpfs" ino=1073 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  130.521613][    C0] vkms_vblank_simulate: vblank timer overrun
[  131.305750][ T6614] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6614 comm=syz.4.179
[  131.393094][ T6614] netlink: 8 bytes leftover after parsing attributes in process `syz.4.179'.
[  132.246738][   T30] audit: type=1400 audit(1752093216.709:286): avc:  denied  { open } for  pid=6597 comm="syz.4.174" path="/dev/swradio9" dev="devtmpfs" ino=1073 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  132.269899][    C0] vkms_vblank_simulate: vblank timer overrun
[  132.303530][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  132.316643][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  132.340121][   T30] audit: type=1400 audit(1752093216.709:287): avc:  denied  { ioctl } for  pid=6597 comm="syz.4.174" path="/dev/swradio9" dev="devtmpfs" ino=1073 ioctlcmd=0x5665 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  133.014011][ T6632] ip6t_srh: unknown srh match flags  4000
[  134.602712][ T6636] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  136.234023][   T30] audit: type=1400 audit(1752093222.459:288): avc:  denied  { write } for  pid=6642 comm="syz.1.187" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  136.585556][ T5911] usb 2-1: new low-speed USB device number 2 using dummy_hcd
[  137.059092][   T30] audit: type=1400 audit(1752093222.459:289): avc:  denied  { open } for  pid=6642 comm="syz.1.187" path="/dev/autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  137.321988][ T5911] usb 2-1: Invalid ep0 maxpacket: 32
[  137.580229][ T5911] usb 2-1: new low-speed USB device number 3 using dummy_hcd
[  137.696299][   T30] audit: type=1400 audit(1752093222.459:290): avc:  denied  { ioctl } for  pid=6642 comm="syz.1.187" path="/dev/autofs" dev="devtmpfs" ino=98 ioctlcmd=0x937e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  137.721850][    C0] vkms_vblank_simulate: vblank timer overrun
[  137.940241][ T5911] usb 2-1: Invalid ep0 maxpacket: 32
[  138.046714][ T5911] usb usb2-port1: attempt power cycle
[  138.838127][ T5960] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  138.861666][ T5911] usb 2-1: new low-speed USB device number 4 using dummy_hcd
[  139.112581][ T5960] usb 3-1: Using ep0 maxpacket: 8
[  139.130525][ T5960] usb 3-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  139.152187][ T5960] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x93, changing to 0x83
[  139.882607][ T5960] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  139.893822][ T5960] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  139.912087][ T5960] usb 3-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice=66.3e
[  139.921574][ T5960] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  139.929614][ T5960] usb 3-1: Product: syz
[  139.936980][ T5960] usb 3-1: Manufacturer: syz
[  139.942123][ T5960] usb 3-1: SerialNumber: syz
[  139.953845][ T5960] usb 3-1: config 0 descriptor??
[  139.969878][ T6683] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  140.699241][ T5911] usb 2-1: device descriptor read/8, error -71
[  141.503899][ T5960] input: iMON Panel, Knob and Mouse(15c2:003b) as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input10
[  142.283611][ T5960] imon:send_packet: packet tx failed (-71)
[  142.328352][ T5960] imon 3-1:0.0: panel buttons/knobs setup failed
[  143.190046][ T5960] rc_core: IR keymap rc-imon-pad not found
[  143.196015][ T5960] Registered IR keymap rc-empty
[  143.236714][ T5960] imon 3-1:0.0: Looks like you're trying to use an IR protocol this device does not support
[  143.454692][ T5960] imon 3-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  143.703900][ T5960] imon:send_packet: packet tx failed (-71)
[  143.806897][ T5960] imon 3-1:0.0: remote input dev register failed
[  143.900198][ T5960] imon 3-1:0.0: imon_init_intf0: rc device setup failed
[  144.585678][   T30] audit: type=1400 audit(1752093230.809:291): avc:  denied  { map } for  pid=6712 comm="syz.1.203" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  144.705145][ T5960] imon 3-1:0.0: unable to initialize intf0, err 0
[  144.740051][ T5960] imon:imon_probe: failed to initialize context!
[  144.786653][ T5960] imon 3-1:0.0: unable to register, err -19
[  144.879470][ T5960] usb 3-1: USB disconnect, device number 8
[  144.909159][   T30] audit: type=1400 audit(1752093230.809:292): avc:  denied  { write } for  pid=6712 comm="syz.1.203" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  145.819814][ T6732] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  147.983035][ T6741] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  150.090606][   T30] audit: type=1400 audit(1752093236.309:293): avc:  denied  { mounton } for  pid=6753 comm="syz.4.214" path="/syzcgroup/unified/syz4" dev="cgroup2" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[  150.741115][ T6761] syz.4.214: attempt to access beyond end of device
[  150.741115][ T6761] nbd4: rw=4096, sector=0, nr_sectors = 1 limit=0
[  151.435451][ T6779] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6779 comm=syz.4.218
[  151.475705][ T6779] netlink: 8 bytes leftover after parsing attributes in process `syz.4.218'.
[  151.502327][   T30] audit: type=1400 audit(1752093237.639:294): avc:  denied  { ioctl } for  pid=6769 comm="syz.0.217" path="socket:[11451]" dev="sockfs" ino=11451 ioctlcmd=0x9423 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  151.753243][ T6773] netlink: 252 bytes leftover after parsing attributes in process `syz.0.217'.
[  151.859769][ T6781] netlink: 'syz.0.217': attribute type 6 has an invalid length.
[  152.401775][ T6783] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  153.977223][   T30] audit: type=1400 audit(1752093240.199:295): avc:  denied  { append } for  pid=6785 comm="syz.1.220" name="ubi_ctrl" dev="devtmpfs" ino=706 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  155.100123][ T6803] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  157.376303][ T5911] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  157.391459][ T5958] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  157.624595][ T5911] usb 3-1: Using ep0 maxpacket: 32
[  157.643481][ T5958] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  157.683976][ T5911] usb 3-1: too many configurations: 82, using maximum allowed: 8
[  157.705437][ T5911] usb 3-1: unable to read config index 0 descriptor/start: -61
[  157.716933][ T5911] usb 3-1: can't read configurations, error -61
[  157.887323][ T5958] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  157.896466][ T5958] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  157.940028][ T5958] usb 2-1: Product: syz
[  157.966059][ T5958] usb 2-1: Manufacturer: syz
[  158.003339][ T5911] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  158.011138][ T5958] usb 2-1: SerialNumber: syz
[  158.217641][ T5958] usb 2-1: can't set config #1, error -71
[  158.280016][ T5911] usb 3-1: Using ep0 maxpacket: 32
[  158.446048][ T6833] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  158.656892][ T5911] usb 3-1: too many configurations: 82, using maximum allowed: 8
[  158.708387][ T5958] usb 2-1: USB disconnect, device number 6
[  158.944420][ T5911] usb 3-1: unable to read config index 0 descriptor/start: -61
[  158.952182][ T5911] usb 3-1: can't read configurations, error -61
[  158.961388][ T5911] usb usb3-port1: attempt power cycle
[  159.048395][   T30] audit: type=1400 audit(1752093245.269:296): avc:  denied  { read write } for  pid=6835 comm="syz.1.230" name="mouse0" dev="devtmpfs" ino=987 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  159.107240][ T6836] FAULT_INJECTION: forcing a failure.
[  159.107240][ T6836] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  159.169993][ T6836] CPU: 1 UID: 0 PID: 6836 Comm: syz.1.230 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full) 
[  159.170019][ T6836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  159.170034][ T6836] Call Trace:
[  159.170040][ T6836]  <TASK>
[  159.170047][ T6836]  dump_stack_lvl+0x16c/0x1f0
[  159.170075][ T6836]  should_fail_ex+0x512/0x640
[  159.170102][ T6836]  _copy_from_user+0x2e/0xd0
[  159.170127][ T6836]  input_event_from_user+0x133/0x3b0
[  159.170153][ T6836]  ? __pfx_input_event_from_user+0x10/0x10
[  159.170176][ T6836]  ? __pfx___might_resched+0x10/0x10
[  159.170199][ T6836]  ? input_inject_event+0x1a5/0x390
[  159.170225][ T6836]  evdev_write+0x37b/0x750
[  159.170252][ T6836]  ? __pfx_evdev_write+0x10/0x10
[  159.170276][ T6836]  ? bpf_lsm_file_permission+0x9/0x10
[  159.170302][ T6836]  ? security_file_permission+0x71/0x210
[  159.170327][ T6836]  ? rw_verify_area+0xcf/0x680
[  159.170349][ T6836]  ? __pfx_evdev_write+0x10/0x10
[  159.170370][ T6836]  vfs_write+0x29d/0x1150
[  159.170397][ T6836]  ? __pfx_vfs_write+0x10/0x10
[  159.170416][ T6836]  ? find_held_lock+0x2b/0x80
[  159.170442][ T6836]  ? __fget_files+0x204/0x3c0
[  159.170470][ T6836]  ? __fget_files+0x20e/0x3c0
[  159.170500][ T6836]  ksys_write+0x1f8/0x250
[  159.170521][ T6836]  ? __pfx_ksys_write+0x10/0x10
[  159.170550][ T6836]  do_syscall_64+0xcd/0x4c0
[  159.170576][ T6836]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.170593][ T6836] RIP: 0033:0x7f5ec138e929
[  159.170607][ T6836] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  159.170623][ T6836] RSP: 002b:00007f5ec2267038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  159.170640][ T6836] RAX: ffffffffffffffda RBX: 00007f5ec15b5fa0 RCX: 00007f5ec138e929
[  159.170651][ T6836] RDX: 0000000000000918 RSI: 0000200000000040 RDI: 0000000000000004
[  159.170661][ T6836] RBP: 00007f5ec2267090 R08: 0000000000000000 R09: 0000000000000000
[  159.170671][ T6836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  159.170680][ T6836] R13: 0000000000000000 R14: 00007f5ec15b5fa0 R15: 00007fff1be78028
[  159.170704][ T6836]  </TASK>
[  159.222468][   T30] audit: type=1400 audit(1752093245.269:297): avc:  denied  { open } for  pid=6835 comm="syz.1.230" path="/dev/input/mouse0" dev="devtmpfs" ino=987 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  159.227252][    C1] vkms_vblank_simulate: vblank timer overrun
[  159.420763][    C1] vkms_vblank_simulate: vblank timer overrun
[  159.427610][    C1] hrtimer: interrupt took 247677794 ns
[  159.443237][   T30] audit: type=1400 audit(1752093245.269:298): avc:  denied  { write } for  pid=6835 comm="syz.1.230" name="event3" dev="devtmpfs" ino=990 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  159.520379][   T30] audit: type=1400 audit(1752093245.269:299): avc:  denied  { open } for  pid=6835 comm="syz.1.230" path="/dev/input/event3" dev="devtmpfs" ino=990 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  159.527700][    C1] vkms_vblank_simulate: vblank timer overrun
[  159.550945][    C1] vkms_vblank_simulate: vblank timer overrun
[  159.654226][ T5911] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  159.695643][   T30] audit: type=1400 audit(1752093245.909:300): avc:  denied  { create } for  pid=6839 comm="syz.0.231" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  159.827520][ T5911] usb 3-1: Using ep0 maxpacket: 32
[  159.839673][ T5911] usb 3-1: too many configurations: 82, using maximum allowed: 8
[  159.892469][   T30] audit: type=1400 audit(1752093245.909:301): avc:  denied  { listen } for  pid=6839 comm="syz.0.231" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  159.924987][ T5911] usb 3-1: unable to read config index 0 descriptor/start: -61
[  159.971108][ T5911] usb 3-1: can't read configurations, error -61
[  160.030067][   T30] audit: type=1400 audit(1752093245.909:302): avc:  denied  { create } for  pid=6839 comm="syz.0.231" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  160.049295][    C1] vkms_vblank_simulate: vblank timer overrun
[  160.185597][ T5911] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  160.198977][   T30] audit: type=1400 audit(1752093246.419:303): avc:  denied  { create } for  pid=6843 comm="syz.1.232" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  160.383425][   T30] audit: type=1400 audit(1752093246.419:304): avc:  denied  { connect } for  pid=6843 comm="syz.1.232" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  160.403638][   T30] audit: type=1400 audit(1752093246.479:305): avc:  denied  { bind } for  pid=6843 comm="syz.1.232" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  160.421460][ T6852] FAULT_INJECTION: forcing a failure.
[  160.421460][ T6852] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  160.437370][ T6852] CPU: 0 UID: 0 PID: 6852 Comm: syz.2.234 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full) 
[  160.437392][ T6852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  160.437401][ T6852] Call Trace:
[  160.437407][ T6852]  <TASK>
[  160.437413][ T6852]  dump_stack_lvl+0x16c/0x1f0
[  160.437440][ T6852]  should_fail_ex+0x512/0x640
[  160.437465][ T6852]  _copy_from_iter+0x29f/0x16f0
[  160.437490][ T6852]  ? __alloc_skb+0x200/0x380
[  160.437510][ T6852]  ? __pfx__copy_from_iter+0x10/0x10
[  160.437533][ T6852]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  160.437567][ T6852]  netlink_sendmsg+0x829/0xdd0
[  160.437587][ T6852]  ? __pfx_netlink_sendmsg+0x10/0x10
[  160.437612][ T6852]  sock_write_iter+0x4ff/0x5b0
[  160.437630][ T6852]  ? __pfx_sock_write_iter+0x10/0x10
[  160.437656][ T6852]  ? __pfx_file_has_perm+0x10/0x10
[  160.437679][ T6852]  do_iter_readv_writev+0x657/0x950
[  160.437701][ T6852]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  160.437720][ T6852]  ? selinux_file_permission+0x126/0x660
[  160.437744][ T6852]  ? bpf_lsm_file_permission+0x9/0x10
[  160.437769][ T6852]  ? security_file_permission+0x71/0x210
[  160.437795][ T6852]  ? rw_verify_area+0xcf/0x680
[  160.437815][ T6852]  vfs_writev+0x35f/0xde0
[  160.437840][ T6852]  ? __pfx_vfs_writev+0x10/0x10
[  160.437877][ T6852]  ? __fget_files+0x20e/0x3c0
[  160.437898][ T6852]  ? __fget_files+0x170/0x3c0
[  160.437925][ T6852]  ? do_writev+0x28c/0x340
[  160.437942][ T6852]  do_writev+0x28c/0x340
[  160.437959][ T6852]  ? __pfx_do_writev+0x10/0x10
[  160.437984][ T6852]  do_syscall_64+0xcd/0x4c0
[  160.438010][ T6852]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  160.438026][ T6852] RIP: 0033:0x7f9e9898e929
[  160.438041][ T6852] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  160.438056][ T6852] RSP: 002b:00007f9e9971c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  160.438072][ T6852] RAX: ffffffffffffffda RBX: 00007f9e98bb6080 RCX: 00007f9e9898e929
[  160.438083][ T6852] RDX: 0000000000000001 RSI: 00002000000003c0 RDI: 0000000000000005
[  160.438093][ T6852] RBP: 00007f9e9971c090 R08: 0000000000000000 R09: 0000000000000000
[  160.438102][ T6852] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  160.438112][ T6852] R13: 0000000000000000 R14: 00007f9e98bb6080 R15: 00007ffd31042298
[  160.438131][ T6852]  </TASK>
[  160.729678][ T6853] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  160.787634][ T5911] usb 3-1: device not accepting address 12, error -71
[  160.806518][ T5911] usb usb3-port1: unable to enumerate USB device
[  163.839557][ T6895] netlink: 'syz.2.242': attribute type 4 has an invalid length.
[  164.031344][ T6895] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  164.396486][   T30] kauditd_printk_skb: 1 callbacks suppressed
[  164.396509][   T30] audit: type=1400 audit(1752093250.609:307): avc:  denied  { connect } for  pid=6903 comm="syz.4.247" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  164.457167][ T6908] netlink: 8 bytes leftover after parsing attributes in process `syz.4.247'.
[  165.243905][   T30] audit: type=1400 audit(1752093250.619:308): avc:  denied  { create } for  pid=6903 comm="syz.4.247" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  165.263095][    C0] vkms_vblank_simulate: vblank timer overrun
[  165.317810][ T6909] =======================================================
[  165.317810][ T6909] WARNING: The mand mount option has been deprecated and
[  165.317810][ T6909]          and is ignored by this kernel. Remove the mand
[  165.317810][ T6909]          option from the mount to silence this warning.
[  165.317810][ T6909] =======================================================
[  165.372991][ T6909] pvfs2: Unknown parameter 'unused'
[  166.331398][ T6923] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  167.577357][ T6936] FAULT_INJECTION: forcing a failure.
[  167.577357][ T6936] name failslab, interval 1, probability 0, space 0, times 0
[  167.696120][ T6936] CPU: 1 UID: 0 PID: 6936 Comm: syz.4.254 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full) 
[  167.696145][ T6936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  167.696154][ T6936] Call Trace:
[  167.696159][ T6936]  <TASK>
[  167.696166][ T6936]  dump_stack_lvl+0x16c/0x1f0
[  167.696200][ T6936]  should_fail_ex+0x512/0x640
[  167.696222][ T6936]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  167.696246][ T6936]  should_failslab+0xc2/0x120
[  167.696270][ T6936]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  167.696291][ T6936]  ? getname_flags.part.0+0x4c/0x550
[  167.696310][ T6936]  getname_flags.part.0+0x4c/0x550
[  167.696329][ T6936]  getname_flags+0x93/0xf0
[  167.696349][ T6936]  __x64_sys_renameat+0xa2/0x100
[  167.696375][ T6936]  do_syscall_64+0xcd/0x4c0
[  167.696399][ T6936]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.696416][ T6936] RIP: 0033:0x7fdc4818e929
[  167.696432][ T6936] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  167.696447][ T6936] RSP: 002b:00007fdc49089038 EFLAGS: 00000246 ORIG_RAX: 0000000000000108
[  167.696464][ T6936] RAX: ffffffffffffffda RBX: 00007fdc483b5fa0 RCX: 00007fdc4818e929
[  167.696474][ T6936] RDX: ffffffffffffffff RSI: 0000000000000000 RDI: ffffffffffffffff
[  167.696484][ T6936] RBP: 00007fdc49089090 R08: 0000000000000000 R09: 0000000000000000
[  167.696494][ T6936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  167.696503][ T6936] R13: 0000000000000000 R14: 00007fdc483b5fa0 R15: 00007ffe7a636198
[  167.696525][ T6936]  </TASK>
[  168.918460][ T6963] random: crng reseeded on system resumption
[  168.947632][ T6966] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  169.621213][   T30] audit: type=1400 audit(1752093255.139:309): avc:  denied  { read write } for  pid=6962 comm="syz.4.261" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  169.829676][   T30] audit: type=1400 audit(1752093255.139:310): avc:  denied  { ioctl open } for  pid=6962 comm="syz.4.261" path="/dev/snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  170.145993][   T30] audit: type=1326 audit(1752093256.009:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6975 comm="syz.4.264" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fdc4818e929 code=0x0
[  170.210554][ T6983] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  171.040229][  T974] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  171.252396][   T30] audit: type=1400 audit(1752093257.469:312): avc:  denied  { create } for  pid=6989 comm="syz.3.268" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[  171.310023][  T974] usb 1-1: Using ep0 maxpacket: 32
[  171.316322][   T30] audit: type=1400 audit(1752093257.479:313): avc:  denied  { sys_admin } for  pid=6989 comm="syz.3.268" capability=21  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[  171.574763][  T974] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  171.585822][  T974] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  171.595951][  T974] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  171.613254][  T974] usb 1-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[  171.623965][  T974] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  171.711995][  T974] usb 1-1: config 0 descriptor??
[  172.131591][ T7007] overlayfs: failed to resolve './file1': -2
[  172.139203][   T30] audit: type=1400 audit(1752093258.359:314): avc:  denied  { append } for  pid=6986 comm="syz.0.267" name="loop7" dev="devtmpfs" ino=654 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  173.080110][   T30] audit: type=1400 audit(1752093258.399:315): avc:  denied  { read } for  pid=7005 comm="syz.3.274" name="btrfs-control" dev="devtmpfs" ino=1316 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  173.112595][   T30] audit: type=1400 audit(1752093258.399:316): avc:  denied  { open } for  pid=7005 comm="syz.3.274" path="/dev/btrfs-control" dev="devtmpfs" ino=1316 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  173.166275][   T30] audit: type=1400 audit(1752093258.399:317): avc:  denied  { ioctl } for  pid=7005 comm="syz.3.274" path="/dev/btrfs-control" dev="devtmpfs" ino=1316 ioctlcmd=0x9405 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1
[  173.309794][   T30] audit: type=1400 audit(1752093259.529:318): avc:  denied  { create } for  pid=7011 comm="syz.1.276" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_dnrt_socket permissive=1
[  173.329828][    C0] vkms_vblank_simulate: vblank timer overrun
[  173.795723][ T5911] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  174.054616][ T7021] (unnamed net_device) (uninitialized): option downdelay: invalid value (18446744073709551609)
[  174.066078][ T7021] (unnamed net_device) (uninitialized): option downdelay: allowed values 0 - 2147483647
[  174.380069][ T5911] usb 2-1: Using ep0 maxpacket: 16
[  174.396878][  T974] usbhid 1-1:0.0: can't add hid device: -71
[  174.408700][ T5911] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 11
[  174.434445][  T974] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  174.445672][  T974] usb 1-1: USB disconnect, device number 9
[  174.457954][ T5911] usb 2-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0
[  174.518203][ T5911] usb 2-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0
[  174.564293][ T5911] usb 2-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0
[  174.582069][ T5911] usb 2-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0
[  174.649223][ T5911] usb 2-1: config 1 interface 0 has no altsetting 0
[  174.656077][ T5911] usb 2-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77
[  174.679971][ T5911] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  174.720659][ T5911] ums-sddr09 2-1:1.0: USB Mass Storage device detected
[  175.023341][ T5911] scsi host1: usb-storage 2-1:1.0
[  176.863151][ T7034] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  177.236200][ T1157] scsi 1:0:0:0: Direct-Access     Sandisk  ImageMate SDDR09 0177 PQ: 0 ANSI: 0
[  177.410267][ T5958] usb 2-1: USB disconnect, device number 7
[  177.990537][ T1157] sd 1:0:0:0: Attached scsi generic sg1 type 0
[  178.001364][   T30] audit: type=1400 audit(1752093264.209:319): avc:  denied  { setopt } for  pid=7041 comm="syz.0.282" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  178.036549][   T13] sd 1:0:0:0: [sdb] Test Unit Ready failed: Result: hostbyte=DID_NO_CONNECT driverbyte=DRIVER_OK
[  178.058159][ T7053] netlink: 4 bytes leftover after parsing attributes in process `syz.0.282'.
[  178.144968][   T13] sd 1:0:0:0: [sdb] Read Capacity(10) failed: Result: hostbyte=DID_NO_CONNECT driverbyte=DRIVER_OK
[  178.194975][ T7050] bridge0: entered allmulticast mode
[  178.200127][ T7056] netlink: 8 bytes leftover after parsing attributes in process `syz.0.282'.
[  178.236852][   T13] sd 1:0:0:0: [sdb] Sense not available.
[  178.308062][   T13] sd 1:0:0:0: [sdb] 0 512-byte logical blocks: (0 B/0 B)
[  178.620126][   T13] sd 1:0:0:0: [sdb] 0-byte physical blocks
[  178.668087][   T13] sd 1:0:0:0: [sdb] Write Protect is off
[  178.713446][ T7053] bridge_slave_1: left allmulticast mode
[  178.720606][ T7053] bridge_slave_1: left promiscuous mode
[  178.787777][ T7067] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7067 comm=syz.4.287
[  178.809539][   T13] sd 1:0:0:0: [sdb] Asking for cache data failed
[  178.864421][ T7067] netlink: 8 bytes leftover after parsing attributes in process `syz.4.287'.
[  178.953709][ T7053] bridge0: port 2(bridge_slave_1) entered disabled state
[  179.043782][   T13] sd 1:0:0:0: [sdb] Assuming drive cache: write through
[  180.448256][ T7073] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  180.686996][ T7053] bridge_slave_0: left allmulticast mode
[  180.720039][   T13] sd 1:0:0:0: [sdb] Attached SCSI removable disk
[  180.753464][ T7053] bridge_slave_0: left promiscuous mode
[  180.759279][ T7053] bridge0: port 1(bridge_slave_0) entered disabled state
[  180.829792][   T30] audit: type=1326 audit(1752093267.049:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7074 comm="syz.3.289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c83b8e929 code=0x7ffc0000
[  181.027829][ T7081] overlay: Bad value for 'upperdir'
[  181.270126][   T30] audit: type=1326 audit(1752093267.049:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7074 comm="syz.3.289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c83b8e929 code=0x7ffc0000
[  181.310963][ T7053] bridge0 (unregistering): left allmulticast mode
[  181.314893][   T30] audit: type=1326 audit(1752093267.059:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7074 comm="syz.3.289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f6c83b8e929 code=0x7ffc0000
[  181.349207][   T30] audit: type=1326 audit(1752093267.059:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7074 comm="syz.3.289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c83b8e929 code=0x7ffc0000
[  181.448060][ T5826] udevd[5826]: inotify_add_watch(7, /dev/sdb, 10) failed: No such file or directory
[  181.473522][   T30] audit: type=1326 audit(1752093267.059:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7074 comm="syz.3.289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c83b8e929 code=0x7ffc0000
[  181.712853][ T5843] udevd[5843]: inotify_add_watch(7, /dev/sdb, 10) failed: No such file or directory
[  181.738038][   T30] audit: type=1326 audit(1752093267.059:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7074 comm="syz.3.289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f6c83b8e929 code=0x7ffc0000
[  181.829023][ T7086] (unnamed net_device) (uninitialized): option downdelay: invalid value (18446744073709551609)
[  181.840599][ T7086] (unnamed net_device) (uninitialized): option downdelay: allowed values 0 - 2147483647
[  182.229256][   T30] audit: type=1326 audit(1752093267.059:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7074 comm="syz.3.289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c83b8e929 code=0x7ffc0000
[  182.373252][   T30] audit: type=1326 audit(1752093267.059:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7074 comm="syz.3.289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c83b8e929 code=0x7ffc0000
[  182.442739][   T30] audit: type=1326 audit(1752093267.059:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7074 comm="syz.3.289" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6c83b8e929 code=0x7ffc0000
[  184.853437][   T30] kauditd_printk_skb: 11 callbacks suppressed
[  184.854481][   T30] audit: type=1400 audit(1752093271.029:340): avc:  denied  { read } for  pid=7113 comm="syz.1.300" name="ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  185.136133][   T30] audit: type=1400 audit(1752093271.029:341): avc:  denied  { open } for  pid=7113 comm="syz.1.300" path="/dev/ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  185.159086][    C0] vkms_vblank_simulate: vblank timer overrun
[  185.585560][   T30] audit: type=1400 audit(1752093271.069:342): avc:  denied  { ioctl } for  pid=7113 comm="syz.1.300" path="/dev/ppp" dev="devtmpfs" ino=709 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  185.609984][    C0] vkms_vblank_simulate: vblank timer overrun
[  185.693280][ T7102] Bluetooth: hci2: command 0x0406 tx timeout
[  185.695158][   T51] Bluetooth: hci1: command 0x0406 tx timeout
[  185.699858][ T7102] Bluetooth: hci3: command 0x0406 tx timeout
[  185.705738][   T51] Bluetooth: hci4: command 0x0406 tx timeout
[  185.718796][ T7102] Bluetooth: hci0: command 0x0406 tx timeout
[  187.340687][ T7143] FAULT_INJECTION: forcing a failure.
[  187.340687][ T7143] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  187.599990][ T7143] CPU: 1 UID: 0 PID: 7143 Comm: syz.3.307 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full) 
[  187.600017][ T7143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  187.600028][ T7143] Call Trace:
[  187.600034][ T7143]  <TASK>
[  187.600041][ T7143]  dump_stack_lvl+0x16c/0x1f0
[  187.600071][ T7143]  should_fail_ex+0x512/0x640
[  187.600095][ T7143]  _copy_to_user+0x32/0xd0
[  187.600120][ T7143]  simple_read_from_buffer+0xcb/0x170
[  187.600143][ T7143]  proc_fail_nth_read+0x197/0x270
[  187.600165][ T7143]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  187.600186][ T7143]  ? rw_verify_area+0xcf/0x680
[  187.600204][ T7143]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  187.600224][ T7143]  vfs_read+0x1e4/0xc60
[  187.600247][ T7143]  ? __pfx___mutex_lock+0x10/0x10
[  187.600273][ T7143]  ? __pfx_vfs_read+0x10/0x10
[  187.600298][ T7143]  ? __fget_files+0x20e/0x3c0
[  187.600326][ T7143]  ksys_read+0x12a/0x250
[  187.600346][ T7143]  ? __pfx_ksys_read+0x10/0x10
[  187.600366][ T7143]  ? fput+0x70/0xf0
[  187.600384][ T7143]  do_syscall_64+0xcd/0x4c0
[  187.600408][ T7143]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.600425][ T7143] RIP: 0033:0x7f6c83b8d33c
[  187.600439][ T7143] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  187.600455][ T7143] RSP: 002b:00007f6c849e6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  187.600472][ T7143] RAX: ffffffffffffffda RBX: 00007f6c83db5fa0 RCX: 00007f6c83b8d33c
[  187.600483][ T7143] RDX: 000000000000000f RSI: 00007f6c849e60a0 RDI: 0000000000000003
[  187.600493][ T7143] RBP: 00007f6c849e6090 R08: 0000000000000000 R09: 0000000000000000
[  187.600503][ T7143] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  187.600512][ T7143] R13: 0000000000000000 R14: 00007f6c83db5fa0 R15: 00007fff9be79bc8
[  187.600535][ T7143]  </TASK>
[  187.814314][   T30] audit: type=1400 audit(1752093274.019:343): avc:  denied  { create } for  pid=7139 comm="syz.1.306" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  187.845265][ T7135] block device autoloading is deprecated and will be removed.
[  188.108228][ T7153] kAFS: No cell specified
[  188.115211][ T7153] hugetlbfs: syz.0.310 (7153): Using mlock ulimits for SHM_HUGETLB is obsolete
[  189.404759][ T7160] FAULT_INJECTION: forcing a failure.
[  189.404759][ T7160] name failslab, interval 1, probability 0, space 0, times 0
[  189.418122][ T7160] CPU: 0 UID: 0 PID: 7160 Comm: syz.1.313 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full) 
[  189.418146][ T7160] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  189.418157][ T7160] Call Trace:
[  189.418162][ T7160]  <TASK>
[  189.418169][ T7160]  dump_stack_lvl+0x16c/0x1f0
[  189.418198][ T7160]  should_fail_ex+0x512/0x640
[  189.418220][ T7160]  ? __kmalloc_noprof+0xbf/0x510
[  189.418245][ T7160]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  189.418266][ T7160]  should_failslab+0xc2/0x120
[  189.418291][ T7160]  __kmalloc_noprof+0xd2/0x510
[  189.418314][ T7160]  ? avc_has_perm_noaudit+0x149/0x3b0
[  189.418334][ T7160]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  189.418359][ T7160]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  189.418381][ T7160]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  189.418409][ T7160]  ? bpf_lsm_capable+0x9/0x10
[  189.418425][ T7160]  ? security_capable+0x7e/0x260
[  189.418444][ T7160]  ? ns_capable+0xd7/0x110
[  189.418467][ T7160]  genl_rcv_msg+0x55c/0x800
[  189.418488][ T7160]  ? __pfx_genl_rcv_msg+0x10/0x10
[  189.418508][ T7160]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  189.418530][ T7160]  ? __pfx_nl80211_tx_mgmt+0x10/0x10
[  189.418545][ T7160]  ? __pfx_nl80211_post_doit+0x10/0x10
[  189.418577][ T7160]  netlink_rcv_skb+0x158/0x420
[  189.418593][ T7160]  ? __pfx_genl_rcv_msg+0x10/0x10
[  189.418612][ T7160]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  189.418640][ T7160]  ? netlink_deliver_tap+0x1ae/0xd30
[  189.418669][ T7160]  genl_rcv+0x28/0x40
[  189.418685][ T7160]  netlink_unicast+0x53a/0x7f0
[  189.418704][ T7160]  ? __pfx_netlink_unicast+0x10/0x10
[  189.418728][ T7160]  netlink_sendmsg+0x8d1/0xdd0
[  189.418748][ T7160]  ? __pfx_netlink_sendmsg+0x10/0x10
[  189.418776][ T7160]  ____sys_sendmsg+0xa95/0xc70
[  189.418794][ T7160]  ? copy_msghdr_from_user+0x10a/0x160
[  189.418815][ T7160]  ? __pfx_____sys_sendmsg+0x10/0x10
[  189.418844][ T7160]  ___sys_sendmsg+0x134/0x1d0
[  189.418869][ T7160]  ? __pfx____sys_sendmsg+0x10/0x10
[  189.418889][ T7160]  ? __lock_acquire+0x622/0x1c90
[  189.418942][ T7160]  __sys_sendmsg+0x16d/0x220
[  189.418965][ T7160]  ? __pfx___sys_sendmsg+0x10/0x10
[  189.419005][ T7160]  do_syscall_64+0xcd/0x4c0
[  189.419030][ T7160]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.419047][ T7160] RIP: 0033:0x7f5ec138e929
[  189.419061][ T7160] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  189.419076][ T7160] RSP: 002b:00007f5ec2267038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  189.419093][ T7160] RAX: ffffffffffffffda RBX: 00007f5ec15b5fa0 RCX: 00007f5ec138e929
[  189.419104][ T7160] RDX: 0000000000000000 RSI: 0000200000001380 RDI: 0000000000000003
[  189.419114][ T7160] RBP: 00007f5ec2267090 R08: 0000000000000000 R09: 0000000000000000
[  189.419123][ T7160] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  189.419133][ T7160] R13: 0000000000000000 R14: 00007f5ec15b5fa0 R15: 00007fff1be78028
[  189.419157][ T7160]  </TASK>
[  189.711830][    C0] vkms_vblank_simulate: vblank timer overrun
[  190.505117][   T30] audit: type=1400 audit(1752093276.719:344): avc:  denied  { connect } for  pid=7164 comm="syz.3.317" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  190.780089][ T5959] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  190.869363][ T7177] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  191.134417][   T30] audit: type=1400 audit(1752093277.089:345): avc:  denied  { unlink } for  pid=7164 comm="syz.3.317" name="#1" dev="tmpfs" ino=346 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  191.915817][ T5959] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  192.053010][   T30] audit: type=1400 audit(1752093277.109:346): avc:  denied  { mount } for  pid=7164 comm="syz.3.317" name="/" dev="overlay" ino=341 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  192.098760][ T5959] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  192.239397][ T5959] usb 1-1: New USB device found, idVendor=1038, idProduct=12b6, bcdDevice= 0.00
[  192.382629][ T5959] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  192.396019][   T30] audit: type=1400 audit(1752093278.109:347): avc:  denied  { unmount } for  pid=5837 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  192.635957][ T5959] usb 1-1: config 0 descriptor??
[  192.660122][   T24] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  192.970175][   T24] usb 5-1: device descriptor read/64, error -71
[  193.289895][ T5959] steelseries 0003:1038:12B6.0001: unknown main item tag 0x3
[  193.375572][ T5959] steelseries 0003:1038:12B6.0001: hidraw0: USB HID v0.00 Device [HID 1038:12b6] on usb-dummy_hcd.0-1/input0
[  193.844021][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  193.850477][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  193.873439][   T24] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  193.967004][   T30] audit: type=1400 audit(1752093280.189:348): avc:  denied  { connect } for  pid=7192 comm="syz.4.323" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  194.040279][   T30] audit: type=1400 audit(1752093280.189:349): avc:  denied  { ioctl } for  pid=7192 comm="syz.4.323" path="socket:[13454]" dev="sockfs" ino=13454 ioctlcmd=0x7437 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  194.151408][ T5910] usb 1-1: USB disconnect, device number 10
[  194.159098][   T30] audit: type=1400 audit(1752093280.189:350): avc:  denied  { connect } for  pid=7192 comm="syz.4.323" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  194.204265][ T7196] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  194.238940][   T30] audit: type=1400 audit(1752093280.409:351): avc:  denied  { append } for  pid=7195 comm="syz.4.324" name="sg0" dev="devtmpfs" ino=756 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  194.259702][ T7196] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  194.486342][ T7202] netlink: 'syz.1.326': attribute type 1 has an invalid length.
[  194.504271][ T7202] netlink: 224 bytes leftover after parsing attributes in process `syz.1.326'.
[  194.610410][   T24] usb 5-1: device descriptor read/64, error -71
[  194.694728][   T30] audit: type=1400 audit(1752093280.919:352): avc:  denied  { bind } for  pid=7207 comm="syz.3.328" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  194.720747][   T24] usb usb5-port1: attempt power cycle
[  194.883667][   T30] audit: type=1400 audit(1752093281.109:353): avc:  denied  { map } for  pid=7209 comm="syz.0.329" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  195.060010][   T24] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  195.095479][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  195.105563][   T24] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0
[  195.115739][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[  195.125546][   T24] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0
[  195.138335][   T24] usb 5-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00
[  195.149857][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  195.159106][   T24] usb 5-1: Product: syz
[  195.163394][   T24] usb 5-1: Manufacturer: syz
[  195.168096][   T24] usb 5-1: SerialNumber: syz
[  195.190148][   T24] usb 5-1: config 0 descriptor??
[  195.201690][   T24] ums-isd200 5-1:0.0: USB Mass Storage device detected
[  195.228973][ T7219] FAULT_INJECTION: forcing a failure.
[  195.228973][ T7219] name failslab, interval 1, probability 0, space 0, times 0
[  195.241930][ T7219] CPU: 1 UID: 0 PID: 7219 Comm: syz.1.330 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full) 
[  195.241957][ T7219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  195.241968][ T7219] Call Trace:
[  195.241974][ T7219]  <TASK>
[  195.241980][ T7219]  dump_stack_lvl+0x16c/0x1f0
[  195.242008][ T7219]  should_fail_ex+0x512/0x640
[  195.242030][ T7219]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  195.242056][ T7219]  should_failslab+0xc2/0x120
[  195.242080][ T7219]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  195.242103][ T7219]  ? __alloc_skb+0x2b2/0x380
[  195.242128][ T7219]  __alloc_skb+0x2b2/0x380
[  195.242149][ T7219]  ? __pfx___alloc_skb+0x10/0x10
[  195.242170][ T7219]  ? genl_rcv_msg+0x4bb/0x800
[  195.242196][ T7219]  netlink_ack+0x15d/0xb80
[  195.242213][ T7219]  ? __lock_acquire+0x622/0x1c90
[  195.242234][ T7219]  netlink_rcv_skb+0x332/0x420
[  195.242250][ T7219]  ? __pfx_genl_rcv_msg+0x10/0x10
[  195.242270][ T7219]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  195.242298][ T7219]  ? netlink_deliver_tap+0x1ae/0xd30
[  195.242322][ T7219]  ? is_vmalloc_addr+0x86/0xa0
[  195.242346][ T7219]  genl_rcv+0x28/0x40
[  195.242362][ T7219]  netlink_unicast+0x53a/0x7f0
[  195.242382][ T7219]  ? __pfx_netlink_unicast+0x10/0x10
[  195.242406][ T7219]  netlink_sendmsg+0x8d1/0xdd0
[  195.242427][ T7219]  ? __pfx_netlink_sendmsg+0x10/0x10
[  195.242452][ T7219]  ____sys_sendmsg+0xa95/0xc70
[  195.242470][ T7219]  ? copy_msghdr_from_user+0x10a/0x160
[  195.242493][ T7219]  ? __pfx_____sys_sendmsg+0x10/0x10
[  195.242522][ T7219]  ___sys_sendmsg+0x134/0x1d0
[  195.242546][ T7219]  ? __pfx____sys_sendmsg+0x10/0x10
[  195.242567][ T7219]  ? __lock_acquire+0x622/0x1c90
[  195.242614][ T7219]  __sys_sendmsg+0x16d/0x220
[  195.242641][ T7219]  ? __pfx___sys_sendmsg+0x10/0x10
[  195.242679][ T7219]  do_syscall_64+0xcd/0x4c0
[  195.242706][ T7219]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.242724][ T7219] RIP: 0033:0x7f5ec138e929
[  195.242738][ T7219] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  195.242755][ T7219] RSP: 002b:00007f5ec2267038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  195.242770][ T7219] RAX: ffffffffffffffda RBX: 00007f5ec15b5fa0 RCX: 00007f5ec138e929
[  195.242782][ T7219] RDX: 0000000002004000 RSI: 00002000000004c0 RDI: 0000000000000004
[  195.242793][ T7219] RBP: 00007f5ec2267090 R08: 0000000000000000 R09: 0000000000000000
[  195.242802][ T7219] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  195.242812][ T7219] R13: 0000000000000000 R14: 00007f5ec15b5fa0 R15: 00007fff1be78028
[  195.242836][ T7219]  </TASK>
[  196.236834][ T7232] (unnamed net_device) (uninitialized): option downdelay: invalid value (18446744073709551609)
[  196.247261][ T7232] (unnamed net_device) (uninitialized): option downdelay: allowed values 0 - 2147483647
[  197.404911][   T24] scsi host1: usb-storage 5-1:0.0
[  197.628183][ T7252] overlayfs: failed to resolve './file1': -2
[  197.688188][ T7254] FAULT_INJECTION: forcing a failure.
[  197.688188][ T7254] name failslab, interval 1, probability 0, space 0, times 0
[  197.701324][ T7254] CPU: 1 UID: 0 PID: 7254 Comm: syz.2.339 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full) 
[  197.701349][ T7254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  197.701359][ T7254] Call Trace:
[  197.701365][ T7254]  <TASK>
[  197.701372][ T7254]  dump_stack_lvl+0x16c/0x1f0
[  197.701402][ T7254]  should_fail_ex+0x512/0x640
[  197.701430][ T7254]  ? __kmalloc_noprof+0xbf/0x510
[  197.701454][ T7254]  ? iter_file_splice_write+0x1cc/0x1150
[  197.701478][ T7254]  should_failslab+0xc2/0x120
[  197.701503][ T7254]  __kmalloc_noprof+0xd2/0x510
[  197.701530][ T7254]  iter_file_splice_write+0x1cc/0x1150
[  197.701554][ T7254]  ? current_time+0x11d/0x1a0
[  197.701578][ T7254]  ? __pfx_current_time+0x10/0x10
[  197.701600][ T7254]  ? __pfx_make_vfsgid+0x10/0x10
[  197.701624][ T7254]  ? atime_needs_update+0x8b/0x710
[  197.701645][ T7254]  ? __pfx_iter_file_splice_write+0x10/0x10
[  197.701669][ T7254]  ? __lock_acquire+0xb8a/0x1c90
[  197.701705][ T7254]  ? __pfx_iter_file_splice_write+0x10/0x10
[  197.701730][ T7254]  direct_splice_actor+0x18f/0x6c0
[  197.701755][ T7254]  splice_direct_to_actor+0x342/0xa30
[  197.701780][ T7254]  ? __pfx_direct_splice_actor+0x10/0x10
[  197.701806][ T7254]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  197.701826][ T7254]  ? get_pid_task+0xfc/0x250
[  197.701854][ T7254]  do_splice_direct+0x174/0x240
[  197.701877][ T7254]  ? __pfx_do_splice_direct+0x10/0x10
[  197.701899][ T7254]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  197.701925][ T7254]  ? rw_verify_area+0xcf/0x680
[  197.701947][ T7254]  do_sendfile+0xb06/0xe50
[  197.701972][ T7254]  ? __pfx_do_sendfile+0x10/0x10
[  197.702002][ T7254]  __x64_sys_sendfile64+0x154/0x220
[  197.702030][ T7254]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  197.702064][ T7254]  do_syscall_64+0xcd/0x4c0
[  197.702091][ T7254]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  197.702109][ T7254] RIP: 0033:0x7f9e9898e929
[  197.702123][ T7254] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  197.702140][ T7254] RSP: 002b:00007f9e967f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  197.702158][ T7254] RAX: ffffffffffffffda RBX: 00007f9e98bb6160 RCX: 00007f9e9898e929
[  197.702169][ T7254] RDX: 0000200000000080 RSI: 0000000000000006 RDI: 0000000000000006
[  197.702179][ T7254] RBP: 00007f9e967f6090 R08: 0000000000000000 R09: 0000000000000000
[  197.702190][ T7254] R10: 0000000000007f03 R11: 0000000000000246 R12: 0000000000000001
[  197.702200][ T7254] R13: 0000000000000000 R14: 00007f9e98bb6160 R15: 00007ffd31042298
[  197.702223][ T7254]  </TASK>
[  198.265862][   T24] usb 5-1: USB disconnect, device number 9
[  198.330771][ T7237] syz.0.336 (7237): drop_caches: 2
[  199.080037][ T5959] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  199.409408][ T5959] usb 3-1: Using ep0 maxpacket: 8
[  199.622818][ T7277] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  200.379435][ T5959] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  200.389695][ T5959] usb 3-1: config 1 interface 0 has no altsetting 0
[  200.423207][ T5959] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  200.480105][ T5959] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  200.488178][ T5959] usb 3-1: Product: syz
[  200.537383][ T5959] usb 3-1: Manufacturer: syz
[  200.652030][ T5959] usb 3-1: SerialNumber: syz
[  202.341766][ T7304] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7304 comm=syz.4.352
[  202.666855][ T7300] netlink: 8 bytes leftover after parsing attributes in process `syz.4.352'.
[  203.185439][ T7312] 9pnet_fd: Insufficient options for proto=fd
[  203.488451][ T7312] binder: 7311:7312 ioctl c0306201 200000000480 returned -22
[  203.573762][ T7312] netlink: 20 bytes leftover after parsing attributes in process `syz.1.356'.
[  203.667952][ T7312] netlink: 16 bytes leftover after parsing attributes in process `syz.1.356'.
[  203.697396][ T7312] loop4: detected capacity change from 0 to 7
[  203.715283][ T7312] Dev loop4: unable to read RDB block 7
[  203.721583][ T7312]  loop4: AHDI p1 p2
[  203.725561][ T7312] loop4: partition table partially beyond EOD, truncated
[  203.734113][ T7312] loop4: p1 size 4227858431 extends beyond EOD, truncated
[  204.271736][ T5843] udevd[5843]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  206.220057][   T24] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  206.426564][   T24] usb 2-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  206.508510][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  206.652726][  T974] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  206.661941][   T24] usb 2-1: config 0 descriptor??
[  206.711053][   T24] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  206.860078][  T974] usb 4-1: Using ep0 maxpacket: 8
[  206.936578][  T974] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  207.426860][  T974] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  207.443481][  T974] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  207.454801][  T974] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  207.465177][  T974] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  207.485261][  T974] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  207.516091][  T974] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  207.749717][  T974] usb 4-1: usb_control_msg returned -32
[  207.766953][  T974] usbtmc 4-1:16.0: can't read capabilities
[  208.404411][   T24] gspca_stv06xx: I2C: Read error writing address: -71
[  208.428038][   T24] usb 2-1: USB disconnect, device number 8
[  208.756501][ T7377] usbtmc 4-1:16.0: usb_control_msg returned -32
[  208.844187][   T30] kauditd_printk_skb: 1 callbacks suppressed
[  208.847625][   T30] audit: type=1400 audit(1752093295.059:355): avc:  denied  { append } for  pid=7386 comm="syz.2.378" name="rtc0" dev="devtmpfs" ino=921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  209.000549][    T9] usb 1-1: new full-speed USB device number 11 using dummy_hcd
[  209.192630][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  209.223941][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  209.242338][ T5153] Bluetooth: hci2: unexpected cc 0x0402 length: 4 > 1
[  209.249207][ T5153] Bluetooth: hci2: unexpected event for opcode 0x0402
[  209.264297][    T9] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  209.289767][    T9] usb 1-1: New USB device found, idVendor=05ac, idProduct=0269, bcdDevice= 0.00
[  209.421301][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  209.437228][    T9] usb 1-1: config 0 descriptor??
[  209.455501][ T7398] FAULT_INJECTION: forcing a failure.
[  209.455501][ T7398] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  209.468838][ T7398] CPU: 1 UID: 0 PID: 7398 Comm: syz.4.382 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full) 
[  209.468861][ T7398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  209.468871][ T7398] Call Trace:
[  209.468876][ T7398]  <TASK>
[  209.468883][ T7398]  dump_stack_lvl+0x16c/0x1f0
[  209.468911][ T7398]  should_fail_ex+0x512/0x640
[  209.468937][ T7398]  _copy_from_user+0x2e/0xd0
[  209.468960][ T7398]  copy_msghdr_from_user+0x98/0x160
[  209.468983][ T7398]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  209.469007][ T7398]  ? __pfx__kstrtoull+0x10/0x10
[  209.469029][ T7398]  ___sys_sendmsg+0xfe/0x1d0
[  209.469053][ T7398]  ? __pfx____sys_sendmsg+0x10/0x10
[  209.469087][ T7398]  ? find_held_lock+0x2b/0x80
[  209.469124][ T7398]  __sys_sendmmsg+0x200/0x420
[  209.469150][ T7398]  ? __pfx___sys_sendmmsg+0x10/0x10
[  209.469181][ T7398]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  209.469216][ T7398]  ? fput+0x70/0xf0
[  209.469230][ T7398]  ? ksys_write+0x1ac/0x250
[  209.469249][ T7398]  ? __pfx_ksys_write+0x10/0x10
[  209.469272][ T7398]  __x64_sys_sendmmsg+0x9c/0x100
[  209.469292][ T7398]  ? lockdep_hardirqs_on+0x7c/0x110
[  209.469312][ T7398]  do_syscall_64+0xcd/0x4c0
[  209.469337][ T7398]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.469354][ T7398] RIP: 0033:0x7fdc4818e929
[  209.469368][ T7398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  209.469384][ T7398] RSP: 002b:00007fdc49089038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  209.469400][ T7398] RAX: ffffffffffffffda RBX: 00007fdc483b5fa0 RCX: 00007fdc4818e929
[  209.469410][ T7398] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000006
[  209.469423][ T7398] RBP: 00007fdc49089090 R08: 0000000000000000 R09: 0000000000000000
[  209.469432][ T7398] R10: 0000000000040800 R11: 0000000000000246 R12: 0000000000000001
[  209.469441][ T7398] R13: 0000000000000000 R14: 00007fdc483b5fa0 R15: 00007ffe7a636198
[  209.469463][ T7398]  </TASK>
[  209.469784][ T7381] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  210.024688][ T5960] usb 4-1: USB disconnect, device number 8
[  210.089306][    T9] usbhid 1-1:0.0: can't add hid device: -71
[  210.105142][    T9] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  210.149392][    T9] usb 1-1: USB disconnect, device number 11
[  210.240394][ T7409] FAULT_INJECTION: forcing a failure.
[  210.240394][ T7409] name failslab, interval 1, probability 0, space 0, times 0
[  210.277624][ T7409] CPU: 1 UID: 0 PID: 7409 Comm: syz.1.387 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full) 
[  210.277651][ T7409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  210.277661][ T7409] Call Trace:
[  210.277667][ T7409]  <TASK>
[  210.277673][ T7409]  dump_stack_lvl+0x16c/0x1f0
[  210.277701][ T7409]  should_fail_ex+0x512/0x640
[  210.277723][ T7409]  ? __kmalloc_noprof+0xbf/0x510
[  210.277748][ T7409]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  210.277769][ T7409]  should_failslab+0xc2/0x120
[  210.277794][ T7409]  __kmalloc_noprof+0xd2/0x510
[  210.277817][ T7409]  ? avc_has_perm_noaudit+0x149/0x3b0
[  210.277837][ T7409]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  210.277863][ T7409]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  210.277883][ T7409]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  210.277910][ T7409]  ? bpf_lsm_capable+0x9/0x10
[  210.277927][ T7409]  ? security_capable+0x7e/0x260
[  210.277946][ T7409]  ? ns_capable+0xd7/0x110
[  210.277969][ T7409]  genl_rcv_msg+0x55c/0x800
[  210.277989][ T7409]  ? __pfx_genl_rcv_msg+0x10/0x10
[  210.278006][ T7409]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  210.278025][ T7409]  ? __pfx_nl80211_tx_mgmt+0x10/0x10
[  210.278039][ T7409]  ? __pfx_nl80211_post_doit+0x10/0x10
[  210.278069][ T7409]  netlink_rcv_skb+0x158/0x420
[  210.278085][ T7409]  ? __pfx_genl_rcv_msg+0x10/0x10
[  210.278105][ T7409]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  210.278133][ T7409]  ? netlink_deliver_tap+0x1ae/0xd30
[  210.278162][ T7409]  genl_rcv+0x28/0x40
[  210.278178][ T7409]  netlink_unicast+0x53a/0x7f0
[  210.278196][ T7409]  ? __pfx_netlink_unicast+0x10/0x10
[  210.278218][ T7409]  netlink_sendmsg+0x8d1/0xdd0
[  210.278237][ T7409]  ? __pfx_netlink_sendmsg+0x10/0x10
[  210.278261][ T7409]  ____sys_sendmsg+0xa95/0xc70
[  210.278278][ T7409]  ? copy_msghdr_from_user+0x10a/0x160
[  210.278299][ T7409]  ? __pfx_____sys_sendmsg+0x10/0x10
[  210.278327][ T7409]  ___sys_sendmsg+0x134/0x1d0
[  210.278352][ T7409]  ? __pfx____sys_sendmsg+0x10/0x10
[  210.278372][ T7409]  ? __lock_acquire+0x622/0x1c90
[  210.278422][ T7409]  __sys_sendmsg+0x16d/0x220
[  210.278450][ T7409]  ? __pfx___sys_sendmsg+0x10/0x10
[  210.278488][ T7409]  do_syscall_64+0xcd/0x4c0
[  210.278513][ T7409]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.278529][ T7409] RIP: 0033:0x7f5ec138e929
[  210.278543][ T7409] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  210.278560][ T7409] RSP: 002b:00007f5ec2267038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  210.278577][ T7409] RAX: ffffffffffffffda RBX: 00007f5ec15b5fa0 RCX: 00007f5ec138e929
[  210.278588][ T7409] RDX: 0000000000048000 RSI: 0000200000000080 RDI: 0000000000000003
[  210.278598][ T7409] RBP: 00007f5ec2267090 R08: 0000000000000000 R09: 0000000000000000
[  210.278607][ T7409] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  210.278616][ T7409] R13: 0000000000000000 R14: 00007f5ec15b5fa0 R15: 00007fff1be78028
[  210.278639][ T7409]  </TASK>
[  210.765146][ T7424] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7424 comm=syz.4.388
[  210.786130][ T7424] netlink: 8 bytes leftover after parsing attributes in process `syz.4.388'.
[  211.450810][ T5153] Bluetooth: hci4: unexpected cc 0x0402 length: 4 > 1
[  211.457625][ T5153] Bluetooth: hci4: unexpected event for opcode 0x0402
[  212.072614][   T30] audit: type=1400 audit(1752093298.299:356): avc:  denied  { setopt } for  pid=7449 comm="syz.3.394" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  212.159978][   T30] audit: type=1400 audit(1752093298.379:357): avc:  denied  { connect } for  pid=7452 comm="syz.4.395" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  212.307314][   T30] audit: type=1400 audit(1752093298.529:358): avc:  denied  { module_load } for  pid=7455 comm="syz.3.396" path="/sys/kernel/oops_count" dev="sysfs" ino=57569 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=system permissive=1
[  212.645668][   T30] audit: type=1400 audit(1752093298.859:359): avc:  denied  { open } for  pid=7463 comm="syz.3.401" path="/dev/ptyqa" dev="devtmpfs" ino=129 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  213.317215][ T7473] FAULT_INJECTION: forcing a failure.
[  213.317215][ T7473] name failslab, interval 1, probability 0, space 0, times 0
[  213.330077][ T7473] CPU: 0 UID: 0 PID: 7473 Comm: syz.2.403 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full) 
[  213.330101][ T7473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  213.330112][ T7473] Call Trace:
[  213.330118][ T7473]  <TASK>
[  213.330125][ T7473]  dump_stack_lvl+0x16c/0x1f0
[  213.330154][ T7473]  should_fail_ex+0x512/0x640
[  213.330176][ T7473]  ? psi_task_switch+0x201/0x8e0
[  213.330203][ T7473]  should_failslab+0xc2/0x120
[  213.330228][ T7473]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  213.330254][ T7473]  ? skb_clone+0x190/0x3f0
[  213.330282][ T7473]  skb_clone+0x190/0x3f0
[  213.330305][ T7473]  dev_queue_xmit_nit+0x3e7/0xca0
[  213.330338][ T7473]  dev_hard_start_xmit+0x5c3/0x740
[  213.330358][ T7473]  ? kmem_cache_alloc_noprof+0x1cb/0x3b0
[  213.330384][ T7473]  __dev_queue_xmit+0x7eb/0x43e0
[  213.330414][ T7473]  ? __pfx___dev_queue_xmit+0x10/0x10
[  213.330452][ T7473]  ? __asan_memcpy+0x3c/0x60
[  213.330474][ T7473]  ? __asan_memcpy+0x3c/0x60
[  213.330494][ T7473]  ? __skb_clone+0x570/0x760
[  213.330520][ T7473]  netlink_deliver_tap+0xa87/0xd30
[  213.330552][ T7473]  netlink_unicast+0x5df/0x7f0
[  213.330573][ T7473]  ? __pfx_netlink_unicast+0x10/0x10
[  213.330597][ T7473]  netlink_sendmsg+0x8d1/0xdd0
[  213.330619][ T7473]  ? __pfx_netlink_sendmsg+0x10/0x10
[  213.330650][ T7473]  ____sys_sendmsg+0xa95/0xc70
[  213.330669][ T7473]  ? copy_msghdr_from_user+0x10a/0x160
[  213.330691][ T7473]  ? __pfx_____sys_sendmsg+0x10/0x10
[  213.330712][ T7473]  ? __lock_acquire+0xb8a/0x1c90
[  213.330735][ T7473]  ___sys_sendmsg+0x134/0x1d0
[  213.330760][ T7473]  ? __pfx____sys_sendmsg+0x10/0x10
[  213.330781][ T7473]  ? __lock_acquire+0x622/0x1c90
[  213.330829][ T7473]  __sys_sendmsg+0x16d/0x220
[  213.330853][ T7473]  ? __pfx___sys_sendmsg+0x10/0x10
[  213.330894][ T7473]  do_syscall_64+0xcd/0x4c0
[  213.330919][ T7473]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.330937][ T7473] RIP: 0033:0x7f9e9898e929
[  213.330952][ T7473] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  213.330968][ T7473] RSP: 002b:00007f9e9973d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  213.330984][ T7473] RAX: ffffffffffffffda RBX: 00007f9e98bb5fa0 RCX: 00007f9e9898e929
[  213.330995][ T7473] RDX: 0000000000000000 RSI: 0000200000001080 RDI: 0000000000000005
[  213.331005][ T7473] RBP: 00007f9e9973d090 R08: 0000000000000000 R09: 0000000000000000
[  213.331015][ T7473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  213.331025][ T7473] R13: 0000000000000000 R14: 00007f9e98bb5fa0 R15: 00007ffd31042298
[  213.331049][ T7473]  </TASK>
[  213.690146][ T7475] FAULT_INJECTION: forcing a failure.
[  213.690146][ T7475] name failslab, interval 1, probability 0, space 0, times 0
[  213.702865][ T7475] CPU: 0 UID: 0 PID: 7475 Comm: syz.3.405 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full) 
[  213.702890][ T7475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  213.702901][ T7475] Call Trace:
[  213.702907][ T7475]  <TASK>
[  213.702913][ T7475]  dump_stack_lvl+0x16c/0x1f0
[  213.702941][ T7475]  should_fail_ex+0x512/0x640
[  213.702964][ T7475]  ? __kmalloc_noprof+0xbf/0x510
[  213.702988][ T7475]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  213.703009][ T7475]  should_failslab+0xc2/0x120
[  213.703034][ T7475]  __kmalloc_noprof+0xd2/0x510
[  213.703058][ T7475]  ? avc_has_perm_noaudit+0x149/0x3b0
[  213.703078][ T7475]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  213.703105][ T7475]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  213.703127][ T7475]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  213.703156][ T7475]  ? bpf_lsm_capable+0x9/0x10
[  213.703174][ T7475]  ? security_capable+0x7e/0x260
[  213.703194][ T7475]  ? ns_capable+0xd7/0x110
[  213.703217][ T7475]  genl_rcv_msg+0x55c/0x800
[  213.703239][ T7475]  ? __pfx_genl_rcv_msg+0x10/0x10
[  213.703259][ T7475]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  213.703281][ T7475]  ? __pfx_nl80211_tx_mgmt+0x10/0x10
[  213.703297][ T7475]  ? __pfx_nl80211_post_doit+0x10/0x10
[  213.703330][ T7475]  netlink_rcv_skb+0x158/0x420
[  213.703346][ T7475]  ? __pfx_genl_rcv_msg+0x10/0x10
[  213.703367][ T7475]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  213.703400][ T7475]  genl_rcv+0x28/0x40
[  213.703418][ T7475]  netlink_unicast+0x53a/0x7f0
[  213.703437][ T7475]  ? __pfx_netlink_unicast+0x10/0x10
[  213.703461][ T7475]  netlink_sendmsg+0x8d1/0xdd0
[  213.703483][ T7475]  ? __pfx_netlink_sendmsg+0x10/0x10
[  213.703510][ T7475]  ____sys_sendmsg+0xa95/0xc70
[  213.703529][ T7475]  ? copy_msghdr_from_user+0x10a/0x160
[  213.703552][ T7475]  ? __pfx_____sys_sendmsg+0x10/0x10
[  213.703581][ T7475]  ___sys_sendmsg+0x134/0x1d0
[  213.703606][ T7475]  ? __pfx____sys_sendmsg+0x10/0x10
[  213.703626][ T7475]  ? __lock_acquire+0x622/0x1c90
[  213.703680][ T7475]  __sys_sendmsg+0x16d/0x220
[  213.703703][ T7475]  ? __pfx___sys_sendmsg+0x10/0x10
[  213.703743][ T7475]  do_syscall_64+0xcd/0x4c0
[  213.703770][ T7475]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  213.703788][ T7475] RIP: 0033:0x7f6c83b8e929
[  213.703802][ T7475] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  213.703819][ T7475] RSP: 002b:00007f6c849e6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  213.703835][ T7475] RAX: ffffffffffffffda RBX: 00007f6c83db5fa0 RCX: 00007f6c83b8e929
[  213.703846][ T7475] RDX: 0000000000048000 RSI: 0000200000000080 RDI: 0000000000000003
[  213.703857][ T7475] RBP: 00007f6c849e6090 R08: 0000000000000000 R09: 0000000000000000
[  213.703867][ T7475] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  213.703877][ T7475] R13: 0000000000000000 R14: 00007f6c83db5fa0 R15: 00007fff9be79bc8
[  213.703901][ T7475]  </TASK>
[  214.001006][ T5153] Bluetooth: hci4: unexpected cc 0x0402 length: 4 > 1
[  214.007878][ T5153] Bluetooth: hci4: unexpected event for opcode 0x0402
[  214.219684][   T30] audit: type=1400 audit(1752093300.439:360): avc:  denied  { getopt } for  pid=7476 comm="syz.4.406" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  215.168027][ T7480] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  215.177679][ T7492] netlink: 72 bytes leftover after parsing attributes in process `syz.2.407'.
[  215.402376][ T7493] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  215.411157][ T7493] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  215.423190][   T30] audit: type=1400 audit(1752093301.649:361): avc:  denied  { ioctl } for  pid=7496 comm="syz.1.410" path="socket:[14459]" dev="sockfs" ino=14459 ioctlcmd=0x8915 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  215.562979][ T7501] netlink: 8 bytes leftover after parsing attributes in process `syz.1.410'.
[  216.570703][ T7492] syz.2.407 (7492): drop_caches: 2
[  216.988985][   T30] audit: type=1400 audit(1752093303.209:362): avc:  denied  { read } for  pid=7507 comm="syz.1.414" name="uinput" dev="devtmpfs" ino=920 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  217.084202][ T7510] 9pnet_fd: Insufficient options for proto=fd
[  217.728731][ T7522] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7522 comm=syz.3.417
[  217.965485][ T7521] netlink: 8 bytes leftover after parsing attributes in process `syz.3.417'.
[  218.268438][ T7529] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7529 comm=syz.4.418
[  218.691587][ T7524] netlink: 8 bytes leftover after parsing attributes in process `syz.4.418'.
[  219.924321][ T7551] 9pnet_fd: Insufficient options for proto=fd
[  222.536089][ T7561] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  222.770040][ T5889] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  225.150497][   T10] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  225.437948][   T10] usb 1-1: device descriptor read/64, error -71
[  225.851160][   T10] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  226.170492][   T10] usb 1-1: device descriptor read/64, error -71
[  226.428427][   T10] usb usb1-port1: attempt power cycle
[  226.978042][   T10] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  227.084934][   T10] usb 1-1: device descriptor read/8, error -71
[  227.252314][ T7619] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7619 comm=syz.1.441
[  227.336065][ T7619] netlink: 8 bytes leftover after parsing attributes in process `syz.1.441'.
[  227.660078][   T10] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  227.733183][   T10] usb 1-1: device descriptor read/8, error -71
[  228.086300][   T10] usb usb1-port1: unable to enumerate USB device
[  228.301699][ T7630] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7630 comm=syz.3.443
[  228.330940][ T7630] netlink: 8 bytes leftover after parsing attributes in process `syz.3.443'.
[  230.120073][   T24] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  230.852573][   T24] usb 1-1: Using ep0 maxpacket: 32
[  230.859497][   T24] usb 1-1: config 0 has an invalid interface number: 51 but max is 0
[  230.868860][   T24] usb 1-1: config 0 has no interface number 0
[  230.960462][   T24] usb 1-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  231.497460][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  232.108280][   T24] usb 1-1: Product: syz
[  232.113823][   T24] usb 1-1: Manufacturer: syz
[  232.119106][   T24] usb 1-1: SerialNumber: syz
[  232.166386][   T24] usb 1-1: config 0 descriptor??
[  232.188505][ T7664] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  232.198549][ T7664] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  232.685642][ T7664] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(11)
[  232.692465][ T7664] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  232.700786][ T7664] vhci_hcd vhci_hcd.0: Device attached
[  233.570230][   T24] usb 1-1: can't set config #0, error -71
[  233.586048][   T24] usb 1-1: USB disconnect, device number 17
[  233.724485][ T7665] vhci_hcd: connection closed
[  233.725862][ T5889] usb 37-1: new high-speed USB device number 2 using vhci_hcd
[  233.741024][   T36] vhci_hcd: stop threads
[  233.745873][   T36] vhci_hcd: release socket
[  233.771578][   T36] vhci_hcd: disconnect device
[  234.975580][ T7689] 9pnet_fd: Insufficient options for proto=fd
[  236.885499][ T7712] 9pnet_fd: Insufficient options for proto=fd
[  237.706011][ T7720] FAULT_INJECTION: forcing a failure.
[  237.706011][ T7720] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  237.980737][ T7720] CPU: 0 UID: 0 PID: 7720 Comm: syz.2.468 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full) 
[  237.980764][ T7720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  237.980775][ T7720] Call Trace:
[  237.980781][ T7720]  <TASK>
[  237.980788][ T7720]  dump_stack_lvl+0x16c/0x1f0
[  237.980818][ T7720]  should_fail_ex+0x512/0x640
[  237.980844][ T7720]  _copy_from_user+0x2e/0xd0
[  237.980869][ T7720]  kstrtouint_from_user+0xd6/0x1d0
[  237.980888][ T7720]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  237.980920][ T7720]  proc_fail_nth_write+0x83/0x250
[  237.980942][ T7720]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  237.980970][ T7720]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  237.980990][ T7720]  vfs_write+0x29d/0x1150
[  237.981016][ T7720]  ? __pfx___mutex_lock+0x10/0x10
[  237.981040][ T7720]  ? __pfx_vfs_write+0x10/0x10
[  237.981068][ T7720]  ? __fget_files+0x20e/0x3c0
[  237.981099][ T7720]  ksys_write+0x12a/0x250
[  237.981120][ T7720]  ? __pfx_ksys_write+0x10/0x10
[  237.981159][ T7720]  do_syscall_64+0xcd/0x4c0
[  237.981185][ T7720]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  237.981202][ T7720] RIP: 0033:0x7f9e9898d3df
[  237.981217][ T7720] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  237.981233][ T7720] RSP: 002b:00007f9e9973d030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  237.981251][ T7720] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9e9898d3df
[  237.981262][ T7720] RDX: 0000000000000001 RSI: 00007f9e9973d0a0 RDI: 000000000000000f
[  237.981272][ T7720] RBP: 00007f9e9973d090 R08: 0000000000000000 R09: 0000000000000000
[  237.981282][ T7720] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  237.981292][ T7720] R13: 0000000000000000 R14: 00007f9e98bb5fa0 R15: 00007ffd31042298
[  237.981315][ T7720]  </TASK>
[  238.797564][   T30] audit: type=1400 audit(1752093324.959:363): avc:  denied  { rename } for  pid=7724 comm="syz.4.470" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  238.916252][ T5889] vhci_hcd: vhci_device speed not set
[  240.709150][ T7738] syz_tun: entered promiscuous mode
[  240.753126][ T7738] batadv_slave_0: entered promiscuous mode
[  241.109871][ T7738] hsr1: entered allmulticast mode
[  241.131899][ T7738] syz_tun: entered allmulticast mode
[  241.137330][ T7738] batadv_slave_0: entered allmulticast mode
[  241.705341][   T30] audit: type=1400 audit(1752093327.919:364): avc:  denied  { view } for  pid=7745 comm="syz.0.475" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  242.527248][ T7761] 9pnet_fd: Insufficient options for proto=fd
[  244.189587][ T7781] netlink: 36 bytes leftover after parsing attributes in process `syz.4.483'.
[  245.265797][ T7793] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  245.293521][ T7793] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  245.334115][ T5153] Bluetooth: hci1: unexpected cc 0x0402 length: 4 > 1
[  245.341736][ T5153] Bluetooth: hci1: unexpected event for opcode 0x0402
[  245.760331][ T5959] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  245.960727][ T5959] usb 1-1: device descriptor read/64, error -71
[  246.280637][ T5959] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  246.502474][ T5959] usb 1-1: device descriptor read/64, error -71
[  246.696541][ T5959] usb usb1-port1: attempt power cycle
[  247.161438][ T5959] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  247.344503][ T5959] usb 1-1: device descriptor read/8, error -71
[  247.799835][ T7814] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  247.810406][ T7814] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  247.897161][ T5959] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  248.464367][ T7814] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(11)
[  248.471007][ T7814] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  248.485258][ T7814] vhci_hcd vhci_hcd.0: Device attached
[  248.594659][ T5959] usb 1-1: device descriptor read/8, error -71
[  248.923130][ T7815] vhci_hcd: connection closed
[  248.924341][   T36] vhci_hcd: stop threads
[  248.956198][   T36] vhci_hcd: release socket
[  248.966548][   T36] vhci_hcd: disconnect device
[  248.981563][ T5959] usb usb1-port1: unable to enumerate USB device
[  251.591085][ T7853] FAULT_INJECTION: forcing a failure.
[  251.591085][ T7853] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  251.604270][ T7853] CPU: 0 UID: 0 PID: 7853 Comm: syz.0.501 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full) 
[  251.604293][ T7853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  251.604301][ T7853] Call Trace:
[  251.604305][ T7853]  <TASK>
[  251.604310][ T7853]  dump_stack_lvl+0x16c/0x1f0
[  251.604329][ T7853]  should_fail_ex+0x512/0x640
[  251.604345][ T7853]  _copy_to_iter+0x29f/0x16f0
[  251.604361][ T7853]  ? __pfx___skb_try_recv_datagram+0x10/0x10
[  251.604376][ T7853]  ? __pfx__copy_to_iter+0x10/0x10
[  251.604391][ T7853]  ? __skb_recv_datagram+0x1b2/0x220
[  251.604406][ T7853]  ? __pfx___skb_recv_datagram+0x10/0x10
[  251.604427][ T7853]  simple_copy_to_iter+0x46/0x90
[  251.604445][ T7853]  __skb_datagram_iter+0x129/0x900
[  251.604459][ T7853]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  251.604471][ T7853]  ? skb_recv_datagram+0x88/0xc0
[  251.604485][ T7853]  skb_copy_datagram_iter+0x40/0x50
[  251.604497][ T7853]  netlink_recvmsg+0x27e/0xa90
[  251.604515][ T7853]  ? __pfx_netlink_recvmsg+0x10/0x10
[  251.604536][ T7853]  sock_recvmsg+0x1f6/0x250
[  251.604547][ T7853]  ____sys_recvmsg+0x218/0x6b0
[  251.604560][ T7853]  ? __pfx_____sys_recvmsg+0x10/0x10
[  251.604575][ T7853]  ? __lock_acquire+0x622/0x1c90
[  251.604588][ T7853]  ___sys_recvmsg+0x114/0x1a0
[  251.604602][ T7853]  ? __pfx____sys_recvmsg+0x10/0x10
[  251.604617][ T7853]  ? find_held_lock+0x2b/0x80
[  251.604639][ T7853]  do_recvmmsg+0x2fe/0x750
[  251.604654][ T7853]  ? __pfx_do_recvmmsg+0x10/0x10
[  251.604671][ T7853]  ? __mutex_unlock_slowpath+0x161/0x6a0
[  251.604690][ T7853]  ? __fget_files+0x20e/0x3c0
[  251.604708][ T7853]  __x64_sys_recvmmsg+0x22a/0x280
[  251.604723][ T7853]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  251.604741][ T7853]  do_syscall_64+0xcd/0x4c0
[  251.604757][ T7853]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.604768][ T7853] RIP: 0033:0x7f2af078e929
[  251.604777][ T7853] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  251.604786][ T7853] RSP: 002b:00007f2af158e038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  251.604797][ T7853] RAX: ffffffffffffffda RBX: 00007f2af09b6080 RCX: 00007f2af078e929
[  251.604803][ T7853] RDX: 040000000000000d RSI: 0000200000004ec0 RDI: 0000000000000004
[  251.604809][ T7853] RBP: 00007f2af158e090 R08: 0000000000000000 R09: 0000000000000000
[  251.604815][ T7853] R10: 0000000000002000 R11: 0000000000000246 R12: 0000000000000001
[  251.604821][ T7853] R13: 0000000000000000 R14: 00007f2af09b6080 R15: 00007ffc587c36d8
[  251.604833][ T7853]  </TASK>
[  252.170016][    T9] usb 2-1: new full-speed USB device number 9 using dummy_hcd
[  252.319991][    T9] usb 2-1: device descriptor read/64, error -71
[  252.610119][ T5959] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  253.362329][ T5959] usb 4-1: device descriptor read/64, error -71
[  253.409965][    T9] usb 2-1: new full-speed USB device number 10 using dummy_hcd
[  253.570008][    T9] usb 2-1: device descriptor read/64, error -71
[  253.600319][ T5959] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  253.740106][ T5959] usb 4-1: device descriptor read/64, error -71
[  253.740464][    T9] usb usb2-port1: attempt power cycle
[  253.996826][ T5959] usb usb4-port1: attempt power cycle
[  254.346415][ T7874] 9pnet_fd: Insufficient options for proto=fd
[  254.420725][    T9] usb 2-1: new full-speed USB device number 11 using dummy_hcd
[  254.455532][ T5959] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  254.532834][ T5959] usb 4-1: device descriptor read/8, error -71
[  254.589260][    T9] usb 2-1: device descriptor read/8, error -71
[  255.495246][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  255.580722][ T5959] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  255.664869][ T5959] usb 4-1: device descriptor read/8, error -71
[  255.797507][ T7889] 9pnet_fd: Insufficient options for proto=fd
[  255.811669][ T5959] usb usb4-port1: unable to enumerate USB device
[  257.162554][ T7906] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=7906 comm=syz.0.516
[  257.186923][ T7906] netlink: 8 bytes leftover after parsing attributes in process `syz.0.516'.
[  259.986076][ T7925] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  261.661137][   T24] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  262.340029][   T24] usb 5-1: device descriptor read/64, error -71
[  262.443668][ T7941] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  262.492592][ T7941] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  262.580075][   T24] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  262.661046][ T7941] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  262.762241][ T7941] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  262.787079][   T24] usb 5-1: device descriptor read/64, error -71
[  262.960791][   T24] usb usb5-port1: attempt power cycle
[  264.353738][ T7952] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  264.689986][   T24] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  264.699098][ T7934] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(11)
[  264.705698][ T7934] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  264.715313][ T7934] vhci_hcd vhci_hcd.0: Device attached
[  264.740699][   T24] usb 5-1: device descriptor read/8, error -71
[  264.803176][ T7951] FAULT_INJECTION: forcing a failure.
[  264.803176][ T7951] name failslab, interval 1, probability 0, space 0, times 0
[  264.824818][   T30] audit: type=1400 audit(1752093351.009:365): avc:  denied  { ioctl } for  pid=7950 comm="syz.3.529" path="socket:[16089]" dev="sockfs" ino=16089 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  264.941514][ T7951] CPU: 0 UID: 0 PID: 7951 Comm: syz.3.529 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full) 
[  264.941542][ T7951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  264.941552][ T7951] Call Trace:
[  264.941559][ T7951]  <TASK>
[  264.941566][ T7951]  dump_stack_lvl+0x16c/0x1f0
[  264.941594][ T7951]  should_fail_ex+0x512/0x640
[  264.941616][ T7951]  ? __kmalloc_noprof+0xbf/0x510
[  264.941641][ T7951]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  264.941663][ T7951]  should_failslab+0xc2/0x120
[  264.941689][ T7951]  __kmalloc_noprof+0xd2/0x510
[  264.941712][ T7951]  ? avc_has_perm_noaudit+0x149/0x3b0
[  264.941733][ T7951]  genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290
[  264.941763][ T7951]  genl_family_rcv_msg_doit+0xbf/0x2f0
[  264.941785][ T7951]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  264.941818][ T7951]  ? bpf_lsm_capable+0x9/0x10
[  264.941836][ T7951]  ? security_capable+0x7e/0x260
[  264.941857][ T7951]  ? ns_capable+0xd7/0x110
[  264.941880][ T7951]  genl_rcv_msg+0x55c/0x800
[  264.941902][ T7951]  ? __pfx_genl_rcv_msg+0x10/0x10
[  264.941922][ T7951]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  264.941945][ T7951]  ? __pfx_nl80211_del_tx_ts+0x10/0x10
[  264.941963][ T7951]  ? __pfx_nl80211_post_doit+0x10/0x10
[  264.941995][ T7951]  netlink_rcv_skb+0x158/0x420
[  264.942013][ T7951]  ? __pfx_genl_rcv_msg+0x10/0x10
[  264.942033][ T7951]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  264.942066][ T7951]  genl_rcv+0x28/0x40
[  264.942083][ T7951]  netlink_unicast+0x53a/0x7f0
[  264.942103][ T7951]  ? __pfx_netlink_unicast+0x10/0x10
[  264.942127][ T7951]  netlink_sendmsg+0x8d1/0xdd0
[  264.942149][ T7951]  ? __pfx_netlink_sendmsg+0x10/0x10
[  264.942175][ T7951]  ____sys_sendmsg+0xa95/0xc70
[  264.942194][ T7951]  ? copy_msghdr_from_user+0x10a/0x160
[  264.942217][ T7951]  ? __pfx_____sys_sendmsg+0x10/0x10
[  264.942246][ T7951]  ___sys_sendmsg+0x134/0x1d0
[  264.942271][ T7951]  ? __pfx____sys_sendmsg+0x10/0x10
[  264.942292][ T7951]  ? __lock_acquire+0x622/0x1c90
[  264.942340][ T7951]  __sys_sendmsg+0x16d/0x220
[  264.942364][ T7951]  ? __pfx___sys_sendmsg+0x10/0x10
[  264.942403][ T7951]  do_syscall_64+0xcd/0x4c0
[  264.942429][ T7951]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.942447][ T7951] RIP: 0033:0x7f6c83b8e929
[  264.942461][ T7951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  264.942478][ T7951] RSP: 002b:00007f6c849e6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  264.942495][ T7951] RAX: ffffffffffffffda RBX: 00007f6c83db5fa0 RCX: 00007f6c83b8e929
[  264.942506][ T7951] RDX: 0000000000000010 RSI: 00002000000001c0 RDI: 0000000000000004
[  264.942516][ T7951] RBP: 00007f6c849e6090 R08: 0000000000000000 R09: 0000000000000000
[  264.942526][ T7951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  264.942536][ T7951] R13: 0000000000000000 R14: 00007f6c83db5fa0 R15: 00007fff9be79bc8
[  264.942560][ T7951]  </TASK>
[  265.523055][ T1207] usb 41-1: new high-speed USB device number 2 using vhci_hcd
[  265.711092][ T7955] vhci_hcd: connection reset by peer
[  265.775421][   T12] vhci_hcd: stop threads
[  265.779745][   T12] vhci_hcd: release socket
[  265.784436][   T12] vhci_hcd: disconnect device
[  266.010080][   T10] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  266.251642][   T10] usb 4-1: config index 0 descriptor too short (expected 36, got 31)
[  267.223910][ T7957] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  267.450344][   T10] usb 4-1: config 0 has an invalid descriptor of length 9, skipping remainder of the config
[  267.461044][   T10] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  267.473986][   T10] usb 4-1: New USB device found, idVendor=1e71, idProduct=2010, bcdDevice= 0.00
[  267.485543][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  267.498630][ T7970] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=53 sclass=netlink_xfrm_socket pid=7970 comm=syz.1.533
[  267.522124][   T10] usb 4-1: config 0 descriptor??
[  267.538745][   T10] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  267.548944][ T7970] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=0 sclass=netlink_xfrm_socket pid=7970 comm=syz.1.533
[  267.550119][   T30] audit: type=1400 audit(1752093353.769:366): avc:  denied  { read } for  pid=7969 comm="syz.1.533" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  267.883547][ T7975] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  267.988663][ T7975] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  268.024550][ T5153] Bluetooth: hci1: unexpected cc 0x0402 length: 4 > 1
[  268.045638][ T5153] Bluetooth: hci1: unexpected event for opcode 0x0402
[  268.203516][   T24] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  268.409562][   T24] usb 5-1: Using ep0 maxpacket: 32
[  268.416778][   T24] usb 5-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[  268.460007][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  268.506738][   T24] usb 5-1: config 0 descriptor??
[  268.543165][   T24] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[  269.657812][ T7976] hugetlbfs: Unknown parameter 'mounts'
[  270.208618][   T24] gspca_vc032x: reg_w err -110
[  270.759181][ T7993] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  270.905954][   T24] gspca_vc032x: I2c Bus Busy Wait 00
[  270.915844][   T24] gspca_vc032x: I2c Bus Busy Wait 00
[  270.929946][   T24] gspca_vc032x: I2c Bus Busy Wait 00
[  270.935312][   T24] gspca_vc032x: I2c Bus Busy Wait 00
[  270.949977][   T24] gspca_vc032x: I2c Bus Busy Wait 00
[  270.955325][   T24] gspca_vc032x: I2c Bus Busy Wait 00
[  270.960672][   T24] gspca_vc032x: I2c Bus Busy Wait 00
[  270.965985][   T24] gspca_vc032x: I2c Bus Busy Wait 00
[  270.979940][   T24] gspca_vc032x: I2c Bus Busy Wait 00
[  270.985291][   T24] gspca_vc032x: I2c Bus Busy Wait 00
[  270.990670][   T24] gspca_vc032x: I2c Bus Busy Wait 00
[  270.996001][   T24] gspca_vc032x: I2c Bus Busy Wait 00
[  271.009927][   T24] gspca_vc032x: I2c Bus Busy Wait 00
[  271.015266][   T24] gspca_vc032x: I2c Bus Busy Wait 00
[  271.031543][ T1207] vhci_hcd: vhci_device speed not set
[  271.039931][   T24] gspca_vc032x: I2c Bus Busy Wait 00
[  271.045278][   T24] gspca_vc032x: I2c Bus Busy Wait 00
[  271.295239][   T10] usb 4-1: USB disconnect, device number 13
[  271.410080][ T8005] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8005 comm=syz.1.540
[  271.505442][ T8005] netlink: 8 bytes leftover after parsing attributes in process `syz.1.540'.
[  271.879921][   T24] gspca_vc032x: I2c Bus Busy Wait 00
[  271.890021][   T24] gspca_vc032x: I2c Bus Busy Wait 00
[  271.895352][   T24] gspca_vc032x: Unknown sensor...
[  271.946592][ T8007] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8007 comm=syz.3.541
[  272.020557][ T8007] netlink: 8 bytes leftover after parsing attributes in process `syz.3.541'.
[  272.179022][   T24] vc032x 5-1:0.0: probe with driver vc032x failed with error -22
[  272.246923][   T24] usb 5-1: USB disconnect, device number 14
[  272.940048][   T24] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  273.070096][   T24] usb 2-1: device descriptor read/64, error -71
[  273.340350][   T24] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  273.490639][   T24] usb 2-1: device descriptor read/64, error -71
[  273.602444][   T24] usb usb2-port1: attempt power cycle
[  274.592740][   T24] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  274.798690][ T8026] 9pnet_fd: Insufficient options for proto=fd
[  274.930214][   T24] usb 2-1: device descriptor read/8, error -71
[  275.280120][   T24] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  275.557643][   T24] usb 2-1: device descriptor read/8, error -71
[  275.792040][   T24] usb usb2-port1: unable to enumerate USB device
[  276.020139][ T1207] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  276.814082][ T1207] usb 1-1: Using ep0 maxpacket: 32
[  276.854376][ T1207] usb 1-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[  276.908067][ T1207] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  276.958525][ T1207] usb 1-1: Product: syz
[  276.990876][ T1207] usb 1-1: Manufacturer: syz
[  277.012568][ T1207] usb 1-1: SerialNumber: syz
[  277.094275][ T1207] usb 1-1: config 0 descriptor??
[  277.153390][ T1207] gspca_main: stk1135-2.14.0 probing 174f:6a31
[  278.970376][ T1207] gspca_stk1135: reg_w 0x7 err -110
[  278.976833][ T1207] gspca_stk1135: serial bus timeout: status=0x00
[  279.152902][ T1207] gspca_stk1135: Sensor write failed
[  279.158311][ T1207] gspca_stk1135: serial bus timeout: status=0x00
[  279.184577][ T1207] gspca_stk1135: Sensor write failed
[  279.336772][ T1207] gspca_stk1135: serial bus timeout: status=0x00
[  279.576553][ T1207] gspca_stk1135: Sensor read failed
[  279.588391][ T1207] gspca_stk1135: serial bus timeout: status=0x00
[  279.594752][ T1207] gspca_stk1135: Sensor read failed
[  279.600018][ T1207] gspca_stk1135: Detected sensor type unknown (0x0)
[  279.833215][ T8072] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  279.928415][ T1207] gspca_stk1135: serial bus timeout: status=0x00
[  279.949828][ T1207] gspca_stk1135: Sensor read failed
[  279.974701][ T1207] gspca_stk1135: serial bus timeout: status=0x00
[  279.985011][ T1207] gspca_stk1135: Sensor read failed
[  280.207935][ T1207] gspca_stk1135: serial bus timeout: status=0x00
[  280.223608][ T1207] gspca_stk1135: Sensor write failed
[  280.270266][ T8065] netlink: 12 bytes leftover after parsing attributes in process `syz.4.558'.
[  280.305269][ T1207] gspca_stk1135: serial bus timeout: status=0x00
[  280.368048][ T1207] gspca_stk1135: Sensor write failed
[  280.647661][ T1207] stk1135 1-1:0.0: probe with driver stk1135 failed with error -110
[  280.750851][   T10] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  280.830818][ T1207] usb 1-1: USB disconnect, device number 22
[  282.670035][ T1207] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  283.050196][ T1207] usb 1-1: device descriptor read/64, error -71
[  283.300282][ T1207] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  283.434663][ T8082] Bluetooth: MGMT ver 1.23
[  283.484244][ T1207] usb 1-1: device descriptor read/64, error -71
[  283.493255][   T30] audit: type=1400 audit(1752093369.719:367): avc:  denied  { read } for  pid=8081 comm="syz.3.562" name="usbmon7" dev="devtmpfs" ino=737 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  283.765059][ T1207] usb usb1-port1: attempt power cycle
[  284.284557][ T1207] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  284.349959][ T5889] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  284.510529][ T1207] usb 1-1: device not accepting address 25, error -71
[  285.047007][ T8104] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  285.076875][ T5889] usb 2-1: Using ep0 maxpacket: 16
[  285.117645][ T5889] usb 2-1: config 5 has an invalid interface number: 239 but max is 0
[  285.121833][ T8104] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  285.133920][ T5889] usb 2-1: config 5 has no interface number 0
[  285.151885][ T5889] usb 2-1: config 5 interface 239 has no altsetting 0
[  285.162755][ T5889] usb 2-1: New USB device found, idVendor=040a, idProduct=0002, bcdDevice=7b.52
[  285.174671][ T5889] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  285.193309][ T5889] usb 2-1: Product: syz
[  285.196207][ T8103] netlink: 4 bytes leftover after parsing attributes in process `syz.4.568'.
[  285.197489][ T5889] usb 2-1: Manufacturer: syz
[  285.197508][ T5889] usb 2-1: SerialNumber: syz
[  285.248339][   T30] audit: type=1400 audit(1752093371.469:368): avc:  denied  { ioctl } for  pid=8101 comm="syz.4.568" path="socket:[16626]" dev="sockfs" ino=16626 ioctlcmd=0xae73 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  285.654553][ T5889] gspca_main: spca501-2.14.0 probing 040a:0002
[  285.727989][ T5889] gspca_spca501: reg write: error -71
[  285.753033][ T8112] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  285.813988][ T5889] spca501 2-1:5.239: Reg write failed for 0x00,0xaa,0x00
[  285.985200][ T5889] spca501 2-1:5.239: probe with driver spca501 failed with error -22
[  286.339045][ T5889] usb 2-1: USB disconnect, device number 17
[  287.004676][ T8094] ip6gre1: entered allmulticast mode
[  287.441995][ T8119] xt_CT: No such helper "snmp"
[  287.509784][   T30] audit: type=1400 audit(1752093373.729:369): avc:  denied  { write } for  pid=8117 comm="syz.4.570" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  287.592657][   T30] audit: type=1400 audit(1752093373.729:370): avc:  denied  { ioctl } for  pid=8117 comm="syz.4.570" path="socket:[17584]" dev="sockfs" ino=17584 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  287.760017][   T24] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  287.820179][ T5889] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  287.950169][   T24] usb 5-1: Using ep0 maxpacket: 32
[  287.993210][   T24] usb 5-1: New USB device found, idVendor=0b48, idProduct=1008, bcdDevice=3d.42
[  288.010251][ T5889] usb 2-1: Using ep0 maxpacket: 8
[  288.011064][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  288.024738][ T5889] usb 2-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  288.038340][   T24] usb 5-1: Product: syz
[  288.042174][ T5889] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x93, changing to 0x83
[  288.049963][   T24] usb 5-1: Manufacturer: syz
[  288.085515][   T24] usb 5-1: SerialNumber: syz
[  288.106865][   T24] usb 5-1: config 0 descriptor??
[  288.127040][   T24] ttusb_dec_send_command: command bulk message failed: error -22
[  288.128654][ T5889] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  288.148150][ T5889] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  288.195719][ T5889] usb 2-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice=66.3e
[  288.205263][ T8130] 9pnet_fd: Insufficient options for proto=fd
[  288.239534][   T24] ttusb-dec 5-1:0.0: probe with driver ttusb-dec failed with error -22
[  288.245166][ T5889] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  288.315626][ T5889] usb 2-1: Product: syz
[  288.319837][ T5889] usb 2-1: Manufacturer: syz
[  288.343166][ T5889] usb 2-1: SerialNumber: syz
[  288.353745][   T24] usb 5-1: USB disconnect, device number 16
[  288.411414][ T5889] usb 2-1: config 0 descriptor??
[  288.552922][   T30] audit: type=1400 audit(1752093374.679:371): avc:  denied  { execute } for  pid=8131 comm="syz.0.575" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=17610 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  288.593159][ T5889] input: iMON Panel, Knob and Mouse(15c2:003b) as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input12
[  288.605030][ T8137] FAULT_INJECTION: forcing a failure.
[  288.605030][ T8137] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  288.605074][ T8137] CPU: 1 UID: 0 PID: 8137 Comm: syz.2.577 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full) 
[  288.605096][ T8137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  288.605106][ T8137] Call Trace:
[  288.605112][ T8137]  <TASK>
[  288.605118][ T8137]  dump_stack_lvl+0x16c/0x1f0
[  288.605145][ T8137]  should_fail_ex+0x512/0x640
[  288.605169][ T8137]  _copy_to_user+0x32/0xd0
[  288.605194][ T8137]  simple_read_from_buffer+0xcb/0x170
[  288.605218][ T8137]  proc_fail_nth_read+0x197/0x270
[  288.605240][ T8137]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  288.605263][ T8137]  ? rw_verify_area+0xcf/0x680
[  288.605281][ T8137]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  288.605301][ T8137]  vfs_read+0x1e4/0xc60
[  288.605324][ T8137]  ? __pfx___mutex_lock+0x10/0x10
[  288.605349][ T8137]  ? __pfx_vfs_read+0x10/0x10
[  288.605377][ T8137]  ? __fget_files+0x20e/0x3c0
[  288.605410][ T8137]  ksys_read+0x12a/0x250
[  288.605430][ T8137]  ? __pfx_ksys_read+0x10/0x10
[  288.605458][ T8137]  do_syscall_64+0xcd/0x4c0
[  288.605483][ T8137]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  288.605501][ T8137] RIP: 0033:0x7f9e9898d33c
[  288.605514][ T8137] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  288.605530][ T8137] RSP: 002b:00007f9e9973d030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  288.605546][ T8137] RAX: ffffffffffffffda RBX: 00007f9e98bb5fa0 RCX: 00007f9e9898d33c
[  288.605564][ T8137] RDX: 000000000000000f RSI: 00007f9e9973d0a0 RDI: 0000000000000005
[  288.605574][ T8137] RBP: 00007f9e9973d090 R08: 0000000000000000 R09: 0000000000000000
[  288.605583][ T8137] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  288.605592][ T8137] R13: 0000000000000000 R14: 00007f9e98bb5fa0 R15: 00007ffd31042298
[  288.605612][ T8137]  </TASK>
[  288.734452][ T5153] Bluetooth: hci2: unexpected cc 0x0402 length: 4 > 1
[  288.817950][ T5153] Bluetooth: hci2: unexpected event for opcode 0x0402
[  289.534046][ T5889] imon:send_packet: packet tx failed (-71)
[  289.669978][ T5889] imon 2-1:0.0: panel buttons/knobs setup failed
[  290.656082][ T5889] rc_core: IR keymap rc-imon-pad not found
[  291.027807][ T5889] Registered IR keymap rc-empty
[  291.055059][ T5889] imon 2-1:0.0: Looks like you're trying to use an IR protocol this device does not support
[  291.149981][ T5889] imon 2-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  291.198037][ T5889] imon:send_packet: packet tx failed (-71)
[  291.250722][ T5889] imon 2-1:0.0: remote input dev register failed
[  291.303490][ T5889] imon 2-1:0.0: imon_init_intf0: rc device setup failed
[  292.422949][ T8179] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  292.681586][ T8189] netlink: 'syz.4.589': attribute type 2 has an invalid length.
[  293.391955][ T5889] imon 2-1:0.0: unable to initialize intf0, err 0
[  293.398387][ T5889] imon:imon_probe: failed to initialize context!
[  293.438301][ T5889] imon 2-1:0.0: unable to register, err -19
[  293.590294][ T5889] usb 2-1: USB disconnect, device number 18
[  295.689768][ T8215] loop4: detected capacity change from 0 to 7
[  295.828541][ T8216] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8216 comm=syz.1.596
[  295.850257][ T8216] netlink: 8 bytes leftover after parsing attributes in process `syz.1.596'.
[  295.871713][ T8215] Dev loop4: unable to read RDB block 7
[  295.878302][ T8215]  loop4: unable to read partition table
[  295.940075][ T5959] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  295.948460][    C1] raw-gadget.1 gadget.3: ignoring, device is not running
[  296.073837][ T8215] loop4: partition table beyond EOD, truncated
[  296.079967][ T5959] usb 4-1: device descriptor read/64, error -32
[  296.118492][ T8215] loop_reread_partitions: partition scan of loop4 (þ被xü—ŸÑà– ) failed (rc=-5)
[  296.330046][ T5959] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  296.600189][ T5959] usb 4-1: Using ep0 maxpacket: 8
[  296.672785][ T5959] usb 4-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  296.730164][ T5959] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x93, changing to 0x83
[  296.825974][ T5959] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  297.014866][ T5959] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  297.125073][ T5959] usb 4-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice=66.3e
[  297.151402][ T5959] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  297.223451][ T5959] usb 4-1: Product: syz
[  297.227830][ T5959] usb 4-1: Manufacturer: syz
[  297.270770][ T8231] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  297.280124][ T5959] usb 4-1: SerialNumber: syz
[  297.346345][   T30] audit: type=1400 audit(1752093383.569:372): avc:  denied  { accept } for  pid=8230 comm="syz.4.602" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[  297.366519][ T8231] netlink: 4 bytes leftover after parsing attributes in process `syz.4.602'.
[  297.367898][ T8231] netlink: 12 bytes leftover after parsing attributes in process `syz.4.602'.
[  297.410666][ T5959] usb 4-1: config 0 descriptor??
[  297.451859][ T5959] input: iMON Panel, Knob and Mouse(15c2:003b) as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input14
[  298.192815][ T5153] Bluetooth: hci3: unexpected cc 0x0402 length: 4 > 1
[  298.199713][ T5153] Bluetooth: hci3: unexpected event for opcode 0x0402
[  298.208808][ T5959] imon:send_packet: packet tx failed (-71)
[  298.330038][ T5959] imon 4-1:0.0: panel buttons/knobs setup failed
[  298.547605][    T9] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  298.937614][    T9] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  299.124066][    T9] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  299.385936][    T9] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  299.459490][    T9] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  299.466431][ T5959] rc_core: IR keymap rc-imon-pad not found
[  299.479936][ T5959] Registered IR keymap rc-empty
[  299.485036][ T5959] imon 4-1:0.0: Looks like you're trying to use an IR protocol this device does not support
[  299.498588][    T9] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  299.560046][ T5959] imon 4-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  299.585391][    T9] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  299.590168][ T5959] imon:send_packet: packet tx failed (-71)
[  299.639027][    T9] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  299.648334][ T5959] imon 4-1:0.0: remote input dev register failed
[  299.685539][ T5959] imon 4-1:0.0: imon_init_intf0: rc device setup failed
[  299.695407][    T9] usb 5-1: Product: syz
[  299.727836][    T9] usb 5-1: Manufacturer: syz
[  299.762457][    T9] cdc_wdm 5-1:1.0: skipping garbage
[  299.788127][    T9] cdc_wdm 5-1:1.0: skipping garbage
[  300.238259][    T9] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  300.369831][    T9] cdc_wdm 5-1:1.0: Unknown control protocol
[  300.580099][    T9] usb 5-1: USB disconnect, device number 17
[  300.590028][ T5959] imon 4-1:0.0: unable to initialize intf0, err 0
[  300.597858][ T5959] imon:imon_probe: failed to initialize context!
[  300.619658][ T5959] imon 4-1:0.0: unable to register, err -19
[  300.756158][ T5959] usb 4-1: USB disconnect, device number 15
[  300.801168][ T8261] netlink: 8 bytes leftover after parsing attributes in process `syz.2.610'.
[  300.813084][   T30] audit: type=1400 audit(1752093387.029:373): avc:  denied  { bind } for  pid=8259 comm="syz.2.610" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  301.111646][ T8261] netlink: 24 bytes leftover after parsing attributes in process `syz.2.610'.
[  301.173253][   T30] audit: type=1400 audit(1752093387.149:374): avc:  denied  { mount } for  pid=8237 comm="syz.4.605" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  301.211318][ T8265] netlink: 'syz.2.610': attribute type 10 has an invalid length.
[  301.219146][ T8265] openvswitch: netlink: Flow key attr not present in new flow.
[  301.519168][   T30] audit: type=1400 audit(1752093387.739:375): avc:  denied  { setopt } for  pid=8259 comm="syz.2.610" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  301.610115][ T5958] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  301.710480][   T30] audit: type=1400 audit(1752093387.939:376): avc:  denied  { unmount } for  pid=5841 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  301.812485][ T5958] usb 2-1: config 0 has no interfaces?
[  301.818220][ T5958] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  301.845825][   T30] audit: type=1400 audit(1752093388.069:377): avc:  denied  { remount } for  pid=8274 comm="syz.4.616" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  301.887281][ T5958] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  301.924353][ T5958] usb 2-1: config 0 descriptor??
[  302.399604][   T30] audit: type=1400 audit(1752093388.619:378): avc:  denied  { getopt } for  pid=8273 comm="syz.0.615" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  303.819556][ T1207] usb 2-1: USB disconnect, device number 19
[  304.662369][   T30] audit: type=1400 audit(1752093390.889:379): avc:  denied  { create } for  pid=8274 comm="syz.4.616" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  304.698110][   T30] audit: type=1400 audit(1752093390.909:380): avc:  denied  { connect } for  pid=8274 comm="syz.4.616" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  305.964703][ T5841] syz_tun (unregistering): left promiscuous mode
[  307.493214][ T8325] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  308.283125][ T1207] libceph: connect (1)[c::]:6789 error -101
[  308.549704][ T1207] libceph: mon0 (1)[c::]:6789 connect error
[  308.602087][ T8334] ceph: No mds server is up or the cluster is laggy
[  308.833939][ T7065] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.896270][ T8342] FAULT_INJECTION: forcing a failure.
[  308.896270][ T8342] name failslab, interval 1, probability 0, space 0, times 0
[  308.933176][ T8342] CPU: 0 UID: 0 PID: 8342 Comm: syz.2.633 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full) 
[  308.933200][ T8342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  308.933209][ T8342] Call Trace:
[  308.933213][ T8342]  <TASK>
[  308.933217][ T8342]  dump_stack_lvl+0x16c/0x1f0
[  308.933236][ T8342]  should_fail_ex+0x512/0x640
[  308.933250][ T8342]  ? __kmalloc_noprof+0xbf/0x510
[  308.933265][ T8342]  ? constrain_params_by_rules+0x175/0xca0
[  308.933282][ T8342]  should_failslab+0xc2/0x120
[  308.933297][ T8342]  __kmalloc_noprof+0xd2/0x510
[  308.933313][ T8342]  constrain_params_by_rules+0x175/0xca0
[  308.933332][ T8342]  ? mark_held_locks+0x49/0x80
[  308.933349][ T8342]  ? lockdep_hardirqs_on+0x7c/0x110
[  308.933364][ T8342]  ? stack_depot_save_flags+0x3e0/0xa40
[  308.933379][ T8342]  ? __pfx_constrain_params_by_rules+0x10/0x10
[  308.933406][ T8342]  ? __kasan_kmalloc+0xaa/0xb0
[  308.933424][ T8342]  ? snd_pcm_oss_change_params_locked+0x6f4/0x3a30
[  308.933441][ T8342]  ? snd_pcm_oss_make_ready_locked+0xb7/0x130
[  308.933457][ T8342]  ? snd_pcm_oss_read+0x39b/0x760
[  308.933471][ T8342]  ? snd_interval_refine+0x2fa/0x580
[  308.933485][ T8342]  snd_pcm_hw_refine+0x7de/0xad0
[  308.933504][ T8342]  ? __pfx_snd_pcm_hw_refine+0x10/0x10
[  308.933527][ T8342]  ? snd_interval_refine+0x2fa/0x580
[  308.933541][ T8342]  snd_pcm_oss_change_params_locked+0x208e/0x3a30
[  308.933564][ T8342]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  308.933593][ T8342]  ? get_pid_task+0xfc/0x250
[  308.933605][ T8342]  snd_pcm_oss_make_ready_locked+0xb7/0x130
[  308.933623][ T8342]  snd_pcm_oss_read+0x39b/0x760
[  308.933633][ T8342]  ? security_file_permission+0x71/0x210
[  308.933649][ T8342]  ? __pfx_snd_pcm_oss_read+0x10/0x10
[  308.933660][ T8342]  vfs_read+0x1e4/0xc60
[  308.933676][ T8342]  ? __pfx_vfs_read+0x10/0x10
[  308.933687][ T8342]  ? find_held_lock+0x2b/0x80
[  308.933700][ T8342]  ? __fget_files+0x204/0x3c0
[  308.933716][ T8342]  ? __fget_files+0x20e/0x3c0
[  308.933733][ T8342]  ksys_read+0x12a/0x250
[  308.933745][ T8342]  ? __pfx_ksys_read+0x10/0x10
[  308.933762][ T8342]  do_syscall_64+0xcd/0x4c0
[  308.933777][ T8342]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  308.933788][ T8342] RIP: 0033:0x7f9e9898e929
[  308.933797][ T8342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  308.933807][ T8342] RSP: 002b:00007f9e9973d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  308.933817][ T8342] RAX: ffffffffffffffda RBX: 00007f9e98bb5fa0 RCX: 00007f9e9898e929
[  308.933824][ T8342] RDX: 0000000000002020 RSI: 00002000000063c0 RDI: 0000000000000003
[  308.933829][ T8342] RBP: 00007f9e9973d090 R08: 0000000000000000 R09: 0000000000000000
[  308.933835][ T8342] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  308.933841][ T8342] R13: 0000000000000000 R14: 00007f9e98bb5fa0 R15: 00007ffd31042298
[  308.933854][ T8342]  </TASK>
[  309.629854][ T8347] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8347 comm=syz.1.632
[  309.650968][ T8347] netlink: 8 bytes leftover after parsing attributes in process `syz.1.632'.
[  309.859082][ T7065] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  310.100090][ T8353] netlink: 16 bytes leftover after parsing attributes in process `syz.3.634'.
[  316.980884][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  317.079536][    C0] sched: DL replenish lagged too much
[  324.698214][ T8353] netlink: 24 bytes leftover after parsing attributes in process `syz.3.634'.
[  378.184890][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  440.879841][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  440.886822][    C1] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P5843/1:b..l P5820/1:b..l
[  440.896393][    C1] rcu: 	(detected by 1, t=10503 jiffies, g=20365, q=2880 ncpus=2)
[  440.904198][    C1] task:syz-executor    state:R  running task     stack:25512 pid:5820  tgid:5820  ppid:5815   task_flags:0x40050c flags:0x00004004
[  440.918774][    C1] Call Trace:
[  440.922068][    C1]  <TASK>
[  440.925006][    C1]  __schedule+0x116a/0x5de0
[  440.929524][    C1]  ? __lock_acquire+0x5b1/0x1c90
[  440.934470][    C1]  ? __pfx___schedule+0x10/0x10
[  440.939323][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  440.944531][    C1]  ? do_raw_spin_lock+0x12c/0x2b0
[  440.949565][    C1]  ? preempt_schedule_thunk+0x16/0x30
[  440.954941][    C1]  preempt_schedule_common+0x44/0xc0
[  440.960236][    C1]  preempt_schedule_thunk+0x16/0x30
[  440.965442][    C1]  _raw_spin_unlock+0x3e/0x50
[  440.970123][    C1]  unmap_page_range+0x106b/0x4350
[  440.975179][    C1]  ? __pfx_unmap_page_range+0x10/0x10
[  440.980566][    C1]  ? uprobe_munmap+0x20/0x5c0
[  440.985253][    C1]  unmap_single_vma.constprop.0+0x153/0x240
[  440.991158][    C1]  unmap_vmas+0x218/0x470
[  440.995496][    C1]  ? __pfx_unmap_vmas+0x10/0x10
[  441.000358][    C1]  ? mas_next_slot+0x12d3/0x21b0
[  441.005315][    C1]  exit_mmap+0x1b9/0xb90
[  441.009561][    C1]  ? __pfx_exit_mmap+0x10/0x10
[  441.014351][    C1]  __mmput+0x12a/0x410
[  441.018425][    C1]  mmput+0x62/0x70
[  441.022144][    C1]  do_exit+0x7c4/0x2bd0
[  441.026307][    C1]  ? find_held_lock+0x2b/0x80
[  441.030994][    C1]  ? __pfx_do_exit+0x10/0x10
[  441.035587][    C1]  ? do_raw_spin_lock+0x12c/0x2b0
[  441.040611][    C1]  ? find_held_lock+0x2b/0x80
[  441.045297][    C1]  do_group_exit+0xd3/0x2a0
[  441.049810][    C1]  get_signal+0x2673/0x26d0
[  441.054323][    C1]  ? __pfx_get_signal+0x10/0x10
[  441.059179][    C1]  ? __do_sys_wait4+0xd1/0x170
[  441.063944][    C1]  arch_do_signal_or_restart+0x8f/0x7d0
[  441.069492][    C1]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  441.075661][    C1]  exit_to_user_mode_loop+0x84/0x110
[  441.080952][    C1]  do_syscall_64+0x3f6/0x4c0
[  441.085556][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  441.091449][    C1] RIP: 0033:0x7f2af0784b53
[  441.095858][    C1] RSP: 002b:00007ffc587c3c28 EFLAGS: 00000202 ORIG_RAX: 000000000000003d
[  441.104286][    C1] RAX: fffffffffffffe00 RBX: 00000000000016c1 RCX: 00007f2af0784b53
[  441.112271][    C1] RDX: 0000000040000000 RSI: 00007ffc587c3c3c RDI: 00000000ffffffff
[  441.120256][    C1] RBP: 00007ffc587c3c3c R08: 0000000000000000 R09: 0000000000000000
[  441.128233][    C1] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000008
[  441.136212][    C1] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[  441.144199][    C1]  </TASK>
[  441.147219][    C1] task:udevd           state:R  running task     stack:24664 pid:5843  tgid:5843  ppid:5202   task_flags:0x40014c flags:0x00004002
[  441.160715][    C1] Call Trace:
[  441.163993][    C1]  <TASK>
[  441.166927][    C1]  __schedule+0x116a/0x5de0
[  441.171438][    C1]  ? unwind_next_frame+0x3fe/0x20a0
[  441.176644][    C1]  ? unwind_get_return_address+0x59/0xa0
[  441.182285][    C1]  ? __pfx___schedule+0x10/0x10
[  441.187151][    C1]  ? mark_held_locks+0x49/0x80
[  441.191928][    C1]  preempt_schedule_irq+0x51/0x90
[  441.196957][    C1]  irqentry_exit+0x36/0x90
[  441.201376][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  441.207355][    C1] RIP: 0010:lock_release+0x183/0x2f0
[  441.212640][    C1] Code: 0f c1 05 78 58 38 12 83 f8 01 0f 85 1d 01 00 00 9c 58 f6 c4 02 0f 85 08 01 00 00 41 f7 c5 00 02 00 00 74 01 fb 48 8b 44 24 10 <65> 48 2b 05 8d 16 38 12 0f 85 58 01 00 00 48 83 c4 18 5b 41 5c 41
[  441.232252][    C1] RSP: 0018:ffffc90003c0f410 EFLAGS: 00000206
[  441.238322][    C1] RAX: 185db9d399a7e800 RBX: ffffffff8e5c4e80 RCX: ffffc90003c0f41c
[  441.246293][    C1] RDX: 0000000000000001 RSI: ffffffff8de0d05d RDI: ffffffff8c158f60
[  441.254267][    C1] RBP: 00007fad224f16c5 R08: 328b0d0cf36cb5da R09: 0000000000000000
[  441.262236][    C1] R10: 0000000000000000 R11: 0000000000000001 R12: ffffffff81a6cb74
[  441.270207][    C1] R13: 0000000000000206 R14: ffff88801dbf4880 R15: 0000000000000002
[  441.278179][    C1]  ? is_module_text_address+0x144/0x230
[  441.283741][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  441.289912][    C1]  is_module_text_address+0x149/0x230
[  441.295286][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  441.301444][    C1]  kernel_text_address+0x81/0x100
[  441.306478][    C1]  __kernel_text_address+0xd/0x40
[  441.311509][    C1]  unwind_get_return_address+0x59/0xa0
[  441.316968][    C1]  arch_stack_walk+0xa6/0x100
[  441.321654][    C1]  stack_trace_save+0x8e/0xc0
[  441.326337][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  441.331716][    C1]  ? __lock_acquire+0x622/0x1c90
[  441.336656][    C1]  save_stack+0x160/0x1f0
[  441.340987][    C1]  ? __pfx_save_stack+0x10/0x10
[  441.345837][    C1]  ? free_unref_folios+0xa65/0x1800
[  441.351038][    C1]  ? folios_put_refs+0x56f/0x740
[  441.355979][    C1]  ? free_pages_and_swap_cache+0x245/0x4a0
[  441.361784][    C1]  ? __tlb_batch_free_encoded_pages+0xf9/0x290
[  441.367939][    C1]  ? tlb_finish_mmu+0x168/0x7c0
[  441.372794][    C1]  ? exit_mmap+0x403/0xb90
[  441.377210][    C1]  ? __mmput+0x12a/0x410
[  441.381454][    C1]  ? mmput+0x62/0x70
[  441.385349][    C1]  ? do_exit+0x7c4/0x2bd0
[  441.389686][    C1]  ? do_group_exit+0xd3/0x2a0
[  441.394367][    C1]  ? __x64_sys_exit_group+0x3e/0x50
[  441.399569][    C1]  ? x64_sys_call+0x1530/0x1730
[  441.404418][    C1]  ? do_syscall_64+0xcd/0x4c0
[  441.409099][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  441.415166][    C1]  ? page_ext_put+0x3e/0xd0
[  441.419680][    C1]  __reset_page_owner+0x84/0x1a0
[  441.424624][    C1]  free_unref_folios+0xa65/0x1800
[  441.429656][    C1]  ? mark_held_locks+0x49/0x80
[  441.434431][    C1]  folios_put_refs+0x56f/0x740
[  441.439205][    C1]  ? __pfx_folios_put_refs+0x10/0x10
[  441.444503][    C1]  free_pages_and_swap_cache+0x245/0x4a0
[  441.450140][    C1]  ? __pfx_free_pages_and_swap_cache+0x10/0x10
[  441.456328][    C1]  ? __pfx___might_resched+0x10/0x10
[  441.461622][    C1]  __tlb_batch_free_encoded_pages+0xf9/0x290
[  441.467610][    C1]  tlb_finish_mmu+0x168/0x7c0
[  441.472290][    C1]  exit_mmap+0x403/0xb90
[  441.476538][    C1]  ? __pfx_exit_mmap+0x10/0x10
[  441.481329][    C1]  __mmput+0x12a/0x410
[  441.485406][    C1]  mmput+0x62/0x70
[  441.489128][    C1]  do_exit+0x7c4/0x2bd0
[  441.493292][    C1]  ? do_raw_spin_lock+0x12c/0x2b0
[  441.498315][    C1]  ? __pfx_do_exit+0x10/0x10
[  441.502910][    C1]  ? rcu_is_watching+0x12/0xc0
[  441.507684][    C1]  do_group_exit+0xd3/0x2a0
[  441.512199][    C1]  __x64_sys_exit_group+0x3e/0x50
[  441.517232][    C1]  x64_sys_call+0x1530/0x1730
[  441.521908][    C1]  do_syscall_64+0xcd/0x4c0
[  441.526421][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  441.532312][    C1] RIP: 0033:0x7fad224f16c5
[  441.536724][    C1] RSP: 002b:00007ffc4be27bd8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  441.545145][    C1] RAX: ffffffffffffffda RBX: 0000557567543240 RCX: 00007fad224f16c5
[  441.553115][    C1] RDX: 00000000000000e7 RSI: fffffffffffffe68 RDI: 0000000000000000
[  441.561090][    C1] RBP: 00005575672f52c0 R08: 0000000000000000 R09: 0000000000000000
[  441.569059][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  441.577032][    C1] R13: 00007ffc4be27c20 R14: 0000000000000000 R15: 0000000000000000
[  441.585014][    C1]  </TASK>
[  441.588029][    C1] rcu: rcu_preempt kthread starved for 5881 jiffies! g20365 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[  441.599138][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  441.609101][    C1] rcu: RCU grace-period kthread stack dump:
[  441.614980][    C1] task:rcu_preempt     state:R  running task     stack:28872 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00004000
[  441.628473][    C1] Call Trace:
[  441.631751][    C1]  <TASK>
[  441.634690][    C1]  __schedule+0x116a/0x5de0
[  441.639237][    C1]  ? __pfx___schedule+0x10/0x10
[  441.644096][    C1]  ? find_held_lock+0x2b/0x80
[  441.648782][    C1]  ? schedule+0x2d7/0x3a0
[  441.653119][    C1]  schedule+0xe7/0x3a0
[  441.657190][    C1]  schedule_timeout+0x123/0x290
[  441.662045][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[  441.667420][    C1]  ? __pfx_process_timeout+0x10/0x10
[  441.672714][    C1]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  441.678523][    C1]  ? prepare_to_swait_event+0xf5/0x480
[  441.683999][    C1]  rcu_gp_fqs_loop+0x1ea/0xb00
[  441.688777][    C1]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  441.694060][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  441.699269][    C1]  ? __pfx_rcu_gp_init+0x10/0x10
[  441.704204][    C1]  ? rcu_gp_cleanup+0x7c1/0xd90
[  441.709065][    C1]  rcu_gp_kthread+0x270/0x380
[  441.713742][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  441.718941][    C1]  ? rcu_is_watching+0x12/0xc0
[  441.723713][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  441.728923][    C1]  ? __kthread_parkme+0x19e/0x250
[  441.733955][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  441.739170][    C1]  kthread+0x3c5/0x780
[  441.743261][    C1]  ? __pfx_kthread+0x10/0x10
[  441.747866][    C1]  ? rcu_is_watching+0x12/0xc0
[  441.752641][    C1]  ? __pfx_kthread+0x10/0x10
[  441.757233][    C1]  ret_from_fork+0x5d7/0x6f0
[  441.761845][    C1]  ? __pfx_kthread+0x10/0x10
[  441.766457][    C1]  ret_from_fork_asm+0x1a/0x30
[  441.771244][    C1]  </TASK>
[  441.774260][    C1] rcu: Stack dump where RCU GP kthread last ran:
[  441.780578][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full) 
[  441.792204][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  441.802276][    C1] RIP: 0010:debug_lockdep_rcu_enabled+0x20/0x40
[  441.808540][    C1] Code: 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 8b 05 86 5e 21 05 85 c0 74 20 8b 05 80 8f 21 05 85 c0 74 16 65 48 8b 05 48 7e 48 08 <8b> 80 ec 0a 00 00 85 c0 0f 94 c0 0f b6 c0 e9 7d f1 02 00 66 2e 0f
[  441.828160][    C1] RSP: 0018:ffffc90000a08048 EFLAGS: 00000202
[  441.834236][    C1] RAX: ffff88801e2e2440 RBX: 0000000000000002 RCX: 000000007938eb5a
[  441.842207][    C1] RDX: 0000000000000000 RSI: ffffffff8de0d05d RDI: ffffffff8c158f60
[  441.850188][    C1] RBP: ffffc90000a08160 R08: 39529a686290c103 R09: 0000000000000000
[  441.858172][    C1] R10: 0000000000000000 R11: 0000000000000001 R12: fffff52000141025
[  441.866147][    C1] R13: ffffc90000a08118 R14: ffffc90000a08118 R15: ffffc90000a08120
[  441.874122][    C1] FS:  0000000000000000(0000) GS:ffff888124816000(0000) knlGS:0000000000000000
[  441.883056][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  441.889655][    C1] CR2: 00007fd0f7215efc CR3: 000000005d5d9000 CR4: 00000000003526f0
[  441.897649][    C1] Call Trace:
[  441.900934][    C1]  <IRQ>
[  441.903776][    C1]  unwind_next_frame+0xd6/0x20a0
[  441.908716][    C1]  ? unwind_next_frame+0xbd/0x20a0
[  441.913829][    C1]  ? __unwind_start+0x574/0x7f0
[  441.918693][    C1]  ? get_stack_info_noinstr+0x44/0x120
[  441.924174][    C1]  __unwind_start+0x45f/0x7f0
[  441.928863][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  441.935029][    C1]  arch_stack_walk+0x73/0x100
[  441.939716][    C1]  ? __unwind_start+0x574/0x7f0
[  441.944572][    C1]  stack_trace_save+0x8e/0xc0
[  441.949256][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  441.954636][    C1]  ? __lock_acquire+0xb8a/0x1c90
[  441.959575][    C1]  kasan_save_stack+0x33/0x60
[  441.964302][    C1]  kasan_save_track+0x14/0x30
[  441.968984][    C1]  kasan_save_free_info+0x3b/0x60
[  441.974005][    C1]  __kasan_slab_free+0x51/0x70
[  441.978787][    C1]  kmem_cache_free+0x2d1/0x4d0
[  441.983550][    C1]  ? synproxy_send_tcp.isra.0+0x439/0x630
[  441.989275][    C1]  ? skb_free_head+0x1b7/0x210
[  441.994043][    C1]  skb_free_head+0x1b7/0x210
[  441.998637][    C1]  skb_release_data+0x776/0x9c0
[  442.003493][    C1]  ? dst_release+0x8d/0x340
[  442.008001][    C1]  consume_skb+0xbf/0x100
[  442.012335][    C1]  nft_synproxy_do_eval+0xa6b/0xd80
[  442.017538][    C1]  ? __pfx_nft_synproxy_do_eval+0x10/0x10
[  442.023255][    C1]  ? do_raw_spin_unlock+0x172/0x230
[  442.028463][    C1]  ? __lock_acquire+0xb8a/0x1c90
[  442.033399][    C1]  ? __pfx_nft_synproxy_eval+0x10/0x10
[  442.038860][    C1]  nft_do_chain+0x2e9/0x1920
[  442.043456][    C1]  ? __pfx_nft_do_chain+0x10/0x10
[  442.048476][    C1]  ? ipt_do_table+0xd48/0x1ae0
[  442.053251][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  442.058473][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  442.063694][    C1]  ? ipt_do_table+0xd48/0x1ae0
[  442.068493][    C1]  nft_do_chain_inet+0x18a/0x340
[  442.073436][    C1]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  442.078897][    C1]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  442.084800][    C1]  ? __pfx_ipt_do_table+0x10/0x10
[  442.089835][    C1]  ? nf_nat_ipv4_local_in+0x181/0x720
[  442.095208][    C1]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  442.100666][    C1]  nf_hook_slow+0xbe/0x200
[  442.105090][    C1]  nf_hook.constprop.0+0x422/0x750
[  442.110206][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  442.116193][    C1]  ? __pfx_nf_hook.constprop.0+0x10/0x10
[  442.121828][    C1]  ? __pfx_ip_rcv_finish+0x10/0x10
[  442.126946][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  442.132939][    C1]  ip_local_deliver+0x169/0x1f0
[  442.137792][    C1]  ? __pfx_ip_local_deliver+0x10/0x10
[  442.143169][    C1]  ip_rcv+0x2c3/0x5d0
[  442.147157][    C1]  ? __pfx_ip_rcv+0x10/0x10
[  442.151664][    C1]  __netif_receive_skb_one_core+0x197/0x1e0
[  442.157560][    C1]  ? __pfx___netif_receive_skb_one_core+0x10/0x10
[  442.163975][    C1]  ? lock_acquire+0x179/0x350
[  442.168661][    C1]  ? process_backlog+0x3f0/0x15e0
[  442.173688][    C1]  __netif_receive_skb+0x1d/0x160
[  442.178713][    C1]  process_backlog+0x442/0x15e0
[  442.183578][    C1]  __napi_poll.constprop.0+0xb7/0x550
[  442.188950][    C1]  ? rcu_is_watching+0x12/0xc0
[  442.193722][    C1]  net_rx_action+0xa9f/0xfe0
[  442.198332][    C1]  ? __pfx_net_rx_action+0x10/0x10
[  442.203444][    C1]  ? lock_acquire+0x179/0x350
[  442.208119][    C1]  ? kvm_sched_clock_read+0x11/0x20
[  442.213321][    C1]  ? sched_clock+0x38/0x60
[  442.217745][    C1]  ? sched_clock_cpu+0x6c/0x530
[  442.222616][    C1]  handle_softirqs+0x219/0x8e0
[  442.227387][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  442.232680][    C1]  __irq_exit_rcu+0x109/0x170
[  442.237356][    C1]  irq_exit_rcu+0x9/0x30
[  442.241598][    C1]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  442.247235][    C1]  </IRQ>
[  442.250162][    C1]  <TASK>
[  442.253089][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  442.259072][    C1] RIP: 0010:pv_native_safe_halt+0xf/0x20
[  442.264709][    C1] Code: fb 6b 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 03 e9 21 00 fb f4 <e9> 7c fb 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
[  442.284328][    C1] RSP: 0018:ffffc90000197df8 EFLAGS: 000002c2
[  442.290397][    C1] RAX: 0000000003690205 RBX: 0000000000000001 RCX: ffffffff8b882c79
[  442.298364][    C1] RDX: 0000000000000000 RSI: ffffffff8de3251e RDI: ffffffff8c158f60
[  442.306336][    C1] RBP: ffffed1003c5c488 R08: 0000000000000001 R09: ffffed10170a6645
[  442.314304][    C1] R10: ffff8880b853322b R11: 0000000000000001 R12: 0000000000000001
[  442.322296][    C1] R13: ffff88801e2e2440 R14: ffffffff90a97f50 R15: 0000000000000000
[  442.330274][    C1]  ? ct_kernel_exit+0x139/0x190
[  442.335139][    C1]  default_idle+0x13/0x20
[  442.339472][    C1]  default_idle_call+0x6d/0xb0
[  442.344230][    C1]  do_idle+0x391/0x510
[  442.348305][    C1]  ? __pfx_do_idle+0x10/0x10
[  442.352900][    C1]  ? trace_sched_exit_tp+0x31/0x130
[  442.358110][    C1]  cpu_startup_entry+0x4f/0x60
[  442.362876][    C1]  start_secondary+0x21d/0x2b0
[  442.367643][    C1]  ? __pfx_start_secondary+0x10/0x10
[  442.372948][    C1]  common_startup_64+0x13e/0x148
[  442.377914][    C1]  </TASK>
[  442.885084][ T1298] ieee802154 phy1 wpan1: encryption failed: -22